Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/6V8ilVK5cQ_f53I5gaoYlpeZRYo.roa
File: 6V8ilVK5cQ_f53I5gaoYlpeZRYo.roa (raw, json)
Hash identifier: RqbParCtuBfdo+m9YT2h45fvHfYY8+nCqcv4DaHARrQ=
Subject key identifier: E9:5F:22:95:52:B9:71:0F:DF:E7:72:39:81:AA:18:96:97:99:45:8A
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018F12B3DF1221903F729B2A5EFC9978E9AC
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/6V8ilVK5cQ_f53I5gaoYlpeZRYo.roa
Signing time: Thu 25 Apr 2024 00:42:08 +0000
ROA not before: Thu 25 Apr 2024 00:42:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200598
IP address blocks: 24.235.22.0/23 maxlen: 24
31.187.92.0/22 maxlen: 24
66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
69.72.72.0/22 maxlen: 24
74.124.204.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.110.184.0/22 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
85.204.28.0/23 maxlen: 24
86.106.28.0/23 maxlen: 24
89.20.50.0/23 maxlen: 24
89.37.60.0/23 maxlen: 24
89.39.184.0/23 maxlen: 24
89.40.236.0/23 maxlen: 24
91.210.80.0/22 maxlen: 24
91.217.106.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
95.215.144.0/22 maxlen: 24
121.127.48.0/20 maxlen: 24
128.0.60.0/22 maxlen: 24
134.199.80.0/20 maxlen: 24
141.193.108.0/22 maxlen: 24
141.193.214.0/23 maxlen: 24
158.247.56.0/22 maxlen: 24
162.216.138.0/23 maxlen: 24
162.250.216.0/22 maxlen: 24
168.149.248.0/23 maxlen: 24
173.214.200.0/22 maxlen: 24
176.111.54.0/23 maxlen: 24
176.222.48.0/22 maxlen: 24
178.216.184.0/21 maxlen: 24
188.215.12.0/22 maxlen: 24
193.91.8.0/23 maxlen: 24
194.149.76.0/22 maxlen: 24
195.78.90.0/23 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
199.48.230.0/23 maxlen: 24
204.15.4.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
205.220.216.0/23 maxlen: 24
217.144.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 06:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:12:b3:df:12:21:90:3f:72:9b:2a:5e:fc:99:78:e9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Apr 25 00:42:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e95f229552b9710fdfe7723981aa18969799458a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a0:3c:91:bc:d3:f8:1d:dc:b9:9b:45:aa:80:
36:f3:71:54:37:e6:1f:39:e1:bf:96:e6:4d:e2:dd:
ce:4e:65:eb:89:64:87:8e:2e:c6:7e:59:2d:a5:b0:
bc:86:8b:a1:10:e7:c8:91:e0:c3:ff:76:58:92:2b:
6c:6a:92:24:4b:06:c0:ea:1d:5e:28:2e:a0:fb:77:
46:f9:e5:32:95:6f:10:07:ff:d7:6d:fa:6b:f6:f3:
c0:a0:f6:d9:98:57:86:0b:46:01:f1:e2:af:a0:b4:
0d:38:a6:af:3f:3a:bf:74:14:d1:f3:61:f4:78:fa:
5c:44:1c:a4:5c:ab:3a:ab:ba:16:f4:14:98:b2:d1:
b3:b7:52:23:87:26:23:fa:f2:31:d4:63:d8:a2:ea:
24:85:22:ad:3e:af:96:fd:61:45:12:fc:48:cc:c9:
96:8a:b2:df:1d:4c:10:80:d1:33:28:bd:38:40:0c:
62:0e:11:6e:01:9b:8b:20:27:e5:b3:e2:f2:52:b3:
cd:e2:d5:54:52:11:3c:ff:ad:a8:db:f5:a4:93:ab:
6a:52:80:07:4c:46:3e:7d:b2:1e:75:5c:c4:c9:a9:
02:f4:ad:bf:f3:07:77:8c:68:b9:48:0f:1a:ff:95:
c3:a9:72:0e:5e:7c:98:46:97:66:b5:72:a0:4f:a4:
a1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5F:22:95:52:B9:71:0F:DF:E7:72:39:81:AA:18:96:97:99:45:8A
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/6V8ilVK5cQ_f53I5gaoYlpeZRYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.235.22.0/23
31.187.92.0/22
66.9.96.0/20
