Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/GvvvNiQnAqifg2WQ-5obc1bRcFw.roa
File: GvvvNiQnAqifg2WQ-5obc1bRcFw.roa (raw, json)
Hash identifier: vbhWvlWd7tg3IoA/tPRW/KMnBc95Ju6hxXfWr5Xa6uQ=
Subject key identifier: 1A:FB:EF:36:24:27:02:A8:9F:83:65:90:FB:9A:1B:73:56:D1:70:5C
Certificate issuer: /CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Certificate serial: 018FAAA74EEFC00E8434AE912689769B3E84
Authority key identifier: 6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/GvvvNiQnAqifg2WQ-5obc1bRcFw.roa
Signing time: Fri 24 May 2024 12:50:42 +0000
ROA not before: Fri 24 May 2024 12:50:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57293
IP address blocks: 5.197.0.0/16 maxlen: 21
5.197.0.0/17 maxlen: 17
5.197.116.0/22 maxlen: 22
5.197.128.0/17 maxlen: 17
5.197.128.0/20 maxlen: 20
5.197.128.0/21 maxlen: 21
5.197.136.0/21 maxlen: 21
5.197.144.0/20 maxlen: 20
5.197.160.0/20 maxlen: 20
5.197.176.0/20 maxlen: 20
5.197.176.0/21 maxlen: 21
5.197.184.0/21 maxlen: 21
5.197.192.0/20 maxlen: 20
5.197.192.0/21 maxlen: 21
5.197.200.0/21 maxlen: 21
5.197.208.0/20 maxlen: 20
5.197.208.0/21 maxlen: 21
5.197.216.0/21 maxlen: 21
5.197.224.0/20 maxlen: 20
5.197.224.0/21 maxlen: 21
5.197.232.0/21 maxlen: 21
5.197.240.0/20 maxlen: 20
5.197.240.0/21 maxlen: 21
5.197.248.0/21 maxlen: 21
149.255.144.0/20 maxlen: 24
149.255.144.0/21 maxlen: 21
149.255.152.0/21 maxlen: 21
149.255.152.0/24 maxlen: 24
149.255.153.0/24 maxlen: 24
149.255.154.0/24 maxlen: 24
149.255.155.0/24 maxlen: 24
185.146.112.0/22 maxlen: 24
185.146.112.0/24 maxlen: 24
185.146.113.0/24 maxlen: 24
185.146.114.0/24 maxlen: 24
185.146.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 18:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:a7:4e:ef:c0:0e:84:34:ae:91:26:89:76:9b:3e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Validity
Not Before: May 24 12:50:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1afbef36242702a89f836590fb9a1b7356d1705c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:4b:43:1d:2e:3d:7c:7e:a0:bc:97:30:88:
a2:97:c6:b9:ab:da:aa:ce:bd:4c:e0:7b:79:aa:86:
bb:71:b4:44:a3:35:a9:6e:5e:20:38:f9:5d:e2:25:
73:71:fc:84:8f:19:d5:41:d5:1f:d4:31:15:bf:d3:
c2:84:20:27:4e:db:de:68:30:a5:05:1c:32:9f:6d:
ee:d7:b2:93:52:20:82:93:f4:3d:b4:33:11:03:02:
3d:76:1c:d4:a7:78:f3:d0:2a:67:46:0d:4e:15:70:
eb:f0:62:36:ba:a9:95:26:6d:48:30:42:eb:81:ae:
ea:fa:40:56:83:ff:c9:bb:c2:b2:1a:5c:da:95:c8:
0d:7f:08:7b:3d:f2:f1:c7:6d:c1:29:59:a3:e6:22:
3f:12:c3:b1:47:d2:4e:59:c3:7f:0c:fb:b5:51:91:
84:d1:05:47:86:75:29:e8:16:28:39:c9:5a:48:4b:
c6:f1:90:5f:de:e6:23:db:b5:12:ae:b0:bc:64:63:
43:5e:69:dc:aa:44:68:a9:39:47:80:5a:5d:a0:a3:
20:cf:62:cb:d7:c6:46:1d:cf:48:9d:a9:4a:35:ed:
bc:6e:dd:7d:72:4d:eb:65:ab:51:3f:58:d4:c2:d3:
