Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/ooOrmpeEEQExrr2LTbsglpEh6Xg.roa
File: ooOrmpeEEQExrr2LTbsglpEh6Xg.roa (raw, json)
Hash identifier: q2aOxjW3X2OoXVplPwjr7Ot/mVS/NK1GCAYngTAsXYo=
Subject key identifier: A2:83:AB:9A:97:84:11:01:31:AE:BD:8B:4D:BB:20:96:91:21:E9:78
Certificate issuer: /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial: 018EECB93AE87E27EF67DEDD133B166059D1
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/ooOrmpeEEQExrr2LTbsglpEh6Xg.roa
Signing time: Wed 17 Apr 2024 15:42:25 +0000
ROA not before: Wed 17 Apr 2024 15:42:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6939
IP address blocks: 23.252.67.0/24 maxlen: 24
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.75.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
107.150.162.0/23 maxlen: 23
107.150.164.0/24 maxlen: 24
107.150.171.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
162.222.88.0/23 maxlen: 23
162.222.90.0/24 maxlen: 24
167.160.4.0/24 maxlen: 24
167.160.11.0/24 maxlen: 24
167.160.19.0/24 maxlen: 24
167.160.21.0/24 maxlen: 24
167.160.27.0/24 maxlen: 24
167.160.30.0/24 maxlen: 24
185.4.224.0/23 maxlen: 23
185.162.72.0/23 maxlen: 23
185.165.47.0/24 maxlen: 24
185.252.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.mft
rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 00:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:b9:3a:e8:7e:27:ef:67:de:dd:13:3b:16:60:59:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
Validity
Not Before: Apr 17 15:42:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a283ab9a9784110131aebd8b4dbb20969121e978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:44:25:7b:52:0c:28:81:30:4b:a3:58:ee:d9:
8f:44:49:24:f9:fb:da:9f:c3:54:45:c2:97:4a:bc:
25:e5:51:0d:c3:a4:dc:78:f0:95:89:dc:0c:0b:93:
2d:8c:55:66:28:df:36:36:62:d2:93:87:8b:c7:e7:
3e:7b:b4:2b:15:19:b1:23:c4:e1:97:bf:f7:da:02:
fd:cc:e9:b4:d3:32:8a:f6:dc:42:61:18:a6:4b:52:
a4:51:c3:4c:c1:ed:e8:e0:8e:3b:d3:1f:d2:23:9f:
fa:b2:c2:af:aa:2c:39:52:62:5d:e7:59:67:3c:c3:
66:1b:b0:86:23:c7:6d:0d:34:0b:77:d6:24:3a:61:
cf:a8:b2:fe:a9:c8:97:9b:c0:7f:08:2e:60:9a:23:
bd:3e:af:e9:93:be:88:3e:48:ad:19:c9:b2:8e:b1:
57:a2:60:5a:ad:a3:ea:cb:3b:91:8b:3e:3b:b2:3a:
a3:93:24:b6:c6:86:64:98:62:8d:e6:f7:b3:3b:cb:
b6:fa:23:27:c6:c8:6a:92:99:c1:4c:57:52:e2:16:
a3:07:c7:74:0e:fc:1f:83:2e:e1:dd:27:5f:ec:7c:
d4:9e:2e:0f:6a:51:81:17:97:b9:4e:b3:be:02:67:
5a:7c:01:25:5c:c9:f6:d6:ac:f0:ab:1c:9c:6d:cb:
c4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:83:AB:9A:97:84:11:01:31:AE:BD:8B:4D:BB:20:96:91:21:E9:78
X509v3 Authority Key Identifier:
keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/ooOrmpeEEQExrr2LTbsglpEh6Xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.252.67.0-23.252.68.255
