Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/rMqgPmuTcX0uOPrau-nqkd-4TH8.roa
File: rMqgPmuTcX0uOPrau-nqkd-4TH8.roa (raw, json)
Hash identifier: vkg34KLbuhuegTOg1RpSfKiHEXGhXLQG2nJBi/zKyCk=
Subject key identifier: AC:CA:A0:3E:6B:93:71:7D:2E:38:FA:DA:BB:E9:EA:91:DF:B8:4C:7F
Certificate issuer: /CN=a79bba2805a988954e4fec42570530f16f9e7093
Certificate serial: 018CC3B6E190E8B656A943D99B31A61F8F74
Authority key identifier: A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/rMqgPmuTcX0uOPrau-nqkd-4TH8.roa
Signing time: Mon 01 Jan 2024 06:29:51 +0000
ROA not before: Mon 01 Jan 2024 06:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34343
IP address blocks: 81.171.64.0/23 maxlen: 24
81.171.64.0/20 maxlen: 20
81.171.67.0/24 maxlen: 24
81.171.74.0/24 maxlen: 24
81.171.73.0/24 maxlen: 24
81.171.72.0/24 maxlen: 24
81.171.83.0/24 maxlen: 24
81.171.88.0/21 maxlen: 24
81.171.88.0/22 maxlen: 24
81.171.32.0/20 maxlen: 24
185.90.196.0/22 maxlen: 22
81.171.96.0/24 maxlen: 24
81.171.92.0/23 maxlen: 24
81.171.100.0/22 maxlen: 24
193.108.27.0/24 maxlen: 24
2001:4de0:1005::/48 maxlen: 48
2001:4de0::/32 maxlen: 48
2001:4de0:3::/48 maxlen: 48
2001:4de0:2::/48 maxlen: 48
2001:4de0:aaa0::/44 maxlen: 48
2001:4de0::/46 maxlen: 48
2001:4de0:1004::/48 maxlen: 48
2001:4de0:aaad::/48 maxlen: 48
2001:4de0:1::/48 maxlen: 48
2001:4de0:101::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e1:90:e8:b6:56:a9:43:d9:9b:31:a6:1f:8f:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79bba2805a988954e4fec42570530f16f9e7093
Validity
Not Before: Jan 1 06:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=accaa03e6b93717d2e38fadabbe9ea91dfb84c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:32:53:f9:81:7a:33:73:fe:cd:31:24:a3:17:
95:7e:69:7a:a5:87:3e:25:11:49:f1:26:9b:38:5d:
d2:54:1e:95:3f:13:2c:5d:a8:58:45:24:4f:18:96:
24:8d:cc:47:79:01:39:ea:4f:91:d0:2a:93:25:4a:
ae:87:22:9a:4f:08:51:d7:50:1d:78:2e:30:7f:51:
8f:e8:98:81:c9:64:1e:37:49:08:26:25:6b:aa:39:
45:1e:a0:06:6b:83:27:fc:a6:fc:04:41:34:83:ef:
5e:7a:c5:75:ad:2f:c9:64:d9:a0:da:15:b4:9a:b3:
5d:86:0b:fc:74:33:01:dc:fc:69:03:f9:77:e8:a0:
16:e2:24:02:d5:19:c7:d7:8f:93:45:42:79:64:44:
b0:c4:4c:a0:58:1a:c2:e2:b7:e7:a4:d9:72:6d:f9:
04:b4:4f:f9:a3:2f:5d:38:b3:62:6d:dd:12:3d:31:
a7:b9:09:d3:1b:01:06:01:8e:71:57:f3:bf:24:aa:
0a:ce:59:81:0b:b3:3a:a5:3f:ea:d1:aa:61:44:5f:
64:61:56:38:5f:1e:74:91:7a:da:c4:51:58:e8:fa:
81:51:40:e5:c0:8e:a7:7d:c4:c0:b4:f0:19:f7:e6:
71:f1:71:d5:19:49:a6:32:db:ec:d4:53:7b:f6:d9:
95:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:CA:A0:3E:6B:93:71:7D:2E:38:FA:DA:BB:E9:EA:91:DF:B8:4C:7F
X509v3 Authority Key Identifier:
keyid:A7:9B:BA:28:05:A9:88:95:4E:4F:EC:42:57:05:30:F1:6F:9E:70:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5u6KAWpiJVOT-xCVwUw8W-ecJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/rMqgPmuTcX0uOPrau-nqkd-4TH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d140fb-03ae-45d9-8ddc-e1ed9dd2a02a/1/p5u6KAWpiJVOT-xCVwUw8W-ecJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.171.32.0/20
