Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/l5QKaO-K8RfL3rea0OAmrdv8hqA.roa
File: l5QKaO-K8RfL3rea0OAmrdv8hqA.roa (raw, json)
Hash identifier: tMi413fQTtzHvZDKnD3EzMBulDmDpNDZQzxhheMKOAM=
Subject key identifier: 97:94:0A:68:EF:8A:F1:17:CB:DE:B7:9A:D0:E0:26:AD:DB:FC:86:A0
Certificate issuer: /CN=6676dff61a8305675977e86f52eee6745d6428f4
Certificate serial: 018F8009A2656A5521B9BC64F5FB73ECCD9A
Authority key identifier: 66:76:DF:F6:1A:83:05:67:59:77:E8:6F:52:EE:E6:74:5D:64:28:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/l5QKaO-K8RfL3rea0OAmrdv8hqA.roa
Signing time: Thu 16 May 2024 06:14:25 +0000
ROA not before: Thu 16 May 2024 06:14:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199952
IP address blocks: 45.66.64.0/22 maxlen: 22
92.119.108.0/22 maxlen: 22
152.89.100.0/22 maxlen: 22
185.29.68.0/22 maxlen: 24
185.69.8.0/22 maxlen: 24
185.88.52.0/22 maxlen: 24
185.110.76.0/22 maxlen: 24
185.223.240.0/22 maxlen: 24
185.227.8.0/22 maxlen: 24
2a04:41c0::/29 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:09:a2:65:6a:55:21:b9:bc:64:f5:fb:73:ec:cd:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6676dff61a8305675977e86f52eee6745d6428f4
Validity
Not Before: May 16 06:14:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97940a68ef8af117cbdeb79ad0e026addbfc86a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:29:97:92:91:e1:f4:ab:25:42:1a:ca:87:5b:
5e:09:06:ee:07:76:01:94:bd:0b:31:40:2e:92:5a:
e4:60:07:b0:35:69:b0:e8:f9:84:53:a8:ad:ab:06:
e3:48:dc:a8:4e:bd:87:b1:af:05:90:11:bb:b3:51:
95:bf:e3:e1:77:60:3d:fa:ef:90:1e:bc:b1:96:7c:
e2:f0:66:9b:67:9e:ba:bc:47:94:56:61:a2:e4:12:
e6:01:14:d5:03:00:29:4d:dc:31:f2:bf:12:0e:92:
0e:1e:67:ec:ee:7b:0f:83:cd:56:f4:4e:ee:32:0a:
50:ad:8c:22:fe:50:2e:8b:66:8d:e7:37:70:10:bd:
03:d2:63:3f:72:a9:ae:38:13:99:6e:b2:c1:04:86:
4a:b0:9a:2a:33:f6:b5:97:75:88:18:7c:f6:d6:b7:
d6:07:3b:be:13:27:a0:19:f2:d2:7c:5a:2b:6d:24:
eb:2f:67:52:5a:36:61:71:02:4f:a8:03:66:87:1f:
67:66:0b:3c:e4:f2:da:6c:fa:98:c8:40:ec:75:29:
45:cd:fa:86:81:0c:75:db:64:1e:6f:ca:17:d8:00:
35:0b:54:77:9f:ec:b8:46:05:64:b2:2d:13:f3:30:
77:23:9a:7e:0f:d7:67:16:f7:6d:2c:f7:16:21:f8:
0c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:94:0A:68:EF:8A:F1:17:CB:DE:B7:9A:D0:E0:26:AD:DB:FC:86:A0
X509v3 Authority Key Identifier:
keyid:66:76:DF:F6:1A:83:05:67:59:77:E8:6F:52:EE:E6:74:5D:64:28:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/l5QKaO-K8RfL3rea0OAmrdv8hqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/6cb23e-7c65-46b3-9b6d-7c6635da892d/1/Znbf9hqDBWdZd-hvUu7mdF1kKPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.64.0/22
92.119.108.0/22
152.89.100.0/22
185.29.68.0/22
185.69.8.0/22
185.88.52.0/22
185.110.76.0/22