50:13:3a:0b:c4:ca:e5:f6:51:00:dc:8e:1b:22:65:
f3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:FB:EF:36:24:27:02:A8:9F:83:65:90:FB:9A:1B:73:56:D1:70:5C
X509v3 Authority Key Identifier:
keyid:6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/GvvvNiQnAqifg2WQ-5obc1bRcFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.197.0.0/16
149.255.144.0/20
185.146.112.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:92:20:36:3d:89:a5:26:48:76:f3:0f:06:5a:9e:89:08:b1:
70:76:8a:8d:80:7f:c7:c7:62:3a:38:2c:a5:61:02:7c:42:45:
fa:4d:f8:6d:e3:4e:6c:55:8d:41:d5:42:e4:74:74:cf:af:f1:
26:17:39:2e:eb:e3:14:22:63:ab:cc:e3:b4:9a:b3:a1:e2:4f:
48:cd:2f:5e:4f:ee:f2:c1:54:a0:e1:76:0b:7f:f5:55:ed:a1:
11:8b:ec:20:89:7f:64:e1:92:9f:08:13:e5:a2:98:3e:e6:38:
71:d6:a6:a6:09:f5:a5:a8:de:98:1b:c7:c5:50:8a:a1:35:f9:
e0:28:f5:55:6c:cc:37:78:d3:3a:c5:45:b6:bf:56:68:65:a6:
73:dd:d4:6a:76:ce:2d:85:65:1d:0d:2d:9c:ab:f0:9c:f7:76:
b8:c3:29:db:a1:3f:7b:49:49:37:7f:3f:d6:e2:20:e0:c8:f3:
13:22:ca:70:73:25:12:00:2b:8d:a1:99:3d:c9:14:b4:13:71:
8d:fe:1a:a4:2f:2e:34:e1:b6:33:48:31:b4:de:85:57:7c:48:
60:31:b3:83:97:81:17:ca:70:cf:e3:dd:dd:9f:49:8f:f4:e2:
c3:f4:4e:41:f8:3d:07:03:b5:6c:cf:f7:da:9f:79:d5:53:f0:
8b:6b:91:b7
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY+qp07vwA6ENK6RJol2mz6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjA4MThiMTg2YjBiOWNiMDlhZjU0MjBkMWU1YWUzMzRm
ZTM5NzQwHhcNMjQwNTI0MTI1MDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWZiZWYzNjI0MjcwMmE4OWY4MzY1OTBmYjlhMWI3MzU2ZDE3MDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdRLQx0uPXx+oLyXMIiil8a5q9qq
zr1M4Ht5qoa7cbREozWpbl4gOPld4iVzcfyEjxnVQdUf1DEVv9PChCAnTtveaDCl
BRwyn23u17KTUiCCk/Q9tDMRAwI9dhzUp3jz0CpnRg1OFXDr8GI2uqmVJm1IMELr
ga7q+kBWg//Ju8KyGlzalcgNfwh7PfLxx23BKVmj5iI/EsOxR9JOWcN/DPu1UZGE
0QVHhnUp6BYoOclaSEvG8ZBf3uYj27USrrC8ZGNDXmncqkRoqTlHgFpdoKMgz2LL
18ZGHc9InalKNe28bt19ck3rZatRP1jUwtNQEzoLxMrl9lEA3I4bImXzMQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFBr77zYkJwKon4NlkPuaG3NW0XBcMB8GA1UdIwQY
MBaAFGsggYsYawucsJr1Qg0eWuM0/jl0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDct
ZTVjOWMyZThlOWJmLzEvR3Z2dk5pUW5BcWlmZzJXUS01b2JjMWJSY0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDctZTVjOWMyZThlOWJm
LzEvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMABcUDBASV
/5ADBAK5knAwDQYJKoZIhvcNAQELBQADggEBAKqSIDY9iaUmSHbzDwZanokIsXB2
io2Af8fHYjo4LKVhAnxCRfpN+G3jTmxVjUHVQuR0dM+v8SYXOS7r4xQiY6vM47Sa
s6HiT0jNL15P7vLBVKDhdgt/9VXtoRGL7CCJf2Thkp8IE+WimD7mOHHWpqYJ9aWo
3pgbx8VQiqE1+eAo9VVszDd40zrFRba/VmhlpnPd1Gp2zi2FZR0NLZyr8Jz3drjD
KduhP3tJSTd/P9biIODI8xMiynBzJRIAK42hmT3JFLQTcY3+GqQvLjThtjNIMbTe
hVd8SGAxs4OXgRfKcM/j3d2fSY/04sP0TkH4PQcDtWzP99qfedVT8Itrkbc=
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:50:48 2024 by rpki-client on console-ams.rpki-client.org