Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/pCJFbwWAa1ynLecu8wd5N5JRicI.roa
File: pCJFbwWAa1ynLecu8wd5N5JRicI.roa (raw, json)
Hash identifier: n/UzBzX7jbkI3UmQa1HNk5MGFiHam23DbctAF5nL014=
Subject key identifier: A4:22:45:6F:05:80:6B:5C:A7:2D:E7:2E:F3:07:79:37:92:51:89:C2
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018E505BEBC041287058FC7EE259446DE493
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/pCJFbwWAa1ynLecu8wd5N5JRicI.roa
Signing time: Mon 18 Mar 2024 06:59:45 +0000
ROA not before: Mon 18 Mar 2024 06:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3265
IP address blocks: 62.216.0.0/19 maxlen: 19
80.100.0.0/15 maxlen: 15
80.126.0.0/15 maxlen: 15
82.92.0.0/14 maxlen: 14
82.161.0.0/16 maxlen: 16
83.68.0.0/20 maxlen: 20
83.68.16.0/21 maxlen: 21
83.68.24.0/22 maxlen: 22
83.68.28.0/24 maxlen: 24
83.68.29.0/24 maxlen: 24
83.68.31.0/24 maxlen: 24
83.160.0.0/14 maxlen: 14
194.109.0.0/16 maxlen: 16
195.64.80.0/20 maxlen: 20
213.222.0.0/19 maxlen: 19
2001:888::/29 maxlen: 29
2001:888::/30 maxlen: 30
2001:888::/32 maxlen: 32
2001:980::/29 maxlen: 29
2001:980::/30 maxlen: 30
2001:980::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:50:5b:eb:c0:41:28:70:58:fc:7e:e2:59:44:6d:e4:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Mar 18 06:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a422456f05806b5ca72de72ef3077937925189c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:79:34:98:1d:40:75:b0:90:ce:f2:ef:ce:54:
00:ad:42:d3:53:1e:5d:6e:ab:1b:67:ef:02:f8:11:
a3:d2:56:66:dd:9c:b1:ae:12:d3:ad:06:59:31:24:
49:ac:b2:15:c3:3c:c4:42:17:93:a4:47:3f:68:c4:
69:0c:70:60:7b:6f:85:86:11:a4:7e:8f:f4:9f:49:
ba:11:e3:80:69:ed:cc:0b:b6:81:f0:7b:fb:40:42:
fe:19:dd:7e:c2:02:78:f3:6a:23:a4:4d:41:e2:f7:
73:4d:30:48:3c:26:82:42:54:4b:96:d9:6d:ed:cd:
23:72:68:d9:80:23:32:ef:66:04:aa:e3:7a:a0:2d:
25:87:06:0b:0b:eb:cd:c1:8b:4a:52:76:97:80:33:
80:9d:24:8c:b3:28:2a:cb:b2:4c:3f:ab:9d:72:22:
7b:00:9e:e6:43:03:a5:d0:a8:25:9a:cd:86:d5:8c:
55:06:be:a1:88:61:1c:d4:17:b8:ed:73:6b:1b:ca:
96:54:d2:c1:78:26:9b:6b:a1:16:2b:bc:97:95:29:
4b:9b:ec:08:cf:02:87:f8:fe:69:2c:d0:75:f3:b5:
20:d6:76:cb:91:55:99:3b:f5:a3:a7:66:5d:c2:dd:
2c:01:3d:a8:1b:dc:e1:e1:32:66:b9:73:37:4c:20:
d6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:22:45:6F:05:80:6B:5C:A7:2D:E7:2E:F3:07:79:37:92:51:89:C2
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/pCJFbwWAa1ynLecu8wd5N5JRicI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.0.0/19
80.100.0.0/15
