Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/6r9-VsI_4tyvpfVcQJhVWwkNAzo.roa
File: 6r9-VsI_4tyvpfVcQJhVWwkNAzo.roa (raw, json)
Hash identifier: 2CQ/m9g6fHaD2bdELYs0ICN4KNf+AvRR9/IEuskBCvY=
Subject key identifier: EA:BF:7E:56:C2:3F:E2:DC:AF:A5:F5:5C:40:98:55:5B:09:0D:03:3A
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 018CC8DEB7827F754A99C0E0522FB735D07E
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/6r9-VsI_4tyvpfVcQJhVWwkNAzo.roa
Signing time: Tue 02 Jan 2024 06:31:28 +0000
ROA not before: Tue 02 Jan 2024 06:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8560
IP address blocks: 194.164.120.0/21 maxlen: 24
46.16.72.0/21 maxlen: 24
212.132.64.0/18 maxlen: 24
78.137.96.0/21 maxlen: 24
194.164.88.0/21 maxlen: 24
87.106.0.0/16 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
194.164.160.0/20 maxlen: 24
185.48.116.0/22 maxlen: 24
212.227.0.0/16 maxlen: 24
194.164.192.0/20 maxlen: 24
157.97.105.0/24 maxlen: 32
157.97.104.0/24 maxlen: 32
85.184.248.0/22 maxlen: 24
157.97.104.0/21 maxlen: 24
5.250.176.0/20 maxlen: 24
217.72.192.0/20 maxlen: 24
217.160.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
194.164.4.0/22 maxlen: 24
195.20.224.0/19 maxlen: 24
194.164.8.0/22 maxlen: 24
194.164.16.0/20 maxlen: 24
194.164.48.0/20 maxlen: 24
194.126.206.0/24 maxlen: 24
213.244.192.0/24 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:b7:82:7f:75:4a:99:c0:e0:52:2f:b7:35:d0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Jan 2 06:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eabf7e56c23fe2dcafa5f55c4098555b090d033a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:35:da:6e:2e:3a:87:a5:c5:3d:5f:83:4d:71:
8b:6c:c1:05:44:39:17:3a:e0:ca:cd:0d:4a:17:18:
bb:c8:8e:f3:e5:e0:c4:a2:51:26:76:ba:cf:6f:17:
21:10:84:eb:76:9b:1b:23:a7:8e:6c:10:61:f3:a3:
5f:60:52:92:10:0c:cb:7e:15:36:d7:ae:48:41:27:
3d:eb:67:1c:aa:a3:76:b4:bd:1e:2e:2e:92:a1:74:
3b:20:0e:36:24:05:e4:e3:1b:c5:40:94:1e:3c:b2:
45:fa:27:7d:9f:4b:94:67:1b:b6:63:45:70:47:ae:
e1:e2:6d:0a:94:35:bc:7e:dd:11:89:5f:ed:cc:18:
8b:3b:7c:3f:42:63:ab:c2:0d:f4:59:a0:a7:53:87:
4d:32:e0:33:5c:e0:1f:44:51:39:21:ca:f1:54:e5:
42:7a:75:7f:e9:68:69:70:56:74:53:c6:2f:80:0d:
89:53:18:d4:79:1b:91:ee:fa:f7:99:af:0b:0d:99:
60:1a:b2:27:5c:0e:26:f4:8b:ce:6d:7f:77:c6:c2:
56:40:f5:94:fd:35:90:81:26:3b:20:d4:93:cb:00:
8b:e6:12:16:ef:69:6a:2c:36:4a:db:d7:5c:2e:4c:
8f:3c:75:c5:e1:04:c7:43:a4:da:12:04:72:f2:f3:
b7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:BF:7E:56:C2:3F:E2:DC:AF:A5:F5:5C:40:98:55:5B:09:0D:03:3A
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/6r9-VsI_4tyvpfVcQJhVWwkNAzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
