Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/C256pPN_PsZtU4myaou2sHMt5RQ.roa
File: C256pPN_PsZtU4myaou2sHMt5RQ.roa (raw, json)
Hash identifier: pdTYgA7UYsEE1ZgAJuKGbyNH0+gnfw4uHVivZPfS/4M=
Subject key identifier: 0B:6E:7A:A4:F3:7F:3E:C6:6D:53:89:B2:6A:8B:B6:B0:73:2D:E5:14
Certificate issuer: /CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Certificate serial: 018E607C07D454F64E526A5FC03FEA2A835B
Authority key identifier: A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/C256pPN_PsZtU4myaou2sHMt5RQ.roa
Signing time: Thu 21 Mar 2024 10:08:44 +0000
ROA not before: Thu 21 Mar 2024 10:08:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42652
IP address blocks: 5.45.0.0/21 maxlen: 21
5.100.128.0/20 maxlen: 20
37.157.40.0/21 maxlen: 21
46.165.128.0/18 maxlen: 18
77.244.96.0/20 maxlen: 20
89.21.96.0/19 maxlen: 19
109.75.208.0/20 maxlen: 20
128.0.96.0/21 maxlen: 21
128.0.100.0/22 maxlen: 22
131.117.144.0/20 maxlen: 20
156.67.128.0/20 maxlen: 20
156.67.132.0/22 maxlen: 22
156.67.140.0/22 maxlen: 22
178.76.128.0/18 maxlen: 18
185.7.208.0/22 maxlen: 22
185.18.128.0/22 maxlen: 22
185.74.180.0/22 maxlen: 22
188.210.0.0/18 maxlen: 18
188.210.60.0/22 maxlen: 22
212.43.64.0/19 maxlen: 19
2a01:5c0::/32 maxlen: 32
2a02:6d40::/32 maxlen: 32
2a03:4920::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 01:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:60:7c:07:d4:54:f6:4e:52:6a:5f:c0:3f:ea:2a:83:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Validity
Not Before: Mar 21 10:08:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b6e7aa4f37f3ec66d5389b26a8bb6b0732de514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:60:1a:46:28:75:21:a6:93:6c:64:8b:ec:2b:
7e:3b:9a:9b:77:d3:ea:6b:2a:94:3e:e3:ad:79:bb:
72:89:80:16:29:e5:62:6a:dc:49:e4:cd:09:c2:2a:
43:98:a4:6b:f8:4f:f7:8c:61:61:20:55:df:81:c6:
0c:e0:ed:55:ac:f8:94:94:42:a9:e4:02:84:96:14:
6e:08:dc:a7:0c:ea:03:0a:35:27:91:f4:6e:57:f4:
83:e7:5d:df:47:f8:7e:4a:8a:f7:7e:00:a7:cb:08:
ae:ae:a6:14:56:db:8b:24:ad:c8:46:a5:95:0d:f5:
8a:be:34:81:be:18:78:00:37:57:39:1e:b7:ec:8f:
1c:a6:b9:f0:8f:cf:14:40:39:7d:ee:b1:e0:2d:81:
78:a1:10:f1:fb:a2:e9:4f:0a:ef:17:6a:d8:b5:c7:
62:25:e4:53:c9:69:7f:5f:59:2f:53:c9:a5:0e:b4:
e7:71:bd:9e:5b:d8:fe:c0:c2:49:f3:f4:4b:93:f4:
f8:34:35:40:b3:a3:99:81:01:12:37:2f:bc:b2:bd:
fd:fb:9e:60:9f:7b:55:2c:e9:b8:11:5d:18:2e:bf:
00:d4:8d:73:dc:79:b8:e2:7d:74:13:66:83:05:87:
05:a6:01:3b:7a:50:00:30:9b:fc:fc:10:ee:0c:2b:
49:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:6E:7A:A4:F3:7F:3E:C6:6D:53:89:B2:6A:8B:B6:B0:73:2D:E5:14
X509v3 Authority Key Identifier:
keyid:A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/C256pPN_PsZtU4myaou2sHMt5RQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.0.0/21
5.100.128.0/20
37.157.40.0/21
46.165.128.0/18
