Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/39w5IDPXVnMQlNErMvXQtaKEiak.roa
File: 39w5IDPXVnMQlNErMvXQtaKEiak.roa (raw, json)
Hash identifier: T/lnV5m+EFIBtbBrXnEDpqKZjmNonpmMvPfM2m7xQwk=
Subject key identifier: DF:DC:39:20:33:D7:56:73:10:94:D1:2B:32:F5:D0:B5:A2:84:89:A9
Certificate issuer: /CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Certificate serial: 018CC86F31BB9523291522EF1701A0565D7D
Authority key identifier: D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/39w5IDPXVnMQlNErMvXQtaKEiak.roa
Signing time: Tue 02 Jan 2024 04:29:39 +0000
ROA not before: Tue 02 Jan 2024 04:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21069
IP address blocks: 46.231.200.0/21 maxlen: 24
81.173.82.0/23 maxlen: 24
81.173.84.0/22 maxlen: 24
81.173.88.0/21 maxlen: 24
185.46.56.0/22 maxlen: 24
80.74.128.0/20 maxlen: 24
80.74.144.0/20 maxlen: 24
94.126.16.0/21 maxlen: 24
2a00:1128::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:31:bb:95:23:29:15:22:ef:17:01:a0:56:5d:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e535ef216ebe6f7fc55cfbdc31532b912d8e63
Validity
Not Before: Jan 2 04:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfdc392033d756731094d12b32f5d0b5a28489a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7c:78:76:9a:f5:a9:c1:d3:92:c2:cc:04:10:
e2:f9:2b:90:30:48:62:82:1e:d7:ec:0f:08:62:de:
b8:d3:3a:9b:bb:b3:ca:08:e5:a1:f7:51:12:81:36:
2b:cc:20:e5:0b:f5:ca:1f:05:a6:39:e1:e8:aa:26:
e6:bf:34:c5:71:5e:3e:d5:84:9b:38:6b:27:89:8c:
68:ef:7b:0a:d0:fd:a1:f9:21:0c:16:4a:7a:4d:17:
2b:6f:2c:be:a5:e0:ca:73:0f:3d:8a:cd:50:32:63:
9e:c5:b1:18:91:b1:56:b6:ca:19:93:24:4c:07:c3:
61:f4:df:e4:84:76:75:d1:e4:0a:9f:0c:2c:3f:a2:
8a:1a:40:3c:e4:dd:c0:0e:8c:89:dc:2d:27:f8:09:
f0:9c:f7:a0:b9:19:33:be:a6:b2:ef:d6:0d:53:4e:
0e:69:26:e7:b4:2b:32:dc:0b:58:33:86:aa:ec:ca:
f2:7f:bb:b2:97:68:58:aa:77:93:5a:18:6c:18:40:
57:d8:8e:ad:dc:07:6d:78:1d:1f:b3:05:f9:86:c0:
8d:f3:8c:d1:11:02:62:de:c4:b2:69:13:15:79:1a:
90:1d:c4:d5:61:7e:20:81:ae:84:9b:e9:b5:3a:22:
22:a5:b6:79:82:12:d6:41:34:67:cd:62:9a:88:bc:
c9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DC:39:20:33:D7:56:73:10:94:D1:2B:32:F5:D0:B5:A2:84:89:A9
X509v3 Authority Key Identifier:
keyid:D6:E5:35:EF:21:6E:BE:6F:7F:C5:5C:FB:DC:31:53:2B:91:2D:8E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uU17yFuvm9_xVz73DFTK5EtjmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/39w5IDPXVnMQlNErMvXQtaKEiak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bd0d7d-f425-408a-b07d-07711ed02b75/1/1uU17yFuvm9_xVz73DFTK5EtjmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.200.0/21