66.117.8.0/22
69.72.72.0/22
74.124.204.0/22
77.223.192.0-77.223.201.255
79.110.184.0/22
79.139.64.0/23
83.142.200.0/21
85.204.28.0/23
86.106.28.0/23
89.20.50.0/23
89.37.60.0/23
89.39.184.0/23
89.40.236.0/23
91.210.80.0/22
91.217.106.0/23
94.101.103.0/24
95.215.144.0/22
121.127.48.0/20
128.0.60.0/22
134.199.80.0/20
141.193.108.0/22
141.193.214.0/23
158.247.56.0/22
162.216.138.0/23
162.250.216.0/22
168.149.248.0/23
173.214.200.0/22
176.111.54.0/23
176.222.48.0/22
178.216.184.0/21
188.215.12.0/22
193.91.8.0/23
194.149.76.0/22
195.78.90.0/23
198.14.16.0/20
198.145.112.0/22
199.48.230.0/23
204.15.4.0/22
205.134.244.0/22
205.220.216.0/23
217.144.108.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:bd:8a:1c:db:ba:04:50:1c:20:9d:67:6b:3d:3b:6f:6a:5c:
b8:f9:16:ac:ab:2a:7c:72:ba:91:61:d7:22:35:3a:84:67:f8:
81:19:6b:34:54:a3:53:5a:89:b9:58:54:6d:d0:c6:cb:6f:bf:
3a:20:f9:eb:65:ad:e0:77:41:82:0a:71:e5:c7:43:74:7f:e7:
ae:a7:51:f2:8d:18:e3:18:ab:0f:95:d2:3f:55:7b:9c:61:11:
4e:f6:c5:76:bd:fe:7d:75:b2:bf:00:2f:12:42:d5:dd:03:1d:
1f:e1:0b:4a:79:9a:9e:e7:bf:06:79:62:79:62:18:2d:77:be:
0f:29:8c:c0:d0:e3:31:fd:ea:65:09:7d:a1:bc:6b:2e:fa:fe:
aa:8f:5b:0f:c1:85:be:25:1f:cc:37:24:b8:12:55:cb:86:cc:
19:90:c3:71:25:9c:57:27:52:7e:62:40:1f:fe:a8:98:38:de:
c9:7e:33:5e:dc:51:11:6c:e9:b6:75:6a:19:d1:72:60:99:5f:
08:fa:49:86:1c:ac:16:2f:4e:4d:09:21:4f:27:82:3b:dd:a6:
5c:ee:bc:01:bf:fb:d0:f7:fd:fd:93:6a:c2:45:e8:1b:d7:5d:
56:14:7e:92:ba:55:ce:7c:de:33:dc:7b:7e:05:bf:69:cd:33:
6d:ff:a4:38
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAY8Ss98SIZA/cpsqXvyZeOmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNDI1MDA0MjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTVmMjI5NTUyYjk3MTBmZGZlNzcyMzk4MWFhMTg5Njk3OTk0NThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaA8kbzT+B3cuZtFqoA283FUN+Yf
OeG/luZN4t3OTmXriWSHji7GflktpbC8houhEOfIkeDD/3ZYkitsapIkSwbA6h1e
KC6g+3dG+eUylW8QB//Xbfpr9vPAoPbZmFeGC0YB8eKvoLQNOKavPzq/dBTR82H0
ePpcRBykXKs6q7oW9BSYstGzt1IjhyYj+vIx1GPYouokhSKtPq+W/WFFEvxIzMmW
irLfHUwQgNEzKL04QAxiDhFuAZuLICfls+LyUrPN4tVUUhE8/62o2/Wkk6tqUoAH
TEY+fbIedVzEyakC9K2/8wd3jGi5SA8a/5XDqXIOXnyYRpdmtXKgT6ShBQIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFOlfIpVSuXEP3+dyOYGqGJaXmUWKMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvNlY4aWxWSzVjUV9mNTNJNWdhb1lscGVaUllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCARgEAgABMIIB
EAMEARjrFgMEAh+7XAMEBEIJYAMEAkJ1CAMEAkVISAMEAkp8zDAMAwQGTd/AAwQB
Td/IAwQCT264AwQBT4tAAwQDU47IAwQBVcwcAwQBVmocAwQBWRQyAwQBWSU8AwQB
WSe4AwQBWSjsAwQCW9JQAwQBW9lqAwQAXmVnAwQCX9eQAwQEeX8wAwQCgAA8AwQE
hsdQAwQCjcFsAwQBjcHWAwQCnvc4AwQBotiKAwQCovrYAwQBqJX4AwQCrdbIAwQB
sG82AwQCsN4wAwQDsti4AwQCvNcMAwQBwVsIAwQCwpVMAwQBw05aAwQExg4QAwQC
xpFwAwQBxzDmAwQCzA8EAwQCzYb0AwQBzdzYAwQC2ZBsMA0GCSqGSIb3DQEBCwUA
A4IBAQBsvYoc27oEUBwgnWdrPTtvaly4+Rasqyp8crqRYdciNTqEZ/iBGWs0VKNT
Wom5WFRt0MbLb786IPnrZa3gd0GCCnHlx0N0f+eup1HyjRjjGKsPldI/VXucYRFO
9sV2vf59dbK/AC8SQtXdAx0f4QtKeZqe578GeWJ5Yhgtd74PKYzA0OMx/eplCX2h
vGsu+v6qj1sPwYW+JR/MNyS4ElXLhswZkMNxJZxXJ1J+YkAf/qiYON7JfjNe3FER
bOm2dWoZ0XJgmV8I+kmGHKwWL05NCSFPJ4I73aZc7rwBv/vQ9/39k2rCRegb111W
FH6SulXOfN4z3Ht+Bb9pzTNt/6Q4
-----END CERTIFICATE-----
Generated at Mon May 27 13:38:56 2024 by rpki-client on console-fra.rpki-client.org