Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/_WC8m05zrJALjZD8B7I7xHZvjyA.roa
File: _WC8m05zrJALjZD8B7I7xHZvjyA.roa (raw, json)
Hash identifier: nZIwVpCUoRV/Klb2Soopj24xKIAgFJkwlUy3h/LTuoc=
Subject key identifier: FD:60:BC:9B:4E:73:AC:90:0B:8D:90:FC:07:B2:3B:C4:76:6F:8F:20
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 019421B24379B0E3248EC374EDBE5CA5A433
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/_WC8m05zrJALjZD8B7I7xHZvjyA.roa
Signing time: Wed 01 Jan 2025 11:48:38 +0000
ROA not before: Wed 01 Jan 2025 11:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 80.253.104.0/24 maxlen: 24
80.253.115.0/24 maxlen: 24
80.253.124.0/24 maxlen: 24
83.245.32.0/22 maxlen: 22
83.245.69.0/24 maxlen: 24
83.245.70.0/24 maxlen: 24
83.245.80.0/20 maxlen: 20
89.167.144.0/24 maxlen: 24
89.167.146.0/24 maxlen: 24
89.167.152.0/22 maxlen: 22
89.167.166.0/24 maxlen: 24
213.228.204.0/24 maxlen: 24
213.228.229.0/24 maxlen: 24
213.228.243.0/24 maxlen: 24
213.228.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 14:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:43:79:b0:e3:24:8e:c3:74:ed:be:5c:a5:a4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 1 11:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd60bc9b4e73ac900b8d90fc07b23bc4766f8f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:02:9a:05:6d:43:26:53:34:91:1e:63:1c:16:
e0:09:c3:11:ad:d4:bb:22:7b:f0:02:fa:ca:a8:b5:
94:fa:da:32:f4:8c:7e:b6:c9:09:fe:0a:8c:99:d0:
18:ec:0d:c6:aa:f8:1c:7b:07:16:dc:82:30:8e:dd:
84:f0:e5:50:0e:f3:7d:96:85:79:40:5d:1d:84:51:
6c:cc:ae:8e:15:4d:59:56:ae:f1:7e:6b:d8:18:2e:
25:4a:1a:4d:0a:70:83:fe:e1:c3:de:51:00:10:78:
11:64:27:04:30:f0:e2:86:92:68:4d:f5:e5:28:9d:
8c:0f:08:35:74:d6:27:51:fc:93:22:45:7a:58:28:
2f:81:1e:e6:ab:16:af:e4:7e:bc:aa:58:68:2e:22:
43:ab:7a:2f:7f:4a:b9:45:df:55:d1:da:77:f8:7a:
a6:7e:c0:80:36:79:a9:66:3e:87:e2:c2:18:92:48:
92:59:8f:e6:46:fe:05:d5:f4:8f:43:cd:c4:ce:37:
28:80:3a:76:7d:a8:b3:a4:d4:3f:e5:c7:45:2c:aa:
cb:63:f0:d0:28:87:7f:0d:b2:8a:5d:38:a1:86:ae:
b0:cf:4e:77:2b:e6:6a:b0:15:8a:17:36:58:e3:5e:
d0:13:94:45:99:4f:75:93:d7:85:92:f0:0b:9f:65:
6b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:60:BC:9B:4E:73:AC:90:0B:8D:90:FC:07:B2:3B:C4:76:6F:8F:20
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/_WC8m05zrJALjZD8B7I7xHZvjyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.104.0/24
80.253.115.0/24
80.253.124.0/24
83.245.32.0/22
83.245.69.0-83.245.70.255
