Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/deKnmfjNBJw63aj3t0ZiQaq1kbI.roa
File: deKnmfjNBJw63aj3t0ZiQaq1kbI.roa (raw, json)
Hash identifier: +0aCpLIX0EoVYogoxnnpM99hG4lRZP9dBIt70hoNjT8=
Subject key identifier: 75:E2:A7:99:F8:CD:04:9C:3A:DD:A8:F7:B7:46:62:41:AA:B5:91:B2
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 01929F7067B6895BC96ACB2D7A0D209BAA89
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/deKnmfjNBJw63aj3t0ZiQaq1kbI.roa
Signing time: Fri 18 Oct 2024 11:43:16 +0000
ROA not before: Fri 18 Oct 2024 11:43:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
81.88.64.0/21 maxlen: 21
81.95.80.0/20 maxlen: 20
82.148.168.0/21 maxlen: 21
82.148.176.0/20 maxlen: 20
89.207.136.0/21 maxlen: 21
109.169.112.0/21 maxlen: 21
178.174.112.0/20 maxlen: 20
185.176.244.0/23 maxlen: 23
185.176.244.0/24 maxlen: 24
185.176.245.0/24 maxlen: 24
185.178.4.0/22 maxlen: 22
185.190.36.0/24 maxlen: 24
193.168.156.0/22 maxlen: 22
212.89.96.0/19 maxlen: 19
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:70:67:b6:89:5b:c9:6a:cb:2d:7a:0d:20:9b:aa:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Oct 18 11:43:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75e2a799f8cd049c3adda8f7b7466241aab591b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5f:2d:55:d7:0b:78:af:85:d8:f9:e5:62:c2:
49:40:03:a0:fb:75:25:76:37:24:3e:a8:34:b2:9e:
70:36:f2:9a:4a:4a:6b:27:54:d8:ce:12:ad:c7:03:
31:74:90:c8:d7:b5:d5:7b:a0:0a:6a:65:2d:2b:64:
88:b6:5f:28:99:54:d7:62:20:cc:4f:45:fa:32:9e:
1c:be:98:7a:f3:1c:60:96:e7:e1:95:be:82:53:f8:
aa:b7:4a:16:05:16:dd:f8:ce:a3:f5:4d:f6:ef:3f:
ec:17:fa:cf:39:df:31:19:cf:d0:64:a0:04:07:d4:
97:3c:5c:4d:ec:b7:49:44:6b:8f:cd:9e:06:bb:fb:
54:0c:48:fb:ed:c3:8d:d8:51:cb:9c:45:36:bd:53:
17:0f:ef:7a:30:2e:11:09:60:db:f4:3b:dc:c3:e9:
52:2b:ef:06:32:2c:79:84:2e:cc:be:08:8e:90:be:
87:05:61:08:db:09:1b:4d:78:8d:91:10:3d:91:0a:
ed:eb:5e:9c:a9:f5:a7:95:cb:10:89:8c:ce:e1:62:
d8:56:fa:ab:61:3e:63:b5:ad:4b:21:44:f3:00:42:
5f:1f:dd:a1:d8:92:ab:94:56:57:4a:65:07:4c:6d:
36:be:37:35:c4:38:7a:7a:7c:eb:ba:c8:56:4b:01:
62:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E2:A7:99:F8:CD:04:9C:3A:DD:A8:F7:B7:46:62:41:AA:B5:91:B2
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/deKnmfjNBJw63aj3t0ZiQaq1kbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
81.88.64.0/21
81.95.80.0/20
82.148.168.0-82.148.191.255
89.207.136.0/21
109.169.112.0/21
178.174.112.0/20
