Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/8gPhKheXwCBhy0_FdHqN_jUSWBc.roa
File: 8gPhKheXwCBhy0_FdHqN_jUSWBc.roa (raw, json)
Hash identifier: 0wFxDp+sf3/Urv0gFkRVg1d+Mor6Xl2jIm/sKdOjNIU=
Subject key identifier: F2:03:E1:2A:17:97:C0:20:61:CB:4F:C5:74:7A:8D:FE:35:12:58:17
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 018F2F3401119186F556487A54486318F611
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/8gPhKheXwCBhy0_FdHqN_jUSWBc.roa
Signing time: Tue 30 Apr 2024 13:31:28 +0000
ROA not before: Tue 30 Apr 2024 13:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16202
IP address blocks: 77.64.128.0/17 maxlen: 17
77.64.128.0/18 maxlen: 18
77.64.128.0/19 maxlen: 19
77.64.146.0/23 maxlen: 23
77.64.160.0/19 maxlen: 19
77.64.192.0/19 maxlen: 19
77.64.192.0/20 maxlen: 20
77.64.208.0/20 maxlen: 20
77.64.224.0/20 maxlen: 20
77.64.240.0/20 maxlen: 20
77.64.252.0/23 maxlen: 23
77.64.254.0/23 maxlen: 23
83.221.64.0/19 maxlen: 19
83.221.64.0/20 maxlen: 23
83.221.64.0/21 maxlen: 21
83.221.72.0/21 maxlen: 21
83.221.80.0/20 maxlen: 20
83.221.80.0/21 maxlen: 21
83.221.88.0/21 maxlen: 21
89.186.128.0/19 maxlen: 19
89.186.128.0/20 maxlen: 20
89.186.128.0/21 maxlen: 21
89.186.136.0/21 maxlen: 21
89.186.144.0/20 maxlen: 20
89.186.144.0/21 maxlen: 21
89.186.152.0/21 maxlen: 21
92.206.0.0/16 maxlen: 16
92.206.0.0/17 maxlen: 17
92.206.0.0/18 maxlen: 18
92.206.64.0/18 maxlen: 18
92.206.128.0/18 maxlen: 18
92.206.160.0/19 maxlen: 19
92.206.190.0/23 maxlen: 23
92.206.192.0/18 maxlen: 23
92.206.224.0/19 maxlen: 19
95.168.128.0/19 maxlen: 19
95.168.128.0/20 maxlen: 20
95.168.144.0/20 maxlen: 20
185.44.148.0/22 maxlen: 22
185.44.150.0/23 maxlen: 23
217.68.160.0/19 maxlen: 19
217.68.160.0/20 maxlen: 20
217.68.176.0/20 maxlen: 20
2a00:c1a0::/32 maxlen: 32
2a00:c1a0::/34 maxlen: 34
2a00:c1a0:4000::/34 maxlen: 34
2a00:c1a0:8000::/34 maxlen: 34
2a00:c1a0:c000::/34 maxlen: 34
2a02:2454:8000::/33 maxlen: 36
2a02:2457:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:34:01:11:91:86:f5:56:48:7a:54:48:63:18:f6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Apr 30 13:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f203e12a1797c02061cb4fc5747a8dfe35125817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:75:a7:d4:94:17:d0:fa:57:4b:6f:c7:bb:14:
f8:2a:37:10:97:c6:ca:c6:dc:77:f5:02:6d:e9:d9:
75:bf:30:ec:0a:05:c8:10:3a:97:56:4e:b4:2a:b0:
85:79:95:ff:01:b7:e3:1c:a7:6e:d9:f0:39:dd:b6:
1a:52:c3:6d:bd:51:c5:00:41:c3:b9:94:ad:94:33:
7c:58:7a:76:43:8c:66:81:b6:77:8b:e9:5f:df:6f:
eb:f1:f0:ea:03:5e:d0:0b:e8:a4:31:85:a4:f7:77:
f1:2c:eb:13:c7:9b:49:37:1b:4b:2b:de:fe:77:09:
8b:8d:60:36:cf:89:a8:c9:01:6a:4c:ca:73:1b:f5:
b9:16:f0:b0:f8:d8:f4:f1:31:b6:cb:63:c1:f2:ed:
de:fe:fb:6b:0a:1b:c0:4d:e2:37:50:59:1f:f8:35:
6c:f4:71:97:de:38:f9:f8:3e:c4:1e:b9:f3:71:32:
8d:45:4e:83:42:e4:42:a5:cc:c9:04:fa:bc:28:2a:
58:87:e5:5b:39:17:cb:bd:dd:51:7b:05:bf:fd:ac:
42:65:4b:44:af:73:ad:2e:c2:93:3f:3c:e3:04:fe:
26:cf:a5:ba:91:20:ee:6c:69:8c:0d:e4:c1:fb:72:
41:6c:36:9b:85:c1:fd:fb:0d:ff:ea:7a:c6:46:7e:
71:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:03:E1:2A:17:97:C0:20:61:CB:4F:C5:74:7A:8D:FE:35:12:58:17
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/8gPhKheXwCBhy0_FdHqN_jUSWBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.64.128.0/17
83.221.64.0/19
89.186.128.0/19
92.206.0.0/16
95.168.128.0/19
185.44.148.0/22
217.68.160.0/19
IPv6:
2a00:c1a0::/32
2a02:2454:8000::/33
2a02:2457:100::/40
Signature Algorithm: sha256WithRSAEncryption
02:19:cb:a7:08:51:88:8d:b0:19:a4:00:48:7d:09:51:66:30:
ad:5a:6c:11:03:40:2d:b7:e9:b5:57:84:ce:31:2a:64:9f:94:
a9:94:13:f8:14:f6:7a:f9:71:61:3b:65:43:e4:86:5b:93:1d:
b5:c2:e5:f7:cf:f0:10:20:08:a4:f5:fc:71:3e:fa:dc:63:40:
4b:28:a1:74:e3:0b:a6:e7:28:98:98:53:b0:4a:25:df:aa:8a:
8c:9c:3c:ff:7e:04:02:7a:23:5e:93:41:40:7f:89:b9:80:3a:
93:96:c5:e2:c8:b8:6a:c3:ea:e7:29:86:3f:0a:b7:6f:c7:68:
1f:46:58:9b:f7:83:21:47:d8:2c:57:0a:19:75:ce:2a:54:1f:
87:2d:65:e4:79:8b:ca:42:ec:28:50:d3:bd:8c:c9:5c:d6:61:
61:9c:83:d4:cb:66:8f:78:9c:21:cb:6a:f8:7b:44:1a:89:aa:
6c:ca:cc:67:bd:03:53:ed:59:96:5c:cd:2b:f9:9b:13:1a:9a:
17:04:f7:75:ca:9a:78:53:0e:2d:c6:ca:a6:d7:ae:79:be:a0:
3e:64:20:a3:c2:16:05:6d:d3:d9:89:c4:e4:9c:a9:27:28:91:
23:f2:20:bd:54:e0:b1:c7:fb:8e:54:bb:d5:45:94:2b:b9:d4:
89:a7:ac:4f
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY8vNAERkYb1Vkh6VEhjGPYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjQwNDMwMTMzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjAzZTEyYTE3OTdjMDIwNjFjYjRmYzU3NDdhOGRmZTM1MTI1ODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XWn1JQX0PpXS2/HuxT4KjcQl8bK
xtx39QJt6dl1vzDsCgXIEDqXVk60KrCFeZX/AbfjHKdu2fA53bYaUsNtvVHFAEHD
uZStlDN8WHp2Q4xmgbZ3i+lf32/r8fDqA17QC+ikMYWk93fxLOsTx5tJNxtLK97+
dwmLjWA2z4moyQFqTMpzG/W5FvCw+Nj08TG2y2PB8u3e/vtrChvATeI3UFkf+DVs
9HGX3jj5+D7EHrnzcTKNRU6DQuRCpczJBPq8KCpYh+VbORfLvd1RewW//axCZUtE
r3OtLsKTPzzjBP4mz6W6kSDubGmMDeTB+3JBbDabhcH9+w3/6nrGRn5x0QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPID4SoXl8AgYctPxXR6jf41ElgXMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvOGdQaEtoZVh3Q0JoeTBfRmRIcU5falVTV0JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAvBAIAATApAwQHTUCAAwQF
U91AAwQFWbqAAwMAXM4DBAVfqIADBAK5LJQDBAXZRKAwHQQCAAIwFwMFACoAwaAD
BgcqAiRUgAMGACoCJFcBMA0GCSqGSIb3DQEBCwUAA4IBAQACGcunCFGIjbAZpABI
fQlRZjCtWmwRA0Att+m1V4TOMSpkn5SplBP4FPZ6+XFhO2VD5IZbkx21wuX3z/AQ
IAik9fxxPvrcY0BLKKF04wum5yiYmFOwSiXfqoqMnDz/fgQCeiNek0FAf4m5gDqT
lsXiyLhqw+rnKYY/Crdvx2gfRlib94MhR9gsVwoZdc4qVB+HLWXkeYvKQuwoUNO9
jMlc1mFhnIPUy2aPeJwhy2r4e0QaiapsysxnvQNT7VmWXM0r+ZsTGpoXBPd1ypp4
Uw4txsqm1655vqA+ZCCjwhYFbdPZicTknKknKJEj8iC9VOCxx/uOVLvVRZQrudSJ
p6xP
-----END CERTIFICATE-----
Generated at Tue May 21 11:38:30 2024 by rpki-client on console-ams.rpki-client.org