Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/b2hU6LGiXhnX8HDBGxDW6ObHKks.roa
File: b2hU6LGiXhnX8HDBGxDW6ObHKks.roa (raw, json)
Hash identifier: hpbMMWzdnNilsflCFJmRCg9aFvUf/E13YA3hi7I0v5w=
Subject key identifier: 6F:68:54:E8:B1:A2:5E:19:D7:F0:70:C1:1B:10:D6:E8:E6:C7:2A:4B
Certificate issuer: /CN=f6eea10afacf3a9c26ea1b1ec488e955e4dfa06a
Certificate serial: 018CC9BC3F55F74357964CA1F71806994C83
Authority key identifier: F6:EE:A1:0A:FA:CF:3A:9C:26:EA:1B:1E:C4:88:E9:55:E4:DF:A0:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9u6hCvrPOpwm6hsexIjpVeTfoGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/b2hU6LGiXhnX8HDBGxDW6ObHKks.roa
Signing time: Tue 02 Jan 2024 10:33:26 +0000
ROA not before: Tue 02 Jan 2024 10:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31263
IP address blocks: 80.88.160.0/20 maxlen: 20
89.34.203.0/24 maxlen: 24
84.247.16.0/24 maxlen: 24
85.204.252.0/24 maxlen: 24
45.142.184.0/22 maxlen: 22
31.44.160.0/20 maxlen: 20
45.67.40.0/22 maxlen: 22
31.193.144.0/20 maxlen: 20
46.102.173.0/24 maxlen: 24
80.68.176.0/20 maxlen: 20
45.94.0.0/22 maxlen: 22
77.241.12.0/22 maxlen: 22
84.247.208.0/20 maxlen: 20
84.247.224.0/19 maxlen: 19
193.135.15.0/24 maxlen: 24
79.133.100.0/22 maxlen: 22
119.12.32.0/20 maxlen: 20
193.135.24.0/24 maxlen: 24
92.62.80.0/20 maxlen: 20
77.240.224.0/20 maxlen: 20
77.241.0.0/21 maxlen: 21
84.247.192.0/18 maxlen: 18
77.241.10.0/24 maxlen: 24
77.241.10.0/23 maxlen: 23
77.241.11.0/24 maxlen: 24
178.238.48.0/20 maxlen: 20
185.5.196.0/22 maxlen: 22
77.81.166.0/24 maxlen: 24
93.91.128.0/20 maxlen: 20
185.229.172.0/22 maxlen: 22
178.175.192.0/18 maxlen: 18
2a07:5ec0::/29 maxlen: 29
2a07:55c0::/29 maxlen: 29
2a07:580::/29 maxlen: 29
2a07:4f00::/29 maxlen: 29
2a02:600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/9u6hCvrPOpwm6hsexIjpVeTfoGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/9u6hCvrPOpwm6hsexIjpVeTfoGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9u6hCvrPOpwm6hsexIjpVeTfoGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 22:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:3f:55:f7:43:57:96:4c:a1:f7:18:06:99:4c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6eea10afacf3a9c26ea1b1ec488e955e4dfa06a
Validity
Not Before: Jan 2 10:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f6854e8b1a25e19d7f070c11b10d6e8e6c72a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c4:06:ac:bf:0c:77:86:66:2a:be:b9:2a:40:
73:f5:61:92:dd:b0:57:c6:41:f8:c5:37:28:74:1f:
4d:b6:3b:99:8e:c2:70:5f:13:6e:67:86:c6:30:92:
69:8a:79:41:44:2c:e8:47:a6:c4:5e:36:16:8f:f6:
25:4d:c2:48:b3:23:c5:ac:99:bc:0e:e5:0e:0f:52:
8a:35:27:32:95:fd:e4:45:68:7d:26:84:12:ea:bc:
e2:26:78:f5:da:d8:85:1e:a6:5d:6b:f4:83:fb:e9:
c5:2c:9c:7e:03:54:dd:6d:4d:b2:d7:78:06:62:de:
94:37:75:bf:2b:3e:88:6e:e8:fb:1f:4e:59:70:c1:
19:ff:c1:cb:8a:34:91:97:6a:d8:0c:32:95:2f:ae:
b1:69:7b:48:dc:88:d0:8b:ac:06:17:55:61:f7:94:
8e:97:4a:70:89:83:7e:6d:73:34:5f:77:fb:c9:df:
c2:2d:a7:7a:83:52:f2:54:6d:8a:32:22:34:4b:cd:
34:d4:8e:48:67:20:a9:b4:5e:b3:58:01:96:b1:09:
f9:6b:e7:51:e8:93:bd:45:32:84:e2:a5:da:0c:2b:
e1:1e:85:9e:90:b2:54:53:37:7c:f4:01:cc:dc:13:
03:b8:de:a4:04:04:32:8c:cb:ac:78:1d:37:5d:f9:
10:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:68:54:E8:B1:A2:5E:19:D7:F0:70:C1:1B:10:D6:E8:E6:C7:2A:4B
X509v3 Authority Key Identifier:
keyid:F6:EE:A1:0A:FA:CF:3A:9C:26:EA:1B:1E:C4:88:E9:55:E4:DF:A0:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9u6hCvrPOpwm6hsexIjpVeTfoGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/b2hU6LGiXhnX8HDBGxDW6ObHKks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/6f5746-b406-4c05-9741-54d8f6b06b83/1/9u6hCvrPOpwm6hsexIjpVeTfoGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.160.0/20
31.193.144.0/20
45.67.40.0/22
45.94.0.0/22
45.142.184.0/22
46.102.173.0/24
77.81.166.0/24
77.240.224.0/20
77.241.0.0/21
77.241.10.0-77.241.15.255
79.133.100.0/22
80.68.176.0/20
80.88.160.0/20
84.247.16.0/24
84.247.192.0/18
85.204.252.0/24
89.34.203.0/24
92.62.80.0/20
93.91.128.0/20
119.12.32.0/20
178.175.192.0/18
178.238.48.0/20
185.5.196.0/22
185.229.172.0/22
193.135.15.0/24
193.135.24.0/24
IPv6:
2a02:600::/29
2a07:580::/29
2a07:4f00::/29
2a07:55c0::/29
2a07:5ec0::/29
Signature Algorithm: sha256WithRSAEncryption
86:8b:00:c0:93:66:ec:b7:09:da:be:b1:c9:74:d2:43:9f:54:
1a:7a:ba:bb:7d:27:3b:8b:eb:b1:d4:d1:fa:9d:25:c5:ec:59:
79:c7:e0:f8:71:b6:c0:b2:b7:b9:56:89:1b:7a:96:3d:de:8a:
fd:b3:63:9e:8e:c0:54:08:11:d0:72:ab:13:af:82:35:2d:a5:
23:a8:2c:e1:ff:0e:51:f0:e5:cf:4d:ec:7b:91:a8:de:d4:32:
6a:0e:0b:18:f1:05:88:37:5e:18:4d:7c:75:89:80:cf:58:dc:
6c:15:dc:ea:e5:b5:3e:84:d9:24:8c:81:9e:85:ae:46:13:0b:
92:3c:b6:ed:06:3b:74:82:eb:8d:d8:ee:bf:66:44:51:9b:42:
0d:1c:f5:0f:82:97:50:68:62:91:2c:ad:5f:39:67:49:cd:04:
a8:5e:65:a8:a7:6a:a7:33:72:bd:2e:75:39:4f:b1:53:32:41:
4b:50:53:0e:a4:06:f7:2d:7b:95:7c:12:47:3d:10:88:80:03:
ae:11:59:75:7b:b2:0d:cc:a6:e1:ae:83:31:80:f1:f8:da:3a:
53:aa:7c:c2:55:54:91:3b:56:3d:ea:99:ad:8a:aa:a6:7a:da:
ed:47:38:60:8e:8a:93:6f:70:58:29:39:60:3d:2e:d8:e6:46:
9c:5e:43:e3
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISAYzJvD9V90NXlkyh9xgGmUyDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2ZWVhMTBhZmFjZjNhOWMyNmVhMWIxZWM0ODhlOTU1ZTRk
ZmEwNmEwHhcNMjQwMTAyMTAzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjY4NTRlOGIxYTI1ZTE5ZDdmMDcwYzExYjEwZDZlOGU2YzcyYTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMQGrL8Md4ZmKr65KkBz9WGS3bBX
xkH4xTcodB9NtjuZjsJwXxNuZ4bGMJJpinlBRCzoR6bEXjYWj/YlTcJIsyPFrJm8
DuUOD1KKNScylf3kRWh9JoQS6rziJnj12tiFHqZda/SD++nFLJx+A1TdbU2y13gG
Yt6UN3W/Kz6Ibuj7H05ZcMEZ/8HLijSRl2rYDDKVL66xaXtI3IjQi6wGF1Vh95SO
l0pwiYN+bXM0X3f7yd/CLad6g1LyVG2KMiI0S8001I5IZyCptF6zWAGWsQn5a+dR
6JO9RTKE4qXaDCvhHoWekLJUUzd89AHM3BMDuN6kBAQyjMuseB03XfkQmwIDAQAB
o4IC1zCCAtMwHQYDVR0OBBYEFG9oVOixol4Z1/BwwRsQ1ujmxypLMB8GA1UdIwQY
MBaAFPbuoQr6zzqcJuobHsSI6VXk36BqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXU2aEN2clBPcHdtNmhzZXhJanBWZVRmb0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS82ZjU3NDYtYjQwNi00YzA1LTk3NDEt
NTRkOGY2YjA2YjgzLzEvYjJoVTZMR2lYaG5YOEhEQkd4RFc2T2JIS2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS82ZjU3NDYtYjQwNi00YzA1LTk3NDEtNTRkOGY2YjA2Yjgz
LzEvOXU2aEN2clBPcHdtNmhzZXhJanBWZVRmb0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TCBqwQCAAEwgaQDBAQf
LKADBAQfwZADBAItQygDBAItXgADBAItjrgDBAAuZq0DBABNUaYDBARN8OADBANN
8QAwDAMEAU3xCgMEBE3xAAMEAk+FZAMEBFBEsAMEBFBYoAMEAFT3EAMEBlT3wAME
AFXM/AMEAFkiywMEBFw+UAMEBF1bgAMEBHcMIAMEBrKvwAMEBLLuMAMEArkFxAME
ArnlrAMEAMGHDwMEAMGHGDApBAIAAjAjAwUDKgIGAAMFAyoHBYADBQMqB08AAwUD
KgdVwAMFAyoHXsAwDQYJKoZIhvcNAQELBQADggEBAIaLAMCTZuy3Cdq+scl00kOf
VBp6urt9JzuL67HU0fqdJcXsWXnH4PhxtsCyt7lWiRt6lj3eiv2zY56OwFQIEdBy
qxOvgjUtpSOoLOH/DlHw5c9N7HuRqN7UMmoOCxjxBYg3XhhNfHWJgM9Y3GwV3Orl
tT6E2SSMgZ6FrkYTC5I8tu0GO3SC643Y7r9mRFGbQg0c9Q+Cl1BoYpEsrV85Z0nN
BKheZainaqczcr0udTlPsVMyQUtQUw6kBvcte5V8Ekc9EIiAA64RWXV7sg3MpuGu
gzGA8fjaOlOqfMJVVJE7Vj3qma2KqqZ62u1HOGCOipNvcFgpOWA9LtjmRpxeQ+M=
-----END CERTIFICATE-----
Generated at Mon Jun 17 07:26:16 2024 by rpki-client on console-ams.rpki-client.org