Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/Lf0glz4yCqmPN3x_VnWDd-F5NIs.roa
File: Lf0glz4yCqmPN3x_VnWDd-F5NIs.roa (raw, json)
Hash identifier: dkcvswWuMJOViwB2AT9kZAeE9rmJTy8L14tm8jzF63Y=
Subject key identifier: 2D:FD:20:97:3E:32:0A:A9:8F:37:7C:7F:56:75:83:77:E1:79:34:8B
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 018CC8713A275B8939657B3388DD88B409AF
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/Lf0glz4yCqmPN3x_VnWDd-F5NIs.roa
Signing time: Tue 02 Jan 2024 04:31:52 +0000
ROA not before: Tue 02 Jan 2024 04:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57128
IP address blocks: 84.39.244.0/24 maxlen: 24
84.39.244.0/23 maxlen: 23
84.39.246.0/24 maxlen: 24
84.39.246.0/23 maxlen: 23
84.39.244.0/22 maxlen: 22
84.39.245.0/24 maxlen: 24
84.39.247.0/24 maxlen: 24
46.191.224.0/22 maxlen: 22
46.191.225.0/24 maxlen: 24
46.191.224.0/24 maxlen: 24
46.191.224.0/23 maxlen: 23
46.191.226.0/24 maxlen: 24
46.191.226.0/23 maxlen: 23
46.191.227.0/24 maxlen: 24
93.157.250.0/23 maxlen: 23
93.157.250.0/24 maxlen: 24
93.157.251.0/24 maxlen: 24
93.157.248.0/23 maxlen: 23
93.157.248.0/24 maxlen: 24
93.157.249.0/24 maxlen: 24
93.157.248.0/22 maxlen: 22
95.105.68.0/22 maxlen: 22
95.105.66.0/23 maxlen: 23
95.105.69.0/24 maxlen: 24
95.105.66.0/24 maxlen: 24
95.105.67.0/24 maxlen: 24
95.105.70.0/23 maxlen: 23
95.105.71.0/24 maxlen: 24
95.105.65.0/24 maxlen: 24
95.105.68.0/23 maxlen: 23
95.105.68.0/24 maxlen: 24
95.105.70.0/24 maxlen: 24
95.105.74.0/23 maxlen: 23
95.105.77.0/24 maxlen: 24
95.105.76.0/22 maxlen: 22
95.105.74.0/24 maxlen: 24
95.105.76.0/23 maxlen: 23
95.105.76.0/24 maxlen: 24
95.105.72.0/23 maxlen: 23
95.105.75.0/24 maxlen: 24
95.105.72.0/22 maxlen: 22
95.105.72.0/24 maxlen: 24
95.105.78.0/23 maxlen: 23
95.105.78.0/24 maxlen: 24
95.105.73.0/24 maxlen: 24
95.105.79.0/24 maxlen: 24
95.105.64.0/23 maxlen: 23
95.105.64.0/20 maxlen: 20
95.105.64.0/24 maxlen: 24
95.105.64.0/22 maxlen: 22
2a02:1c8:9::/48 maxlen: 48
2a02:1c8:30::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:3a:27:5b:89:39:65:7b:33:88:dd:88:b4:09:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 2 04:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2dfd20973e320aa98f377c7f56758377e179348b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:04:e5:ab:67:1f:1c:e2:44:df:c7:08:73:e3:
0d:7f:4e:c8:9a:b1:0a:2e:40:cd:d6:ad:f3:e3:5f:
aa:6b:2d:bf:07:91:8f:ed:f6:af:af:84:7e:8c:7b:
81:f8:fd:b2:9b:5a:98:c3:a2:05:2d:85:57:e5:2f:
b4:1b:5e:51:dd:55:ec:28:f4:70:75:2a:62:bd:2d:
02:3d:d4:da:27:20:ca:9f:ab:a2:ed:a1:4c:8c:5e:
68:90:a9:62:ac:f8:19:16:93:69:9a:b1:8d:67:92:
d9:47:73:23:76:54:9d:03:87:51:24:ab:50:f6:ff:
64:a9:56:49:60:f3:ff:c3:4d:00:7a:90:c8:52:02:
cb:a3:43:b0:c3:cd:50:1a:e8:3f:20:f1:b7:13:49:
df:ed:c1:17:a8:1b:59:22:03:c4:b0:7b:4e:0f:36:
22:2f:50:72:a7:ac:81:f4:14:be:0c:5b:7d:b1:18:
eb:c6:9a:54:0d:2f:8f:4d:97:17:c5:f5:f8:bc:59:
d2:a8:17:da:be:fe:a9:a1:0a:fd:cc:4d:5f:d6:5c:
66:16:5e:22:21:a3:5e:b2:74:bf:d0:43:9a:c4:a8:
