Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/DNtNutuee4nTf0JzDkLJq4jZcew.roa
File: DNtNutuee4nTf0JzDkLJq4jZcew.roa (raw, json)
Hash identifier: n4qaEn8v73wJdA46y40OOHHHaqNIvIOIe0VqvedqDGk=
Subject key identifier: 0C:DB:4D:BA:DB:9E:7B:89:D3:7F:42:73:0E:42:C9:AB:88:D9:71:EC
Certificate issuer: /CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Certificate serial: 018CCA29B91D1C69555BD762059232FF65D2
Authority key identifier: F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/DNtNutuee4nTf0JzDkLJq4jZcew.roa
Signing time: Tue 02 Jan 2024 12:33:01 +0000
ROA not before: Tue 02 Jan 2024 12:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15557
IP address blocks: 212.103.0.0/19 maxlen: 24
195.167.224.0/20 maxlen: 24
89.226.0.0/16 maxlen: 24
185.204.172.0/22 maxlen: 24
89.224.0.0/14 maxlen: 24
92.102.0.0/15 maxlen: 24
195.167.192.0/20 maxlen: 24
213.30.128.0/18 maxlen: 24
213.244.0.0/19 maxlen: 24
46.218.0.0/16 maxlen: 24
217.66.112.0/20 maxlen: 24
82.101.0.0/18 maxlen: 24
77.104.0.0/18 maxlen: 24
195.248.0.0/19 maxlen: 24
83.145.64.0/18 maxlen: 24
212.99.0.0/17 maxlen: 24
2a02:e000::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 04:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:b9:1d:1c:69:55:5b:d7:62:05:92:32:ff:65:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Validity
Not Before: Jan 2 12:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cdb4dbadb9e7b89d37f42730e42c9ab88d971ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6c:4d:91:d2:96:53:0c:24:10:1c:22:a8:cc:
44:0c:89:35:fc:93:01:6f:5e:2d:7b:95:8e:c6:46:
62:d4:42:d9:2c:0e:d7:08:77:93:d1:42:c4:e0:97:
b3:28:df:51:11:4c:16:fd:2c:59:93:5d:11:18:7c:
89:63:cd:0e:9e:cd:e2:60:30:16:61:18:d8:2a:aa:
5d:e8:e8:5b:71:c3:32:28:d8:46:64:51:1d:ec:a9:
fe:30:22:76:83:98:29:5a:ba:53:39:6e:98:37:9d:
32:eb:67:15:40:f0:e2:94:c1:32:9a:0b:94:e9:fc:
ec:8b:57:e1:c9:35:9c:08:d9:27:10:17:42:13:e5:
0b:60:ed:37:d6:aa:0f:28:41:60:53:24:94:66:18:
54:d1:ac:23:2b:bb:40:0a:80:74:a3:19:1c:ad:28:
88:c4:a5:47:52:94:7d:54:d0:35:17:50:c4:21:e7:
64:56:5b:cd:d8:e0:6d:0a:dd:f0:f4:a2:b3:21:a2:
09:af:fe:ed:a2:3e:01:a4:64:99:30:86:43:8b:ba:
6c:34:f2:08:0e:82:0e:6e:79:71:18:36:27:e6:68:
e5:de:8e:ea:ed:04:84:e6:44:a4:c9:d0:57:0c:13:
e3:eb:18:6a:53:40:6f:ea:d3:c3:85:70:88:6e:8e:
9c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DB:4D:BA:DB:9E:7B:89:D3:7F:42:73:0E:42:C9:AB:88:D9:71:EC
X509v3 Authority Key Identifier:
keyid:F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/DNtNutuee4nTf0JzDkLJq4jZcew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.218.0.0/16
77.104.0.0/18
82.101.0.0/18
83.145.64.0/18
89.224.0.0/14
92.102.0.0/15
185.204.172.0/22
195.167.192.0/20