194.164.4.0-194.164.11.255
194.164.16.0/20
194.164.48.0/20
194.164.88.0/21
194.164.120.0/21
194.164.160.0/20
194.164.192.0/20
195.20.224.0/19
212.132.64.0/18
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
cf:c6:66:ae:d5:59:e1:a7:78:07:0a:ba:1b:d9:66:7e:01:06:
a9:83:14:ae:fe:19:88:b4:ab:8f:cd:8b:d5:0d:f2:5b:44:c5:
7d:1c:c3:5f:aa:98:39:e6:98:53:7b:21:33:fd:e6:64:26:34:
36:46:b4:54:20:f9:ca:92:a3:0a:5a:85:a4:a7:20:c0:21:e3:
c3:c1:1e:0a:11:57:07:cf:31:83:c2:94:2f:4a:ea:21:f6:db:
7b:e6:4c:e8:15:1e:43:49:01:c6:d6:e5:a7:a3:c5:ab:ac:89:
57:04:95:c1:76:4f:6d:ba:36:dc:ef:f4:86:c4:69:ef:47:13:
70:99:76:39:2d:f4:a3:9b:1b:d8:d1:c3:b3:9c:2a:54:64:12:
6d:6e:a1:b0:00:23:4e:5d:d1:8a:a3:a0:0d:72:70:81:a9:ae:
57:8c:21:9f:e9:64:ae:85:e4:49:fc:3f:19:6e:b1:11:6a:0e:
f2:be:7c:ef:29:45:6d:74:81:24:4e:b7:be:66:3a:3c:a5:23:
0d:b5:ba:0f:72:72:92:52:53:d4:cd:de:6b:11:32:e0:e2:d1:
4e:ba:a8:29:35:95:f9:cf:4c:47:a7:0c:f6:b8:ca:46:ec:2d:
d2:de:d9:11:21:9e:ab:ef:10:d9:0e:b1:ac:c0:3a:1c:e1:52:
06:ba:13:d8
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYzI3reCf3VKmcDgUi+3NdB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjQwMTAyMDYzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWJmN2U1NmMyM2ZlMmRjYWZhNWY1NWM0MDk4NTU1YjA5MGQwMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjXabi46h6XFPV+DTXGLbMEFRDkX
OuDKzQ1KFxi7yI7z5eDEolEmdrrPbxchEITrdpsbI6eObBBh86NfYFKSEAzLfhU2
165IQSc962ccqqN2tL0eLi6SoXQ7IA42JAXk4xvFQJQePLJF+id9n0uUZxu2Y0Vw
R67h4m0KlDW8ft0RiV/tzBiLO3w/QmOrwg30WaCnU4dNMuAzXOAfRFE5IcrxVOVC
enV/6WhpcFZ0U8YvgA2JUxjUeRuR7vr3ma8LDZlgGrInXA4m9IvObX93xsJWQPWU
/TWQgSY7INSTywCL5hIW72lqLDZK29dcLkyPPHXF4QTHQ6TaEgRy8vO3rQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFOq/flbCP+Lcr6X1XECYVVsJDQM6MB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvNnI5LVZzSV80dHl2cGZWY1FKaFZXd2tOQXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBmwQCAAEwgZQDBAQF
+rADBAMuEEgDBANOiWADBAJRrXADAwBSpQMEAlW4+AMDAFdqAwQDnWFoAwQCuTB0
AwQAwn7OMAwDBALCpAQDBALCpAgDBATCpBADBATCpDADBAPCpFgDBAPCpHgDBATC
pKADBATCpMADBAXDFOADBAbUhEADAwDU4wMEBdWlQAMEANX0wAMEBNlIwAMDANmg
MBQEAgACMA4DBQAgAQjYAwUDKgIkeDANBgkqhkiG9w0BAQsFAAOCAQEAz8ZmrtVZ
4ad4Bwq6G9lmfgEGqYMUrv4ZiLSrj82L1Q3yW0TFfRzDX6qYOeaYU3shM/3mZCY0
Nka0VCD5ypKjClqFpKcgwCHjw8EeChFXB88xg8KUL0rqIfbbe+ZM6BUeQ0kBxtbl
p6PFq6yJVwSVwXZPbbo23O/0hsRp70cTcJl2OS30o5sb2NHDs5wqVGQSbW6hsAAj
Tl3RiqOgDXJwgamuV4whn+lkroXkSfw/GW6xEWoO8r587ylFbXSBJE63vmY6PKUj
DbW6D3JyklJT1M3eaxEy4OLRTrqoKTWV+c9MR6cM9rjKRuwt0t7ZESGeq+8Q2Q6x
rMA6HOFSBroT2A==
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:05:33 2024 by rpki-client on console-ams.rpki-client.org