Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/6A_KcideDiv2Tb3kLBpoqiFTF9E.roa
File: 6A_KcideDiv2Tb3kLBpoqiFTF9E.roa (raw, json)
Hash identifier: 3QbMj/jZFJjjyKjhrfyaR2g0cyNgrnkQKC4vEI715pE=
Subject key identifier: E8:0F:CA:72:27:5E:0E:2B:F6:4D:BD:E4:2C:1A:68:AA:21:53:17:D1
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 018EEB0F82FEAE6FB9A17294952FAD5DB67D
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/6A_KcideDiv2Tb3kLBpoqiFTF9E.roa
Signing time: Wed 17 Apr 2024 07:57:26 +0000
ROA not before: Wed 17 Apr 2024 07:57:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16202
IP address blocks: 77.64.128.0/17 maxlen: 17
77.64.128.0/18 maxlen: 18
77.64.128.0/19 maxlen: 19
77.64.146.0/23 maxlen: 23
77.64.160.0/19 maxlen: 19
77.64.192.0/19 maxlen: 19
77.64.192.0/20 maxlen: 20
77.64.208.0/20 maxlen: 20
77.64.224.0/20 maxlen: 20
77.64.240.0/20 maxlen: 20
77.64.252.0/23 maxlen: 23
77.64.254.0/23 maxlen: 23
83.221.64.0/19 maxlen: 19
83.221.64.0/20 maxlen: 20
83.221.64.0/21 maxlen: 21
83.221.72.0/21 maxlen: 21
83.221.80.0/20 maxlen: 20
83.221.80.0/21 maxlen: 21
83.221.88.0/21 maxlen: 21
89.186.128.0/19 maxlen: 19
89.186.128.0/20 maxlen: 20
89.186.128.0/21 maxlen: 21
89.186.136.0/21 maxlen: 21
89.186.144.0/20 maxlen: 20
89.186.144.0/21 maxlen: 21
89.186.152.0/21 maxlen: 21
92.206.0.0/16 maxlen: 16
92.206.0.0/17 maxlen: 17
92.206.0.0/18 maxlen: 18
92.206.64.0/18 maxlen: 18
92.206.128.0/18 maxlen: 18
92.206.160.0/19 maxlen: 19
92.206.190.0/23 maxlen: 23
92.206.192.0/18 maxlen: 18
92.206.224.0/19 maxlen: 19
95.168.128.0/19 maxlen: 19
95.168.128.0/20 maxlen: 20
95.168.144.0/20 maxlen: 20
185.44.148.0/22 maxlen: 22
185.44.150.0/23 maxlen: 23
217.68.160.0/19 maxlen: 19
217.68.160.0/20 maxlen: 20
217.68.176.0/20 maxlen: 20
2a00:c1a0::/32 maxlen: 32
2a00:c1a0::/34 maxlen: 34
2a00:c1a0:4000::/34 maxlen: 34
2a00:c1a0:8000::/34 maxlen: 34
2a00:c1a0:c000::/34 maxlen: 34
2a02:2454:8000::/33 maxlen: 36
2a02:2457:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 07:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:eb:0f:82:fe:ae:6f:b9:a1:72:94:95:2f:ad:5d:b6:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Apr 17 07:57:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e80fca72275e0e2bf64dbde42c1a68aa215317d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:32:54:fe:a5:97:9b:41:3c:9d:d8:61:f1:08:
20:a2:24:6c:24:00:cd:a5:c1:aa:23:23:d6:15:af:
69:07:0f:f7:e9:1c:90:ba:d7:d6:11:ad:8a:34:9d:
79:f4:94:57:fc:78:dd:70:8f:57:dd:18:ba:d1:5b:
30:66:40:a6:2b:c3:7c:4f:3e:d0:d2:36:bd:08:cb:
23:a4:c6:20:b6:54:1b:32:57:96:88:3a:2d:ad:11:
b0:ed:2b:c8:02:b3:da:3c:8a:7b:e2:b8:4c:14:b1:
f4:52:4f:57:85:d0:a6:a4:86:cd:18:75:f9:35:61:
05:e2:a8:a0:41:f0:1a:1c:69:de:05:18:ad:cf:d1:
0f:a7:b8:3c:42:42:47:50:6a:dc:63:58:4a:18:a0:
b6:7f:e5:28:ae:09:55:47:d7:91:b9:6b:c0:50:76:
e7:a8:e3:f9:d3:14:f2:50:c4:54:28:25:cc:66:b0:
d0:dd:4a:91:7c:0f:98:05:c1:c6:09:96:a0:7f:8f:
26:3f:ab:ef:82:b0:9a:7c:15:d3:41:7f:4b:b5:6c:
67:b5:02:51:bb:17:bd:e7:0e:16:67:d3:c4:e2:46:
33:0b:5a:da:c6:55:53:4f:ea:cb:fb:18:9d:28:ce:
07:97:d9:ca:be:3b:0e:a6:c2:62:a7:4a:5b:fd:e6:
28:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:0F:CA:72:27:5E:0E:2B:F6:4D:BD:E4:2C:1A:68:AA:21:53:17:D1
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/6A_KcideDiv2Tb3kLBpoqiFTF9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.64.128.0/17
83.221.64.0/19
89.186.128.0/19
92.206.0.0/16
95.168.128.0/19
185.44.148.0/22
217.68.160.0/19
IPv6:
2a00:c1a0::/32
2a02:2454:8000::/33
2a02:2457:100::/40
Signature Algorithm: sha256WithRSAEncryption
59:73:a6:3f:a9:33:b5:c7:ee:f2:2a:2d:5f:e2:f1:67:aa:52:
54:24:26:22:7d:1b:b9:9a:bb:a1:2a:80:3b:6c:6b:0a:7c:41:
05:cc:f8:32:5d:af:2d:64:21:a5:93:12:1a:b6:54:1a:ba:f5:
65:2f:1c:a1:22:07:1b:08:b6:60:47:d6:ed:c8:b5:97:3f:8e:
2a:eb:10:ff:31:ab:1b:e4:35:5c:7f:25:3e:cf:34:36:ed:55:
f5:c5:86:1f:c7:f4:7f:38:c6:26:dd:fc:29:94:3b:67:cf:90:
d3:b4:57:70:b5:6d:1b:cf:1c:e2:df:5b:37:dc:d2:84:bc:9e:
0f:d1:de:3d:d9:d1:2c:5b:4f:b2:3e:fc:d8:e7:06:c0:79:81:
06:a3:c4:6a:b0:6b:ab:d6:e1:48:e4:12:32:38:d5:ca:60:5f:
c7:40:bf:cf:cf:f0:1a:74:3f:a0:b6:26:c8:2e:7a:bf:75:05:
32:97:9b:d5:a3:61:b6:f8:e9:b4:e0:a0:81:f8:bd:08:24:28:
9d:13:bb:da:75:c1:20:29:8f:00:07:a5:a8:ec:0a:1e:68:3c:
54:99:aa:04:14:d0:c2:f1:ef:83:14:f8:d8:62:05:1f:2d:1a:
bc:c5:90:43:d5:e5:7c:5b:cd:34:16:c0:fa:ef:d0:31:1e:4c:
63:f1:6d:1a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY7rD4L+rm+5oXKUlS+tXbZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjQwNDE3MDc1NzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODBmY2E3MjI3NWUwZTJiZjY0ZGJkZTQyYzFhNjhhYTIxNTMxN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzJU/qWXm0E8ndhh8QggoiRsJADN
pcGqIyPWFa9pBw/36RyQutfWEa2KNJ159JRX/HjdcI9X3Ri60VswZkCmK8N8Tz7Q
0ja9CMsjpMYgtlQbMleWiDotrRGw7SvIArPaPIp74rhMFLH0Uk9XhdCmpIbNGHX5
NWEF4qigQfAaHGneBRitz9EPp7g8QkJHUGrcY1hKGKC2f+UorglVR9eRuWvAUHbn
qOP50xTyUMRUKCXMZrDQ3UqRfA+YBcHGCZagf48mP6vvgrCafBXTQX9LtWxntQJR
uxe95w4WZ9PE4kYzC1raxlVTT+rL+xidKM4Hl9nKvjsOpsJip0pb/eYo+wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOgPynInXg4r9k295CwaaKohUxfRMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvNkFfS2NpZGVEaXYyVGIza0xCcG9xaUZURjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAvBAIAATApAwQHTUCAAwQF
U91AAwQFWbqAAwMAXM4DBAVfqIADBAK5LJQDBAXZRKAwHQQCAAIwFwMFACoAwaAD
BgcqAiRUgAMGACoCJFcBMA0GCSqGSIb3DQEBCwUAA4IBAQBZc6Y/qTO1x+7yKi1f
4vFnqlJUJCYifRu5mruhKoA7bGsKfEEFzPgyXa8tZCGlkxIatlQauvVlLxyhIgcb
CLZgR9btyLWXP44q6xD/Masb5DVcfyU+zzQ27VX1xYYfx/R/OMYm3fwplDtnz5DT
tFdwtW0bzxzi31s33NKEvJ4P0d492dEsW0+yPvzY5wbAeYEGo8RqsGur1uFI5BIy
ONXKYF/HQL/Pz/AadD+gtibILnq/dQUyl5vVo2G2+Om04KCB+L0IJCidE7vadcEg
KY8AB6Wo7AoeaDxUmaoEFNDC8e+DFPjYYgUfLRq8xZBD1eV8W800FsD679AxHkxj
8W0a
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:04:20 2024 by rpki-client on console-ams.rpki-client.org