80.126.0.0/15
82.92.0.0/14
82.161.0.0/16
83.68.0.0-83.68.29.255
83.68.31.0/24
83.160.0.0/14
194.109.0.0/16
195.64.80.0/20
213.222.0.0/19
IPv6:
2001:888::/29
2001:980::/29
Signature Algorithm: sha256WithRSAEncryption
7d:a9:be:44:88:6e:5c:d1:d5:11:6d:a3:16:ac:65:0e:40:21:
fb:65:75:30:0a:3a:8c:2c:31:bc:1c:de:83:aa:42:d6:5d:f2:
d5:e1:a8:15:24:9f:5e:bb:a6:e0:62:1e:e8:2f:9a:5c:4e:25:
78:d6:55:d8:9c:ca:45:a8:d0:5a:6f:54:26:49:67:aa:13:a7:
a2:58:1b:90:14:90:35:29:36:79:24:2a:ad:21:c6:e0:3e:fc:
ac:92:74:1d:24:ba:97:ca:8e:e8:bf:1b:88:ef:f6:1b:75:2a:
38:b9:64:92:4d:04:63:c7:95:8a:14:dc:95:fc:ee:5d:26:56:
96:32:ea:40:d0:0d:7a:9d:0d:d4:db:88:49:ea:89:f2:8b:28:
6e:c6:0d:6f:5d:d9:76:19:b3:ee:63:90:df:35:c3:ef:e3:f6:
6b:6c:b4:2b:fc:89:be:ae:f9:2d:09:8b:db:d0:bd:6e:5a:9b:
74:8c:49:00:2d:5b:03:19:6d:5c:49:0d:9e:51:f0:d7:11:f1:
9a:1e:7b:7d:30:9a:9d:4c:8c:90:d0:90:01:07:eb:8d:47:4a:
fa:ad:e4:9c:98:45:71:14:6c:fc:d4:9f:6d:b3:73:05:57:90:
f2:cf:21:21:03:da:b8:09:de:e7:02:1f:00:6c:4b:a9:3b:b1:
de:af:22:90
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY5QW+vAQShwWPx+4llEbeSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjQwMzE4MDY1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDIyNDU2ZjA1ODA2YjVjYTcyZGU3MmVmMzA3NzkzNzkyNTE4OWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnk0mB1AdbCQzvLvzlQArULTUx5d
bqsbZ+8C+BGj0lZm3ZyxrhLTrQZZMSRJrLIVwzzEQheTpEc/aMRpDHBge2+FhhGk
fo/0n0m6EeOAae3MC7aB8Hv7QEL+Gd1+wgJ482ojpE1B4vdzTTBIPCaCQlRLltlt
7c0jcmjZgCMy72YEquN6oC0lhwYLC+vNwYtKUnaXgDOAnSSMsygqy7JMP6udciJ7
AJ7mQwOl0Kglms2G1YxVBr6hiGEc1Be47XNrG8qWVNLBeCaba6EWK7yXlSlLm+wI
zwKH+P5pLNB187Ug1nbLkVWZO/Wjp2Zdwt0sAT2oG9zh4TJmuXM3TCDW9QIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFKQiRW8FgGtcpy3nLvMHeTeSUYnCMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvcENKRmJ3V0FhMXluTGVjdTh3ZDVONUpSaWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBJBAIAATBDAwQFPtgAAwMB
UGQDAwFQfgMDAlJcAwMAUqEwCwMDAlNEAwQBU0QcAwQAU0QfAwMCU6ADAwDCbQME
BMNAUAMEBdXeADAUBAIAAjAOAwUDIAEIiAMFAyABCYAwDQYJKoZIhvcNAQELBQAD
ggEBAH2pvkSIblzR1RFtoxasZQ5AIftldTAKOowsMbwc3oOqQtZd8tXhqBUkn167
puBiHugvmlxOJXjWVdicykWo0FpvVCZJZ6oTp6JYG5AUkDUpNnkkKq0hxuA+/KyS
dB0kupfKjui/G4jv9ht1Kji5ZJJNBGPHlYoU3JX87l0mVpYy6kDQDXqdDdTbiEnq
ifKLKG7GDW9d2XYZs+5jkN81w+/j9mtstCv8ib6u+S0Ji9vQvW5am3SMSQAtWwMZ
bVxJDZ5R8NcR8Zoee30wmp1MjJDQkAEH641HSvqt5JyYRXEUbPzUn22zcwVXkPLP
ISED2rgJ3ucCHwBsS6k7sd6vIpA=
-----END CERTIFICATE-----
Generated at Sun May 19 21:14:25 2024 by rpki-client on console-fra.rpki-client.org