195.167.224.0/20
195.248.0.0/19
212.99.0.0/17
212.103.0.0/19
213.30.128.0/18
213.244.0.0/19
217.66.112.0/20
IPv6:
2a02:e000::/29
Signature Algorithm: sha256WithRSAEncryption
6b:95:0c:b5:1e:58:28:80:08:8d:2b:66:42:a2:9f:a4:cc:67:
fe:41:62:f2:ce:f0:43:d2:3e:9f:e5:af:73:92:b1:f0:47:57:
b7:df:c4:37:68:40:ee:e5:d2:aa:06:6b:90:2a:91:3a:ce:2d:
cd:c2:30:47:6f:d1:2d:c1:bb:78:8b:b5:da:25:6c:ce:90:bf:
a9:28:cf:18:11:4a:7d:11:38:f4:b7:24:4a:2f:e4:e5:e7:6c:
37:f6:68:d2:42:64:ae:43:b5:90:05:c1:4e:5d:e7:2a:b4:c8:
de:69:c7:dc:35:09:4b:80:bf:e0:02:67:46:36:dc:ac:48:6a:
f8:60:96:8a:05:82:1e:f1:da:97:f4:66:6b:7b:90:66:af:bb:
0a:c9:9c:2b:fd:9d:fa:c8:1e:ec:25:d9:ef:d5:07:4b:bc:f2:
bb:74:e5:c3:2d:97:0b:94:8a:7d:98:c3:9d:db:ab:12:ab:5b:
ac:27:8a:9e:e2:73:e9:6e:f4:28:bb:61:ba:37:4a:de:e7:2b:
83:a1:ae:4e:cc:13:03:5c:5a:32:6c:2a:ce:70:92:0a:54:60:
91:4e:9d:7a:98:ea:a5:3f:a8:41:42:ac:c5:22:c3:97:b1:c0:
b3:a8:b2:8e:4d:ba:72:cf:f5:c0:d5:20:55:eb:15:76:7b:9f:
2a:b0:4b:08
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzKKbkdHGlVW9diBZIy/2XSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTI4MTBmNDliMzZmZGQ2NDFjMzI2YmQxZGU0ZTQyZDEy
OGIwNDYwHhcNMjQwMTAyMTIzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RiNGRiYWRiOWU3Yjg5ZDM3ZjQyNzMwZTQyYzlhYjg4ZDk3MWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2xNkdKWUwwkEBwiqMxEDIk1/JMB
b14te5WOxkZi1ELZLA7XCHeT0ULE4JezKN9REUwW/SxZk10RGHyJY80Ons3iYDAW
YRjYKqpd6OhbccMyKNhGZFEd7Kn+MCJ2g5gpWrpTOW6YN50y62cVQPDilMEymguU
6fzsi1fhyTWcCNknEBdCE+ULYO031qoPKEFgUySUZhhU0awjK7tACoB0oxkcrSiI
xKVHUpR9VNA1F1DEIedkVlvN2OBtCt3w9KKzIaIJr/7toj4BpGSZMIZDi7psNPII
DoIObnlxGDYn5mjl3o7q7QSE5kSkydBXDBPj6xhqU0Bv6tPDhXCIbo6c5QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFAzbTbrbnnuJ039Ccw5CyauI2XHsMB8GA1UdIwQY
MBaAFPLigQ9Js2/dZBwya9HeTkLRKLBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAt
NTBkMmI3MGJjZjMxLzEvRE50TnV0dWVlNG5UZjBKekRrTEpxNGpaY2V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAtNTBkMmI3MGJjZjMx
LzEvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBdBAIAATBXAwMALtoDBAZN
aAADBAZSZQADBAZTkUADAwJZ4AMDAVxmAwQCucysAwQEw6fAAwQEw6fgAwQFw/gA
AwQH1GMAAwQF1GcAAwQG1R6AAwQF1fQAAwQE2UJwMA0EAgACMAcDBQMqAuAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBrlQy1HlgogAiNK2ZCop+kzGf+QWLyzvBD0j6f5a9z
krHwR1e338Q3aEDu5dKqBmuQKpE6zi3NwjBHb9Etwbt4i7XaJWzOkL+pKM8YEUp9
ETj0tyRKL+Tl52w39mjSQmSuQ7WQBcFOXecqtMjeacfcNQlLgL/gAmdGNtysSGr4
YJaKBYIe8dqX9GZre5Bmr7sKyZwr/Z36yB7sJdnv1QdLvPK7dOXDLZcLlIp9mMOd
26sSq1usJ4qe4nPpbvQou2G6N0re5yuDoa5OzBMDXFoybCrOcJIKVGCRTp16mOql
P6hBQqzFIsOXscCzqLKOTbpyz/XA1SBV6xV2e58qsEsI
-----END CERTIFICATE-----
Generated at Sat May 25 09:09:29 2024 by rpki-client on console-ams.rpki-client.org