80.74.128.0/19
81.173.82.0-81.173.95.255
94.126.16.0/21
185.46.56.0/22
IPv6:
2a00:1128::/32
Signature Algorithm: sha256WithRSAEncryption
9f:68:5e:ed:ad:0b:8b:5b:5c:9b:48:4e:52:da:38:c8:dc:5b:
5a:09:b6:33:53:35:f8:62:24:65:a7:b9:0f:01:3c:9c:3b:42:
8f:e1:c3:a8:71:58:7c:af:9c:f0:f3:6c:c6:70:3a:0c:6d:17:
0b:91:49:07:ce:98:c2:ce:47:ef:ba:fa:a8:57:1f:94:09:3e:
94:72:e0:59:45:10:00:79:72:c1:29:1e:a1:97:96:f0:e4:10:
f2:97:e3:c0:2a:b5:bc:97:e8:cd:f7:6f:5f:d1:07:87:87:cb:
59:48:f5:b7:ac:b6:de:d9:47:0e:6f:70:15:ee:04:1e:00:55:
ac:8b:29:d7:ee:ab:e9:f8:f4:96:0d:5f:b9:a4:fe:2e:5f:35:
4c:68:61:54:83:99:df:f9:be:de:91:3e:f9:27:0f:0f:af:a9:
41:8c:0a:09:cb:0c:23:83:e7:a8:bd:07:54:1f:f3:74:8d:7d:
56:8f:02:3b:d1:3d:eb:7f:70:c5:b5:fa:ef:cf:f8:45:6a:59:
08:73:76:50:34:f4:26:ad:a3:f5:bb:2d:3a:47:14:3c:f4:eb:
da:16:34:dd:39:a2:7c:ec:c2:15:30:a9:db:c5:49:3c:24:83:
9c:39:89:2d:f3:1a:ab:50:c5:0d:51:69:82:d9:ef:2f:e4:6d:
4c:98:87:d4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzIbzG7lSMpFSLvFwGgVl19MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTUzNWVmMjE2ZWJlNmY3ZmM1NWNmYmRjMzE1MzJiOTEy
ZDhlNjMwHhcNMjQwMTAyMDQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRjMzkyMDMzZDc1NjczMTA5NGQxMmIzMmY1ZDBiNWEyODQ4OWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXx4dpr1qcHTksLMBBDi+SuQMEhi
gh7X7A8IYt640zqbu7PKCOWh91ESgTYrzCDlC/XKHwWmOeHoqibmvzTFcV4+1YSb
OGsniYxo73sK0P2h+SEMFkp6TRcrbyy+peDKcw89is1QMmOexbEYkbFWtsoZkyRM
B8Nh9N/khHZ10eQKnwwsP6KKGkA85N3ADoyJ3C0n+AnwnPeguRkzvqay79YNU04O
aSbntCsy3AtYM4aq7Mryf7uyl2hYqneTWhhsGEBX2I6t3AdteB0fswX5hsCN84zR
EQJi3sSyaRMVeRqQHcTVYX4gga6Em+m1OiIipbZ5ghLWQTRnzWKaiLzJHQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFN/cOSAz11ZzEJTRKzL10LWihImpMB8GA1UdIwQY
MBaAFNblNe8hbr5vf8Vc+9wxUyuRLY5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2Qt
MDc3MTFlZDAyYjc1LzEvMzl3NUlEUFhWbk1RbE5Fck12WFF0YUtFaWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZDBkN2QtZjQyNS00MDhhLWIwN2QtMDc3MTFlZDAyYjc1
LzEvMXVVMTd5RnV2bTlfeFZ6NzNERlRLNUV0am1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDLufIAwQF
UEqAMAwDBAFRrVIDBAVRrUADBANefhADBAK5LjgwDQQCAAIwBwMFACoAESgwDQYJ
KoZIhvcNAQELBQADggEBAJ9oXu2tC4tbXJtITlLaOMjcW1oJtjNTNfhiJGWnuQ8B
PJw7Qo/hw6hxWHyvnPDzbMZwOgxtFwuRSQfOmMLOR++6+qhXH5QJPpRy4FlFEAB5
csEpHqGXlvDkEPKX48AqtbyX6M33b1/RB4eHy1lI9bestt7ZRw5vcBXuBB4AVayL
Kdfuq+n49JYNX7mk/i5fNUxoYVSDmd/5vt6RPvknDw+vqUGMCgnLDCOD56i9B1Qf
83SNfVaPAjvRPet/cMW1+u/P+EVqWQhzdlA09Cato/W7LTpHFDz069oWNN05onzs
whUwqdvFSTwkg5w5iS3zGqtQxQ1RaYLZ7y/kbUyYh9Q=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:27 2024 by rpki-client on console-ams.rpki-client.org