Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/tbBmeTHwXw_BmsePD804geHWbRA.roa
File: tbBmeTHwXw_BmsePD804geHWbRA.roa (raw, json)
Hash identifier: kTZ7211a0t/9hzxK/6n6oqazviO5PJq4C6IF9nuuoDI=
Subject key identifier: B5:B0:66:79:31:F0:5F:0F:C1:9A:C7:8F:0F:CD:38:81:E1:D6:6D:10
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 018DEF2C84FE2FF753829F614ADF0F5507DF
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/tbBmeTHwXw_BmsePD804geHWbRA.roa
Signing time: Wed 28 Feb 2024 10:04:48 +0000
ROA not before: Wed 28 Feb 2024 10:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13193
IP address blocks: 5.23.40.0/21 maxlen: 24
62.212.96.0/19 maxlen: 24
78.40.48.0/21 maxlen: 24
79.170.216.0/21 maxlen: 24
80.65.224.0/20 maxlen: 24
80.248.208.0/20 maxlen: 24
93.184.32.0/20 maxlen: 24
171.25.208.0/22 maxlen: 24
178.132.16.0/20 maxlen: 24
185.33.40.0/22 maxlen: 24
185.43.68.0/22 maxlen: 24
194.79.128.0/18 maxlen: 24
194.146.224.0/22 maxlen: 24
194.242.112.0/22 maxlen: 24
195.5.192.0/18 maxlen: 18
213.41.128.0/17 maxlen: 24
213.215.0.0/18 maxlen: 24
2001:7a8::/32 maxlen: 32
2a01:68::/32 maxlen: 32
2a01:6460::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ef:2c:84:fe:2f:f7:53:82:9f:61:4a:df:0f:55:07:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Feb 28 10:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5b0667931f05f0fc19ac78f0fcd3881e1d66d10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2e:f6:cc:a3:1a:8f:9f:39:6a:ed:24:e2:09:
2e:fa:13:44:ee:0d:1a:39:5f:d3:a1:54:44:9c:63:
da:d1:07:4b:32:1d:e9:15:47:e8:9f:e2:a6:d6:b4:
4e:24:cc:46:71:09:b1:d4:74:43:00:99:6d:11:b3:
7e:cc:f5:ad:20:0a:a8:fc:d3:df:48:79:5e:42:61:
25:f0:0b:e0:db:ca:da:64:9a:36:59:6b:f0:e1:eb:
b6:6a:d8:c9:7c:20:56:e8:96:e1:69:20:43:cd:fd:
22:1f:c8:8c:99:1c:50:59:86:47:66:e4:df:f8:69:
0e:be:09:f7:cf:86:6a:00:56:63:2a:d1:18:84:87:
df:9f:a2:df:6c:1e:e5:29:85:d2:68:4a:c8:a8:ad:
82:db:e6:36:60:56:9f:a5:0e:74:db:fd:b5:2a:6c:
44:62:8e:ba:95:63:a0:77:3e:d8:3a:d3:14:aa:9c:
24:4c:ad:95:aa:0e:e0:52:aa:23:f3:78:95:d3:79:
7c:a6:e5:8f:02:de:8f:06:9d:fb:92:52:17:0c:59:
27:c3:f6:73:50:54:d5:ff:06:26:dd:02:e7:62:1d:
b2:6f:6b:84:2e:86:81:6b:fb:78:bb:fa:cb:20:c7:
75:7b:9f:7e:e2:0b:2a:d6:44:94:7d:10:b7:d1:f8:
c7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B0:66:79:31:F0:5F:0F:C1:9A:C7:8F:0F:CD:38:81:E1:D6:6D:10
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/tbBmeTHwXw_BmsePD804geHWbRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.40.0/21
62.212.96.0/19
78.40.48.0/21
79.170.216.0/21
80.65.224.0/20
80.248.208.0/20
93.184.32.0/20
171.25.208.0/22
178.132.16.0/20
185.33.40.0/22
185.43.68.0/22
194.79.128.0/18
194.146.224.0/22
194.242.112.0/22
195.5.192.0/18
213.41.128.0/17
