Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/hbWjWJTI0X4Vui-msn5ZemFRvVc.roa
File: hbWjWJTI0X4Vui-msn5ZemFRvVc.roa (raw, json)
Hash identifier: +2D6nZR/B1EV/9uyBDcZXsq7S/IioLTey44kSP/E74M=
Subject key identifier: 85:B5:A3:58:94:C8:D1:7E:15:BA:2F:A6:B2:7E:59:7A:61:51:BD:57
Certificate issuer: /CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Certificate serial: 018CCA29C8214C9BF0CC96F632ADF3044627
Authority key identifier: CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/hbWjWJTI0X4Vui-msn5ZemFRvVc.roa
Signing time: Tue 02 Jan 2024 12:33:04 +0000
ROA not before: Tue 02 Jan 2024 12:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29513
IP address blocks: 46.31.208.0/21 maxlen: 21
89.251.48.0/20 maxlen: 20
194.180.228.0/22 maxlen: 22
146.66.144.0/21 maxlen: 21
146.66.149.0/24 maxlen: 24
37.60.184.0/21 maxlen: 21
193.105.225.0/24 maxlen: 24
217.64.48.0/20 maxlen: 20
2a06:15c0::/29 maxlen: 29
2a01:1c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:c8:21:4c:9b:f0:cc:96:f6:32:ad:f3:04:46:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Validity
Not Before: Jan 2 12:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85b5a35894c8d17e15ba2fa6b27e597a6151bd57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:39:d2:18:e4:68:95:56:b4:73:e3:96:c7:23:
fd:aa:59:c6:d6:a8:f4:1e:54:4f:59:7e:3f:ae:ea:
7b:0d:4a:c5:78:7e:a4:d4:b8:bd:45:88:11:2b:7f:
07:5e:e1:1a:97:9e:40:fc:4a:a7:ea:cb:d0:d4:5a:
27:d3:e9:04:87:f6:2d:dc:f4:28:16:37:c1:57:7f:
79:6c:73:9e:75:ed:09:52:94:92:b1:5a:a4:67:9f:
2b:3b:ce:07:c0:4d:cc:04:bb:f9:c6:8d:68:d0:09:
5a:4d:93:e9:a0:7c:11:9e:c2:66:12:30:bb:8c:6d:
00:a9:2c:44:8e:7f:e7:7d:db:6b:9a:c0:d3:55:7c:
a9:19:1f:5a:6e:ac:7d:30:24:a5:8c:40:d8:89:fb:
81:ec:ff:2f:97:aa:8d:7c:10:64:59:f4:40:f7:66:
56:04:5f:8b:5c:5d:ae:e1:73:17:1e:28:1e:19:b0:
5a:b3:9a:1c:d9:ef:88:5b:a8:1b:5e:c8:22:e7:eb:
bc:82:58:fd:12:16:35:5f:3e:22:da:a0:92:e1:49:
74:4d:40:e9:eb:9d:ef:41:47:62:ab:7d:19:19:ea:
1e:86:a8:5f:7c:77:2f:37:e1:89:9d:e4:7d:64:fa:
23:13:db:08:e0:bf:a2:f8:84:ae:5e:bd:39:04:30:
fd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B5:A3:58:94:C8:D1:7E:15:BA:2F:A6:B2:7E:59:7A:61:51:BD:57
X509v3 Authority Key Identifier:
keyid:CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/hbWjWJTI0X4Vui-msn5ZemFRvVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.184.0/21
46.31.208.0/21
89.251.48.0/20
146.66.144.0/21
193.105.225.0/24
194.180.228.0/22
217.64.48.0/20
IPv6:
2a01:1c0::/32
