Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/fWA6gfjGNfVmUIhS-Wyiz7NFx2Q.roa
File: fWA6gfjGNfVmUIhS-Wyiz7NFx2Q.roa (raw, json)
Hash identifier: sAcjgthsqM9uYhWCylT+9oS6kRfZAzv5mZVci8aOheA=
Subject key identifier: 7D:60:3A:81:F8:C6:35:F5:66:50:88:52:F9:6C:A2:CF:B3:45:C7:64
Certificate issuer: /CN=a968adf120a74a5d10809cfd3cb6814fc89b1f46
Certificate serial: 018CC64A8440F0A6E4603240F2AB4FBD684E
Authority key identifier: A9:68:AD:F1:20:A7:4A:5D:10:80:9C:FD:3C:B6:81:4F:C8:9B:1F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qWit8SCnSl0QgJz9PLaBT8ibH0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/fWA6gfjGNfVmUIhS-Wyiz7NFx2Q.roa
Signing time: Mon 01 Jan 2024 18:30:21 +0000
ROA not before: Mon 01 Jan 2024 18:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39507
IP address blocks: 176.101.80.0/21 maxlen: 21
91.234.100.0/22 maxlen: 22
46.253.208.0/20 maxlen: 20
91.237.219.0/24 maxlen: 24
91.237.224.0/22 maxlen: 22
91.231.32.0/23 maxlen: 23
185.41.80.0/22 maxlen: 22
185.245.44.0/22 maxlen: 22
91.221.158.0/23 maxlen: 23
194.180.220.0/22 maxlen: 22
188.191.216.0/21 maxlen: 21
185.3.60.0/22 maxlen: 22
91.224.196.0/23 maxlen: 23
95.171.192.0/19 maxlen: 19
185.234.232.0/22 maxlen: 22
91.222.72.0/22 maxlen: 22
185.23.44.0/22 maxlen: 22
91.237.228.0/23 maxlen: 23
176.101.128.0/20 maxlen: 20
185.253.64.0/22 maxlen: 22
185.107.140.0/22 maxlen: 22
185.95.196.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/qWit8SCnSl0QgJz9PLaBT8ibH0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/qWit8SCnSl0QgJz9PLaBT8ibH0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/qWit8SCnSl0QgJz9PLaBT8ibH0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:84:40:f0:a6:e4:60:32:40:f2:ab:4f:bd:68:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a968adf120a74a5d10809cfd3cb6814fc89b1f46
Validity
Not Before: Jan 1 18:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d603a81f8c635f566508852f96ca2cfb345c764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a5:21:48:5a:21:63:85:79:ef:d7:46:0f:d1:
f8:96:f4:d0:27:c6:76:fa:d5:40:87:6e:45:95:20:
42:97:14:8a:90:6d:6a:2b:dd:76:7e:59:6b:b3:1c:
d2:5f:04:0e:1d:96:09:45:93:88:fd:f5:5f:b9:8e:
76:b6:ac:47:d6:88:ce:2c:0d:6f:8e:84:89:49:6b:
b3:66:7f:0e:e9:78:cf:72:8f:f0:9f:b9:64:41:da:
8c:8a:08:d4:5c:f0:3a:af:92:94:97:82:78:cf:17:
c8:06:89:54:b0:a1:31:73:4c:44:54:ce:30:4a:89:
49:69:34:0d:3d:45:21:c7:1e:e0:f2:28:7b:97:b7:
1b:e1:ed:32:2a:32:b5:42:f5:3c:99:f8:77:97:db:
82:4a:cb:87:c2:bc:7c:21:ac:0e:c6:cc:0b:66:5c:
fa:09:ff:b1:0e:86:06:7a:07:e2:f5:21:36:48:cf:
96:76:eb:17:4a:7e:59:ac:eb:0e:26:b2:8a:c5:2c:
49:e7:2e:c4:a0:2f:c8:bd:ee:c0:d7:c1:60:a5:f0:
b8:00:f9:79:b7:55:54:2f:6d:09:cf:6a:7e:f9:0d:
7f:79:80:3f:fc:e1:71:8d:2a:6c:66:8d:c6:67:b8:
23:c3:76:bf:e2:92:58:30:60:41:7f:e9:ec:28:20:
9c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:60:3A:81:F8:C6:35:F5:66:50:88:52:F9:6C:A2:CF:B3:45:C7:64
X509v3 Authority Key Identifier:
keyid:A9:68:AD:F1:20:A7:4A:5D:10:80:9C:FD:3C:B6:81:4F:C8:9B:1F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qWit8SCnSl0QgJz9PLaBT8ibH0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/fWA6gfjGNfVmUIhS-Wyiz7NFx2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/c4b211-c089-4c05-803b-80ce45861239/1/qWit8SCnSl0QgJz9PLaBT8ibH0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.208.0/20
