Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/b7TqBep5mNwANC5NJlLhL6aJmH0.roa
File: b7TqBep5mNwANC5NJlLhL6aJmH0.roa (raw, json)
Hash identifier: tQikeaLzWW6DYM2+z84Z0Dwoa24vrg/rj1JbeOBXXNk=
Subject key identifier: 6F:B4:EA:05:EA:79:98:DC:00:34:2E:4D:26:52:E1:2F:A6:89:98:7D
Certificate issuer: /CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
Certificate serial: 018CC94D71E2CE8FDA1C4DB1224FDE0F291C
Authority key identifier: 68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/b7TqBep5mNwANC5NJlLhL6aJmH0.roa
Signing time: Tue 02 Jan 2024 08:32:24 +0000
ROA not before: Tue 02 Jan 2024 08:32:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6752
IP address blocks: 80.80.85.0/24 maxlen: 24
80.80.84.0/22 maxlen: 22
80.80.84.0/24 maxlen: 24
80.80.92.0/22 maxlen: 22
185.87.36.0/22 maxlen: 22
185.33.0.0/22 maxlen: 22
194.158.64.0/22 maxlen: 22
194.158.64.0/24 maxlen: 24
194.158.64.0/19 maxlen: 19
194.158.68.0/22 maxlen: 22
194.158.78.0/24 maxlen: 24
194.158.72.0/23 maxlen: 23
194.158.72.0/22 maxlen: 22
194.158.76.0/22 maxlen: 22
185.87.40.0/22 maxlen: 22
185.87.44.0/22 maxlen: 22
185.87.46.0/23 maxlen: 23
188.241.26.0/23 maxlen: 23
91.187.64.0/19 maxlen: 19
91.187.64.0/22 maxlen: 22
91.187.68.0/22 maxlen: 22
91.187.76.0/22 maxlen: 22
91.187.72.0/22 maxlen: 22
91.187.84.0/22 maxlen: 22
91.187.83.0/24 maxlen: 24
91.187.80.0/22 maxlen: 22
91.187.88.0/22 maxlen: 22
89.150.4.0/22 maxlen: 22
89.150.2.0/23 maxlen: 23
89.150.8.0/22 maxlen: 22
89.150.12.0/22 maxlen: 22
91.187.93.0/24 maxlen: 24
91.187.92.0/22 maxlen: 22
185.194.56.0/22 maxlen: 22
185.194.59.0/24 maxlen: 24
46.172.224.0/19 maxlen: 19
46.172.232.0/22 maxlen: 22
185.4.52.0/22 maxlen: 22
94.125.138.0/23 maxlen: 23
94.125.140.0/23 maxlen: 23
185.132.200.0/22 maxlen: 22
109.111.96.0/24 maxlen: 24
109.111.96.0/22 maxlen: 22
109.111.96.0/19 maxlen: 19
109.111.100.0/22 maxlen: 22
109.111.104.0/22 maxlen: 22
109.111.108.0/22 maxlen: 22
109.111.112.0/22 maxlen: 22
109.111.111.0/24 maxlen: 24
109.111.116.0/22 maxlen: 22
85.94.164.0/22 maxlen: 22
109.111.124.0/22 maxlen: 22
109.111.120.0/22 maxlen: 22
85.94.160.0/19 maxlen: 19
85.94.160.0/22 maxlen: 22
85.94.168.0/22 maxlen: 22
85.94.172.0/22 maxlen: 22
85.94.176.0/22 maxlen: 22
85.94.184.0/22 maxlen: 22
85.94.180.0/22 maxlen: 22
194.158.80.0/22 maxlen: 22
194.158.84.0/22 maxlen: 22
194.158.84.0/24 maxlen: 24
194.158.85.0/24 maxlen: 24
194.158.88.0/22 maxlen: 22
194.158.95.0/24 maxlen: 24
194.158.92.0/22 maxlen: 22
85.94.188.0/22 maxlen: 22
