Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/98k20PLQVohpq_UsxEsGsoLgJZw.roa
File: 98k20PLQVohpq_UsxEsGsoLgJZw.roa (raw, json)
Hash identifier: Z5kvOe12lOulK9GHrxAapNtdOCwB7jRP5xa3e+RPAqg=
Subject key identifier: F7:C9:36:D0:F2:D0:56:88:69:AB:F5:2C:C4:4B:06:B2:82:E0:25:9C
Certificate issuer: /CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Certificate serial: 018FE2B8B86AEEB3AC7D8BCB28E931A65B76
Authority key identifier: F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/98k20PLQVohpq_UsxEsGsoLgJZw.roa
Signing time: Tue 04 Jun 2024 10:08:27 +0000
ROA not before: Tue 04 Jun 2024 10:08:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43957
IP address blocks: 46.245.200.0/21 maxlen: 21
79.170.208.0/21 maxlen: 21
92.61.48.0/21 maxlen: 21
92.61.56.0/22 maxlen: 22
92.63.144.0/20 maxlen: 20
94.102.96.0/20 maxlen: 20
185.31.28.0/22 maxlen: 22
185.52.20.0/22 maxlen: 22
185.93.214.0/23 maxlen: 23
194.50.151.0/24 maxlen: 24
2a00:b220::/32 maxlen: 32
2a02:4140::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e2:b8:b8:6a:ee:b3:ac:7d:8b:cb:28:e9:31:a6:5b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f01c8997a354bc7d4e5a60a9f42438a182fa998a
Validity
Not Before: Jun 4 10:08:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7c936d0f2d0568869abf52cc44b06b282e0259c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c0:7d:ff:db:5a:c3:5a:b7:1b:e0:bf:46:86:
79:a0:91:d7:c7:b4:ce:49:6f:56:43:ea:e4:c7:e5:
85:25:a9:53:90:d6:bf:7a:29:db:cc:a3:37:5d:15:
cc:e0:d9:c3:aa:95:91:e6:0d:5f:d3:e4:16:2b:3f:
f1:31:92:45:4c:22:6f:91:66:44:db:42:d8:5a:19:
a5:5c:8e:37:98:cf:d9:9f:7c:35:3e:8b:fe:4f:79:
91:dd:5b:20:7e:dc:f7:fe:02:1c:00:b0:c8:03:08:
dc:c0:f1:cf:f1:f2:8f:20:e0:3b:e5:88:0c:2f:40:
f5:f0:db:49:3e:df:56:ba:d0:90:db:69:28:2c:14:
e5:17:b2:c2:b0:b2:a5:ab:d4:12:e2:90:73:39:c3:
0a:aa:be:29:6c:1d:66:78:39:7e:00:27:c0:d0:46:
63:9e:8e:57:f6:22:a8:59:6f:44:49:b2:62:23:82:
09:58:e7:b7:35:71:f8:06:58:a4:f8:c2:e3:9f:01:
bf:cb:31:28:39:45:77:ca:10:89:87:0f:5e:d0:f0:
fd:ef:f1:01:65:a2:5a:82:ee:2e:83:01:76:a1:a3:
dd:a4:12:ee:7c:a5:b0:06:5f:56:68:c0:fe:e6:59:
38:77:4c:b1:9c:8a:8c:0e:eb:b1:7c:ea:f3:99:f6:
0b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C9:36:D0:F2:D0:56:88:69:AB:F5:2C:C4:4B:06:B2:82:E0:25:9C
X509v3 Authority Key Identifier:
keyid:F0:1C:89:97:A3:54:BC:7D:4E:5A:60:A9:F4:24:38:A1:82:FA:99:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/98k20PLQVohpq_UsxEsGsoLgJZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/faa95f-3b32-41fe-abe3-c27c4a610bd3/1/8ByJl6NUvH1OWmCp9CQ4oYL6mYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.200.0/21
79.170.208.0/21
92.61.48.0-92.61.59.255
92.63.144.0/20
94.102.96.0/20
185.31.28.0/22
185.52.20.0/22
185.93.214.0/23
