Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/omMb_3NDozAdBNp2zvwxtuGlwCY.roa
File: omMb_3NDozAdBNp2zvwxtuGlwCY.roa (raw, json)
Hash identifier: okLlJYC10W5vxkROeHKsmDc/ytuwL9DLRCRztt6Tqb8=
Subject key identifier: A2:63:1B:FF:73:43:A3:30:1D:04:DA:76:CE:FC:31:B6:E1:A5:C0:26
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 019346C97CCA924C4B5E0F445171406EF59B
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/omMb_3NDozAdBNp2zvwxtuGlwCY.roa
Signing time: Tue 19 Nov 2024 23:37:10 +0000
ROA not before: Tue 19 Nov 2024 23:37:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5503
IP address blocks: 62.171.192.0/19 maxlen: 24
62.171.224.0/22 maxlen: 24
62.171.252.0/22 maxlen: 24
185.192.228.0/22 maxlen: 24
194.154.0.0/19 maxlen: 24
194.238.32.0/19 maxlen: 24
194.238.64.0/19 maxlen: 24
213.18.248.0/21 maxlen: 24
217.177.16.0/20 maxlen: 24
217.177.36.0/22 maxlen: 24
217.177.56.0/21 maxlen: 24
217.177.64.0/21 maxlen: 24
217.177.76.0/22 maxlen: 24
217.177.88.0/21 maxlen: 24
217.179.0.0/17 maxlen: 24
217.179.192.0/18 maxlen: 24
217.180.0.0/21 maxlen: 24
217.180.8.0/22 maxlen: 24
217.180.24.0/21 maxlen: 24
217.180.32.0/22 maxlen: 24
217.180.48.0/22 maxlen: 24
217.181.0.0/18 maxlen: 24
2a02:fb0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:46:c9:7c:ca:92:4c:4b:5e:0f:44:51:71:40:6e:f5:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Nov 19 23:37:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2631bff7343a3301d04da76cefc31b6e1a5c026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:22:a3:7f:13:12:94:57:85:7e:56:0e:d3:8b:
d3:ec:4f:e3:27:1d:c7:75:22:63:14:9d:5e:18:51:
1e:3b:20:26:42:01:9a:a5:57:5b:3a:20:b0:f4:a3:
1d:0a:aa:e3:de:d0:8a:30:2f:25:b2:20:7e:dd:50:
6b:fe:3a:44:b6:a7:3a:f3:11:b4:68:b8:0d:56:81:
e9:e1:7f:97:e1:2b:c0:50:18:cb:9a:50:72:f6:54:
4a:cf:72:34:08:4a:8e:dd:43:bb:28:60:f7:29:20:
45:6f:10:86:e9:05:99:1a:5b:87:ed:64:92:26:be:
d4:98:38:bd:39:f0:9f:a9:18:84:b4:1e:68:16:7d:
89:b6:f6:f0:4d:74:0e:dc:44:a2:96:01:db:b8:72:
b3:53:7e:c9:e2:36:1d:cc:76:9d:eb:e2:bd:59:17:
4e:f3:3b:b6:e8:3d:32:20:e0:90:69:85:b8:f0:26:
ba:d2:3e:6e:1b:76:5c:77:21:a4:c9:96:be:5e:de:
cb:0d:ae:20:3f:35:b6:78:f3:0d:0f:7e:e0:ce:75:
d2:c3:05:b5:f3:da:66:95:a1:4a:83:4a:99:f9:0d:
1b:42:47:99:39:a5:52:c4:5b:70:b7:a1:b6:06:18:
da:ff:af:31:24:10:9d:c5:ca:8c:a1:f0:87:ea:cb:
ce:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:63:1B:FF:73:43:A3:30:1D:04:DA:76:CE:FC:31:B6:E1:A5:C0:26
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/omMb_3NDozAdBNp2zvwxtuGlwCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.192.0-62.171.227.255
62.171.252.0/22
185.192.228.0/22
194.154.0.0/19
