Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/P_6hNc9QZ8rOFi6tzNMWq7imub0.roa
File: P_6hNc9QZ8rOFi6tzNMWq7imub0.roa (raw, json)
Hash identifier: N/NZfFjAm+BRHfwn4X6PH4bLCeo0wjZHs3ewDnLX8XE=
Subject key identifier: 3F:FE:A1:35:CF:50:67:CA:CE:16:2E:AD:CC:D3:16:AB:B8:A6:B9:BD
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 019209A348B4EAE5EB5EBB55B1B8F4F1610C
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/P_6hNc9QZ8rOFi6tzNMWq7imub0.roa
Signing time: Thu 19 Sep 2024 09:35:48 +0000
ROA not before: Thu 19 Sep 2024 09:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31287
IP address blocks: 46.55.252.0/22 maxlen: 22
46.55.252.0/24 maxlen: 24
46.55.253.0/24 maxlen: 24
46.55.254.0/24 maxlen: 24
77.78.152.0/21 maxlen: 21
77.78.153.0/24 maxlen: 24
77.78.154.0/24 maxlen: 24
77.78.159.0/24 maxlen: 24
80.72.64.0/24 maxlen: 24
80.72.72.0/24 maxlen: 24
85.187.3.0/24 maxlen: 24
85.187.4.0/24 maxlen: 24
85.187.6.0/24 maxlen: 24
85.187.10.0/23 maxlen: 23
85.187.15.0/24 maxlen: 24
85.187.18.0/24 maxlen: 24
85.187.20.0/24 maxlen: 24
85.187.42.0/24 maxlen: 24
85.187.50.0/24 maxlen: 24
85.187.62.0/24 maxlen: 24
85.187.63.0/24 maxlen: 24
85.187.184.0/23 maxlen: 23
85.187.222.0/24 maxlen: 24
85.187.232.0/24 maxlen: 24
85.187.248.0/24 maxlen: 24
151.237.29.0/24 maxlen: 24
151.237.91.0/24 maxlen: 24
151.237.92.0/24 maxlen: 24
151.237.93.0/24 maxlen: 24
151.237.128.0/24 maxlen: 24
185.46.160.0/22 maxlen: 22
185.46.163.0/24 maxlen: 24
185.72.58.0/24 maxlen: 24
185.200.40.0/22 maxlen: 22
195.85.215.0/24 maxlen: 24
2a01:9e40::/32 maxlen: 32
2a03:b540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:a3:48:b4:ea:e5:eb:5e:bb:55:b1:b8:f4:f1:61:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Sep 19 09:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ffea135cf5067cace162eadccd316abb8a6b9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:93:1d:67:26:b3:69:be:46:07:b3:8d:94:c8:
c9:ae:00:f4:12:09:c9:30:bb:97:24:0f:18:72:ae:
3d:83:ae:36:ac:78:54:52:c6:1a:30:87:d3:ff:5b:
e5:9f:a2:5b:19:90:c8:ff:fa:bc:a7:fb:95:c5:7f:
08:60:79:f9:42:ba:7c:2c:04:1f:13:55:a2:95:5c:
8d:f2:d9:13:f9:9a:c0:97:31:75:c0:c6:c9:7a:6d:
6b:db:24:86:d0:80:dd:58:cc:2f:30:03:07:5f:85:
c0:70:a4:07:9e:e3:1a:ae:f2:54:2c:13:1d:79:cc:
51:ea:13:ae:e4:1a:7a:7a:60:8b:7b:dd:48:26:05:
b8:e1:c0:33:57:75:e1:a7:1e:f2:81:fb:76:97:50:
a2:ef:6f:f8:b0:c2:e9:50:04:b8:8a:cd:17:28:bc:
3b:09:f5:b9:6a:63:f1:f0:62:a9:a9:ee:7f:de:9a:
05:59:6c:88:ef:1c:8e:b7:2a:e2:65:5b:0b:b3:89:
c6:5f:ec:89:96:aa:3b:ee:23:d9:c3:44:b1:25:9a:
9c:8d:2e:ff:56:68:f6:9f:ed:0c:09:b3:d9:10:3b:
cb:ba:0f:8b:49:23:f3:45:b9:ad:60:6b:3d:a9:c6:
09:83:76:63:18:a4:05:8e:15:65:f1:3f:13:d3:e1:
c4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:FE:A1:35:CF:50:67:CA:CE:16:2E:AD:CC:D3:16:AB:B8:A6:B9:BD
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/P_6hNc9QZ8rOFi6tzNMWq7imub0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.55.252.0/22