91.221.158.0/23
91.222.72.0/22
91.224.196.0/23
91.231.32.0/23
91.234.100.0/22
91.237.219.0/24
91.237.224.0-91.237.229.255
95.171.192.0/19
176.101.80.0/21
176.101.128.0/20
185.3.60.0/22
185.23.44.0/22
185.41.80.0/22
185.95.196.0/22
185.107.140.0/22
185.234.232.0/22
185.245.44.0/22
185.253.64.0/22
188.191.216.0/21
194.180.220.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:d7:af:8c:02:78:bc:23:72:b0:5c:bd:7b:d5:15:20:f9:3b:
0c:8e:02:55:0c:f1:8f:50:a0:05:02:2d:b4:1a:cc:e9:f3:e7:
33:20:50:de:72:16:a5:bf:ad:f3:98:36:98:92:04:87:9f:50:
80:d1:9d:46:e7:1a:cf:1e:91:f4:72:79:46:8b:d2:a2:cb:e7:
c6:82:4e:b7:b5:23:63:18:43:c4:4d:13:88:af:16:a1:f1:5d:
6b:7c:ff:f7:6f:89:b6:90:4a:96:fa:86:8d:d8:42:c3:9d:c6:
0f:e3:6e:a5:a0:82:22:c0:7e:4d:40:81:57:78:c5:07:f3:2f:
0e:60:10:49:9c:3b:3e:f2:6b:c5:61:f3:a3:79:86:c2:78:22:
6f:f6:da:74:3f:34:be:0e:38:7e:13:23:1b:f2:d3:d9:45:8d:
fb:6d:b2:8e:d5:ea:28:d4:f9:06:d4:d2:dc:84:68:50:cf:e9:
eb:ae:1b:ca:1b:ba:9c:8f:60:d3:ee:79:d0:6e:52:64:2c:d8:
5a:45:8d:2e:e0:f2:91:6c:76:98:42:ee:30:e9:5b:56:85:ef:
85:62:8e:da:53:9c:6a:3b:9a:a0:6d:e1:3f:de:d5:5f:4f:59:
13:72:6b:2e:60:75:51:35:7c:87:42:db:54:ff:26:40:9a:c9:
4f:aa:8d:8f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYzGSoRA8KbkYDJA8qtPvWhOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NjhhZGYxMjBhNzRhNWQxMDgwOWNmZDNjYjY4MTRmYzg5
YjFmNDYwHhcNMjQwMTAxMTgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDYwM2E4MWY4YzYzNWY1NjY1MDg4NTJmOTZjYTJjZmIzNDVjNzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKUhSFohY4V579dGD9H4lvTQJ8Z2
+tVAh25FlSBClxSKkG1qK912fllrsxzSXwQOHZYJRZOI/fVfuY52tqxH1ojOLA1v
joSJSWuzZn8O6XjPco/wn7lkQdqMigjUXPA6r5KUl4J4zxfIBolUsKExc0xEVM4w
SolJaTQNPUUhxx7g8ih7l7cb4e0yKjK1QvU8mfh3l9uCSsuHwrx8IawOxswLZlz6
Cf+xDoYGegfi9SE2SM+WdusXSn5ZrOsOJrKKxSxJ5y7EoC/Ive7A18FgpfC4APl5
t1VUL20Jz2p++Q1/eYA//OFxjSpsZo3GZ7gjw3a/4pJYMGBBf+nsKCCc3QIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFH1gOoH4xjX1ZlCIUvlsos+zRcdkMB8GA1UdIwQY
MBaAFKlorfEgp0pdEICc/Ty2gU/Imx9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVdpdDhTQ25TbDBRZ0p6OVBMYUJUOGliSDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jNGIyMTEtYzA4OS00YzA1LTgwM2It
ODBjZTQ1ODYxMjM5LzEvZldBNmdmakdOZlZtVUloUy1XeWl6N05GeDJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jNGIyMTEtYzA4OS00YzA1LTgwM2ItODBjZTQ1ODYxMjM5
LzEvcVdpdDhTQ25TbDBRZ0p6OVBMYUJUOGliSDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAQu
/dADBAFb3Z4DBAJb3kgDBAFb4MQDBAFb5yADBAJb6mQDBABb7dswDAMEBVvt4AME
AVvt5AMEBV+rwAMEA7BlUAMEBLBlgAMEArkDPAMEArkXLAMEArkpUAMEArlfxAME
ArlrjAMEArnq6AMEArn1LAMEArn9QAMEA7y/2AMEAsK03DANBgkqhkiG9w0BAQsF
AAOCAQEAfNevjAJ4vCNysFy9e9UVIPk7DI4CVQzxj1CgBQIttBrM6fPnMyBQ3nIW
pb+t85g2mJIEh59QgNGdRucazx6R9HJ5RovSosvnxoJOt7UjYxhDxE0TiK8WofFd
a3z/92+JtpBKlvqGjdhCw53GD+NupaCCIsB+TUCBV3jFB/MvDmAQSZw7PvJrxWHz
o3mGwngib/badD80vg44fhMjG/LT2UWN+22yjtXqKNT5BtTS3IRoUM/p664byhu6
nI9g0+550G5SZCzYWkWNLuDykWx2mELuMOlbVoXvhWKO2lOcajuaoG3hP97VX09Z
E3JrLmB1UTV8h0LbVP8mQJrJT6qNjw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:45:07 2024 by rpki-client on console-ams.rpki-client.org