Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/W2rPeYO_qb8YQ7OV7disCiPoJVo.roa
File: W2rPeYO_qb8YQ7OV7disCiPoJVo.roa (raw, json)
Hash identifier: x0Rxk8rgEJ3MiC/f1P+0IA/vkclTOkX4aTLIXgygR1A=
Subject key identifier: 5B:6A:CF:79:83:BF:A9:BF:18:43:B3:95:ED:D8:AC:0A:23:E8:25:5A
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 018CC6B8120633FFCBB7F280744005D8B577
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/W2rPeYO_qb8YQ7OV7disCiPoJVo.roa
Signing time: Mon 01 Jan 2024 20:30:01 +0000
ROA not before: Mon 01 Jan 2024 20:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50304
IP address blocks: 193.28.1.0/24 maxlen: 24
193.28.4.0/24 maxlen: 24
193.28.7.0/24 maxlen: 24
178.255.144.0/21 maxlen: 32
91.90.40.0/21 maxlen: 24
91.199.193.0/24 maxlen: 24
194.99.40.0/22 maxlen: 24
185.41.240.0/22 maxlen: 24
193.138.6.0/23 maxlen: 24
176.125.232.0/22 maxlen: 22
134.90.144.0/21 maxlen: 32
134.90.148.0/24 maxlen: 24
94.124.74.0/24 maxlen: 24
194.127.198.0/23 maxlen: 23
194.127.199.0/24 maxlen: 24
91.205.184.0/22 maxlen: 22
193.27.45.0/24 maxlen: 24
37.202.56.0/21 maxlen: 24
31.169.48.0/21 maxlen: 32
185.35.200.0/22 maxlen: 24
185.35.200.0/24 maxlen: 24
185.12.56.0/22 maxlen: 24
194.35.228.0/22 maxlen: 24
213.163.240.0/23 maxlen: 23
185.152.32.0/23 maxlen: 23
185.152.32.0/22 maxlen: 24
217.197.164.0/22 maxlen: 24
45.152.48.0/22 maxlen: 22
91.227.248.0/22 maxlen: 24
2a02:ed01::/32 maxlen: 32
2a02:ed00::/32 maxlen: 32
2a02:ed03::/32 maxlen: 32
2a02:ed04:100::/44 maxlen: 44
2a02:ed04:4700::/44 maxlen: 44
2a02:ed04:4600::/44 maxlen: 44
2a02:ed04:4500::/44 maxlen: 44
2a02:ed04:4400::/44 maxlen: 44
2a02:ed04:3400::/44 maxlen: 44
2a02:ed04:3580::/44 maxlen: 44
2a02:ed06::/32 maxlen: 32
2a02:20c8::/32 maxlen: 48
2a07:7d80::/29 maxlen: 29
2a04:8d40::/29 maxlen: 32
2a02:ed05::/32 maxlen: 32
2a02:ed00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:12:06:33:ff:cb:b7:f2:80:74:40:05:d8:b5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 1 20:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b6acf7983bfa9bf1843b395edd8ac0a23e8255a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:81:ed:57:bc:99:d9:56:24:e4:69:af:22:32:
e6:ba:45:24:88:22:bd:28:aa:41:32:4c:eb:9d:96:
71:6c:9a:22:60:6d:ae:1c:12:0e:b0:c9:b5:2a:45:
32:d6:f8:1e:92:dd:18:42:91:8f:5f:c3:a6:c1:25:
86:f4:bf:d4:03:07:2f:3f:17:3a:0c:be:36:59:2b:
5d:8c:cc:80:54:f8:d4:aa:42:59:63:7f:ea:59:d5:
bd:44:41:8b:ad:23:e5:87:e5:f9:59:ed:37:6d:2a:
18:dc:a8:bd:e8:1b:bf:b9:e8:37:bf:ca:a3:6e:07:
22:96:88:c6:79:69:2e:9f:b1:15:35:fd:cf:22:57:
6f:c0:39:d8:f5:95:15:89:f7:3d:cc:7c:cb:be:bf:
d4:f1:8a:ab:a0:b6:e6:7d:07:96:6c:2a:81:3f:9f:
8f:78:5b:83:e0:49:35:39:b6:d5:33:f5:15:89:73:
6d:ca:d9:5f:da:28:a1:a8:e6:de:4e:76:88:bd:e5:
b9:90:0e:02:94:73:b1:93:44:b2:a1:fe:c3:12:f5:
c8:25:72:e0:44:66:73:3d:0f:c1:29:e8:c8:e0:ef:
62:45:47:ba:73:51:99:85:1f:cf:b4:6c:ff:92:9e:
bf:6d:86:59:ff:52:66:e3:dd:31:0d:4e:e8:9d:a1:
79:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:6A:CF:79:83:BF:A9:BF:18:43:B3:95:ED:D8:AC:0A:23:E8:25:5A
