Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/fTP3xO3n_KbcwIdolVD7XUOlyQw.roa
File: fTP3xO3n_KbcwIdolVD7XUOlyQw.roa (raw, json)
Hash identifier: qcrYzpB4Vf+Xu9/g7SgcVKEWVsPLEHUO6A33FqACiCo=
Subject key identifier: 7D:33:F7:C4:ED:E7:FC:A6:DC:C0:87:68:95:50:FB:5D:43:A5:C9:0C
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 018F5732C780186AFF5F8132C35A52B776D0
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/fTP3xO3n_KbcwIdolVD7XUOlyQw.roa
Signing time: Wed 08 May 2024 07:54:56 +0000
ROA not before: Wed 08 May 2024 07:54:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25252
IP address blocks: 79.170.16.0/24 maxlen: 24
79.170.17.0/24 maxlen: 24
79.170.18.0/24 maxlen: 24
79.170.19.0/24 maxlen: 24
79.170.20.0/24 maxlen: 24
79.170.21.0/24 maxlen: 24
79.170.22.0/24 maxlen: 24
79.170.23.0/24 maxlen: 24
153.112.132.0/22 maxlen: 22
153.112.139.0/24 maxlen: 24
153.112.149.0/24 maxlen: 24
153.112.150.0/23 maxlen: 23
153.112.160.0/21 maxlen: 21
153.112.173.0/24 maxlen: 24
153.112.176.0/20 maxlen: 20
153.112.208.0/23 maxlen: 23
153.112.240.0/24 maxlen: 24
153.112.241.0/24 maxlen: 24
192.138.109.0/24 maxlen: 24
192.138.110.0/23 maxlen: 23
192.138.116.0/23 maxlen: 23
192.157.8.0/23 maxlen: 23
192.157.8.0/24 maxlen: 24
192.157.9.0/24 maxlen: 24
192.157.10.0/24 maxlen: 24
192.157.11.0/24 maxlen: 24
193.53.25.0/24 maxlen: 24
2a02:f784:20::/48 maxlen: 48
2a02:f784:30::/48 maxlen: 48
2a02:f784:8000::/48 maxlen: 48
2a02:f784:8001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:57:32:c7:80:18:6a:ff:5f:81:32:c3:5a:52:b7:76:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: May 8 07:54:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d33f7c4ede7fca6dcc087689550fb5d43a5c90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:08:18:e8:c3:78:a8:b6:1a:0c:46:9e:50:98:
8d:f0:55:b6:d7:be:cf:3a:4a:b8:dd:62:5f:c1:38:
b4:4e:0a:e0:f0:14:91:64:a3:2d:94:14:38:eb:cc:
14:49:1e:18:4e:c0:f5:ce:24:ba:26:d2:42:34:57:
53:f2:49:bd:cf:d3:30:03:c6:54:36:9f:e7:72:7f:
15:dd:6b:dd:30:38:14:d3:f1:ad:f1:1f:8d:74:e7:
fe:cf:23:d2:a9:83:9a:52:f4:bc:de:57:14:c2:18:
58:3c:7f:52:57:90:f2:ac:bd:cd:49:c6:e0:80:90:
14:2d:5d:8e:54:e4:af:0c:0d:42:ae:f2:de:e4:5e:
31:da:45:df:50:9d:70:7f:58:8d:b8:96:33:ce:13:
95:52:75:87:a0:71:f3:de:6e:c1:72:dd:b2:e8:6a:
3d:bc:8c:34:a5:23:a6:06:db:1b:39:9a:33:fc:2c:
8f:8f:e9:71:ac:1a:2e:a7:d3:4a:7b:87:d6:af:d6:
0c:08:f0:f5:d7:54:78:9f:22:86:e5:16:13:be:d0:
e3:03:bc:df:cb:a9:7f:73:fb:10:f4:ca:8c:da:9a:
15:5d:d3:1c:a1:0c:f4:7f:83:3e:7c:ba:5e:5f:67:
60:02:5f:4e:64:33:b9:3e:61:c6:dd:1f:35:f9:0b:
fb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:33:F7:C4:ED:E7:FC:A6:DC:C0:87:68:95:50:FB:5D:43:A5:C9:0C
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/fTP3xO3n_KbcwIdolVD7XUOlyQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.16.0/21