77.244.96.0/20
89.21.96.0/19
109.75.208.0/20
128.0.96.0/21
131.117.144.0/20
156.67.128.0/20
178.76.128.0/18
185.7.208.0/22
185.18.128.0/22
185.74.180.0/22
188.210.0.0/18
212.43.64.0/19
IPv6:
2a01:5c0::/32
2a02:6d40::/32
2a03:4920::/32
Signature Algorithm: sha256WithRSAEncryption
30:02:e4:7b:7a:95:84:a1:5c:76:41:2e:e4:84:08:34:91:a3:
96:e9:e4:09:73:b9:0c:d0:ee:a2:5e:7e:79:49:82:00:57:c4:
0b:2e:10:f3:60:4b:90:57:8b:fc:ef:0f:28:67:69:a2:7c:21:
07:df:88:9d:af:6f:c8:66:88:bc:19:f8:da:ed:4b:d9:3e:a9:
34:65:90:a5:ee:86:8c:f2:ba:7f:79:73:bf:af:9f:21:f0:4d:
91:a6:67:76:8f:be:8e:44:66:47:56:8c:e0:2c:5c:95:ed:72:
b0:28:79:77:55:42:c4:1a:72:20:69:f5:c1:6e:b9:54:08:43:
fc:0f:62:e4:44:b6:99:71:36:49:21:fa:34:10:a3:e1:3e:be:
07:b8:91:ea:bf:dc:55:30:6b:86:a6:38:d1:4a:44:11:1e:1a:
82:ff:18:ee:8e:1e:70:a5:fa:80:20:ec:0d:bc:2e:70:23:24:
29:bf:bb:0f:3e:b9:98:02:49:6e:47:03:d4:ff:c4:2e:d4:27:
3f:a0:8d:a9:92:43:2e:db:ad:8e:c4:8a:c1:a4:3a:97:0a:5f:
51:e8:59:25:2a:65:f0:0d:24:35:c9:64:f5:63:a4:c9:43:97:
f7:77:e0:93:21:3f:63:04:35:dc:bb:f3:0a:3e:b6:64:c4:32:
1e:6e:8d:ae
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAY5gfAfUVPZOUmpfwD/qKoNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODE2NGQ5OTYxYTE2ZDJlZmY3NzNmNTAyNzgyMWU5ZDJi
ZDM3NDAwHhcNMjQwMzIxMTAwODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjZlN2FhNGYzN2YzZWM2NmQ1Mzg5YjI2YThiYjZiMDczMmRlNTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2AaRih1IaaTbGSL7Ct+O5qbd9Pq
ayqUPuOtebtyiYAWKeViatxJ5M0JwipDmKRr+E/3jGFhIFXfgcYM4O1VrPiUlEKp
5AKElhRuCNynDOoDCjUnkfRuV/SD513fR/h+Sor3fgCnywiurqYUVtuLJK3IRqWV
DfWKvjSBvhh4ADdXOR637I8cprnwj88UQDl97rHgLYF4oRDx+6LpTwrvF2rYtcdi
JeRTyWl/X1kvU8mlDrTncb2eW9j+wMJJ8/RLk/T4NDVAs6OZgQESNy+8sr39+55g
n3tVLOm4EV0YLr8A1I1z3Hm44n10E2aDBYcFpgE7elAAMJv8/BDuDCtJ1wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFAtueqTzfz7GbVOJsmqLtrBzLeUUMB8GA1UdIwQY
MBaAFKGBZNmWGhbS7/dz9QJ4IenSvTdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUt
MTUyMzgwM2ZhZGFmLzEvQzI1NnBQTl9Qc1p0VTRteWFvdTJzSE10NVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUtMTUyMzgwM2ZhZGFm
LzEvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBmBAIAATBgAwQDBS0A
AwQEBWSAAwQDJZ0oAwQGLqWAAwQETfRgAwQFWRVgAwQEbUvQAwQDgABgAwQEg3WQ
AwQEnEOAAwQGskyAAwQCuQfQAwQCuRKAAwQCuUq0AwQGvNIAAwQF1CtAMBsEAgAC
MBUDBQAqAQXAAwUAKgJtQAMFACoDSSAwDQYJKoZIhvcNAQELBQADggEBADAC5Ht6
lYShXHZBLuSECDSRo5bp5AlzuQzQ7qJefnlJggBXxAsuEPNgS5BXi/zvDyhnaaJ8
IQffiJ2vb8hmiLwZ+NrtS9k+qTRlkKXuhozyun95c7+vnyHwTZGmZ3aPvo5EZkdW
jOAsXJXtcrAoeXdVQsQaciBp9cFuuVQIQ/wPYuREtplxNkkh+jQQo+E+vge4keq/
3FUwa4amONFKRBEeGoL/GO6OHnCl+oAg7A28LnAjJCm/uw8+uZgCSW5HA9T/xC7U
Jz+gjamSQy7brY7EisGkOpcKX1HoWSUqZfANJDXJZPVjpMlDl/d34JMhP2MENdy7
8wo+tmTEMh5uja4=
-----END CERTIFICATE-----
Generated at Fri Sep 20 09:41:34 2024 by rpki-client on console-fra.rpki-client.org