Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/8pzpItX0u9tfx8Vy5Rr1ZwuYa7Y.roa
File: 8pzpItX0u9tfx8Vy5Rr1ZwuYa7Y.roa (raw, json)
Hash identifier: xYccuK034yK6begyJfQYLOG0j+q01TpbLof5gJ9xgtI=
Subject key identifier: F2:9C:E9:22:D5:F4:BB:DB:5F:C7:C5:72:E5:1A:F5:67:0B:98:6B:B6
Certificate issuer: /CN=6dfa4a1ffc749b1c4fa3b6da819b6dbb9ae885a0
Certificate serial: 018CC9BCA7EB0FAE4B2E82F119B974A2B313
Authority key identifier: 6D:FA:4A:1F:FC:74:9B:1C:4F:A3:B6:DA:81:9B:6D:BB:9A:E8:85:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfpKH_x0mxxPo7bagZttu5rohaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/8pzpItX0u9tfx8Vy5Rr1ZwuYa7Y.roa
Signing time: Tue 02 Jan 2024 10:33:53 +0000
ROA not before: Tue 02 Jan 2024 10:33:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39642
IP address blocks: 45.14.140.0/22 maxlen: 22
185.37.84.0/22 maxlen: 22
45.80.92.0/22 maxlen: 22
85.218.128.0/17 maxlen: 17
62.107.0.0/16 maxlen: 16
89.184.128.0/19 maxlen: 19
46.32.32.0/19 maxlen: 19
94.138.64.0/19 maxlen: 19
178.132.224.0/20 maxlen: 20
86.52.0.0/16 maxlen: 16
78.157.96.0/19 maxlen: 19
95.154.0.0/18 maxlen: 18
212.10.0.0/16 maxlen: 16
31.185.64.0/19 maxlen: 19
37.128.208.0/20 maxlen: 20
5.206.192.0/21 maxlen: 21
212.37.128.0/19 maxlen: 19
212.112.128.0/19 maxlen: 19
178.155.128.0/17 maxlen: 17
185.5.164.0/22 maxlen: 22
2a02:2b98::/32 maxlen: 32
2a02:6940::/32 maxlen: 32
2a03:7400::/29 maxlen: 32
2a00:1b70::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/bfpKH_x0mxxPo7bagZttu5rohaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/bfpKH_x0mxxPo7bagZttu5rohaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfpKH_x0mxxPo7bagZttu5rohaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a7:eb:0f:ae:4b:2e:82:f1:19:b9:74:a2:b3:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfa4a1ffc749b1c4fa3b6da819b6dbb9ae885a0
Validity
Not Before: Jan 2 10:33:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f29ce922d5f4bbdb5fc7c572e51af5670b986bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:09:bc:d6:cd:7c:56:a6:0d:4c:61:a4:ff:10:
17:f0:8c:37:96:5b:3e:74:17:4a:ce:a9:12:35:cc:
44:b9:6a:2a:91:35:0e:ce:3a:00:69:a9:e3:56:7b:
8f:05:59:21:ab:4c:12:d5:10:b4:92:20:4a:c4:41:
56:2d:b5:16:93:ba:c9:b7:fb:ae:fb:19:de:e0:f4:
a7:5a:a0:b6:9a:d2:a7:38:ef:94:8f:3b:19:52:7e:
cf:2b:08:c8:ff:eb:5f:ab:4e:97:ad:ed:e6:a5:ad:
8f:5d:69:fd:14:d1:97:80:dd:4f:ee:85:a3:55:d0:
44:79:25:09:3c:99:9b:67:33:e5:f6:9f:4c:18:86:
fa:51:f3:32:e7:62:36:e6:e0:4d:b4:01:42:e7:6d:
10:c0:39:61:9a:9c:39:6c:5a:7b:92:0e:fb:4c:a3:
82:1d:93:86:14:33:ee:74:3e:24:73:3a:ae:d9:db:
6d:67:67:e4:6e:77:92:0c:f8:56:06:22:0d:7e:8e:
d8:e5:c4:f9:1c:e8:20:f5:5f:6c:0e:72:60:5f:78:
aa:7f:24:c2:cc:0d:aa:90:4a:29:86:70:71:97:a9:
52:2f:1b:eb:7f:db:6b:f0:f6:52:bd:c5:cc:61:f7:
d0:a3:d6:3e:c6:10:c3:64:89:b2:46:e4:4d:72:7b:
b7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9C:E9:22:D5:F4:BB:DB:5F:C7:C5:72:E5:1A:F5:67:0B:98:6B:B6
X509v3 Authority Key Identifier:
keyid:6D:FA:4A:1F:FC:74:9B:1C:4F:A3:B6:DA:81:9B:6D:BB:9A:E8:85:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfpKH_x0mxxPo7bagZttu5rohaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/8pzpItX0u9tfx8Vy5Rr1ZwuYa7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/bfpKH_x0mxxPo7bagZttu5rohaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.192.0/21