153.112.132.0/22
153.112.139.0/24
153.112.149.0-153.112.151.255
153.112.160.0/21
153.112.173.0/24
153.112.176.0/20
153.112.208.0/23
153.112.240.0/23
192.138.109.0-192.138.111.255
192.138.116.0/23
192.157.8.0/22
193.53.25.0/24
IPv6:
2a02:f784:20::/48
2a02:f784:30::/48
2a02:f784:8000::/47
Signature Algorithm: sha256WithRSAEncryption
4b:23:86:60:22:59:ed:13:e0:13:c6:22:43:f8:ca:20:f3:58:
c8:9b:a6:f9:e4:ec:33:dc:f6:89:28:3f:37:6b:3f:86:da:c5:
05:cd:48:1e:d3:77:45:8e:0f:3c:c1:2f:28:cf:39:01:24:6b:
66:8b:76:42:fe:c9:21:9c:26:63:2a:17:50:e6:1c:97:65:6f:
c7:67:c5:18:ed:83:27:9c:44:ad:c6:50:2e:af:54:6f:53:b6:
a6:b8:ea:09:d9:94:5e:26:ec:0c:b4:77:ed:43:66:61:2c:47:
d8:f3:80:19:35:47:e7:d7:08:f9:d7:c9:6b:e5:c2:50:d6:3a:
b3:b1:50:0c:65:18:ad:a0:55:19:24:c6:78:59:10:67:46:84:
df:5e:6b:9a:2f:5d:5a:95:30:46:e1:9a:c6:f6:98:fb:1d:b2:
92:c7:96:52:af:b0:c4:11:f0:a8:85:47:52:ce:3e:8a:14:ba:
26:ea:a2:de:93:ab:7d:65:03:43:20:91:bd:bd:4c:58:28:84:
44:5c:0f:c2:60:20:8a:14:1b:73:02:17:5a:20:ae:99:16:0b:
09:74:77:91:e3:9f:85:04:e0:d3:da:38:48:aa:30:1c:1b:4b:
b0:8a:d2:79:38:72:44:3b:20:bd:2e:92:cc:fe:1c:50:c4:ca:
96:08:b8:bc
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAY9XMseAGGr/X4Eyw1pSt3bQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjQwNTA4MDc1NDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDMzZjdjNGVkZTdmY2E2ZGNjMDg3Njg5NTUwZmI1ZDQzYTVjOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAgY6MN4qLYaDEaeUJiN8FW2177P
Okq43WJfwTi0Tgrg8BSRZKMtlBQ468wUSR4YTsD1ziS6JtJCNFdT8km9z9MwA8ZU
Np/ncn8V3WvdMDgU0/Gt8R+NdOf+zyPSqYOaUvS83lcUwhhYPH9SV5DyrL3NScbg
gJAULV2OVOSvDA1CrvLe5F4x2kXfUJ1wf1iNuJYzzhOVUnWHoHHz3m7Bct2y6Go9
vIw0pSOmBtsbOZoz/CyPj+lxrBoup9NKe4fWr9YMCPD111R4nyKG5RYTvtDjA7zf
y6l/c/sQ9MqM2poVXdMcoQz0f4M+fLpeX2dgAl9OZDO5PmHG3R81+Qv72QIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFH0z98Tt5/ym3MCHaJVQ+11DpckMMB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvZlRQM3hPM25fS2Jjd0lkb2xWRDdYVU9seVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTBkBAIAATBeAwQDT6oQ
AwQCmXCEAwQAmXCLMAwDBACZcJUDBAOZcJADBAOZcKADBACZcK0DBASZcLADBAGZ
cNADBAGZcPAwDAMEAMCKbQMEBMCKYAMEAcCKdAMEAsCdCAMEAME1GTAhBAIAAjAb
AwcAKgL3hAAgAwcAKgL3hAAwAwcBKgL3hIAAMA0GCSqGSIb3DQEBCwUAA4IBAQBL
I4ZgIlntE+ATxiJD+Mog81jIm6b55Owz3PaJKD83az+G2sUFzUge03dFjg88wS8o
zzkBJGtmi3ZC/skhnCZjKhdQ5hyXZW/HZ8UY7YMnnEStxlAur1RvU7amuOoJ2ZRe
JuwMtHftQ2ZhLEfY84AZNUfn1wj518lr5cJQ1jqzsVAMZRitoFUZJMZ4WRBnRoTf
XmuaL11alTBG4ZrG9pj7HbKSx5ZSr7DEEfCohUdSzj6KFLom6qLek6t9ZQNDIJG9
vUxYKIREXA/CYCCKFBtzAhdaIK6ZFgsJdHeR45+FBODT2jhIqjAcG0uwitJ5OHJE
OyC9LpLM/hxQxMqWCLi8
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:02:55 2024 by rpki-client on console-fra.rpki-client.org