83.245.80.0/20
89.167.144.0/24
89.167.146.0/24
89.167.152.0/22
89.167.166.0/24
213.228.204.0/24
213.228.229.0/24
213.228.243.0/24
213.228.253.0/24
Signature Algorithm: sha256WithRSAEncryption
22:74:73:10:b1:eb:cd:af:77:72:5f:ef:16:aa:77:43:1e:29:
d6:2e:ae:56:0c:67:fe:91:b6:56:46:65:b9:f3:c6:08:e0:e0:
70:ca:51:3e:99:8a:9e:b3:7e:44:a0:ab:9a:c7:b7:43:0b:48:
c8:b3:1b:e6:2e:cf:c6:72:31:2a:9d:a6:4e:49:94:b6:99:74:
85:15:33:94:f7:ee:d0:62:d5:5a:69:7f:3c:23:cc:2e:e4:bc:
34:97:95:34:c1:01:af:5d:dd:64:aa:05:05:e4:fa:84:48:12:
fe:52:c4:d3:25:da:e8:3b:2f:af:08:ca:17:de:61:44:6a:cc:
ec:19:dc:6f:41:22:df:ef:61:31:92:ad:0c:67:67:ac:be:03:
f1:67:c3:21:83:2f:f9:f1:e7:ba:da:0e:98:21:7f:59:dd:56:
99:1a:f5:c2:72:cf:94:7f:8d:85:8a:a2:91:90:2b:25:15:e4:
d6:8a:22:43:c2:d5:c9:39:78:e7:ef:23:cf:af:fe:12:7a:b8:
3b:09:b8:fd:f0:1e:1a:e0:48:6a:8f:fd:18:3a:97:d3:a1:27:
26:2d:a5:bb:41:d0:04:f4:ef:45:e0:82:7f:52:e8:76:84:5b:
f0:83:54:34:d8:27:e6:b6:31:07:40:b3:23:30:bd:6b:a9:7f:
f2:54:9d:b7
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZQhskN5sOMkjsN07b5cpaQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjUwMTAxMTE0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDYwYmM5YjRlNzNhYzkwMGI4ZDkwZmMwN2IyM2JjNDc2NmY4ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgKaBW1DJlM0kR5jHBbgCcMRrdS7
InvwAvrKqLWU+toy9Ix+tskJ/gqMmdAY7A3GqvgcewcW3IIwjt2E8OVQDvN9loV5
QF0dhFFszK6OFU1ZVq7xfmvYGC4lShpNCnCD/uHD3lEAEHgRZCcEMPDihpJoTfXl
KJ2MDwg1dNYnUfyTIkV6WCgvgR7mqxav5H68qlhoLiJDq3ovf0q5Rd9V0dp3+Hqm
fsCANnmpZj6H4sIYkkiSWY/mRv4F1fSPQ83EzjcogDp2faizpNQ/5cdFLKrLY/DQ
KId/DbKKXTihhq6wz053K+ZqsBWKFzZY417QE5RFmU91k9eFkvALn2VrsQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFP1gvJtOc6yQC42Q/AeyO8R2b48gMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvX1dDOG0wNXpySkFMalpEOEI3STd4SFp2anlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAUP1oAwQA
UP1zAwQAUP18AwQCU/UgMAwDBABT9UUDBABT9UYDBART9VADBABZp5ADBABZp5ID
BAJZp5gDBABZp6YDBADV5MwDBADV5OUDBADV5PMDBADV5P0wDQYJKoZIhvcNAQEL
BQADggEBACJ0cxCx682vd3Jf7xaqd0MeKdYurlYMZ/6RtlZGZbnzxgjg4HDKUT6Z
ip6zfkSgq5rHt0MLSMizG+Yuz8ZyMSqdpk5JlLaZdIUVM5T37tBi1VppfzwjzC7k
vDSXlTTBAa9d3WSqBQXk+oRIEv5SxNMl2ug7L68IyhfeYURqzOwZ3G9BIt/vYTGS
rQxnZ6y+A/FnwyGDL/nx57raDpghf1ndVpka9cJyz5R/jYWKopGQKyUV5NaKIkPC
1ck5eOfvI8+v/hJ6uDsJuP3wHhrgSGqP/Rg6l9OhJyYtpbtB0AT070Xggn9S6HaE
W/CDVDTYJ+a2MQdAsyMwvWupf/JUnbc=
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:00:20 2025 by rpki-client