185.176.244.0/23
185.178.4.0/22
185.190.36.0/24
193.168.156.0/22
212.89.96.0/19
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
16:af:cf:b4:a2:61:42:df:85:81:0f:29:ae:a1:1e:9c:5b:ae:
31:03:ab:72:08:2b:13:4d:56:d1:22:70:a1:50:fe:22:4d:26:
27:ac:01:72:5b:a5:e6:a5:ef:10:5d:4f:f0:f1:8b:a7:a5:0c:
87:77:8f:d1:f4:8a:ce:5c:5f:cf:25:8f:4d:84:69:23:37:af:
a6:7b:0b:9e:10:c3:44:fd:cd:ec:cb:b1:5c:33:39:d4:ab:d3:
d8:48:27:30:79:6c:91:0c:31:2e:24:66:99:d0:0c:99:5a:82:
01:02:89:7a:3d:d8:56:dc:46:5d:dc:e1:9d:c0:9e:99:b4:c6:
15:df:a3:34:cb:be:82:44:41:a3:7e:0e:40:51:13:ae:f2:3e:
1b:23:2c:1d:53:2e:94:9d:7d:ff:dd:b7:b1:68:fd:a3:86:fb:
02:76:9e:48:fa:66:0f:d5:43:d2:57:27:60:6c:b9:21:ce:f7:
38:78:55:2d:65:4f:a5:c2:46:ba:96:08:ac:14:a3:be:6a:94:
04:e7:59:a5:13:29:3f:0c:dc:2f:4d:4d:46:4e:54:af:30:9f:
8a:83:0f:90:ef:66:ab:87:42:d8:b2:86:56:10:e7:3b:f7:61:
ae:bb:92:d1:f1:59:a3:97:9f:2b:6b:c4:7d:06:bb:f6:8b:58:
64:09:73:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZKfcGe2iVvJassteg0gm6qJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjQxMDE4MTE0MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWUyYTc5OWY4Y2QwNDljM2FkZGE4ZjdiNzQ2NjI0MWFhYjU5MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF8tVdcLeK+F2PnlYsJJQAOg+3Ul
djckPqg0sp5wNvKaSkprJ1TYzhKtxwMxdJDI17XVe6AKamUtK2SItl8omVTXYiDM
T0X6Mp4cvph68xxglufhlb6CU/iqt0oWBRbd+M6j9U327z/sF/rPOd8xGc/QZKAE
B9SXPFxN7LdJRGuPzZ4Gu/tUDEj77cON2FHLnEU2vVMXD+96MC4RCWDb9Dvcw+lS
K+8GMix5hC7MvgiOkL6HBWEI2wkbTXiNkRA9kQrt616cqfWnlcsQiYzO4WLYVvqr
YT5jta1LIUTzAEJfH92h2JKrlFZXSmUHTG02vjc1xDh6enzrushWSwFiDQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFHXip5n4zQScOt2o97dGYkGqtZGyMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvZGVLbm1mak5CSnc2M2FqM3QwWmlRYXExa2JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQDLuOYAwQD
UVhAAwQEUV9QMAwDBANSlKgDBAZSlIADBANZz4gDBANtqXADBASyrnADBAG5sPQD
BAK5sgQDBAC5viQDBALBqJwDBAXUWWAwFAQCAAIwDgMFASoKJ4ADBQMqENZAMA0G
CSqGSIb3DQEBCwUAA4IBAQAWr8+0omFC34WBDymuoR6cW64xA6tyCCsTTVbRInCh
UP4iTSYnrAFyW6Xmpe8QXU/w8YunpQyHd4/R9IrOXF/PJY9NhGkjN6+mewueEMNE
/c3sy7FcMznUq9PYSCcweWyRDDEuJGaZ0AyZWoIBAol6PdhW3EZd3OGdwJ6ZtMYV
36M0y76CREGjfg5AUROu8j4bIywdUy6UnX3/3bexaP2jhvsCdp5I+mYP1UPSVydg
bLkhzvc4eFUtZU+lwka6lgisFKO+apQE51mlEyk/DNwvTU1GTlSvMJ+Kgw+Q72ar
h0LYsoZWEOc792Guu5LR8Vmjl58ra8R9Brv2i1hkCXOf
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:14 2024 by rpki-client on console-ams.rpki-client.org