Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/zIX1FYUGyQgqwVJ_6Una9s0LQ_g.roa
File: zIX1FYUGyQgqwVJ_6Una9s0LQ_g.roa (raw, json)
Hash identifier: EnYd0Ez2m2tloax6Rquzz+TYSD9BSGORd7NJYrhxB8E=
Subject key identifier: CC:85:F5:15:85:06:C9:08:2A:C1:52:7F:E9:49:DA:F6:CD:0B:43:F8
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 018EBF641A7237E83DC5E74DB0F9905FD79B
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/zIX1FYUGyQgqwVJ_6Una9s0LQ_g.roa
Signing time: Mon 08 Apr 2024 20:26:32 +0000
ROA not before: Mon 08 Apr 2024 20:26:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8374
IP address blocks: 5.172.224.0/19 maxlen: 19
31.0.0.0/16 maxlen: 16
37.98.208.0/20 maxlen: 20
37.109.0.0/16 maxlen: 16
37.152.16.0/20 maxlen: 20
37.209.128.0/19 maxlen: 19
37.247.128.0/17 maxlen: 17
37.247.241.0/28 maxlen: 28
37.248.0.0/15 maxlen: 15
46.76.0.0/15 maxlen: 15
78.30.64.0/18 maxlen: 18
84.39.160.0/20 maxlen: 20
87.251.224.0/19 maxlen: 19
92.60.128.0/20 maxlen: 20
93.154.128.0/17 maxlen: 17
151.248.32.0/20 maxlen: 20
185.4.212.0/22 maxlen: 22
188.125.32.0/19 maxlen: 19
193.41.112.0/23 maxlen: 23
212.2.96.0/19 maxlen: 19
2a01:2e0::/28 maxlen: 28
2a01:bb80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bf:64:1a:72:37:e8:3d:c5:e7:4d:b0:f9:90:5f:d7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Apr 8 20:26:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc85f5158506c9082ac1527fe949daf6cd0b43f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fe:05:9d:a9:b7:43:f2:a6:53:c8:4c:13:89:
36:43:a0:90:b7:36:26:e8:12:72:97:7c:f1:d2:ab:
80:ed:d1:a8:f5:1b:a1:dc:e8:96:63:e1:03:6a:f8:
83:76:d0:0c:be:9e:60:62:86:4b:64:bc:d7:ed:3c:
e7:ae:7c:42:c0:c1:a7:a0:75:51:98:a1:c5:e1:16:
73:c9:8f:0e:f2:c2:01:51:0b:72:19:7f:fa:fe:9b:
51:a2:a7:19:99:cb:de:a0:dd:d5:1c:27:13:a7:a3:
2d:16:75:b6:cd:5a:31:f9:ff:63:99:39:26:8c:f5:
df:bb:c5:d6:12:0d:c6:53:0a:91:6e:8d:f4:d2:32:
90:d7:9c:9b:36:07:36:eb:98:28:8e:0f:c8:7c:b5:
67:dc:30:92:2a:fa:9a:92:18:c2:79:4c:3b:10:08:
18:85:31:26:9a:df:97:fc:c5:dd:67:73:d0:28:cd:
f5:60:3a:35:0f:f9:12:59:20:6f:a4:30:60:53:ea:
30:34:96:d1:e2:68:7e:91:56:11:fe:cb:7b:8e:14:
61:e2:d8:ea:1f:8d:5d:b9:1e:e5:d0:69:c2:98:c8:
ac:13:9c:fa:b3:09:ed:b5:33:a7:de:ac:3f:f1:8b:
fa:6e:dc:69:02:b9:e8:28:f5:57:50:8f:26:9c:9f:
f8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:85:F5:15:85:06:C9:08:2A:C1:52:7F:E9:49:DA:F6:CD:0B:43:F8
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/zIX1FYUGyQgqwVJ_6Una9s0LQ_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.224.0/19
31.0.0.0/16
37.98.208.0/20
37.109.0.0/16
37.152.16.0/20
37.209.128.0/19