2a06:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:0d:18:4e:db:d5:d5:8e:62:f8:9e:f8:c6:78:a5:3f:a2:a9:
20:2c:51:a4:f3:14:3c:53:64:ee:70:54:94:9c:1a:2b:09:ed:
e5:e4:1a:84:ff:cd:ce:e1:fe:b8:b6:ef:07:a0:8e:6d:ed:87:
75:ef:20:59:46:fe:72:ed:e9:8d:ff:31:36:7f:23:75:53:e6:
45:eb:10:c3:a1:3f:3c:86:3a:87:9c:84:52:4e:8c:30:ec:7a:
7b:1e:47:d1:90:0f:b8:ef:06:b9:97:66:b4:d1:d1:b7:c9:e6:
3c:b9:96:be:82:0e:f2:c4:69:e2:81:90:e9:1d:b4:f6:22:a4:
6d:90:c3:bf:4b:c9:81:35:11:76:7c:4d:83:94:af:6e:70:fc:
f2:e2:4c:2f:07:19:29:3f:bc:0f:9c:52:55:f2:86:6d:3a:1a:
3f:18:26:7c:77:25:71:d6:03:41:0a:5d:f0:03:c2:c0:c4:95:
2f:ff:9b:d2:7d:a9:77:35:27:2d:15:45:fe:d5:ee:09:96:ad:
fc:6d:17:a1:03:67:4b:2b:04:8f:64:8c:da:65:9f:dc:0d:71:
39:34:b1:40:0c:65:fc:a3:5d:d7:0d:91:b0:0d:0b:f0:d4:76:
35:39:0e:f0:26:60:33:d1:d6:1d:01:d5:a0:25:8f:ee:95:e8:
40:c1:35:97
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYzKKcghTJvwzJb2Mq3zBEYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzYzYjg3YThhZWMwOTNkYmU0N2RjY2E5Mjg2MGVhODQx
MjI4ZTAwHhcNMjQwMTAyMTIzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI1YTM1ODk0YzhkMTdlMTViYTJmYTZiMjdlNTk3YTYxNTFiZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDnSGORolVa0c+OWxyP9qlnG1qj0
HlRPWX4/rup7DUrFeH6k1Li9RYgRK38HXuEal55A/Eqn6svQ1Fon0+kEh/Yt3PQo
FjfBV395bHOede0JUpSSsVqkZ58rO84HwE3MBLv5xo1o0AlaTZPpoHwRnsJmEjC7
jG0AqSxEjn/nfdtrmsDTVXypGR9abqx9MCSljEDYifuB7P8vl6qNfBBkWfRA92ZW
BF+LXF2u4XMXHigeGbBas5oc2e+IW6gbXsgi5+u8glj9EhY1Xz4i2qCS4Ul0TUDp
653vQUdiq30ZGeoehqhffHcvN+GJneR9ZPojE9sI4L+i+ISuXr05BDD90wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFIW1o1iUyNF+FbovprJ+WXphUb1XMB8GA1UdIwQY
MBaAFM7GO4eorsCT2+R9zKkoYOqEEijgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWIt
ODNiZDY2ZjRlNmY2LzEvaGJXaldKVEkwWDRWdWktbXNuNVplbUZSdlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWItODNiZDY2ZjRlNmY2
LzEvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQDJTy4AwQD
Lh/QAwQEWfswAwQDkkKQAwQAwWnhAwQCwrTkAwQE2UAwMBQEAgACMA4DBQAqAQHA
AwUDKgYVwDANBgkqhkiG9w0BAQsFAAOCAQEAfQ0YTtvV1Y5i+J74xnilP6KpICxR
pPMUPFNk7nBUlJwaKwnt5eQahP/NzuH+uLbvB6CObe2Hde8gWUb+cu3pjf8xNn8j
dVPmResQw6E/PIY6h5yEUk6MMOx6ex5H0ZAPuO8GuZdmtNHRt8nmPLmWvoIO8sRp
4oGQ6R209iKkbZDDv0vJgTURdnxNg5SvbnD88uJMLwcZKT+8D5xSVfKGbToaPxgm
fHclcdYDQQpd8APCwMSVL/+b0n2pdzUnLRVF/tXuCZat/G0XoQNnSysEj2SM2mWf
3A1xOTSxQAxl/KNd1w2RsA0L8NR2NTkO8CZgM9HWHQHVoCWP7pXoQME1lw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:16:24 2024 by rpki-client on console-ams.rpki-client.org