46.175.158.0/24 maxlen: 24
46.175.157.0/24 maxlen: 24
46.175.156.0/24 maxlen: 24
46.175.156.0/22 maxlen: 22
46.175.159.0/24 maxlen: 24
2a02:8060::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/aBzk2Zuo67kaeUq_y90VveCcmfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/aBzk2Zuo67kaeUq_y90VveCcmfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:71:e2:ce:8f:da:1c:4d:b1:22:4f:de:0f:29:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=681ce4d99ba8ebb91a794abfcbdd15bde09c99f8
Validity
Not Before: Jan 2 08:32:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fb4ea05ea7998dc00342e4d2652e12fa689987d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9b:1a:53:a9:ec:be:92:21:a4:6b:c0:20:ff:
d5:e6:c9:49:5d:4a:d3:60:ed:89:42:c0:f5:78:0b:
3d:99:36:69:f2:bf:ff:cf:d9:8e:39:2f:12:51:e3:
64:69:7b:5c:19:db:40:7d:68:14:b3:7a:fa:1a:19:
ce:cb:72:95:19:16:27:15:81:4f:05:0d:5d:ed:f2:
6e:c1:15:fa:78:b0:56:61:f3:db:70:d4:06:a0:5b:
71:e4:be:e9:a5:72:de:49:3d:31:45:0d:0d:52:9a:
5a:ea:f1:05:48:37:d3:da:9f:6b:d5:a2:36:48:bb:
77:20:fa:f0:1f:35:35:54:16:49:16:c0:83:92:10:
65:a1:22:5d:07:c3:5c:b4:5d:ff:f1:41:7a:ea:d2:
ed:57:9c:66:24:4b:7a:d4:d9:d9:94:fc:94:4d:31:
0e:c3:07:fe:f4:7c:d8:af:33:3a:de:e2:ae:1f:89:
40:e8:ba:4e:ca:11:1f:e7:1e:b5:6a:3a:3f:84:8c:
5c:1b:87:9a:07:de:da:5d:d0:cd:76:da:1f:fd:d7:
52:ef:97:07:5e:15:79:43:9b:5c:2e:09:25:25:07:
51:c9:2a:17:46:94:e1:3c:35:b2:5f:e6:48:6d:e1:
b9:5e:3e:65:5f:a1:78:5c:e7:34:dc:d0:8f:50:7f:
de:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:B4:EA:05:EA:79:98:DC:00:34:2E:4D:26:52:E1:2F:A6:89:98:7D
X509v3 Authority Key Identifier:
keyid:68:1C:E4:D9:9B:A8:EB:B9:1A:79:4A:BF:CB:DD:15:BD:E0:9C:99:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBzk2Zuo67kaeUq_y90VveCcmfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/b7TqBep5mNwANC5NJlLhL6aJmH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/6b9ee8-924b-4a31-a464-9f99c1477fbe/1/aBzk2Zuo67kaeUq_y90VveCcmfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.172.224.0/19
46.175.156.0/22
80.80.84.0/22
80.80.92.0/22
85.94.160.0/19
89.150.2.0-89.150.15.255
91.187.64.0/19
94.125.138.0-94.125.141.255
109.111.96.0/19
185.4.52.0/22
185.33.0.0/22
185.87.36.0-185.87.47.255
185.132.200.0/22
185.194.56.0/22
188.241.26.0/23
194.158.64.0/19
IPv6:
2a02:8060::/31
Signature Algorithm: sha256WithRSAEncryption
75:85:d9:27:71:2e:8b:a8:a5:a2:e5:ff:54:9e:36:9f:e1:b1:
98:ba:85:11:7f:b5:72:40:fd:4d:7c:04:cc:08:52:b5:cf:a0:
43:4c:1b:f0:b4:5a:1c:82:7c:93:31:c4:df:b8:71:6d:54:93:
57:b0:73:2f:a8:35:36:cb:8a:81:bb:5e:95:82:19:66:0e:2f:
52:5d:71:48:1d:c8:12:81:9c:27:91:d5:a9:bb:45:14:db:90:
e5:c7:eb:55:2b:7c:e1:56:c2:fb:56:06:eb:bd:49:f5:fd:e9:
20:00:91:46:6d:86:28:44:0b:a0:b3:70:82:dc:89:72:c4:e5:
78:ec:9e:28:91:ba:66:9d:62:43:5e:36:e7:f6:aa:c1:d4:a1:
23:71:6b:e0:49:02:28:f4:62:e9:7f:f3:cd:62:a0:59:12:ac:
1f:b8:bf:31:0c:a4:b4:db:e7:06:1d:7d:d4:42:94:ba:a4:92:
f6:7a:86:d4:dc:9b:1f:8a:ed:74:56:70:23:d3:51:10:d3:21:
7b:e3:11:22:4f:be:87:2b:ac:ac:3e:15:d6:46:4d:57:75:df:
b4:3d:9d:8f:07:f5:ae:cc:bc:87:9a:b9:19:e9:64:42:cb:21:
21:06:df:89:51:40:90:4c:62:7f:27:f0:d7:b9:0a:36:97:54:
7b:5e:68:04
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYzJTXHizo/aHE2xIk/eDykcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MWNlNGQ5OWJhOGViYjkxYTc5NGFiZmNiZGQxNWJkZTA5
Yzk5ZjgwHhcNMjQwMTAyMDgzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmI0ZWEwNWVhNzk5OGRjMDAzNDJlNGQyNjUyZTEyZmE2ODk5ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JsaU6nsvpIhpGvAIP/V5slJXUrT
YO2JQsD1eAs9mTZp8r//z9mOOS8SUeNkaXtcGdtAfWgUs3r6GhnOy3KVGRYnFYFP
BQ1d7fJuwRX6eLBWYfPbcNQGoFtx5L7ppXLeST0xRQ0NUppa6vEFSDfT2p9r1aI2
SLt3IPrwHzU1VBZJFsCDkhBloSJdB8NctF3/8UF66tLtV5xmJEt61NnZlPyUTTEO
wwf+9HzYrzM63uKuH4lA6LpOyhEf5x61ajo/hIxcG4eaB97aXdDNdtof/ddS75cH
XhV5Q5tcLgklJQdRySoXRpThPDWyX+ZIbeG5Xj5lX6F4XOc03NCPUH/emwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFG+06gXqeZjcADQuTSZS4S+miZh9MB8GA1UdIwQY
MBaAFGgc5NmbqOu5GnlKv8vdFb3gnJn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJ6azJadW82N2thZVVxX3k5MFZ2ZUNjbWZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi82YjllZTgtOTI0Yi00YTMxLWE0NjQt
OWY5OWMxNDc3ZmJlLzEvYjdUcUJlcDVtTndBTkM1TkpsTGhMNmFKbUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi82YjllZTgtOTI0Yi00YTMxLWE0NjQtOWY5OWMxNDc3ZmJl
LzEvYUJ6azJadW82N2thZVVxX3k5MFZ2ZUNjbWZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQFLqzg
AwQCLq+cAwQCUFBUAwQCUFBcAwQFVV6gMAwDBAFZlgIDBARZlgADBAVbu0AwDAME
AV59igMEAV59jAMEBW1vYAMEArkENAMEArkhADAMAwQCuVckAwQEuVcgAwQCuYTI
AwQCucI4AwQBvPEaAwQFwp5AMA0EAgACMAcDBQEqAoBgMA0GCSqGSIb3DQEBCwUA
A4IBAQB1hdkncS6LqKWi5f9Unjaf4bGYuoURf7VyQP1NfATMCFK1z6BDTBvwtFoc
gnyTMcTfuHFtVJNXsHMvqDU2y4qBu16VghlmDi9SXXFIHcgSgZwnkdWpu0UU25Dl
x+tVK3zhVsL7VgbrvUn1/ekgAJFGbYYoRAugs3CC3IlyxOV47J4okbpmnWJDXjbn
9qrB1KEjcWvgSQIo9GLpf/PNYqBZEqwfuL8xDKS02+cGHX3UQpS6pJL2eobU3Jsf
iu10VnAj01EQ0yF74xEiT76HK6ysPhXWRk1Xdd+0PZ2PB/WuzLyHmrkZ6WRCyyEh
Bt+JUUCQTGJ/J/DXuQo2l1R7XmgE
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:55:17 2024 by rpki-client on console-ams.rpki-client.org