Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/agFnj8f_4aSpjF2C3Td2xjLK2XQ.roa
File: agFnj8f_4aSpjF2C3Td2xjLK2XQ.roa (raw, json)
Hash identifier: r/uRUyNJo8SdRFNM9FWYXLy+6Vfv/OloOJJDndHj/8k=
Subject key identifier: 6A:01:67:8F:C7:FF:E1:A4:A9:8C:5D:82:DD:37:76:C6:32:CA:D9:74
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018F766E8710D95EF301E7B79A0F39E6C505
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/agFnj8f_4aSpjF2C3Td2xjLK2XQ.roa
Signing time: Tue 14 May 2024 09:28:25 +0000
ROA not before: Tue 14 May 2024 09:28:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5430
IP address blocks: 62.104.0.0/16 maxlen: 16
62.104.10.0/23 maxlen: 23
62.104.12.0/22 maxlen: 22
62.104.16.0/24 maxlen: 24
62.104.17.0/24 maxlen: 24
62.104.18.0/24 maxlen: 24
62.104.20.0/23 maxlen: 24
62.104.45.0/24 maxlen: 24
62.104.46.0/23 maxlen: 23
62.104.48.0/23 maxlen: 23
62.104.50.0/24 maxlen: 24
62.104.56.0/24 maxlen: 24
62.104.66.0/23 maxlen: 23
62.104.95.0/24 maxlen: 24
62.104.96.0/21 maxlen: 22
62.104.104.0/22 maxlen: 22
62.104.164.0/22 maxlen: 22
62.104.164.0/24 maxlen: 24
62.104.168.0/22 maxlen: 22
62.104.172.0/23 maxlen: 23
62.104.174.0/24 maxlen: 24
62.104.175.0/24 maxlen: 24
62.104.176.0/22 maxlen: 22
89.48.0.0/13 maxlen: 24
89.49.126.0/24 maxlen: 24
89.49.127.0/24 maxlen: 24
194.97.0.0/18 maxlen: 18
194.97.46.0/23 maxlen: 24
194.97.58.0/24 maxlen: 24
194.97.96.0/19 maxlen: 19
194.97.96.0/24 maxlen: 24
194.97.102.0/24 maxlen: 24
194.97.118.0/24 maxlen: 24
194.97.119.0/24 maxlen: 24
194.97.120.0/23 maxlen: 23
194.97.122.0/24 maxlen: 24
194.97.160.0/19 maxlen: 19
194.97.164.0/22 maxlen: 22
195.4.0.0/17 maxlen: 17
195.4.6.0/24 maxlen: 24
195.4.12.0/23 maxlen: 23
195.4.16.0/22 maxlen: 22
195.4.16.0/24 maxlen: 24
195.4.27.0/24 maxlen: 24
195.4.70.0/24 maxlen: 24
195.4.71.0/24 maxlen: 24
195.4.104.0/22 maxlen: 22
195.4.176.0/21 maxlen: 21
195.4.216.0/21 maxlen: 21
195.4.224.0/19 maxlen: 19
2001:748::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.mft
rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:6e:87:10:d9:5e:f3:01:e7:b7:9a:0f:39:e6:c5:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: May 14 09:28:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a01678fc7ffe1a4a98c5d82dd3776c632cad974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:33:11:74:af:2a:5f:2e:be:88:2b:08:ad:0b:
b5:91:76:a7:77:8a:f8:73:e6:cb:c4:ba:00:d7:f9:
06:35:bc:b3:8d:0d:cb:bd:bc:94:6d:67:5c:e6:bc:
bf:d6:21:95:d7:65:9e:aa:74:50:6b:57:86:10:98:
e9:b7:41:ae:d2:b5:1c:a8:82:29:14:58:ae:3c:08:
54:35:78:32:80:cd:43:e9:2a:92:d6:8e:a8:7d:67:
0d:bb:60:64:1e:a9:65:23:2c:64:fa:07:30:67:e9:
eb:f2:3a:96:be:71:12:eb:77:a2:d9:48:b1:3c:b6:
47:46:0d:3d:12:20:ca:c4:a8:e8:00:73:60:51:70:
54:52:36:4f:de:eb:e3:c1:d2:62:df:5c:c0:51:39:
30:4c:8f:dc:7f:86:eb:4b:ef:74:a7:c3:ca:64:d8:
74:fc:f3:38:1d:3d:52:00:0c:43:01:2e:c5:fb:44:
be:4b:61:c8:d2:6c:19:e2:1d:5a:2f:bf:09:f8:15:
6d:a1:29:c5:3b:84:6e:d4:71:da:2a:94:c5:fd:26:
25:b9:4f:72:d3:6f:e2:75:93:bc:76:3d:8a:74:14:
16:14:d5:1f:29:bd:d1:7d:67:a8:e7:3f:e0:95:de:
82:d2:d0:c0:34:80:7d:10:68:57:85:9d:47:2e:00:
96:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:01:67:8F:C7:FF:E1:A4:A9:8C:5D:82:DD:37:76:C6:32:CA:D9:74
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/agFnj8f_4aSpjF2C3Td2xjLK2XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.104.0.0/16
89.48.0.0/13
194.97.0.0/18
194.97.96.0/19
194.97.160.0/19
195.4.0.0/17
195.4.176.0/21
195.4.216.0-195.4.255.255
IPv6:
2001:748::/32
Signature Algorithm: sha256WithRSAEncryption
36:56:11:6d:d3:21:7b:07:25:a6:c1:cc:a4:82:c2:d9:83:e9:
9b:79:7d:3d:19:24:39:86:c1:83:26:da:a0:a8:1c:5d:d6:f7:
56:2b:69:66:89:a0:3b:21:f3:8e:10:f2:70:5f:c4:49:e4:49:
e1:c6:1c:38:fc:ba:e2:ee:85:1b:42:51:a4:30:a0:86:6b:45:
bf:f6:30:b8:e1:ec:94:b7:09:7f:d2:2f:14:8f:eb:10:12:11:
f2:2d:2c:1b:78:47:39:4e:52:71:40:d8:ef:b0:4c:26:75:cd:
8e:0b:c6:31:94:f2:7f:a6:b5:c3:64:80:81:d0:80:7d:76:04:
ec:f3:d9:0a:42:13:a4:58:8b:d3:eb:3f:c5:ec:0c:c5:36:70:
44:79:5b:55:d8:4d:17:b4:85:be:22:62:42:b5:39:03:19:0d:
74:a6:cb:53:f3:af:00:85:b4:a1:dd:37:ae:ad:24:82:c6:2c:
95:50:38:4a:84:ba:4b:00:cd:10:bf:33:43:f0:eb:1b:64:4c:
3d:54:59:f6:ea:61:7c:12:f4:06:84:41:f9:ac:ea:e4:69:41:
ad:1a:0d:55:5a:4c:ca:22:f8:8f:bf:fd:13:57:b7:a5:2e:24:
85:6b:85:84:ff:8c:ba:83:78:28:e0:45:a6:49:0e:78:85:2b:
2c:34:87:2e
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY92bocQ2V7zAee3mg855sUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwNTE0MDkyODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTAxNjc4ZmM3ZmZlMWE0YTk4YzVkODJkZDM3NzZjNjMyY2FkOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzMRdK8qXy6+iCsIrQu1kXand4r4
c+bLxLoA1/kGNbyzjQ3LvbyUbWdc5ry/1iGV12WeqnRQa1eGEJjpt0Gu0rUcqIIp
FFiuPAhUNXgygM1D6SqS1o6ofWcNu2BkHqllIyxk+gcwZ+nr8jqWvnES63ei2Uix
PLZHRg09EiDKxKjoAHNgUXBUUjZP3uvjwdJi31zAUTkwTI/cf4brS+90p8PKZNh0
/PM4HT1SAAxDAS7F+0S+S2HI0mwZ4h1aL78J+BVtoSnFO4Ru1HHaKpTF/SYluU9y
02/idZO8dj2KdBQWFNUfKb3RfWeo5z/gld6C0tDANIB9EGhXhZ1HLgCWTQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGoBZ4/H/+GkqYxdgt03dsYyytl0MB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvYWdGbmo4Zl80YVNwakYyQzNUZDJ4akxLMlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDA7BAIAATA1AwMAPmgDAwNZ
MAMEBsJhAAMEBcJhYAMEBcJhoAMEB8MEAAMEA8MEsDALAwQDwwTYAwMAwwQwDQQC
AAIwBwMFACABB0gwDQYJKoZIhvcNAQELBQADggEBADZWEW3TIXsHJabBzKSCwtmD
6Zt5fT0ZJDmGwYMm2qCoHF3W91YraWaJoDsh844Q8nBfxEnkSeHGHDj8uuLuhRtC
UaQwoIZrRb/2MLjh7JS3CX/SLxSP6xASEfItLBt4RzlOUnFA2O+wTCZ1zY4LxjGU
8n+mtcNkgIHQgH12BOzz2QpCE6RYi9PrP8XsDMU2cER5W1XYTRe0hb4iYkK1OQMZ
DXSmy1PzrwCFtKHdN66tJILGLJVQOEqEuksAzRC/M0Pw6xtkTD1UWfbqYXwS9AaE
Qfms6uRpQa0aDVVaTMoi+I+//RNXt6UuJIVrhYT/jLqDeCjgRaZJDniFKyw0hy4=
-----END CERTIFICATE-----
Generated at Sun Jun 23 02:36:39 2024 by rpki-client on console-ams.rpki-client.org