77.78.152.0/21
80.72.64.0/24
80.72.72.0/24
85.187.3.0-85.187.4.255
85.187.6.0/24
85.187.10.0/23
85.187.15.0/24
85.187.18.0/24
85.187.20.0/24
85.187.42.0/24
85.187.50.0/24
85.187.62.0/23
85.187.184.0/23
85.187.222.0/24
85.187.232.0/24
85.187.248.0/24
151.237.29.0/24
151.237.91.0-151.237.93.255
151.237.128.0/24
185.46.160.0/22
185.72.58.0/24
185.200.40.0/22
195.85.215.0/24
IPv6:
2a01:9e40::/32
2a03:b540::/32
Signature Algorithm: sha256WithRSAEncryption
c2:80:bd:64:74:29:0b:9c:cf:67:b3:53:3e:fd:02:96:84:59:
c4:2c:67:bc:2e:84:fb:7e:c8:f2:e1:71:ca:cc:07:33:b4:77:
83:37:88:c7:50:05:4b:30:28:2c:39:b3:f7:bc:25:cf:bb:1e:
fb:8c:bc:56:ce:ff:3e:31:40:c9:af:cf:6d:2b:4f:9e:7c:ad:
d6:30:e5:19:d4:ce:29:65:40:0b:52:b6:7d:f4:94:18:e1:18:
8f:5f:a1:9f:fd:c9:7e:2c:4b:54:cd:16:9a:0d:d8:6c:8b:da:
08:20:72:ac:61:21:cc:86:dd:91:90:d1:c9:fa:c7:a8:bd:52:
ba:9b:1e:a5:33:ea:37:03:0b:65:82:2b:6e:ba:ea:48:e9:7d:
a7:d8:a9:4d:fe:4e:2b:36:40:dd:80:51:d1:4f:22:a2:0d:86:
01:ba:ec:f8:21:d8:48:14:a4:2b:a7:d5:61:0b:b8:e8:c4:e6:
43:f2:2f:39:82:58:4b:37:5c:3f:e1:7d:d7:af:e1:37:44:8d:
77:08:7b:47:1e:50:b6:a8:3d:b6:52:75:1b:f9:82:78:78:03:
dd:23:cc:90:3e:cf:85:e8:53:79:8d:51:c5:29:5d:2f:2c:7c:
1a:4f:71:19:56:b5:60:0d:ea:3f:9f:02:33:b8:79:75:00:23:
79:96:64:34
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZIJo0i06uXrXrtVsbj08WEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwOTE5MDkzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmZlYTEzNWNmNTA2N2NhY2UxNjJlYWRjY2QzMTZhYmI4YTZiOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15MdZyazab5GB7ONlMjJrgD0EgnJ
MLuXJA8Ycq49g642rHhUUsYaMIfT/1vln6JbGZDI//q8p/uVxX8IYHn5Qrp8LAQf
E1WilVyN8tkT+ZrAlzF1wMbJem1r2ySG0IDdWMwvMAMHX4XAcKQHnuMarvJULBMd
ecxR6hOu5Bp6emCLe91IJgW44cAzV3Xhpx7ygft2l1Ci72/4sMLpUAS4is0XKLw7
CfW5amPx8GKpqe5/3poFWWyI7xyOtyriZVsLs4nGX+yJlqo77iPZw0SxJZqcjS7/
Vmj2n+0MCbPZEDvLug+LSSPzRbmtYGs9qcYJg3ZjGKQFjhVl8T8T0+HEkQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFD/+oTXPUGfKzhYurczTFqu4prm9MB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvUF82aE5jOVFaOHJPRmk2dHpOTVdxN2ltdWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBpwQCAAEwgaADBAIu
N/wDBANNTpgDBABQSEADBABQSEgwDAMEAFW7AwMEAFW7BAMEAFW7BgMEAVW7CgME
AFW7DwMEAFW7EgMEAFW7FAMEAFW7KgMEAFW7MgMEAVW7PgMEAVW7uAMEAFW73gME
AFW76AMEAFW7+AMEAJftHTAMAwQAl+1bAwQBl+1cAwQAl+2AAwQCuS6gAwQAuUg6
AwQCucgoAwQAw1XXMBQEAgACMA4DBQAqAZ5AAwUAKgO1QDANBgkqhkiG9w0BAQsF
AAOCAQEAwoC9ZHQpC5zPZ7NTPv0CloRZxCxnvC6E+37I8uFxyswHM7R3gzeIx1AF
SzAoLDmz97wlz7se+4y8Vs7/PjFAya/PbStPnnyt1jDlGdTOKWVAC1K2ffSUGOEY
j1+hn/3JfixLVM0Wmg3YbIvaCCByrGEhzIbdkZDRyfrHqL1SupsepTPqNwMLZYIr
brrqSOl9p9ipTf5OKzZA3YBR0U8iog2GAbrs+CHYSBSkK6fVYQu46MTmQ/IvOYJY
SzdcP+F916/hN0SNdwh7Rx5Qtqg9tlJ1G/mCeHgD3SPMkD7PhehTeY1RxSldLyx8
Gk9xGVa1YA3qP58CM7h5dQAjeZZkNA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:58:42 2024 by rpki-client on console-ams.rpki-client.org