Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/t9i4vuunF8oTFMflHyd-3v3XqUc.roa
File: t9i4vuunF8oTFMflHyd-3v3XqUc.roa (raw, json)
Hash identifier: h6mhovtz4KaCRaXt10w5P4WN94+E6XD5RODMA5tedjE=
Subject key identifier: B7:D8:B8:BE:EB:A7:17:CA:13:14:C7:E5:1F:27:7E:DE:FD:D7:A9:47
Certificate issuer: /CN=83479514959397c5e3fa76e1ea495e8e1f6c319b
Certificate serial: 018CC3B6741B2B7B09100665D15233607263
Authority key identifier: 83:47:95:14:95:93:97:C5:E3:FA:76:E1:EA:49:5E:8E:1F:6C:31:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g0eVFJWTl8Xj-nbh6klejh9sMZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/t9i4vuunF8oTFMflHyd-3v3XqUc.roa
Signing time: Mon 01 Jan 2024 06:29:23 +0000
ROA not before: Mon 01 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13030
IP address blocks: 37.17.232.0/21 maxlen: 21
81.6.32.0/20 maxlen: 20
185.137.172.0/22 maxlen: 22
212.51.128.0/20 maxlen: 20
212.51.128.0/19 maxlen: 19
212.51.144.0/20 maxlen: 20
185.72.64.0/22 maxlen: 22
185.72.67.0/24 maxlen: 24
185.201.248.0/22 maxlen: 22
141.195.80.0/20 maxlen: 20
213.144.128.0/20 maxlen: 20
213.144.128.0/19 maxlen: 19
45.80.136.0/22 maxlen: 22
213.144.144.0/20 maxlen: 20
77.74.80.0/21 maxlen: 21
85.195.192.0/20 maxlen: 20
77.109.128.0/19 maxlen: 19
77.109.128.0/18 maxlen: 18
185.183.192.0/22 maxlen: 22
77.109.160.0/19 maxlen: 19
82.197.176.0/20 maxlen: 20
109.202.192.0/19 maxlen: 19
80.253.88.0/21 maxlen: 21
193.47.153.0/24 maxlen: 24
85.195.208.0/20 maxlen: 20
85.195.224.0/20 maxlen: 20
85.195.224.0/19 maxlen: 19
185.246.104.0/22 maxlen: 22
82.197.160.0/19 maxlen: 19
85.195.240.0/20 maxlen: 20
82.197.160.0/20 maxlen: 20
2001:1620::/32 maxlen: 32
2a02:169::/32 maxlen: 32
2a02:168::/32 maxlen: 32
2a02:168::/30 maxlen: 30
2a07:600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/g0eVFJWTl8Xj-nbh6klejh9sMZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/g0eVFJWTl8Xj-nbh6klejh9sMZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/g0eVFJWTl8Xj-nbh6klejh9sMZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 21:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:74:1b:2b:7b:09:10:06:65:d1:52:33:60:72:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83479514959397c5e3fa76e1ea495e8e1f6c319b
Validity
Not Before: Jan 1 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7d8b8beeba717ca1314c7e51f277edefdd7a947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fe:60:a9:2a:49:d3:2f:2e:64:77:38:0c:63:
a7:ce:26:2d:0e:95:1c:e2:c5:a6:7d:ba:0f:a9:f2:
22:3b:00:c4:51:6a:71:3d:a3:f5:46:71:99:18:f3:
86:e2:bf:6e:37:ac:bf:09:63:9c:9e:88:f6:87:56:
06:f4:db:2b:82:5f:f1:be:6f:ee:22:b5:02:9e:5d:
9b:66:98:4f:fd:94:54:e2:dc:94:d7:00:62:3c:3b:
b4:74:92:27:31:ec:20:32:b7:9e:28:9e:8e:2e:af:
72:7e:17:22:67:2a:43:b0:98:2f:2e:db:b3:34:87:
42:2e:c7:31:3c:05:fe:67:64:38:1c:36:9d:1d:af:
83:25:b7:b0:79:ef:28:29:60:0b:61:19:4b:38:e5:
84:82:e3:8c:1c:6e:a6:a1:e6:b5:b2:a0:37:80:94:
1c:a4:a1:c4:56:9a:dc:e9:66:3c:e0:a0:0c:a6:bd:
ab:b5:a7:06:e4:66:99:8f:40:c2:85:40:c0:e7:ac:
e5:f7:9e:13:be:79:b3:54:52:0d:d9:37:16:c6:93:
9b:4a:5d:d5:42:a5:ba:4b:37:d6:17:46:f4:be:71:
22:e3:69:04:24:ca:14:30:7b:75:c2:cb:ac:8f:58:
91:8c:db:1c:f1:58:ba:04:8e:75:b0:71:06:c6:41:
9e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D8:B8:BE:EB:A7:17:CA:13:14:C7:E5:1F:27:7E:DE:FD:D7:A9:47
X509v3 Authority Key Identifier:
keyid:83:47:95:14:95:93:97:C5:E3:FA:76:E1:EA:49:5E:8E:1F:6C:31:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g0eVFJWTl8Xj-nbh6klejh9sMZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/t9i4vuunF8oTFMflHyd-3v3XqUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/e09181-2643-414c-8fbe-1e5e430dd711/1/g0eVFJWTl8Xj-nbh6klejh9sMZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.232.0/21
45.80.136.0/22
77.74.80.0/21
77.109.128.0/18
80.253.88.0/21
81.6.32.0/20
82.197.160.0/19
85.195.192.0/18
109.202.192.0/19
141.195.80.0/20
185.72.64.0/22
185.137.172.0/22
185.183.192.0/22
185.201.248.0/22
185.246.104.0/22
193.47.153.0/24
212.51.128.0/19
213.144.128.0/19
IPv6:
2001:1620::/32
2a02:168::/30
2a07:600::/29
Signature Algorithm: sha256WithRSAEncryption
b7:d4:cf:6e:af:59:91:60:0a:35:09:a3:ac:ff:84:c4:6d:05:
b6:60:0a:4f:68:2a:e9:ee:d8:50:aa:60:b9:97:05:06:db:ef:
9a:af:9a:95:58:2c:95:7c:a3:d8:f0:f8:65:27:ce:2d:29:23:
86:1f:60:44:a2:a9:16:e5:97:1a:3f:66:01:e1:56:55:e6:75:
17:3d:b9:1a:24:d2:ca:ec:86:a9:2b:d1:0d:53:39:e2:5a:3d:
ae:ca:0d:4c:87:2d:91:41:4a:50:c8:db:49:ae:58:ed:f4:68:
17:4d:35:b9:ec:c5:57:19:f4:b5:a7:39:b3:6d:3f:6b:4d:f0:
e7:a4:d5:82:7e:fa:30:a8:19:00:43:19:1e:e8:e6:1d:ef:72:
b1:5d:23:10:8b:7f:e9:a1:c4:e1:e3:ff:87:c5:e1:ba:4a:0c:
07:91:e8:0b:c3:f9:b3:d4:74:8f:ab:84:ef:ac:9d:44:5d:3a:
09:07:3f:cd:b5:6b:85:ca:bd:c6:b7:a2:83:b4:da:1a:70:7f:
7c:88:d4:b8:b8:37:3a:c2:bb:c3:08:f8:71:fb:36:25:48:cf:
67:54:15:1a:e6:83:61:e8:63:b4:cc:51:fd:07:01:09:53:15:
b4:f2:e5:85:d6:18:27:e4:d1:5b:e5:4f:66:1b:e2:c4:e8:32:
2a:57:6f:b0
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYzDtnQbK3sJEAZl0VIzYHJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNDc5NTE0OTU5Mzk3YzVlM2ZhNzZlMWVhNDk1ZThlMWY2
YzMxOWIwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2Q4YjhiZWViYTcxN2NhMTMxNGM3ZTUxZjI3N2VkZWZkZDdhOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv5gqSpJ0y8uZHc4DGOnziYtDpUc
4sWmfboPqfIiOwDEUWpxPaP1RnGZGPOG4r9uN6y/CWOcnoj2h1YG9Nsrgl/xvm/u
IrUCnl2bZphP/ZRU4tyU1wBiPDu0dJInMewgMreeKJ6OLq9yfhciZypDsJgvLtuz
NIdCLscxPAX+Z2Q4HDadHa+DJbewee8oKWALYRlLOOWEguOMHG6moea1sqA3gJQc
pKHEVprc6WY84KAMpr2rtacG5GaZj0DChUDA56zl954TvnmzVFIN2TcWxpObSl3V
QqW6SzfWF0b0vnEi42kEJMoUMHt1wsusj1iRjNsc8Vi6BI51sHEGxkGeoQIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFLfYuL7rpxfKExTH5R8nft7916lHMB8GA1UdIwQY
MBaAFINHlRSVk5fF4/p24epJXo4fbDGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzBlVkZKV1RsOFhqLW5iaDZrbGVqaDlzTVpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9lMDkxODEtMjY0My00MTRjLThmYmUt
MWU1ZTQzMGRkNzExLzEvdDlpNHZ1dW5GOG9URk1mbEh5ZC0zdjNYcVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9lMDkxODEtMjY0My00MTRjLThmYmUtMWU1ZTQzMGRkNzEx
LzEvZzBlVkZKV1RsOFhqLW5iaDZrbGVqaDlzTVpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTByBAIAATBsAwQDJRHo
AwQCLVCIAwQDTUpQAwQGTW2AAwQDUP1YAwQEUQYgAwQFUsWgAwQGVcPAAwQFbcrA
AwQEjcNQAwQCuUhAAwQCuYmsAwQCubfAAwQCucn4AwQCufZoAwQAwS+ZAwQF1DOA
AwQF1ZCAMBsEAgACMBUDBQAgARYgAwUCKgIBaAMFAyoHBgAwDQYJKoZIhvcNAQEL
BQADggEBALfUz26vWZFgCjUJo6z/hMRtBbZgCk9oKunu2FCqYLmXBQbb75qvmpVY
LJV8o9jw+GUnzi0pI4YfYESiqRbllxo/ZgHhVlXmdRc9uRok0srshqkr0Q1TOeJa
Pa7KDUyHLZFBSlDI20muWO30aBdNNbnsxVcZ9LWnObNtP2tN8Oek1YJ++jCoGQBD
GR7o5h3vcrFdIxCLf+mhxOHj/4fF4bpKDAeR6AvD+bPUdI+rhO+snURdOgkHP821
a4XKvca3ooO02hpwf3yI1Li4NzrCu8MI+HH7NiVIz2dUFRrmg2HoY7TMUf0HAQlT
FbTy5YXWGCfk0VvlT2Yb4sToMipXb7A=
-----END CERTIFICATE-----
Generated at Sat Jun 29 05:11:48 2024 by rpki-client on console-fra.rpki-client.org