23.252.71.0/24
23.252.75.0-23.252.76.255
23.252.79.0/24
107.150.162.0-107.150.164.255
107.150.171.0/24
107.150.175.0/24
107.150.177.0/24
162.222.88.0-162.222.90.255
167.160.4.0/24
167.160.11.0/24
167.160.19.0/24
167.160.21.0/24
167.160.27.0/24
167.160.30.0/24
185.4.224.0/23
185.162.72.0/23
185.165.47.0/24
185.252.210.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:12:1e:44:26:8d:b0:75:7e:dd:32:4a:ba:72:f4:b5:05:27:
93:07:8b:ca:72:f1:48:e6:44:f6:25:8d:96:2a:8a:0d:32:b9:
15:64:9c:cf:2b:88:40:e3:cb:26:c2:94:db:c2:39:e3:04:6b:
7c:35:75:c9:d1:d0:df:24:ba:a6:82:02:c2:8b:76:bc:f6:d8:
61:e7:af:af:62:00:70:73:4c:f8:aa:8e:a5:a6:8a:e8:38:97:
0c:16:4f:d5:3b:ce:1f:54:33:19:f3:a0:2c:96:71:0c:ec:9a:
67:39:4e:05:ba:14:4b:ac:3b:7f:bc:9c:ed:2d:ef:62:ab:52:
58:1f:26:54:6a:f5:bb:71:d2:3d:5b:5e:ed:94:f2:4c:2b:0d:
97:ff:24:40:06:3b:b6:79:ab:b4:f8:17:1a:f2:9b:de:54:46:
22:6a:47:9d:b5:c0:c0:9b:e9:f3:3c:9f:99:39:83:56:06:9e:
59:7f:12:c8:ec:1b:86:e1:8c:63:3a:6f:b6:c7:bf:7e:e2:9a:
25:71:88:9d:af:a8:d4:1c:15:27:d3:30:44:2f:c5:19:58:c2:
80:79:b0:c2:72:ac:2d:63:36:bf:06:58:f3:d3:a3:39:ed:24:
85:0a:73:e9:40:73:a6:c9:3f:80:67:2b:5f:4f:aa:31:48:08:
13:60:94:9a
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAY7suTrofifvZ97dEzsWYFnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjQwNDE3MTU0MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjgzYWI5YTk3ODQxMTAxMzFhZWJkOGI0ZGJiMjA5NjkxMjFlOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1kQle1IMKIEwS6NY7tmPREkk+fva
n8NURcKXSrwl5VENw6TcePCVidwMC5MtjFVmKN82NmLSk4eLx+c+e7QrFRmxI8Th
l7/32gL9zOm00zKK9txCYRimS1KkUcNMwe3o4I470x/SI5/6ssKvqiw5UmJd51ln
PMNmG7CGI8dtDTQLd9YkOmHPqLL+qciXm8B/CC5gmiO9Pq/pk76IPkitGcmyjrFX
omBaraPqyzuRiz47sjqjkyS2xoZkmGKN5vezO8u2+iMnxshqkpnBTFdS4hajB8d0
Dvwfgy7h3Sdf7HzUni4PalGBF5e5TrO+AmdafAElXMn21qzwqxycbcvEkwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFKKDq5qXhBEBMa69i027IJaRIel4MB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvb29Pcm1wZUVFUUV4cnIyTFRic2dscEVoNlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIwDAME
ABf8QwMEABf8RAMEABf8RzAMAwQAF/xLAwQAF/xMAwQAF/xPMAwDBAFrlqIDBABr
lqQDBABrlqsDBABrlq8DBABrlrEwDAMEA6LeWAMEAKLeWgMEAKegBAMEAKegCwME
AKegEwMEAKegFQMEAKegGwMEAKegHgMEAbkE4AMEAbmiSAMEALmlLwMEALn80jAN
BgkqhkiG9w0BAQsFAAOCAQEAixIeRCaNsHV+3TJKunL0tQUnkweLynLxSOZE9iWN
liqKDTK5FWSczyuIQOPLJsKU28I54wRrfDV1ydHQ3yS6poICwot2vPbYYeevr2IA
cHNM+KqOpaaK6DiXDBZP1TvOH1QzGfOgLJZxDOyaZzlOBboUS6w7f7yc7S3vYqtS
WB8mVGr1u3HSPVte7ZTyTCsNl/8kQAY7tnmrtPgXGvKb3lRGImpHnbXAwJvp8zyf
mTmDVgaeWX8SyOwbhuGMYzpvtse/fuKaJXGIna+o1BwVJ9MwRC/FGVjCgHmwwnKs
LWM2vwZY89OjOe0khQpz6UBzpsk/gGcrX0+qMUgIE2CUmg==
-----END CERTIFICATE-----
Generated at Mon May 6 03:52:53 2024 by rpki-client on console-fra.rpki-client.org