Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/x9ZzBVcbmaAuHBV29y6JgRXSk4M.roa
File: x9ZzBVcbmaAuHBV29y6JgRXSk4M.roa (raw, json)
Hash identifier: fB55gl0dIZUumtqVothDq82RCTuuegDK8zz7R8ns3w4=
Subject key identifier: C7:D6:73:05:57:1B:99:A0:2E:1C:15:76:F7:2E:89:81:15:D2:93:83
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 018DAC0487E1E6545AF881B5CF48EEAF720A
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/x9ZzBVcbmaAuHBV29y6JgRXSk4M.roa
Signing time: Thu 15 Feb 2024 09:06:34 +0000
ROA not before: Thu 15 Feb 2024 09:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35244
IP address blocks: 46.128.0.0/16 maxlen: 16
77.47.0.0/17 maxlen: 17
83.243.112.0/21 maxlen: 21
85.233.32.0/19 maxlen: 19
88.215.64.0/18 maxlen: 18
95.157.0.0/18 maxlen: 18
109.125.64.0/18 maxlen: 18
185.169.204.0/22 maxlen: 22
193.25.118.0/23 maxlen: 23
194.105.96.0/21 maxlen: 21
195.46.44.0/22 maxlen: 22
195.234.128.0/24 maxlen: 24
2001:4c50::/32 maxlen: 32
2a02:2455::/33 maxlen: 33
2a02:2457:300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 Nov 2024 01:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:04:87:e1:e6:54:5a:f8:81:b5:cf:48:ee:af:72:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Feb 15 09:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7d67305571b99a02e1c1576f72e898115d29383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:95:2e:67:0c:78:15:02:a7:1d:d5:da:40:f2:
a1:2b:b2:a4:09:db:3c:e9:77:58:86:64:9f:f5:de:
8a:47:b0:0b:c1:34:59:0b:3b:c7:39:bf:b4:ed:cd:
00:69:e9:57:bf:27:08:df:13:b7:ca:81:73:e7:2b:
d6:c6:6e:c8:e7:58:7f:b0:e0:59:89:5c:5c:7f:95:
45:be:af:45:ca:b3:38:23:db:50:15:37:7d:f6:cb:
4c:ff:d3:be:67:26:82:35:30:c2:ba:e2:6c:85:34:
b5:5f:13:66:df:b0:8c:92:e3:50:d7:76:e1:45:32:
51:4e:e6:4b:16:7d:b6:79:d4:a2:1c:ee:27:55:29:
42:48:eb:80:f3:5d:9c:19:4f:31:dd:cc:d4:1c:26:
2d:2b:2a:a1:ff:a2:f3:ec:47:d0:e1:8a:64:26:86:
9c:80:de:32:b4:8a:1a:0c:9d:a8:c7:36:91:1b:28:
6c:34:e5:78:ce:6e:21:89:78:5a:81:9c:47:8a:d9:
18:1b:3a:9d:c1:43:8e:82:6e:f9:bf:4b:11:66:4c:
81:66:00:aa:35:ef:79:8b:de:96:8c:1e:9e:a4:f1:
19:56:de:2a:03:e6:38:e4:ca:9f:50:54:a0:01:1c:
38:4f:d8:f0:3e:51:d3:4c:f5:f4:f8:8c:5a:a9:bb:
02:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D6:73:05:57:1B:99:A0:2E:1C:15:76:F7:2E:89:81:15:D2:93:83
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/x9ZzBVcbmaAuHBV29y6JgRXSk4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.128.0.0/16
77.47.0.0/17
83.243.112.0/21
85.233.32.0/19
88.215.64.0/18
95.157.0.0/18
