Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/tOg350atK8m7tVMFiqtrQTk7vJ4.roa
File: tOg350atK8m7tVMFiqtrQTk7vJ4.roa (raw, json)
Hash identifier: 829kvWJysnLcJelzCaM3LG9Ak6pYgMAdXj5uN7udYoo=
Subject key identifier: B4:E8:37:E7:46:AD:2B:C9:BB:B5:53:05:8A:AB:6B:41:39:3B:BC:9E
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 018FF2264DD547BB87B96C231D86B5909F8D
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/tOg350atK8m7tVMFiqtrQTk7vJ4.roa
Signing time: Fri 07 Jun 2024 10:02:27 +0000
ROA not before: Fri 07 Jun 2024 10:02:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 31.10.128.0/17 maxlen: 17
31.10.128.0/18 maxlen: 18
31.10.192.0/18 maxlen: 18
46.126.0.0/15 maxlen: 15
46.126.0.0/16 maxlen: 16
46.127.0.0/16 maxlen: 16
46.140.0.0/16 maxlen: 16
46.140.0.0/17 maxlen: 17
46.140.128.0/17 maxlen: 17
62.2.0.0/16 maxlen: 16
62.2.0.0/17 maxlen: 17
62.2.128.0/17 maxlen: 17
77.56.0.0/14 maxlen: 14
77.56.0.0/15 maxlen: 15
77.58.0.0/15 maxlen: 15
80.218.0.0/15 maxlen: 15
80.218.0.0/16 maxlen: 16
80.219.0.0/16 maxlen: 16
81.7.224.0/19 maxlen: 19
81.7.224.0/20 maxlen: 20
81.7.240.0/20 maxlen: 20
84.20.32.0/20 maxlen: 20
84.20.32.0/21 maxlen: 21
84.20.40.0/21 maxlen: 21
84.20.48.0/21 maxlen: 21
84.20.48.0/22 maxlen: 22
84.20.52.0/22 maxlen: 22
84.72.0.0/14 maxlen: 14
84.72.0.0/15 maxlen: 15
84.74.0.0/15 maxlen: 15
178.82.0.0/15 maxlen: 15
178.82.0.0/16 maxlen: 16
178.83.0.0/16 maxlen: 16
194.29.0.0/19 maxlen: 19
194.29.0.0/20 maxlen: 20
194.29.16.0/20 maxlen: 20
195.202.192.0/18 maxlen: 18
195.202.192.0/19 maxlen: 19
195.202.224.0/19 maxlen: 19
212.47.160.0/19 maxlen: 19
212.47.160.0/20 maxlen: 20
212.47.176.0/20 maxlen: 20
213.193.64.0/18 maxlen: 18
213.193.64.0/19 maxlen: 19
213.193.96.0/19 maxlen: 19
217.162.0.0/16 maxlen: 16
217.162.0.0/17 maxlen: 17
217.162.128.0/17 maxlen: 17
217.168.32.0/19 maxlen: 19
217.168.32.0/20 maxlen: 20
217.168.48.0/20 maxlen: 20
2a00:e2c0::/32 maxlen: 32
2a00:e2c0::/33 maxlen: 33
2a00:e2c0:8000::/33 maxlen: 33
2a02:aa00::/27 maxlen: 27
2a02:aa00::/28 maxlen: 28
2a02:aa10::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:26:4d:d5:47:bb:87:b9:6c:23:1d:86:b5:90:9f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Jun 7 10:02:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4e837e746ad2bc9bbb553058aab6b41393bbc9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1a:6e:f1:03:8b:c5:93:0b:30:09:24:b2:a0:
d1:7a:35:73:d2:50:e3:ab:18:fd:c0:1c:5d:36:fb:
8e:19:99:60:31:bd:22:a5:a7:fb:2e:2d:8f:b9:e1:
80:b3:47:47:e5:9e:20:4c:d6:e2:94:43:72:44:19:
57:cb:68:2c:e8:ca:a8:f7:b5:00:1c:16:76:58:27:
ac:02:71:db:01:11:5b:e2:5b:43:5d:3e:54:4d:40:
a2:89:35:69:b0:0e:52:1b:f3:1d:ac:0e:6c:e0:a9:
bb:19:e8:a3:0b:77:15:b8:4c:3c:6b:ea:c7:af:ed:
98:f5:20:61:2e:58:95:a0:d3:a6:37:53:f3:c2:94:
2a:1f:6e:57:ee:91:2a:57:2a:1e:5c:b2:a5:37:f0:
15:59:60:b8:a0:b0:d8:66:06:b8:47:71:90:98:5c:
16:33:ed:1b:75:a1:18:70:06:99:eb:2e:cf:14:41:
3d:eb:0f:c7:ee:cb:c1:8a:8c:58:34:6c:84:a7:4b:
be:cb:f9:ef:7c:43:9e:05:e9:61:4c:9f:68:22:69:
fb:d8:79:e0:3a:17:8e:42:a4:e4:fd:b0:fc:1d:1e:
79:b4:58:80:28:4b:2c:61:c4:7b:3f:4e:48:f5:f0:
be:83:85:f0:75:04:e9:7d:05:68:c8:43:b3:be:85:
5b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:E8:37:E7:46:AD:2B:C9:BB:B5:53:05:8A:AB:6B:41:39:3B:BC:9E
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/tOg350atK8m7tVMFiqtrQTk7vJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
46.126.0.0/15
46.140.0.0/16
62.2.0.0/16
77.56.0.0/14
80.218.0.0/15
81.7.224.0/19
84.20.32.0-84.20.55.255
84.72.0.0/14
178.82.0.0/15
194.29.0.0/19
195.202.192.0/18
212.47.160.0/19
213.193.64.0/18
217.162.0.0/16
217.168.32.0/19
IPv6:
2a00:e2c0::/32
2a02:aa00::/27
Signature Algorithm: sha256WithRSAEncryption
7e:25:7d:5a:bb:84:c6:e2:40:c7:15:d0:1d:8d:b3:89:27:22:
fc:96:b4:b6:04:45:b8:99:13:9f:4e:27:ce:32:d6:20:83:3b:
ab:7e:c6:e1:e0:09:95:99:06:04:dd:4d:6a:28:32:13:e1:ec:
7c:47:f2:3d:d8:e6:37:5c:e6:e2:b1:ed:d1:92:14:d6:6d:57:
78:79:10:a7:74:45:bf:d5:12:b0:f9:18:0e:10:87:cc:cc:44:
4e:d9:44:a1:f2:6a:8c:80:b6:cb:5c:9e:ca:d4:f8:94:36:1c:
c5:7e:5c:0a:d7:7a:45:27:12:21:52:59:3b:bb:aa:d6:f0:5d:
2e:00:36:22:41:73:78:94:a1:9c:c2:7f:35:f3:e2:ef:77:3a:
74:95:4e:7c:70:d0:90:44:d9:9c:a0:fc:f2:9e:ec:0e:3b:68:
23:00:f8:b4:2d:00:b5:35:96:8c:ed:be:b4:75:bf:a8:6b:9b:
20:ca:c1:3b:c7:c6:7a:e9:2a:18:bf:b0:ac:f4:e4:12:44:67:
8d:06:dd:dc:43:f2:c5:08:96:1e:bb:15:26:29:18:bc:79:4a:
e1:89:ac:91:9b:d4:37:03:b6:c5:51:d9:39:bd:f6:09:43:f5:
e7:3d:b6:50:56:a2:28:bc:b1:68:00:89:25:fc:e1:81:70:56:
2f:1d:f9:94
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAY/yJk3VR7uHuWwjHYa1kJ+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjQwNjA3MTAwMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGU4MzdlNzQ2YWQyYmM5YmJiNTUzMDU4YWFiNmI0MTM5M2JiYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhpu8QOLxZMLMAkksqDRejVz0lDj
qxj9wBxdNvuOGZlgMb0ipaf7Li2PueGAs0dH5Z4gTNbilENyRBlXy2gs6Mqo97UA
HBZ2WCesAnHbARFb4ltDXT5UTUCiiTVpsA5SG/MdrA5s4Km7GeijC3cVuEw8a+rH
r+2Y9SBhLliVoNOmN1PzwpQqH25X7pEqVyoeXLKlN/AVWWC4oLDYZga4R3GQmFwW
M+0bdaEYcAaZ6y7PFEE96w/H7svBioxYNGyEp0u+y/nvfEOeBelhTJ9oImn72Hng
OheOQqTk/bD8HR55tFiAKEssYcR7P05I9fC+g4XwdQTpfQVoyEOzvoVb6QIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFLToN+dGrSvJu7VTBYqra0E5O7yeMB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvdE9nMzUwYXRLOG03dFZNRmlxdHJRVGs3dko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAcfCoAD
AwEufgMDAC6MAwMAPgIDAwJNOAMDAVDaAwQFUQfgMAwDBAVUFCADBANUFDADAwJU
SAMDAbJSAwQFwh0AAwQGw8rAAwQF1C+gAwQG1cFAAwMA2aIDBAXZqCAwFAQCAAIw
DgMFACoA4sADBQUqAqoAMA0GCSqGSIb3DQEBCwUAA4IBAQB+JX1au4TG4kDHFdAd
jbOJJyL8lrS2BEW4mROfTifOMtYggzurfsbh4AmVmQYE3U1qKDIT4ex8R/I92OY3
XObise3RkhTWbVd4eRCndEW/1RKw+RgOEIfMzERO2USh8mqMgLbLXJ7K1PiUNhzF
flwK13pFJxIhUlk7u6rW8F0uADYiQXN4lKGcwn818+Lvdzp0lU58cNCQRNmcoPzy
nuwOO2gjAPi0LQC1NZaM7b60db+oa5sgysE7x8Z66SoYv7Cs9OQSRGeNBt3cQ/LF
CJYeuxUmKRi8eUrhiayRm9Q3A7bFUdk5vfYJQ/XnPbZQVqIovLFoAIkl/OGBcFYv
HfmU
-----END CERTIFICATE-----
Generated at Sat Jun 29 01:44:21 2024 by rpki-client on console-fra.rpki-client.org