Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/dym0azsa16K8MldFHo50g4lX-VQ.roa
File: dym0azsa16K8MldFHo50g4lX-VQ.roa (raw, json)
Hash identifier: QAwdWDZ151LFmQ55IDtCNEYQVfDGmxIGbHXTgogRSUA=
Subject key identifier: 77:29:B4:6B:3B:1A:D7:A2:BC:32:57:45:1E:8E:74:83:89:57:F9:54
Certificate issuer: /CN=db239685409f64ba1c3a54a8ef141c924e71d892
Certificate serial: 018E561B2CF2CE0BA78DCACCE97B3D997763
Authority key identifier: DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/dym0azsa16K8MldFHo50g4lX-VQ.roa
Signing time: Tue 19 Mar 2024 09:46:45 +0000
ROA not before: Tue 19 Mar 2024 09:46:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35012
IP address blocks: 46.17.64.0/21 maxlen: 21
46.17.64.0/24 maxlen: 24
46.17.65.0/24 maxlen: 24
46.17.66.0/24 maxlen: 24
46.17.67.0/24 maxlen: 24
46.17.68.0/24 maxlen: 24
46.17.69.0/24 maxlen: 24
46.17.70.0/24 maxlen: 24
46.17.71.0/24 maxlen: 24
91.195.164.0/23 maxlen: 23
91.195.164.0/24 maxlen: 24
91.195.165.0/24 maxlen: 24
91.198.159.0/24 maxlen: 24
185.129.164.0/22 maxlen: 22
185.129.164.0/24 maxlen: 24
185.129.165.0/24 maxlen: 24
185.129.166.0/24 maxlen: 24
185.129.167.0/24 maxlen: 24
193.58.233.0/24 maxlen: 24
193.238.148.0/22 maxlen: 22
193.238.148.0/24 maxlen: 24
193.238.149.0/24 maxlen: 24
193.238.150.0/24 maxlen: 24
193.238.151.0/24 maxlen: 24
195.238.251.0/24 maxlen: 24
2a00:6000::/32 maxlen: 32
2a00:6000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:1b:2c:f2:ce:0b:a7:8d:ca:cc:e9:7b:3d:99:77:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db239685409f64ba1c3a54a8ef141c924e71d892
Validity
Not Before: Mar 19 09:46:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7729b46b3b1ad7a2bc3257451e8e74838957f954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fc:b4:5a:6f:fe:f0:86:fd:af:d3:46:14:8c:
98:e8:14:a7:17:59:31:6c:1c:60:2e:1f:f1:0c:86:
fb:52:e0:77:e9:d5:77:21:f2:d1:45:da:01:f4:db:
1a:f0:6d:2e:7f:04:42:c1:bc:d5:64:53:a3:e7:17:
6d:c3:9b:db:54:7d:47:8b:8f:ca:6a:53:fd:d0:c2:
a8:92:1d:64:38:54:b2:21:6b:7b:11:d8:9e:dc:c0:
b5:ca:dd:27:41:e2:0e:90:23:dd:c1:5d:10:81:5d:
85:c3:c1:8c:97:46:02:cb:87:b5:3c:ae:3d:ff:6d:
71:1e:f6:d4:d4:ab:13:86:b7:4b:c1:29:1b:30:ae:
54:66:65:4d:a8:8d:17:d6:c0:7d:25:b4:21:da:d2:
26:5c:3b:77:4e:32:b5:4f:ec:b8:06:7a:15:40:d5:
a0:99:4b:3d:5a:47:5d:d5:af:2f:d6:12:83:ab:42:
03:08:16:e9:ab:46:8a:70:cb:1e:80:84:93:16:a9:
a2:eb:83:bb:ad:9c:0d:55:70:15:77:09:c1:1f:50:
59:9a:26:d5:6c:fb:75:35:2b:e9:f9:30:0f:48:85:
b6:52:63:5b:b5:b0:35:19:d0:38:dc:6e:36:f0:64:
f3:54:66:7e:9b:ae:54:a7:b9:d4:d1:a1:3a:9b:62:
d9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:29:B4:6B:3B:1A:D7:A2:BC:32:57:45:1E:8E:74:83:89:57:F9:54
X509v3 Authority Key Identifier:
keyid:DB:23:96:85:40:9F:64:BA:1C:3A:54:A8:EF:14:1C:92:4E:71:D8:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yOWhUCfZLocOlSo7xQckk5x2JI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/dym0azsa16K8MldFHo50g4lX-VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8d6fd7-1cb3-413c-a32b-2ef447e1b08c/1/2yOWhUCfZLocOlSo7xQckk5x2JI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.64.0/21
91.195.164.0/23
91.198.159.0/24
185.129.164.0/22
193.58.233.0/24
193.238.148.0/22
195.238.251.0/24
IPv6:
2a00:6000::/32
Signature Algorithm: sha256WithRSAEncryption
94:18:80:e6:66:fb:b8:bd:fb:44:0d:aa:91:90:03:38:13:92:
54:52:18:84:9b:92:13:84:5b:65:b4:33:bd:3b:be:20:86:9c:
69:36:7d:4d:8e:9f:42:b6:d9:78:1c:cb:f2:d8:21:ee:59:07:
ac:99:ec:e2:4c:2d:e3:ef:3a:a6:07:3e:9f:f1:e5:2e:51:2c:
5a:b9:89:ee:7b:cb:3c:ff:02:c6:73:b0:15:22:34:15:22:c9:
89:b6:55:95:09:b0:4e:84:aa:49:49:94:e5:ed:6d:e3:57:39:
24:e0:df:ee:f8:fe:42:7f:4d:85:b2:49:37:fd:18:17:a1:23:
87:79:34:11:b6:84:81:4c:c7:50:bd:88:71:bb:ce:ca:42:9b:
27:d3:ae:91:d5:65:40:be:f0:d9:73:27:43:bc:f5:e1:b2:5b:
29:fc:25:16:56:7b:ea:ad:13:e9:2a:d5:8e:c5:c0:ac:13:c0:
5f:d2:6d:f0:16:6c:b1:ca:55:09:b5:dc:77:5e:73:6d:24:11:
41:0c:2f:c8:4d:17:4f:02:5c:54:31:f3:1e:ae:75:f4:54:44:
3d:4c:59:31:59:7a:2e:5b:0a:c3:3b:1d:06:75:2c:98:04:99:
c8:26:8f:34:92:13:ff:9c:85:0b:2c:ad:3f:15:6c:c1:70:82:
3f:a4:84:6d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY5WGyzyzgunjcrM6Xs9mXdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM5Njg1NDA5ZjY0YmExYzNhNTRhOGVmMTQxYzkyNGU3
MWQ4OTIwHhcNMjQwMzE5MDk0NjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzI5YjQ2YjNiMWFkN2EyYmMzMjU3NDUxZThlNzQ4Mzg5NTdmOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfy0Wm/+8Ib9r9NGFIyY6BSnF1kx
bBxgLh/xDIb7UuB36dV3IfLRRdoB9Nsa8G0ufwRCwbzVZFOj5xdtw5vbVH1Hi4/K
alP90MKokh1kOFSyIWt7Edie3MC1yt0nQeIOkCPdwV0QgV2Fw8GMl0YCy4e1PK49
/21xHvbU1KsThrdLwSkbMK5UZmVNqI0X1sB9JbQh2tImXDt3TjK1T+y4BnoVQNWg
mUs9Wkdd1a8v1hKDq0IDCBbpq0aKcMsegISTFqmi64O7rZwNVXAVdwnBH1BZmibV
bPt1NSvp+TAPSIW2UmNbtbA1GdA43G428GTzVGZ+m65Up7nU0aE6m2LZOQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHcptGs7GteivDJXRR6OdIOJV/lUMB8GA1UdIwQY
MBaAFNsjloVAn2S6HDpUqO8UHJJOcdiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmIt
MmVmNDQ3ZTFiMDhjLzEvZHltMGF6c2ExNks4TWxkRkhvNTBnNGxYLVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC84ZDZmZDctMWNiMy00MTNjLWEzMmItMmVmNDQ3ZTFiMDhj
LzEvMnlPV2hVQ2ZaTG9jT2xTbzd4UWNrazV4MkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLhFAAwQB
W8OkAwQAW8afAwQCuYGkAwQAwTrpAwQCwe6UAwQAw+77MA0EAgACMAcDBQAqAGAA
MA0GCSqGSIb3DQEBCwUAA4IBAQCUGIDmZvu4vftEDaqRkAM4E5JUUhiEm5IThFtl
tDO9O74ghpxpNn1Njp9Cttl4HMvy2CHuWQesmeziTC3j7zqmBz6f8eUuUSxauYnu
e8s8/wLGc7AVIjQVIsmJtlWVCbBOhKpJSZTl7W3jVzkk4N/u+P5Cf02Fskk3/RgX
oSOHeTQRtoSBTMdQvYhxu87KQpsn066R1WVAvvDZcydDvPXhslsp/CUWVnvqrRPp
KtWOxcCsE8Bf0m3wFmyxylUJtdx3XnNtJBFBDC/ITRdPAlxUMfMernX0VEQ9TFkx
WXouWwrDOx0GdSyYBJnIJo80khP/nIULLK0/FWzBcII/pIRt
-----END CERTIFICATE-----
Generated at Sun May 12 21:31:36 2024 by rpki-client on console-ams.rpki-client.org