213.215.0.0/18
IPv6:
2001:7a8::/32
2a01:68::/32
2a01:6460::/32
Signature Algorithm: sha256WithRSAEncryption
7f:e1:4f:c2:be:a6:64:ed:38:20:68:6e:8c:22:2c:e0:b2:df:
12:98:2a:5f:06:79:cb:1e:70:f5:63:a8:f1:4b:10:47:9a:2a:
79:7a:17:30:b2:39:9f:e8:35:1f:9b:65:5b:87:f3:ad:18:a9:
12:bd:2e:11:e2:ab:9a:49:b8:da:a0:ed:4e:43:12:86:fb:17:
08:34:ad:f2:e7:81:94:25:84:bc:61:79:37:be:e3:52:0d:ea:
86:8f:2d:11:50:c6:31:21:2d:64:89:b8:91:18:fc:43:cd:99:
ca:f7:4f:ef:66:18:14:d1:11:63:01:c5:c0:b9:46:27:1f:69:
21:5d:b7:76:ae:72:c6:8a:d3:9f:07:9a:0a:5a:9f:05:e4:e9:
d0:6c:b4:a2:d5:4b:bb:ff:ce:07:a2:65:d0:5b:aa:6a:44:8c:
7d:83:54:55:ab:6a:d6:ab:f9:25:4f:11:38:5b:13:74:f9:45:
a2:cd:a7:7e:74:fb:26:15:7e:4a:72:81:22:33:66:a7:20:38:
e2:7f:79:27:18:84:84:16:40:d6:76:91:07:eb:01:44:d1:2a:
e2:ac:f4:fb:f5:08:d7:9f:65:36:41:e6:a4:04:de:b6:aa:75:
5d:49:64:63:b0:9e:38:0e:09:f9:f4:be:7d:51:0d:5a:27:5a:
f6:9d:b8:dc
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAY3vLIT+L/dTgp9hSt8PVQffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTJjZTMxMDk0ODBhZWU3YjNmZDI4NDZlYzhmODY0Njg4
NWNkYmEwHhcNMjQwMjI4MTAwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWIwNjY3OTMxZjA1ZjBmYzE5YWM3OGYwZmNkMzg4MWUxZDY2ZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlS72zKMaj585au0k4gku+hNE7g0a
OV/ToVREnGPa0QdLMh3pFUfon+Km1rROJMxGcQmx1HRDAJltEbN+zPWtIAqo/NPf
SHleQmEl8Avg28raZJo2WWvw4eu2atjJfCBW6JbhaSBDzf0iH8iMmRxQWYZHZuTf
+GkOvgn3z4ZqAFZjKtEYhIffn6LfbB7lKYXSaErIqK2C2+Y2YFafpQ502/21KmxE
Yo66lWOgdz7YOtMUqpwkTK2Vqg7gUqoj83iV03l8puWPAt6PBp37klIXDFknw/Zz
UFTV/wYm3QLnYh2yb2uELoaBa/t4u/rLIMd1e59+4gsq1kSUfRC30fjHhwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFLWwZnkx8F8PwZrHjw/NOIHh1m0QMB8GA1UdIwQY
MBaAFKfizjEJSAruez/ShG7I+GRohc26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEt
NzgxOGE4OTQ1NmNiLzEvdGJCbWVUSHdYd19CbXNlUEQ4MDRnZUhXYlJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9iNjFhZGQtMzJmMC00MmY0LWEzMDEtNzgxOGE4OTQ1NmNi
LzEvcC1MT01RbElDdTU3UDlLRWJzajRaR2lGemJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizBsBAIAATBmAwQDBRco
AwQFPtRgAwQDTigwAwQDT6rYAwQEUEHgAwQEUPjQAwQEXbggAwQCqxnQAwQEsoQQ
AwQCuSEoAwQCuStEAwQGwk+AAwQCwpLgAwQCwvJwAwQGwwXAAwQH1SmAAwQG1dcA
MBsEAgACMBUDBQAgAQeoAwUAKgEAaAMFACoBZGAwDQYJKoZIhvcNAQELBQADggEB
AH/hT8K+pmTtOCBobowiLOCy3xKYKl8GecsecPVjqPFLEEeaKnl6FzCyOZ/oNR+b
ZVuH860YqRK9LhHiq5pJuNqg7U5DEob7Fwg0rfLngZQlhLxheTe+41IN6oaPLRFQ
xjEhLWSJuJEY/EPNmcr3T+9mGBTREWMBxcC5RicfaSFdt3aucsaK058HmgpanwXk
6dBstKLVS7v/zgeiZdBbqmpEjH2DVFWratar+SVPEThbE3T5RaLNp350+yYVfkpy
gSIzZqcgOOJ/eScYhIQWQNZ2kQfrAUTRKuKs9Pv1CNefZTZB5qQE3raqdV1JZGOw
njgOCfn0vn1RDVonWvaduNw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:52:15 2024 by rpki-client on console-fra.rpki-client.org