194.50.151.0/24
IPv6:
2a00:b220::/32
2a02:4140::/32
Signature Algorithm: sha256WithRSAEncryption
0e:ef:7e:e8:6e:3a:72:4a:3b:5c:80:28:56:e8:db:46:c2:17:
4e:e1:c5:e6:9b:24:4c:75:55:d9:cb:a1:47:da:29:7c:be:19:
5d:7c:1f:ff:1a:6f:ea:e8:ca:18:b5:2b:23:92:1b:22:ec:ad:
c2:36:0f:a4:83:bd:68:a8:d5:ed:cb:1c:81:19:b1:be:c9:03:
9e:aa:c8:63:c8:24:dd:e7:d9:8b:ca:da:62:47:b2:8e:d6:20:
3c:f7:07:bb:f9:f7:26:0a:24:eb:01:ba:42:34:da:cc:83:44:
b5:f9:39:6f:15:fe:c0:b1:2e:a1:5d:81:56:1a:33:02:3b:f7:
e4:8c:b5:c0:ab:e8:b5:4d:cc:b6:2e:8d:44:2d:f3:9e:3a:56:
1d:3e:94:b4:4d:d3:e8:3d:94:01:a1:4b:a2:21:47:aa:3b:a6:
52:db:fb:a6:06:b5:58:54:aa:b4:3b:76:fc:f0:db:24:0d:6d:
bb:86:ae:2b:5f:d0:57:d4:3a:fa:67:ea:5d:88:c8:24:d4:81:
16:07:7f:dd:36:bd:08:a1:dd:70:4d:6f:6d:b4:b5:32:ac:1d:
ee:dc:41:47:d1:d8:97:6e:31:08:cf:89:0a:ee:df:02:f2:1c:
d1:f9:9d:57:05:ae:e4:cd:51:ae:43:d2:d3:48:6b:84:bd:d0:
f9:f6:b4:b7
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY/iuLhq7rOsfYvLKOkxplt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMWM4OTk3YTM1NGJjN2Q0ZTVhNjBhOWY0MjQzOGExODJm
YTk5OGEwHhcNMjQwNjA0MTAwODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2M5MzZkMGYyZDA1Njg4NjlhYmY1MmNjNDRiMDZiMjgyZTAyNTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08B9/9taw1q3G+C/RoZ5oJHXx7TO
SW9WQ+rkx+WFJalTkNa/einbzKM3XRXM4NnDqpWR5g1f0+QWKz/xMZJFTCJvkWZE
20LYWhmlXI43mM/Zn3w1Pov+T3mR3Vsgftz3/gIcALDIAwjcwPHP8fKPIOA75YgM
L0D18NtJPt9WutCQ22koLBTlF7LCsLKlq9QS4pBzOcMKqr4pbB1meDl+ACfA0EZj
no5X9iKoWW9ESbJiI4IJWOe3NXH4Blik+MLjnwG/yzEoOUV3yhCJhw9e0PD97/EB
ZaJagu4ugwF2oaPdpBLufKWwBl9WaMD+5lk4d0yxnIqMDuuxfOrzmfYLKQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFPfJNtDy0FaIaav1LMRLBrKC4CWcMB8GA1UdIwQY
MBaAFPAciZejVLx9TlpgqfQkOKGC+pmKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEJ5Smw2TlV2SDFPV21DcDlDUTRvWUw2bVlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mYWE5NWYtM2IzMi00MWZlLWFiZTMt
YzI3YzRhNjEwYmQzLzEvOThrMjBQTFFWb2hwcV9Vc3hFc0dzb0xnSlp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mYWE5NWYtM2IzMi00MWZlLWFiZTMtYzI3YzRhNjEwYmQz
LzEvOEJ5Smw2TlV2SDFPV21DcDlDUTRvWUw2bVlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQDLvXIAwQD
T6rQMAwDBARcPTADBAJcPTgDBARcP5ADBAReZmADBAK5HxwDBAK5NBQDBAG5XdYD
BADCMpcwFAQCAAIwDgMFACoAsiADBQAqAkFAMA0GCSqGSIb3DQEBCwUAA4IBAQAO
737objpySjtcgChW6NtGwhdO4cXmmyRMdVXZy6FH2il8vhldfB//Gm/q6MoYtSsj
khsi7K3CNg+kg71oqNXtyxyBGbG+yQOeqshjyCTd59mLytpiR7KO1iA89we7+fcm
CiTrAbpCNNrMg0S1+TlvFf7AsS6hXYFWGjMCO/fkjLXAq+i1Tcy2Lo1ELfOeOlYd
PpS0TdPoPZQBoUuiIUeqO6ZS2/umBrVYVKq0O3b88NskDW27hq4rX9BX1Dr6Z+pd
iMgk1IEWB3/dNr0Iod1wTW9ttLUyrB3u3EFH0diXbjEIz4kK7t8C8hzR+Z1XBa7k
zVGuQ9LTSGuEvdD59rS3
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:50 2024 by rpki-client on console-fra.rpki-client.org