Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/1-m80xduprU6fxfYtti7YL65_zf4.roa
File: 1-m80xduprU6fxfYtti7YL65_zf4.roa (raw, json)
Hash identifier: u4C6PHJge6L6x81jNPlp5zB4P6zGQA3ThNuZxHL0+RA=
Subject key identifier: FA:6F:34:C5:DB:A9:AD:4E:9F:C5:F6:2D:B6:2E:D8:2F:AE:7F:CD:FE
Certificate issuer: /CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
Certificate serial: 018F8028C1B92A88D659BAC0591E8CD80D46
Authority key identifier: AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/1-m80xduprU6fxfYtti7YL65_zf4.roa
Signing time: Thu 16 May 2024 06:48:25 +0000
ROA not before: Thu 16 May 2024 06:48:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2586
IP address blocks: 62.65.192.0/18 maxlen: 18
81.90.112.0/20 maxlen: 23
82.131.0.0/17 maxlen: 17
85.253.0.0/16 maxlen: 16
87.119.160.0/19 maxlen: 21
91.213.43.0/24 maxlen: 24
94.246.216.0/21 maxlen: 22
94.246.224.0/19 maxlen: 19
95.129.192.0/21 maxlen: 23
145.14.16.0/20 maxlen: 20
145.14.32.0/20 maxlen: 20
146.255.176.0/21 maxlen: 23
178.23.112.0/21 maxlen: 23
185.13.16.0/22 maxlen: 24
185.72.28.0/22 maxlen: 24
194.55.8.0/22 maxlen: 22
194.150.64.0/22 maxlen: 24
194.204.0.0/18 maxlen: 20
2001:1530::/32 maxlen: 32
2001:1bf0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/rSzwPkTaKLcxnqe3tbEQubjLenA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/rSzwPkTaKLcxnqe3tbEQubjLenA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:28:c1:b9:2a:88:d6:59:ba:c0:59:1e:8c:d8:0d:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2cf03e44da28b7319ea7b7b5b110b9b8cb7a70
Validity
Not Before: May 16 06:48:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa6f34c5dba9ad4e9fc5f62db62ed82fae7fcdfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:9c:a2:09:28:a0:32:9b:39:21:80:10:40:76:
70:6e:26:e4:95:5d:f6:a5:d7:07:b3:33:05:a1:dc:
04:82:46:ca:74:a9:1f:51:73:de:1f:d2:51:93:3e:
53:e7:bd:1b:e1:d9:1c:3b:20:11:58:ee:ef:af:d5:
b4:18:f1:3e:cf:88:06:d7:6f:3d:de:a4:6b:05:c9:
08:3a:a6:e2:b1:35:dd:7f:d7:ae:be:34:bc:26:b8:
96:a8:3d:c2:c2:63:57:fa:1f:d9:3c:ce:9b:59:b0:
d5:53:fc:13:69:28:2c:9c:a3:a2:00:a8:2b:e1:7b:
f0:11:d9:59:2d:c0:9e:26:50:a9:55:4d:14:c9:15:
54:f3:14:1d:5f:5e:66:8f:1b:51:aa:a9:5d:28:54:
75:58:ef:6b:13:55:7b:4c:cc:b9:f6:75:fd:29:85:
c2:0e:e7:59:1a:e5:0e:5b:84:2d:b5:14:d1:3b:8c:
ba:e6:d5:33:e3:18:eb:28:d9:1a:e6:a3:20:d6:77:
05:c2:33:29:8c:7d:d2:92:92:50:70:66:43:75:75:
f5:7d:89:ea:bf:a5:fc:65:a9:b9:2b:b1:6c:f8:1c:
c8:d1:77:38:80:7b:51:e9:35:1e:fc:3f:28:58:b5:
42:c4:cc:1c:9b:78:88:c9:9c:0f:a1:d4:bd:56:77:
da:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6F:34:C5:DB:A9:AD:4E:9F:C5:F6:2D:B6:2E:D8:2F:AE:7F:CD:FE
X509v3 Authority Key Identifier:
keyid:AD:2C:F0:3E:44:DA:28:B7:31:9E:A7:B7:B5:B1:10:B9:B8:CB:7A:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzwPkTaKLcxnqe3tbEQubjLenA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/1-m80xduprU6fxfYtti7YL65_zf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cae319-5571-46f9-b57d-be065e1ac067/1/rSzwPkTaKLcxnqe3tbEQubjLenA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.65.192.0/18
81.90.112.0/20
