Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/9WcnktL6S9LxP9j2w2uwwOusTfY.roa
File: 9WcnktL6S9LxP9j2w2uwwOusTfY.roa (raw, json)
Hash identifier: 6KAvI8dsxG2Gw0PAqW3+p1ZSWwXCULUg7UzwuNY6SDU=
Subject key identifier: F5:67:27:92:D2:FA:4B:D2:F1:3F:D8:F6:C3:6B:B0:C0:EB:AC:4D:F6
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 018CC79407ECFBFDDD3B093405C5D4EB8FBD
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/9WcnktL6S9LxP9j2w2uwwOusTfY.roa
Signing time: Tue 02 Jan 2024 00:30:16 +0000
ROA not before: Tue 02 Jan 2024 00:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 147.189.176.0/20 maxlen: 20
194.169.122.0/23 maxlen: 23
194.169.121.0/24 maxlen: 24
194.169.122.0/24 maxlen: 24
194.169.123.0/24 maxlen: 24
176.65.12.0/22 maxlen: 22
199.204.215.0/24 maxlen: 24
94.26.112.0/20 maxlen: 20
217.66.224.0/19 maxlen: 19
82.205.0.0/17 maxlen: 17
199.250.128.0/19 maxlen: 19
86.107.16.0/22 maxlen: 22
188.209.208.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
89.239.32.0/20 maxlen: 20
37.8.0.0/17 maxlen: 17
212.33.96.0/19 maxlen: 19
185.171.132.0/22 maxlen: 22
109.232.162.0/23 maxlen: 23
185.40.192.0/22 maxlen: 22
185.138.132.0/22 maxlen: 22
185.90.242.0/24 maxlen: 24
82.102.192.0/18 maxlen: 24
212.106.64.0/19 maxlen: 19
217.78.48.0/21 maxlen: 21
217.78.48.0/20 maxlen: 20
217.78.60.0/22 maxlen: 22
217.21.0.0/20 maxlen: 20
85.113.96.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:07:ec:fb:fd:dd:3b:09:34:05:c5:d4:eb:8f:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jan 2 00:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5672792d2fa4bd2f13fd8f6c36bb0c0ebac4df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9a:c3:b3:70:be:23:34:c6:70:70:cd:3b:03:
88:6c:ad:23:c4:ea:61:20:7b:b4:55:33:11:3b:f1:
c8:9a:fb:57:1a:84:5f:b7:fa:82:38:81:e4:91:a5:
ab:58:e2:b7:1b:28:58:c2:43:4d:d9:97:f5:9c:30:
47:fb:4f:d2:25:50:0b:74:3e:94:48:f2:fb:fe:1f:
df:ef:3c:b3:8e:e7:a6:81:89:f0:e2:62:2a:55:f8:
96:65:69:64:d0:12:04:b6:d8:09:f2:6f:15:26:f9:
b5:55:66:e8:73:58:16:46:dd:6c:d1:78:2c:64:2b:
b1:0d:22:1a:b9:0e:b7:1c:55:d6:71:48:25:a5:4f:
ea:bd:83:f5:af:de:ae:00:36:a8:17:31:8a:57:21:
58:60:1f:56:c4:e5:c4:1e:e5:e8:4c:f7:2e:72:aa:
e5:2c:23:b8:1b:b9:03:2b:e2:b9:bf:fb:64:7a:22:
e2:8b:a5:e3:55:10:f9:67:fb:3c:4a:07:f0:cb:99:
f9:9a:3b:5f:45:be:68:76:38:eb:52:91:da:ec:b2:
26:0f:0b:05:cc:24:fb:43:2e:39:a7:ce:a7:6b:d9:
34:61:5e:d7:5c:fa:34:71:3b:9c:64:49:b2:18:13:
84:e2:63:63:cb:df:7a:9d:74:84:81:29:6c:25:ea:
82:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:67:27:92:D2:FA:4B:D2:F1:3F:D8:F6:C3:6B:B0:C0:EB:AC:4D:F6
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/9WcnktL6S9LxP9j2w2uwwOusTfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
86.107.16.0/22
87.252.108.0/22
89.239.32.0/20
94.26.112.0/20
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.40.192.0/22