185.223.240.0/22
185.227.8.0/22
IPv6:
2a04:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
68:59:78:cb:9e:db:77:6c:bc:64:fa:17:e5:14:b1:64:72:19:
c7:77:f1:e8:ec:64:14:9f:59:3d:30:3d:6e:81:85:d8:aa:60:
34:0f:81:fd:8a:f0:c9:3e:11:21:09:09:94:a5:80:7d:c1:fa:
8f:5d:52:75:e3:7b:19:0e:d0:08:01:cf:e9:46:c5:af:96:e0:
fa:c8:06:d0:a1:d4:c3:54:19:68:78:4d:5f:a9:27:dd:d7:dc:
1d:26:3a:79:7b:e6:27:43:ea:e5:80:13:8b:b6:c9:e0:66:6e:
73:9f:4e:b3:d0:3c:a7:1c:d2:db:32:85:85:10:f7:da:16:62:
3c:e2:51:17:85:5c:4d:1c:b0:ec:0b:8c:39:4c:e9:0b:1a:a2:
5a:c3:9a:8f:24:ef:f5:bb:08:eb:ed:fb:36:ac:a7:3d:bf:e6:
27:9f:47:bc:a0:1a:f0:09:81:7c:77:bb:3c:7d:1d:54:c5:7f:
a8:f9:41:12:64:9b:98:63:c4:4f:57:8d:ac:cd:c5:90:71:ff:
68:1b:d8:94:b8:04:09:25:01:22:0f:90:86:87:c1:bf:95:9a:
21:b3:dd:92:69:6d:9c:6b:2c:03:6a:6d:e6:0a:7b:04:88:16:
43:c2:55:09:bb:ad:04:0a:b5:a6:9f:ad:bb:68:6b:be:bf:bd:
5e:f2:0c:fb
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY+ACaJlalUhubxk9ftz7M2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NzZkZmY2MWE4MzA1Njc1OTc3ZTg2ZjUyZWVlNjc0NWQ2
NDI4ZjQwHhcNMjQwNTE2MDYxNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzk0MGE2OGVmOGFmMTE3Y2JkZWI3OWFkMGUwMjZhZGRiZmM4NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSmXkpHh9KslQhrKh1teCQbuB3YB
lL0LMUAuklrkYAewNWmw6PmEU6itqwbjSNyoTr2Hsa8FkBG7s1GVv+Phd2A9+u+Q
Hryxlnzi8GabZ566vEeUVmGi5BLmARTVAwApTdwx8r8SDpIOHmfs7nsPg81W9E7u
MgpQrYwi/lAui2aN5zdwEL0D0mM/cqmuOBOZbrLBBIZKsJoqM/a1l3WIGHz21rfW
Bzu+EyegGfLSfForbSTrL2dSWjZhcQJPqANmhx9nZgs85PLabPqYyEDsdSlFzfqG
gQx122Qeb8oX2AA1C1R3n+y4RgVksi0T8zB3I5p+D9dnFvdtLPcWIfgMkQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJeUCmjvivEXy963mtDgJq3b/IagMB8GA1UdIwQY
MBaAFGZ23/YagwVnWXfob1Lu5nRdZCj0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm5iZjlocURCV2RaZC1odlV1N21kRjFrS1BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy82Y2IyM2UtN2M2NS00NmIzLTliNmQt
N2M2NjM1ZGE4OTJkLzEvbDVRS2FPLUs4UmZMM3JlYTBPQW1yZHY4aHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy82Y2IyM2UtN2M2NS00NmIzLTliNmQtN2M2NjM1ZGE4OTJk
LzEvWm5iZjlocURCV2RaZC1odlV1N21kRjFrS1BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCLUJAAwQC
XHdsAwQCmFlkAwQCuR1EAwQCuUUIAwQCuVg0AwQCuW5MAwQCud/wAwQCueMIMA0E
AgACMAcDBQMqBEHAMA0GCSqGSIb3DQEBCwUAA4IBAQBoWXjLntt3bLxk+hflFLFk
chnHd/Ho7GQUn1k9MD1ugYXYqmA0D4H9ivDJPhEhCQmUpYB9wfqPXVJ143sZDtAI
Ac/pRsWvluD6yAbQodTDVBloeE1fqSfd19wdJjp5e+YnQ+rlgBOLtsngZm5zn06z
0DynHNLbMoWFEPfaFmI84lEXhVxNHLDsC4w5TOkLGqJaw5qPJO/1uwjr7fs2rKc9
v+Ynn0e8oBrwCYF8d7s8fR1UxX+o+UESZJuYY8RPV42szcWQcf9oG9iUuAQJJQEi
D5CGh8G/lZohs92SaW2caywDam3mCnsEiBZDwlUJu60ECrWmn627aGu+v71e8gz7
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:05 2024 by rpki-client on console-ams.rpki-client.org