31.185.64.0/19
37.128.208.0/20
45.14.140.0/22
45.80.92.0/22
46.32.32.0/19
62.107.0.0/16
78.157.96.0/19
85.218.128.0/17
86.52.0.0/16
89.184.128.0/19
94.138.64.0/19
95.154.0.0/18
178.132.224.0/20
178.155.128.0/17
185.5.164.0/22
185.37.84.0/22
212.10.0.0/16
212.37.128.0/19
212.112.128.0/19
IPv6:
2a00:1b70::/29
2a02:2b98::/32
2a02:6940::/32
2a03:7400::/29
Signature Algorithm: sha256WithRSAEncryption
a5:39:d7:9c:c1:eb:58:70:f3:c3:55:8e:2e:4f:78:f8:ef:18:
c0:b7:79:c0:e1:67:a6:4c:9a:1b:9f:6b:44:48:2c:c3:84:44:
21:f5:fd:1f:de:ef:3a:aa:47:e5:f8:29:c2:b6:2d:df:8a:d6:
78:d0:76:97:43:b9:f6:d6:dd:4c:df:63:12:96:3e:43:bf:a4:
61:d3:21:dd:9f:01:07:e2:b2:f9:77:2e:37:16:61:c3:bb:3b:
53:cf:80:d2:d0:04:c8:9d:95:68:a0:94:87:7c:67:4d:7e:2f:
bc:dc:03:df:17:d8:ca:ae:9f:ca:93:86:3b:b3:92:2e:9b:19:
75:f5:49:68:d8:73:55:60:cc:94:6d:64:58:4d:ef:64:d4:ab:
66:40:e5:00:26:02:9c:34:c9:60:5c:40:89:ab:2a:ad:f6:62:
23:54:4c:0c:f3:87:75:af:f3:36:ae:41:2c:f5:0d:de:96:b6:
2b:8c:ce:1b:1f:14:47:2c:e7:e5:03:59:5c:fb:ac:06:80:ec:
d0:ac:c9:40:4b:dc:29:ca:6d:d6:0f:1e:89:b7:8c:a0:c3:48:
02:ad:6e:fe:c0:84:9f:c4:eb:ff:04:22:d1:e3:66:e6:b3:9d:
0e:7f:79:44:dc:4f:23:02:5a:e9:f9:47:69:a7:a5:47:70:4a:
2e:c9:1c:ac
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYzJvKfrD65LLoLxGbl0orMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmE0YTFmZmM3NDliMWM0ZmEzYjZkYTgxOWI2ZGJiOWFl
ODg1YTAwHhcNMjQwMTAyMTAzMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjljZTkyMmQ1ZjRiYmRiNWZjN2M1NzJlNTFhZjU2NzBiOTg2YmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAm81s18VqYNTGGk/xAX8Iw3lls+
dBdKzqkSNcxEuWoqkTUOzjoAaanjVnuPBVkhq0wS1RC0kiBKxEFWLbUWk7rJt/uu
+xne4PSnWqC2mtKnOO+UjzsZUn7PKwjI/+tfq06Xre3mpa2PXWn9FNGXgN1P7oWj
VdBEeSUJPJmbZzPl9p9MGIb6UfMy52I25uBNtAFC520QwDlhmpw5bFp7kg77TKOC
HZOGFDPudD4kczqu2dttZ2fkbneSDPhWBiINfo7Y5cT5HOgg9V9sDnJgX3iqfyTC
zA2qkEophnBxl6lSLxvrf9tr8PZSvcXMYffQo9Y+xhDDZImyRuRNcnu34wIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFPKc6SLV9LvbX8fFcuUa9WcLmGu2MB8GA1UdIwQY
MBaAFG36Sh/8dJscT6O22oGbbbua6IWgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZwS0hfeDBteHhQbzdiYWdadHR1NXJvaGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9mMmYxYzUtODY2Yy00MmI1LThiNDYt
Mzg2NjlkMWUyMzAxLzEvOHB6cEl0WDB1OXRmeDhWeTVScjFad3VZYTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9mMmYxYzUtODY2Yy00MmI1LThiNDYtMzg2NjlkMWUyMzAx
LzEvYmZwS0hfeDBteHhQbzdiYWdadHR1NXJvaGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTB7BAIAATB1AwQDBc7A
AwQFH7lAAwQEJYDQAwQCLQ6MAwQCLVBcAwQFLiAgAwMAPmsDBAVOnWADBAdV2oAD
AwBWNAMEBVm4gAMEBV6KQAMEBl+aAAMEBLKE4AMEB7KbgAMEArkFpAMEArklVAMD
ANQKAwQF1CWAAwQF1HCAMCIEAgACMBwDBQMqABtwAwUAKgIrmAMFACoCaUADBQMq
A3QAMA0GCSqGSIb3DQEBCwUAA4IBAQClOdecwetYcPPDVY4uT3j47xjAt3nA4Wem
TJobn2tESCzDhEQh9f0f3u86qkfl+CnCti3fitZ40HaXQ7n21t1M32MSlj5Dv6Rh
0yHdnwEH4rL5dy43FmHDuztTz4DS0ATInZVooJSHfGdNfi+83APfF9jKrp/Kk4Y7
s5Iumxl19Ulo2HNVYMyUbWRYTe9k1KtmQOUAJgKcNMlgXECJqyqt9mIjVEwM84d1
r/M2rkEs9Q3elrYrjM4bHxRHLOflA1lc+6wGgOzQrMlAS9wpym3WDx6Jt4ygw0gC
rW7+wISfxOv/BCLR42bms50Of3lE3E8jAlrp+Udpp6VHcEouyRys
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:41 2024 by rpki-client on console-ams.rpki-client.org