92:ba:83:a7:4e:3e:94:2a:3e:71:82:4f:7c:27:ad:
7a:5a:71:03:7f:9d:0f:22:70:7d:3e:e0:3f:c9:7c:
71:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FD:20:97:3E:32:0A:A9:8F:37:7C:7F:56:75:83:77:E1:79:34:8B
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/Lf0glz4yCqmPN3x_VnWDd-F5NIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.191.224.0/22
84.39.244.0/22
93.157.248.0/22
95.105.64.0/20
IPv6:
2a02:1c8:9::/48
2a02:1c8:30::/44
Signature Algorithm: sha256WithRSAEncryption
03:2d:31:30:72:28:5a:99:34:7f:aa:de:17:b5:5a:be:96:d8:
ec:e3:c8:7f:98:c5:c5:b7:bd:3f:f8:4b:a1:db:8c:da:b0:bc:
61:1f:59:1d:ec:b2:a1:e8:28:f3:6b:80:38:bd:dd:5b:eb:29:
18:0e:5c:fc:c1:71:79:ed:ac:d9:5a:fd:dc:75:18:8b:cb:be:
7f:51:de:c9:82:d3:31:6e:3f:2c:2e:23:06:6f:9c:39:de:91:
b2:20:0f:b7:80:69:86:be:b2:88:b2:d3:b8:e5:56:b0:9c:a3:
ae:d2:e5:06:f8:31:43:19:77:73:87:e8:2e:63:2f:bd:cf:d6:
dd:9f:54:1c:9d:a6:6b:4d:20:15:b3:f6:80:36:16:86:74:31:
53:45:65:21:65:06:f7:93:75:33:fe:4c:5d:61:0b:15:37:6b:
e2:16:2d:e3:e8:fd:c0:90:9f:ba:12:8c:a6:cb:9c:1a:93:24:
39:06:99:bf:e4:38:00:92:42:dd:ad:58:1d:aa:72:3d:58:c1:
87:13:df:b8:b1:9f:dc:66:b7:0e:8d:57:9a:ac:30:0c:c7:e3:
84:80:49:22:a5:08:77:8f:36:cc:1d:56:72:b1:f7:43:80:ff:
fd:24:fa:e4:ea:7c:86:69:f4:df:b5:25:8a:ab:d7:f2:2f:d7:
f8:13:a7:1c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzIcTonW4k5ZXsziN2ItAmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNmQwYWU1ZTJmYmZmY2NlMDg3NzBlYmMyMGMyMTZiOWZi
Zjk0ODUwHhcNMjQwMTAyMDQzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZkMjA5NzNlMzIwYWE5OGYzNzdjN2Y1Njc1ODM3N2UxNzkzNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgTlq2cfHOJE38cIc+MNf07ImrEK
LkDN1q3z41+qay2/B5GP7favr4R+jHuB+P2ym1qYw6IFLYVX5S+0G15R3VXsKPRw
dSpivS0CPdTaJyDKn6ui7aFMjF5okKlirPgZFpNpmrGNZ5LZR3MjdlSdA4dRJKtQ
9v9kqVZJYPP/w00AepDIUgLLo0Oww81QGug/IPG3E0nf7cEXqBtZIgPEsHtODzYi
L1Byp6yB9BS+DFt9sRjrxppUDS+PTZcXxfX4vFnSqBfavv6poQr9zE1f1lxmFl4i
IaNesnS/0EOaxKiSuoOnTj6UKj5xgk98J616WnEDf50PInB9PuA/yXxxrQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFC39IJc+Mgqpjzd8f1Z1g3fheTSLMB8GA1UdIwQY
MBaAFKNtCuXi+//M4Idw68IMIWufv5SFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAt
Y2JiOTUxODNiMjdhLzEvTGYwZ2x6NHlDcW1QTjN4X1ZuV0RkLUY1TklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84Y2FjMGMtMzQyNi00ZjA3LWFmMjAtY2JiOTUxODNiMjdh
LzEvbzIwSzVlTDdfOHpnaDNEcndnd2hhNS1fbElVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQCLr/gAwQC
VCf0AwQCXZ34AwQEX2lAMBgEAgACMBIDBwAqAgHIAAkDBwQqAgHIADAwDQYJKoZI
hvcNAQELBQADggEBAAMtMTByKFqZNH+q3he1Wr6W2OzjyH+YxcW3vT/4S6HbjNqw
vGEfWR3ssqHoKPNrgDi93VvrKRgOXPzBcXntrNla/dx1GIvLvn9R3smC0zFuPywu
IwZvnDnekbIgD7eAaYa+soiy07jlVrCco67S5Qb4MUMZd3OH6C5jL73P1t2fVByd
pmtNIBWz9oA2FoZ0MVNFZSFlBveTdTP+TF1hCxU3a+IWLePo/cCQn7oSjKbLnBqT
JDkGmb/kOACSQt2tWB2qcj1YwYcT37ixn9xmtw6NV5qsMAzH44SASSKlCHePNswd
VnKx90OA//0k+uTqfIZp9N+1JYqr1/Iv1/gTpxw=
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:49:17 2024 by rpki-client on console-ams.rpki-client.org