81.171.64.0/20
81.171.83.0/24
81.171.88.0-81.171.96.255
81.171.100.0/22
185.90.196.0/22
193.108.27.0/24
IPv6:
2001:4de0::/32
Signature Algorithm: sha256WithRSAEncryption
2e:ed:5e:6f:6b:cc:f3:ca:55:6b:34:98:9b:bd:b1:c2:08:61:
ac:0e:e8:51:bf:c1:ae:c1:99:71:b9:bd:3b:ca:b3:1b:bb:49:
00:61:e2:17:24:c2:b5:e6:29:82:e1:79:bb:4f:3b:c6:a7:b6:
9a:7f:da:19:e8:e7:37:32:4e:c6:c1:24:c7:a4:7f:c1:28:57:
f8:40:5a:25:9b:9c:aa:54:e0:f8:e8:04:20:de:01:96:b1:e5:
ab:2d:d2:06:4e:d6:8e:4f:78:3d:10:48:00:54:07:39:52:19:
c5:a4:01:cf:0c:67:18:f2:56:e2:ef:fc:25:cf:48:d8:a6:f7:
df:9c:7d:41:14:6d:50:d8:ed:3a:5e:3f:10:0a:0d:5d:0d:04:
50:8e:28:d6:bc:42:4a:bd:13:9f:5e:ce:22:16:34:52:73:fd:
08:9e:d1:33:47:54:34:b1:ca:68:c0:05:5b:9e:e3:bc:e0:03:
dc:2c:d6:9f:23:12:e4:4d:1f:b6:8b:c4:20:73:d1:dd:30:51:
9b:3f:e5:a2:3b:12:ed:7e:c3:ae:6a:95:e6:2b:14:de:39:f4:
29:33:91:06:a9:f8:6f:da:a2:1a:29:15:83:87:18:32:98:08:
8c:20:0d:43:03:7d:09:c1:ea:4b:bb:cb:94:6e:60:c8:23:a4:
d2:92:a8:ff
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzDtuGQ6LZWqUPZmzGmH490MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWJiYTI4MDVhOTg4OTU0ZTRmZWM0MjU3MDUzMGYxNmY5
ZTcwOTMwHhcNMjQwMTAxMDYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2NhYTAzZTZiOTM3MTdkMmUzOGZhZGFiYmU5ZWE5MWRmYjg0YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDJT+YF6M3P+zTEkoxeVfml6pYc+
JRFJ8SabOF3SVB6VPxMsXahYRSRPGJYkjcxHeQE56k+R0CqTJUquhyKaTwhR11Ad
eC4wf1GP6JiByWQeN0kIJiVrqjlFHqAGa4Mn/Kb8BEE0g+9eesV1rS/JZNmg2hW0
mrNdhgv8dDMB3PxpA/l36KAW4iQC1RnH14+TRUJ5ZESwxEygWBrC4rfnpNlybfkE
tE/5oy9dOLNibd0SPTGnuQnTGwEGAY5xV/O/JKoKzlmBC7M6pT/q0aphRF9kYVY4
Xx50kXraxFFY6PqBUUDlwI6nfcTAtPAZ9+Zx8XHVGUmmMtvs1FN79tmVqwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFKzKoD5rk3F9Ljj62rvp6pHfuEx/MB8GA1UdIwQY
MBaAFKebuigFqYiVTk/sQlcFMPFvnnCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMt
ZTFlZDlkZDJhMDJhLzEvck1xZ1BtdVRjWDB1T1ByYXUtbnFrZC00VEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMTQwZmItMDNhZS00NWQ5LThkZGMtZTFlZDlkZDJhMDJh
LzEvcDV1NktBV3BpSlZPVC14Q1Z3VXc4Vy1lY0pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQEUasgAwQE
UatAAwQAUatTMAwDBANRq1gDBABRq2ADBAJRq2QDBAK5WsQDBADBbBswDQQCAAIw
BwMFACABTeAwDQYJKoZIhvcNAQELBQADggEBAC7tXm9rzPPKVWs0mJu9scIIYawO
6FG/wa7BmXG5vTvKsxu7SQBh4hckwrXmKYLhebtPO8antpp/2hno5zcyTsbBJMek
f8EoV/hAWiWbnKpU4PjoBCDeAZax5ast0gZO1o5PeD0QSABUBzlSGcWkAc8MZxjy
VuLv/CXPSNim99+cfUEUbVDY7TpePxAKDV0NBFCOKNa8Qkq9E59eziIWNFJz/Qie
0TNHVDSxymjABVue47zgA9ws1p8jEuRNH7aLxCBz0d0wUZs/5aI7Eu1+w65qleYr
FN459CkzkQap+G/aohopFYOHGDKYCIwgDUMDfQnB6ku7y5RuYMgjpNKSqP8=
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:14:16 2024 by rpki-client on console-ams.rpki-client.org