185.90.242.0/24
185.138.132.0/22
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0-194.169.123.255
199.204.215.0/24
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0/19
217.78.48.0/20
Signature Algorithm: sha256WithRSAEncryption
91:e0:6e:f4:5e:a6:66:23:25:e2:18:52:0f:5f:af:4b:16:fe:
4b:af:0d:da:9f:d7:08:c0:32:a2:78:06:4f:f1:d2:ae:02:40:
f8:f3:83:12:a2:64:c9:d3:c4:e0:50:93:5b:5c:6d:e8:e5:99:
f3:31:e7:ba:42:41:53:47:98:9c:7d:57:c2:c5:e1:c8:cd:82:
9e:4c:5d:5a:fd:24:a2:cc:82:41:87:82:c2:c2:c7:4a:fa:93:
00:81:27:1a:7b:4b:ad:14:32:d4:8d:ca:27:ae:cd:c1:be:67:
e3:81:d8:ba:8c:1a:1e:ad:37:20:1f:6d:c0:d6:06:3f:70:d5:
c6:b4:85:9e:ed:3c:ef:fc:e5:44:b1:86:1c:ec:b4:0d:1e:72:
3b:bf:c0:ad:36:33:fe:dd:6f:11:a9:8c:77:e9:ee:f1:ae:89:
af:bb:26:03:12:0f:d0:e5:c5:f1:93:28:98:ee:a2:46:9b:23:
1e:24:25:bf:10:4d:c2:99:dd:73:cb:ba:fd:8c:6f:04:ae:43:
cc:e8:3b:7d:67:60:29:a8:86:8e:d7:eb:10:59:16:03:22:cf:
c8:2e:87:f5:bf:73:69:ba:4b:79:a2:a5:02:b6:a1:d1:6a:84:
b7:f7:b1:bd:18:27:34:8b:73:b8:cf:be:3c:65:75:20:b6:17:
b3:95:78:53
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYzHlAfs+/3dOwk0BcXU64+9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2E2MzNlZjJjMDgyNTFhNTg2MDM1NjJlNTZhYTZlZmE5
M2VjMjUwHhcNMjQwMTAyMDAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTY3Mjc5MmQyZmE0YmQyZjEzZmQ4ZjZjMzZiYjBjMGViYWM0ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqprDs3C+IzTGcHDNOwOIbK0jxOph
IHu0VTMRO/HImvtXGoRft/qCOIHkkaWrWOK3GyhYwkNN2Zf1nDBH+0/SJVALdD6U
SPL7/h/f7zyzjuemgYnw4mIqVfiWZWlk0BIEttgJ8m8VJvm1VWboc1gWRt1s0Xgs
ZCuxDSIauQ63HFXWcUglpU/qvYP1r96uADaoFzGKVyFYYB9WxOXEHuXoTPcucqrl
LCO4G7kDK+K5v/tkeiLii6XjVRD5Z/s8Sgfwy5n5mjtfRb5odjjrUpHa7LImDwsF
zCT7Qy45p86na9k0YV7XXPo0cTucZEmyGBOE4mNjy996nXSEgSlsJeqCKwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFPVnJ5LS+kvS8T/Y9sNrsMDrrE32MB8GA1UdIwQY
MBaAFOw6Yz7ywIJRpYYDVi5Wqm76k+wlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUt
ZjdjMmMyYTkxYmMyLzEvOVdjbmt0TDZTOUx4UDlqMncydXd3T3VzVGZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUtZjdjMmMyYTkxYmMy
LzEvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAcl
CAADBAZSZsADBAdSzQADBAVVcWADBAJWaxADBAJX/GwDBARZ7yADBAReGnADBAFt
6KIDBASTvbADBAKwQQwDBAK5KMADBAC5WvIDBAK5ioQDBAK5q4QDBAK80dADBAK8
12QwDAMEAMKpeQMEAsKpeAMEAMfM1wMEBcf6gAMEBdQhYAMEBdRqQAMEBNkVAAME
BdlC4AMEBNlOMDANBgkqhkiG9w0BAQsFAAOCAQEAkeBu9F6mZiMl4hhSD1+vSxb+
S68N2p/XCMAyongGT/HSrgJA+PODEqJkydPE4FCTW1xt6OWZ8zHnukJBU0eYnH1X
wsXhyM2CnkxdWv0kosyCQYeCwsLHSvqTAIEnGntLrRQy1I3KJ67Nwb5n44HYuowa
Hq03IB9twNYGP3DVxrSFnu087/zlRLGGHOy0DR5yO7/ArTYz/t1vEamMd+nu8a6J
r7smAxIP0OXF8ZMomO6iRpsjHiQlvxBNwpndc8u6/YxvBK5DzOg7fWdgKaiGjtfr
EFkWAyLPyC6H9b9zabpLeaKlArah0WqEt/exvRgnNItzuM++PGV1ILYXs5V4Uw==
-----END CERTIFICATE-----
Generated at Thu May 2 22:21:43 2024 by rpki-client on console-fra.rpki-client.org