Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/2Zht8WdFUmfiF0UU825ykrLz1XM.roa
File: 2Zht8WdFUmfiF0UU825ykrLz1XM.roa (raw, json)
Hash identifier: T9RFJkr7Qhx4hLOYBMHoH23xPGNmrBoOhqmFIRqcsz8=
Subject key identifier: D9:98:6D:F1:67:45:52:67:E2:17:45:14:F3:6E:72:92:B2:F3:D5:73
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 019208BC91D7E905FC8EAAFF0C493C8C1A92
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/2Zht8WdFUmfiF0UU825ykrLz1XM.roa
Signing time: Thu 19 Sep 2024 05:23:48 +0000
ROA not before: Thu 19 Sep 2024 05:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16202
IP address blocks: 77.64.128.0/17 maxlen: 17
77.64.128.0/18 maxlen: 18
77.64.128.0/19 maxlen: 19
77.64.146.0/23 maxlen: 23
77.64.160.0/19 maxlen: 19
77.64.192.0/19 maxlen: 19
77.64.192.0/20 maxlen: 20
77.64.208.0/20 maxlen: 20
77.64.224.0/20 maxlen: 20
77.64.240.0/20 maxlen: 20
77.64.252.0/23 maxlen: 23
77.64.254.0/23 maxlen: 23
83.221.64.0/19 maxlen: 23
83.221.64.0/20 maxlen: 23
83.221.64.0/21 maxlen: 21
83.221.72.0/21 maxlen: 21
83.221.80.0/20 maxlen: 20
83.221.80.0/21 maxlen: 21
83.221.88.0/21 maxlen: 21
89.186.128.0/19 maxlen: 19
89.186.128.0/20 maxlen: 20
89.186.128.0/21 maxlen: 21
89.186.136.0/21 maxlen: 21
89.186.144.0/20 maxlen: 20
89.186.144.0/21 maxlen: 21
89.186.152.0/21 maxlen: 21
92.206.0.0/16 maxlen: 16
92.206.0.0/17 maxlen: 17
92.206.0.0/18 maxlen: 18
92.206.64.0/18 maxlen: 23
92.206.128.0/18 maxlen: 23
92.206.160.0/19 maxlen: 19
92.206.190.0/23 maxlen: 23
92.206.192.0/18 maxlen: 23
92.206.224.0/19 maxlen: 19
95.168.128.0/19 maxlen: 19
95.168.128.0/20 maxlen: 20
95.168.144.0/20 maxlen: 20
185.44.148.0/22 maxlen: 22
185.44.150.0/23 maxlen: 23
217.68.160.0/19 maxlen: 19
217.68.160.0/20 maxlen: 20
217.68.176.0/20 maxlen: 20
2a00:c1a0::/32 maxlen: 32
2a00:c1a0::/34 maxlen: 34
2a00:c1a0:4000::/34 maxlen: 34
2a00:c1a0:8000::/34 maxlen: 34
2a00:c1a0:c000::/34 maxlen: 34
2a02:2454:8000::/33 maxlen: 36
2a02:2457:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 Nov 2024 01:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:08:bc:91:d7:e9:05:fc:8e:aa:ff:0c:49:3c:8c:1a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Sep 19 05:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9986df167455267e2174514f36e7292b2f3d573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e4:f1:03:6f:b1:4c:63:6f:95:9c:6b:6a:72:
70:1a:40:43:5b:15:5b:e9:26:b4:80:4c:a3:9c:d3:
43:4b:47:0b:fb:ae:24:33:af:7a:69:e9:de:4c:a6:
28:ba:00:69:ae:f0:7f:93:f8:99:fb:de:3b:a1:f1:
12:f9:ed:80:2e:75:2f:08:29:db:43:37:ad:0a:76:
f4:f8:ff:1c:f6:df:05:ab:3c:da:1e:74:11:16:0e:
ab:a8:d0:1f:e2:6c:1e:7b:94:94:6c:1f:45:90:e4:
63:b3:de:ff:34:7e:e0:8f:49:94:d6:c0:4d:d1:88:
23:87:bd:fd:0a:a7:19:16:f4:d5:d9:a2:26:67:79:
c8:23:56:d3:1a:07:86:0d:6d:3b:2b:a0:73:8a:ca:
fa:69:54:e0:06:38:95:ad:95:ed:60:3f:3f:2d:9b:
dc:d1:e3:3a:7a:54:61:85:77:3f:3f:c3:26:87:d4:
07:fc:02:0a:9c:ee:5c:85:63:40:4e:e2:d4:6e:5d:
0e:cc:95:18:e9:61:46:b1:ea:b3:5e:c5:ab:b6:f9:
81:68:17:a3:a5:de:e7:2a:7f:b0:8c:6e:64:56:de:
c5:0c:2b:2d:2f:2d:42:44:ca:ed:10:07:26:99:dc:
80:a0:4c:cf:09:97:b3:be:05:a2:97:fc:27:51:99:
34:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:98:6D:F1:67:45:52:67:E2:17:45:14:F3:6E:72:92:B2:F3:D5:73
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/2Zht8WdFUmfiF0UU825ykrLz1XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.64.128.0/17
83.221.64.0/19
89.186.128.0/19
92.206.0.0/16
95.168.128.0/19
185.44.148.0/22
217.68.160.0/19
IPv6:
2a00:c1a0::/32
2a02:2454:8000::/33
2a02:2457:100::/40
Signature Algorithm: sha256WithRSAEncryption
1c:3b:ae:ca:53:76:80:25:c8:ea:21:2e:9a:2f:ee:44:4b:82:
03:0e:a8:a3:dd:65:eb:c9:97:a0:24:38:8f:19:4d:ef:ee:cd:
8f:67:01:13:73:ef:4c:5e:ae:28:ee:ca:a6:56:ea:7a:e3:46:
93:d8:cf:86:70:20:c6:14:69:69:bd:91:58:a0:8a:32:11:1b:
71:38:b3:f1:0f:ec:b0:bd:f7:d2:45:31:4d:ed:8d:8d:81:e9:
cd:e4:83:e8:90:da:5c:de:f9:ad:29:63:5f:ab:70:c6:e8:84:
b2:9b:b8:01:02:35:34:9b:05:9b:9d:0c:b7:46:51:2a:4b:1b:
1c:2e:f3:0b:77:68:e9:94:7c:d2:6b:a0:58:64:25:e3:72:93:
6e:97:79:51:f3:da:50:2c:58:2c:0e:9d:43:3b:e1:f7:10:28:
6d:a3:c4:1d:6a:82:00:b2:94:50:6b:17:bc:45:1b:cf:1c:11:
20:7c:8a:7a:cc:21:e4:e6:8e:d2:0f:3b:fe:2a:48:c6:0e:0c:
f7:b2:16:16:ff:08:c2:91:24:d4:3d:39:e1:fd:8f:f0:7c:84:
f8:6b:1f:4b:0d:40:0d:54:9e:e8:53:3a:38:4f:f9:04:bb:7e:
93:88:f0:b4:ec:62:d4:8a:14:5b:b4:d8:1d:63:74:f0:22:b6:
7e:f4:d5:20
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZIIvJHX6QX8jqr/DEk8jBqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjQwOTE5MDUyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk4NmRmMTY3NDU1MjY3ZTIxNzQ1MTRmMzZlNzI5MmIyZjNkNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+TxA2+xTGNvlZxranJwGkBDWxVb
6Sa0gEyjnNNDS0cL+64kM696aeneTKYougBprvB/k/iZ+947ofES+e2ALnUvCCnb
QzetCnb0+P8c9t8FqzzaHnQRFg6rqNAf4mwee5SUbB9FkORjs97/NH7gj0mU1sBN
0Ygjh739CqcZFvTV2aImZ3nII1bTGgeGDW07K6Bzisr6aVTgBjiVrZXtYD8/LZvc
0eM6elRhhXc/P8Mmh9QH/AIKnO5chWNATuLUbl0OzJUY6WFGseqzXsWrtvmBaBej
pd7nKn+wjG5kVt7FDCstLy1CRMrtEAcmmdyAoEzPCZezvgWil/wnUZk0hwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNmYbfFnRVJn4hdFFPNucpKy89VzMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvMlpodDhXZEZVbWZpRjBVVTgyNXlrckx6MVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAvBAIAATApAwQHTUCAAwQF
U91AAwQFWbqAAwMAXM4DBAVfqIADBAK5LJQDBAXZRKAwHQQCAAIwFwMFACoAwaAD
BgcqAiRUgAMGACoCJFcBMA0GCSqGSIb3DQEBCwUAA4IBAQAcO67KU3aAJcjqIS6a
L+5ES4IDDqij3WXryZegJDiPGU3v7s2PZwETc+9MXq4o7sqmVup640aT2M+GcCDG
FGlpvZFYoIoyERtxOLPxD+ywvffSRTFN7Y2NgenN5IPokNpc3vmtKWNfq3DG6ISy
m7gBAjU0mwWbnQy3RlEqSxscLvMLd2jplHzSa6BYZCXjcpNul3lR89pQLFgsDp1D
O+H3EChto8QdaoIAspRQaxe8RRvPHBEgfIp6zCHk5o7SDzv+KkjGDgz3shYW/wjC
kSTUPTnh/Y/wfIT4ax9LDUANVJ7oUzo4T/kEu36TiPC07GLUihRbtNgdY3TwIrZ+
9NUg
-----END CERTIFICATE-----
Generated at Fri Nov 29 07:34:34 2024 by rpki-client on console-fra.rpki-client.org