109.125.64.0/18
185.169.204.0/22
193.25.118.0/23
194.105.96.0/21
195.46.44.0/22
195.234.128.0/24
IPv6:
2001:4c50::/32
2a02:2455::/33
2a02:2457:300::/40
Signature Algorithm: sha256WithRSAEncryption
78:e8:22:1f:b4:a6:4f:03:a3:19:79:01:ba:63:71:ab:df:84:
93:17:18:7a:6c:21:8d:93:0b:18:ce:65:b3:08:82:69:67:60:
8f:b9:dc:9c:05:f5:d1:db:ff:c0:25:c9:d7:c5:40:de:0a:6c:
33:da:2d:fc:2d:dc:0d:0b:7b:69:21:c3:a3:03:84:a1:db:83:
65:b9:65:dd:2e:66:f3:75:6a:6f:36:13:40:f9:65:d1:a8:f9:
ff:d4:7a:ad:82:a0:29:81:76:82:8f:2c:7b:5d:04:50:67:ae:
77:5b:b5:1a:33:6e:87:b2:39:ed:ab:88:a1:57:b8:0d:b1:d7:
94:97:70:01:9b:4b:92:5d:a8:4d:3f:35:fb:5c:29:66:2b:8b:
9c:af:d3:4c:1f:a6:d0:dd:f2:95:16:a6:f0:44:d1:10:0f:60:
25:da:4f:87:ba:30:29:19:b9:d9:d9:63:3a:fb:f4:a7:61:f0:
0d:c2:d5:42:41:13:b5:fb:58:84:24:58:8f:0d:1a:4f:83:af:
3e:ca:31:73:82:4a:41:41:d7:89:d7:80:6f:47:c8:11:b5:79:
87:cb:a1:be:be:00:76:3b:0a:cc:f2:cb:7e:f1:51:48:cd:d4:
fd:c9:cc:f8:2b:6c:77:f9:4c:c5:42:88:be:65:52:73:74:45:
b8:f6:07:ab
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY2sBIfh5lRa+IG1z0jur3IKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjQwMjE1MDkwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Q2NzMwNTU3MWI5OWEwMmUxYzE1NzZmNzJlODk4MTE1ZDI5MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpUuZwx4FQKnHdXaQPKhK7KkCds8
6XdYhmSf9d6KR7ALwTRZCzvHOb+07c0AaelXvycI3xO3yoFz5yvWxm7I51h/sOBZ
iVxcf5VFvq9FyrM4I9tQFTd99stM/9O+ZyaCNTDCuuJshTS1XxNm37CMkuNQ13bh
RTJRTuZLFn22edSiHO4nVSlCSOuA812cGU8x3czUHCYtKyqh/6Lz7EfQ4YpkJoac
gN4ytIoaDJ2oxzaRGyhsNOV4zm4hiXhagZxHitkYGzqdwUOOgm75v0sRZkyBZgCq
Ne95i96WjB6epPEZVt4qA+Y45MqfUFSgARw4T9jwPlHTTPX0+IxaqbsCjwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFMfWcwVXG5mgLhwVdvcuiYEV0pODMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEveDlaekJWY2JtYUF1SEJWMjl5NkpnUlhTazRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBNBAIAATBHAwMALoADBAdN
LwADBANT83ADBAVV6SADBAZY10ADBAZfnQADBAZtfUADBAK5qcwDBAHBGXYDBAPC
aWADBALDLiwDBADD6oAwHQQCAAIwFwMFACABTFADBgcqAiRVAAMGACoCJFcDMA0G
CSqGSIb3DQEBCwUAA4IBAQB46CIftKZPA6MZeQG6Y3Gr34STFxh6bCGNkwsYzmWz
CIJpZ2CPudycBfXR2//AJcnXxUDeCmwz2i38LdwNC3tpIcOjA4Sh24NluWXdLmbz
dWpvNhNA+WXRqPn/1HqtgqApgXaCjyx7XQRQZ653W7UaM26Hsjntq4ihV7gNsdeU
l3ABm0uSXahNPzX7XClmK4ucr9NMH6bQ3fKVFqbwRNEQD2Al2k+HujApGbnZ2WM6
+/SnYfANwtVCQRO1+1iEJFiPDRpPg68+yjFzgkpBQdeJ14BvR8gRtXmHy6G+vgB2
OwrM8st+8VFIzdT9ycz4K2x3+UzFQoi+ZVJzdEW49ger
-----END CERTIFICATE-----
Generated at Fri Nov 29 07:34:34 2024 by rpki-client on console-fra.rpki-client.org