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/W2rPeYO_qb8YQ7OV7disCiPoJVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.48.0/21
37.202.56.0/21
45.152.48.0/22
91.90.40.0/21
91.199.193.0/24
91.205.184.0/22
91.227.248.0/22
94.124.74.0/24
134.90.144.0/21
176.125.232.0/22
178.255.144.0/21
185.12.56.0/22
185.35.200.0/22
185.41.240.0/22
185.152.32.0/22
193.27.45.0/24
193.28.1.0/24
193.28.4.0/24
193.28.7.0/24
193.138.6.0/23
194.35.228.0/22
194.99.40.0/22
194.127.198.0/23
213.163.240.0/23
217.197.164.0/22
IPv6:
2a02:20c8::/32
2a02:ed00::/29
2a04:8d40::/29
2a07:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
4a:06:4c:68:67:46:c2:56:67:a2:c0:43:77:b0:12:5a:d5:0a:
98:01:27:5f:a8:a6:db:28:6c:83:ab:84:cd:d4:80:ff:cd:95:
90:ab:a4:44:93:cf:04:c5:30:29:c0:75:06:42:d5:bf:d4:07:
f5:1d:60:65:e4:b1:a6:01:1a:9f:02:c1:19:70:e2:ff:e3:32:
f1:e3:19:ff:54:2d:ee:2f:84:35:44:98:56:50:3d:65:48:0b:
a3:18:ef:f9:37:f0:55:c4:0e:60:d2:9d:13:da:46:a6:25:64:
e6:3b:fa:1c:55:5e:7b:4b:3c:2a:7c:3c:d8:93:12:36:9a:e7:
d6:de:8a:55:8f:6c:43:9d:54:c6:71:48:3f:4d:f9:f2:98:f8:
38:0b:b3:2a:a0:94:d8:16:c2:59:80:10:f9:f0:43:e2:96:d2:
5c:58:84:4b:9f:47:ff:5f:d2:3f:15:cb:ab:cd:c4:ad:63:26:
4a:0a:eb:66:db:61:fe:5a:3c:16:e2:ab:81:d6:01:61:ad:e0:
da:01:17:01:df:1d:67:b6:5a:dc:bf:80:f6:67:a9:35:1f:d7:
1c:5a:b1:1d:20:6e:0b:9e:c7:23:77:02:3c:af:90:67:13:10:
69:ce:6c:01:53:8b:e8:13:30:32:72:9d:4e:e8:4c:88:f6:4c:
6e:e0:6f:ef
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYzGuBIGM//Lt/KAdEAF2LV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjQwMTAxMjAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjZhY2Y3OTgzYmZhOWJmMTg0M2IzOTVlZGQ4YWMwYTIzZTgyNTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YHtV7yZ2VYk5GmvIjLmukUkiCK9
KKpBMkzrnZZxbJoiYG2uHBIOsMm1KkUy1vgekt0YQpGPX8OmwSWG9L/UAwcvPxc6
DL42WStdjMyAVPjUqkJZY3/qWdW9REGLrSPlh+X5We03bSoY3Ki96Bu/ueg3v8qj
bgcilojGeWkun7EVNf3PIldvwDnY9ZUVifc9zHzLvr/U8YqroLbmfQeWbCqBP5+P
eFuD4Ek1ObbVM/UViXNtytlf2iihqObeTnaIveW5kA4ClHOxk0Syof7DEvXIJXLg
RGZzPQ/BKejI4O9iRUe6c1GZhR/PtGz/kp6/bYZZ/1Jm490xDU7onaF5UwIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFFtqz3mDv6m/GEOzle3YrAoj6CVaMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvVzJyUGVZT19xYjhZUTdPVjdkaXNDaVBvSlZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBnQQCAAEwgZYDBAMf
qTADBAMlyjgDBAItmDADBANbWigDBABbx8EDBAJbzbgDBAJb4/gDBABefEoDBAOG
WpADBAKwfegDBAOy/5ADBAK5DDgDBAK5I8gDBAK5KfADBAK5mCADBADBGy0DBADB
HAEDBADBHAQDBADBHAcDBAHBigYDBALCI+QDBALCYygDBAHCf8YDBAHVo/ADBALZ
xaQwIgQCAAIwHAMFACoCIMgDBQMqAu0AAwUDKgSNQAMFAyoHfYAwDQYJKoZIhvcN
AQELBQADggEBAEoGTGhnRsJWZ6LAQ3ewElrVCpgBJ1+optsobIOrhM3UgP/NlZCr
pESTzwTFMCnAdQZC1b/UB/UdYGXksaYBGp8CwRlw4v/jMvHjGf9ULe4vhDVEmFZQ
PWVIC6MY7/k38FXEDmDSnRPaRqYlZOY7+hxVXntLPCp8PNiTEjaa59beilWPbEOd
VMZxSD9N+fKY+DgLsyqglNgWwlmAEPnwQ+KW0lxYhEufR/9f0j8Vy6vNxK1jJkoK
62bbYf5aPBbiq4HWAWGt4NoBFwHfHWe2Wty/gPZnqTUf1xxasR0gbguexyN3Ajyv
kGcTEGnObAFTi+gTMDJynU7oTIj2TG7gb+8=
-----END CERTIFICATE-----
Generated at Sat Jun 29 01:38:34 2024 by rpki-client on console-fra.rpki-client.org