82.131.0.0/17
85.253.0.0/16
87.119.160.0/19
91.213.43.0/24
94.246.216.0-94.246.255.255
95.129.192.0/21
145.14.16.0-145.14.47.255
146.255.176.0/21
178.23.112.0/21
185.13.16.0/22
185.72.28.0/22
194.55.8.0/22
194.150.64.0/22
194.204.0.0/18
IPv6:
2001:1530::/32
2001:1bf0::/29
Signature Algorithm: sha256WithRSAEncryption
89:60:98:fc:ac:ab:bd:51:01:83:ee:6c:75:0a:ec:6f:51:a1:
67:19:41:28:36:2d:48:8e:4c:07:db:15:9a:4e:95:6d:6b:d3:
11:9f:09:af:97:6a:2a:8b:ab:11:8f:d6:18:d3:09:3d:6f:00:
bd:49:22:cd:f3:71:36:c7:55:0b:c0:1a:9e:14:af:b4:11:c7:
93:58:23:7a:d5:70:17:28:bb:9d:08:19:31:bd:c3:16:31:57:
e3:34:72:fe:46:f3:18:cb:fc:9e:5e:1a:06:b9:4a:c1:31:18:
83:01:d4:8a:a8:1b:bd:6b:5f:79:1e:b3:67:d6:c4:d3:2a:d7:
5a:7b:6b:60:ab:e4:31:b1:43:b0:27:b8:6a:6c:64:4f:1b:81:
7a:da:f8:c7:b8:9c:68:c2:66:3c:94:c7:b7:95:db:5d:aa:63:
87:9f:6d:f3:f1:6c:32:c3:cb:62:43:d9:34:e5:41:ae:94:8a:
54:38:0a:79:f3:e2:53:f5:f5:f0:e6:e3:3c:ed:95:67:88:ff:
a3:c8:b3:1f:c0:e2:09:1a:be:59:f7:46:ab:09:8d:5f:3d:ac:
5b:6a:99:93:61:54:83:fb:08:ad:85:d4:c0:0b:ca:04:b8:50:
97:f6:13:3e:f4:87:ca:6d:b3:2d:bd:20:d4:54:14:90:64:e1:
97:af:f1:5c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAY+AKMG5KojWWbrAWR6M2A1GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmNmMDNlNDRkYTI4YjczMTllYTdiN2I1YjExMGI5Yjhj
YjdhNzAwHhcNMjQwNTE2MDY0ODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTZmMzRjNWRiYTlhZDRlOWZjNWY2MmRiNjJlZDgyZmFlN2ZjZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJyiCSigMps5IYAQQHZwbibklV32
pdcHszMFodwEgkbKdKkfUXPeH9JRkz5T570b4dkcOyARWO7vr9W0GPE+z4gG1289
3qRrBckIOqbisTXdf9euvjS8JriWqD3CwmNX+h/ZPM6bWbDVU/wTaSgsnKOiAKgr
4XvwEdlZLcCeJlCpVU0UyRVU8xQdX15mjxtRqqldKFR1WO9rE1V7TMy59nX9KYXC
DudZGuUOW4QttRTRO4y65tUz4xjrKNka5qMg1ncFwjMpjH3SkpJQcGZDdXX1fYnq
v6X8Zam5K7Fs+BzI0Xc4gHtR6TUe/D8oWLVCxMwcm3iIyZwPodS9VnfaoQIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFPpvNMXbqa1On8X2LbYu2C+uf83+MB8GA1UdIwQY
MBaAFK0s8D5E2ii3MZ6nt7WxELm4y3pwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclN6d1BrVGFLTGN4bnFlM3RiRVF1YmpMZW5BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9jYWUzMTktNTU3MS00NmY5LWI1N2Qt
YmUwNjVlMWFjMDY3LzEvMS1tODB4ZHVwclU2ZnhmWXR0aTdZTDY1X3pmNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjkvY2FlMzE5LTU1NzEtNDZmOS1iNTdkLWJlMDY1ZTFhYzA2
Ny8xL3JTendQa1RhS0xjeG5xZTN0YkVRdWJqTGVuQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBnwYIKwYBBQUHAQcBAf8EgY8wgYwwdAQCAAEwbgMEBj5B
wAMEBFFacAMEB1KDAAMDAFX9AwQFV3egAwQAW9UrMAsDBANe9tgDAwBe9gMEA1+B
wDAMAwQEkQ4QAwQEkQ4gAwQDkv+wAwQDshdwAwQCuQ0QAwQCuUgcAwQCwjcIAwQC
wpZAAwQGwswAMBQEAgACMA4DBQAgARUwAwUDIAEb8DANBgkqhkiG9w0BAQsFAAOC
AQEAiWCY/KyrvVEBg+5sdQrsb1GhZxlBKDYtSI5MB9sVmk6VbWvTEZ8Jr5dqKour
EY/WGNMJPW8AvUkizfNxNsdVC8AanhSvtBHHk1gjetVwFyi7nQgZMb3DFjFX4zRy
/kbzGMv8nl4aBrlKwTEYgwHUiqgbvWtfeR6zZ9bE0yrXWntrYKvkMbFDsCe4amxk
TxuBetr4x7icaMJmPJTHt5XbXapjh59t8/FsMsPLYkPZNOVBrpSKVDgKefPiU/X1
8ObjPO2VZ4j/o8izH8DiCRq+WfdGqwmNXz2sW2qZk2FUg/sIrYXUwAvKBLhQl/YT
PvSHym2zLb0g1FQUkGThl6/xXA==
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:07:56 2024 by rpki-client on console-fra.rpki-client.org