194.238.32.0-194.238.95.255
213.18.248.0/21
217.177.16.0/20
217.177.36.0/22
217.177.56.0-217.177.71.255
217.177.76.0/22
217.177.88.0/21
217.179.0.0/17
217.179.192.0-217.180.11.255
217.180.24.0-217.180.35.255
217.180.48.0/22
217.181.0.0/18
IPv6:
2a02:fb0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:50:17:88:f5:35:7d:d5:45:1d:c3:ba:39:77:00:12:01:cd:
db:e9:fd:ec:0c:af:07:7e:33:b0:31:7c:26:59:cf:8c:37:67:
09:50:19:5a:d7:24:e3:21:14:0d:21:58:9b:f7:4b:c6:10:53:
af:c0:6b:e9:eb:01:19:70:4a:de:30:7f:36:19:62:e0:2f:f3:
41:9c:4b:93:59:27:54:50:37:26:22:94:d3:ea:16:84:a9:f2:
03:df:f0:af:19:85:dc:1e:b6:97:ca:1f:b4:76:5c:8a:6d:22:
88:4c:e1:47:7a:26:45:8b:b5:70:cb:fe:2a:05:24:fa:7a:c8:
e7:65:2a:60:8b:ae:c9:34:c9:31:bc:af:aa:9b:6e:1a:64:55:
b5:43:37:f4:fa:24:7a:42:a7:4a:33:9f:c0:6e:5b:37:77:ac:
39:4a:cf:be:3f:c5:5e:ca:1c:d9:cc:75:ac:14:cf:ac:87:d1:
bb:a8:b0:8d:08:97:54:48:d1:ed:e6:bd:89:53:67:b9:b2:85:
d4:72:8f:d9:8b:84:cd:b3:96:2f:d7:fe:9a:e3:13:88:d4:fa:
b1:64:09:a6:6e:eb:8c:df:c1:58:f4:01:b9:0f:11:b4:40:a2:
26:12:ba:80:4a:af:76:f4:ed:5c:56:47:a5:b7:e2:8d:56:55:
66:76:2e:59
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZNGyXzKkkxLXg9EUXFAbvWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMTE5MjMzNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjYzMWJmZjczNDNhMzMwMWQwNGRhNzZjZWZjMzFiNmUxYTVjMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSKjfxMSlFeFflYO04vT7E/jJx3H
dSJjFJ1eGFEeOyAmQgGapVdbOiCw9KMdCqrj3tCKMC8lsiB+3VBr/jpEtqc68xG0
aLgNVoHp4X+X4SvAUBjLmlBy9lRKz3I0CEqO3UO7KGD3KSBFbxCG6QWZGluH7WSS
Jr7UmDi9OfCfqRiEtB5oFn2JtvbwTXQO3ESilgHbuHKzU37J4jYdzHad6+K9WRdO
8zu26D0yIOCQaYW48Ca60j5uG3ZcdyGkyZa+Xt7LDa4gPzW2ePMND37gznXSwwW1
89pmlaFKg0qZ+Q0bQkeZOaVSxFtwt6G2Bhja/68xJBCdxcqMofCH6svOsQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFKJjG/9zQ6MwHQTads78MbbhpcAmMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvb21NYl8zTkRvekFkQk5wMnp2d3h0dUdsd0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBjwQCAAEwgYgwDAME
Bj6rwAMEAj6r4AMEAj6r/AMEArnA5AMEBcKaADAMAwQFwu4gAwQFwu5AAwQD1RL4
AwQE2bEQAwQC2bEkMAwDBAPZsTgDBAPZsUADBALZsUwDBAPZsVgDBAfZswAwDAME
BtmzwAMEAtm0CDAMAwQD2bQYAwQC2bQgAwQC2bQwAwQG2bUAMA0EAgACMAcDBQAq
Ag+wMA0GCSqGSIb3DQEBCwUAA4IBAQCoUBeI9TV91UUdw7o5dwASAc3b6f3sDK8H
fjOwMXwmWc+MN2cJUBla1yTjIRQNIVib90vGEFOvwGvp6wEZcEreMH82GWLgL/NB
nEuTWSdUUDcmIpTT6haEqfID3/CvGYXcHraXyh+0dlyKbSKITOFHeiZFi7Vwy/4q
BST6esjnZSpgi67JNMkxvK+qm24aZFW1Qzf0+iR6QqdKM5/Abls3d6w5Ss++P8Ve
yhzZzHWsFM+sh9G7qLCNCJdUSNHt5r2JU2e5soXUco/Zi4TNs5Yv1/6a4xOI1Pqx
ZAmmbuuM38FY9AG5DxG0QKImErqASq929O1cVkelt+KNVlVmdi5Z
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:52:53 2024 by rpki-client on console-ams.rpki-client.org