37.247.128.0-37.249.255.255
46.76.0.0/15
78.30.64.0/18
84.39.160.0/20
87.251.224.0/19
92.60.128.0/20
93.154.128.0/17
151.248.32.0/20
185.4.212.0/22
188.125.32.0/19
193.41.112.0/23
212.2.96.0/19
IPv6:
2a01:2e0::/28
2a01:bb80::/32
Signature Algorithm: sha256WithRSAEncryption
0c:2e:49:99:6d:b2:e0:3e:04:67:d9:58:34:53:ba:e1:8a:ae:
0b:ff:42:ad:1a:07:92:17:c1:d7:d1:f0:e8:8f:bc:e0:82:91:
5b:0c:92:1b:ab:24:51:d8:fa:5b:5d:a1:72:f8:00:e1:e6:55:
80:a9:d4:99:9c:3d:c9:f6:f2:46:07:5e:90:cb:12:4a:2a:b9:
48:37:84:d2:86:4c:d5:3e:fc:f6:a9:71:97:88:ed:b3:d3:77:
ee:fb:50:9a:0d:6f:a5:fa:ba:e4:86:69:8f:92:af:99:3d:96:
ab:ce:9f:8a:de:aa:77:24:21:5c:87:8d:f4:81:e9:8c:43:77:
d4:17:41:b6:5e:e8:9e:02:30:49:bf:6b:6e:27:fd:d4:bf:7d:
69:cc:1a:bd:e8:50:66:98:d2:b7:c5:15:94:07:99:3b:54:77:
16:e4:bb:5b:e5:81:f2:c5:59:ba:86:42:1e:95:6e:f4:79:23:
0b:9c:d4:13:ee:c7:cc:e1:29:e6:af:6b:1b:cb:0f:83:eb:99:
aa:20:07:85:1d:bf:35:0e:1a:0e:09:55:5a:51:80:72:98:1c:
c1:f4:45:c9:2c:2c:9b:b4:7c:82:54:37:ed:1e:16:5b:ec:9a:
59:b8:42:1e:56:de:f9:6a:8b:6a:57:24:5a:74:c8:c1:7a:ab:
c6:29:cd:7f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY6/ZBpyN+g9xedNsPmQX9ebMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwNDA4MjAyNjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzg1ZjUxNTg1MDZjOTA4MmFjMTUyN2ZlOTQ5ZGFmNmNkMGI0M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf4Fnam3Q/KmU8hME4k2Q6CQtzYm
6BJyl3zx0quA7dGo9Ruh3OiWY+EDaviDdtAMvp5gYoZLZLzX7TznrnxCwMGnoHVR
mKHF4RZzyY8O8sIBUQtyGX/6/ptRoqcZmcveoN3VHCcTp6MtFnW2zVox+f9jmTkm
jPXfu8XWEg3GUwqRbo300jKQ15ybNgc265gojg/IfLVn3DCSKvqakhjCeUw7EAgY
hTEmmt+X/MXdZ3PQKM31YDo1D/kSWSBvpDBgU+owNJbR4mh+kVYR/st7jhRh4tjq
H41duR7l0GnCmMisE5z6swnttTOn3qw/8Yv6btxpArnoKPVXUI8mnJ/4kwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFMyF9RWFBskIKsFSf+lJ2vbNC0P4MB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEveklYMUZZVUd5UWdxd1ZKXzZVbmE5czBMUV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwAwQFBazg
AwMAHwADBAQlYtADAwAlbQMEBCWYEAMEBSXRgDALAwQHJfeAAwMBJfgDAwEuTAME
Bk4eQAMEBFQnoAMEBVf74AMEBFw8gAMEB12agAMEBJf4IAMEArkE1AMEBbx9IAME
AcEpcAMEBdQCYDAUBAIAAjAOAwUEKgEC4AMFACoBu4AwDQYJKoZIhvcNAQELBQAD
ggEBAAwuSZltsuA+BGfZWDRTuuGKrgv/Qq0aB5IXwdfR8OiPvOCCkVsMkhurJFHY
+ltdoXL4AOHmVYCp1JmcPcn28kYHXpDLEkoquUg3hNKGTNU+/PapcZeI7bPTd+77
UJoNb6X6uuSGaY+Sr5k9lqvOn4reqnckIVyHjfSB6YxDd9QXQbZe6J4CMEm/a24n
/dS/fWnMGr3oUGaY0rfFFZQHmTtUdxbku1vlgfLFWbqGQh6VbvR5Iwuc1BPux8zh
KeavaxvLD4PrmaogB4UdvzUOGg4JVVpRgHKYHMH0RcksLJu0fIJUN+0eFlvsmlm4
Qh5W3vlqi2pXJFp0yMF6q8YpzX8=
-----END CERTIFICATE-----
Generated at Fri May 17 07:10:15 2024 by rpki-client on console-fra.rpki-client.org