Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/vH93SWWaS4Qe1Ew3KcSwrZzjhQI.roa
File: vH93SWWaS4Qe1Ew3KcSwrZzjhQI.roa (raw, json)
Hash identifier: zYAoUfAQO8ZdTOtiZ+vzuxraJ2d4kH6S+gxmnPa5RSk=
Subject key identifier: BC:7F:77:49:65:9A:4B:84:1E:D4:4C:37:29:C4:B0:AD:9C:E3:85:02
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018E95017780D0EA6F35022B4420F79C48BD
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/vH93SWWaS4Qe1Ew3KcSwrZzjhQI.roa
Signing time: Sun 31 Mar 2024 14:54:45 +0000
ROA not before: Sun 31 Mar 2024 14:54:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47232
IP address blocks: 5.39.200.0/22 maxlen: 24
46.29.224.0/21 maxlen: 32
46.29.228.0/23 maxlen: 32
78.111.112.0/20 maxlen: 32
78.111.114.0/23 maxlen: 32
78.111.116.0/23 maxlen: 32
91.192.32.0/22 maxlen: 22
93.91.144.0/20 maxlen: 32
93.91.149.0/24 maxlen: 32
93.91.150.0/23 maxlen: 32
93.91.152.0/24 maxlen: 32
93.91.153.0/24 maxlen: 32
93.91.154.0/24 maxlen: 32
185.15.108.0/22 maxlen: 32
185.52.172.0/24 maxlen: 32
185.64.220.0/22 maxlen: 32
185.125.128.0/22 maxlen: 32
213.108.162.0/23 maxlen: 32
217.75.208.0/20 maxlen: 32
2a02:17a0::/29 maxlen: 48
2a03:2a80::/29 maxlen: 48
2a03:2a82::/31 maxlen: 48
2a04:7bc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:95:01:77:80:d0:ea:6f:35:02:2b:44:20:f7:9c:48:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Mar 31 14:54:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc7f7749659a4b841ed44c3729c4b0ad9ce38502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fc:ce:87:4b:2d:1d:99:98:30:88:f8:26:8b:
21:75:bc:b1:61:03:6e:ef:5c:28:6f:b1:1a:9d:a2:
9a:6b:38:43:41:88:92:d0:b6:57:bb:d6:d3:bb:1e:
c1:8e:61:6f:17:83:83:90:94:72:76:28:e6:7f:ef:
42:54:5c:da:dc:74:86:5a:be:67:3f:07:74:10:ff:
f7:2f:d8:4d:80:39:1d:b0:6d:96:58:29:69:18:cc:
c2:be:ee:7d:3e:27:d7:5a:20:96:0a:88:2c:71:81:
39:ed:f8:1a:1c:6c:a3:99:ff:62:11:72:7f:ca:44:
23:d6:d2:f1:04:83:20:79:bd:a7:63:b6:4b:66:99:
d7:33:68:67:2a:74:ec:f5:5a:15:c5:27:6b:f8:bd:
f8:19:18:cd:37:a6:03:4c:88:66:17:96:e7:9a:95:
ad:1d:36:8c:e9:a5:aa:a5:81:63:35:37:34:f5:d7:
d0:fa:56:bd:4b:4d:51:3c:e3:33:af:bf:49:03:3d:
8a:6b:73:ac:03:1e:31:cc:4d:3b:3b:39:98:0c:44:
87:61:53:87:e6:d2:ce:a5:8c:cc:12:42:aa:25:ce:
10:38:11:74:c8:24:d9:05:c4:fd:24:6c:7a:f1:b4:
5e:7c:be:3c:1a:98:02:bb:17:f5:83:a5:6e:b6:0e:
ef:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:7F:77:49:65:9A:4B:84:1E:D4:4C:37:29:C4:B0:AD:9C:E3:85:02
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/vH93SWWaS4Qe1Ew3KcSwrZzjhQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.200.0/22
46.29.224.0/21
78.111.112.0/20
91.192.32.0/22
93.91.144.0/20
185.15.108.0/22
185.52.172.0/24
185.64.220.0/22
185.125.128.0/22
213.108.162.0/23
217.75.208.0/20
IPv6:
2a02:17a0::/29
2a03:2a80::/29
2a04:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
cb:dd:ba:20:d7:c9:99:cc:79:bd:8f:e3:e0:04:d1:c1:a1:a2:
7f:c9:4e:4c:3d:c0:f8:04:3f:ac:6a:87:6b:6a:e5:4e:9f:06:
1a:55:48:90:04:3f:bb:79:8a:17:46:3e:d5:b6:ba:e3:02:31:
ba:3b:da:09:e0:b1:5c:01:c2:39:8a:b6:96:5a:0d:d2:7e:5f:
12:8e:77:58:cd:1d:4e:1d:64:82:b6:62:cf:3f:ff:bc:1c:10:
b0:d3:76:8f:5b:b8:64:b6:4b:05:05:f9:52:23:1a:f2:a3:48:
a1:a4:d7:d6:02:fd:6e:1d:56:f8:0e:d8:b7:d0:9b:eb:05:dc:
14:69:e9:b2:f9:c9:92:8a:9d:69:50:55:1f:d9:93:5b:b7:d4:
11:87:00:a6:21:57:51:5c:bf:b5:c2:43:33:67:49:75:49:f6:
25:dd:3a:54:1d:9e:f5:ff:1a:20:5d:e0:de:7d:41:68:b4:b4:
85:94:32:4f:42:f0:fb:11:04:a4:b4:7f:15:88:46:0a:ac:2c:
c8:33:d0:03:c8:10:ac:0d:37:af:5c:a7:2b:81:97:07:dd:b8:
d4:fc:85:7d:13:32:e8:12:8b:c4:32:1b:ef:70:6d:9a:c3:5b:
ab:c4:c3:ae:a8:20:d6:0d:94:0e:a4:ff:8d:94:d5:17:e5:02:
43:43:9a:dd
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAY6VAXeA0OpvNQIrRCD3nEi9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQwMzMxMTQ1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzdmNzc0OTY1OWE0Yjg0MWVkNDRjMzcyOWM0YjBhZDljZTM4NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfzOh0stHZmYMIj4JoshdbyxYQNu
71wob7EanaKaazhDQYiS0LZXu9bTux7BjmFvF4ODkJRydijmf+9CVFza3HSGWr5n
Pwd0EP/3L9hNgDkdsG2WWClpGMzCvu59PifXWiCWCogscYE57fgaHGyjmf9iEXJ/
ykQj1tLxBIMgeb2nY7ZLZpnXM2hnKnTs9VoVxSdr+L34GRjNN6YDTIhmF5bnmpWt
HTaM6aWqpYFjNTc09dfQ+la9S01RPOMzr79JAz2Ka3OsAx4xzE07OzmYDESHYVOH
5tLOpYzMEkKqJc4QOBF0yCTZBcT9JGx68bRefL48GpgCuxf1g6Vutg7vaQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFLx/d0llmkuEHtRMNynEsK2c44UCMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvdkg5M1NXV2FTNFFlMUV3M0tjU3dyWnpqaFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQCBSfIAwQD
Lh3gAwQETm9wAwQCW8AgAwQEXVuQAwQCuQ9sAwQAuTSsAwQCuUDcAwQCuX2AAwQB
1WyiAwQE2UvQMBsEAgACMBUDBQMqAhegAwUDKgMqgAMFAyoEe8AwDQYJKoZIhvcN
AQELBQADggEBAMvduiDXyZnMeb2P4+AE0cGhon/JTkw9wPgEP6xqh2tq5U6fBhpV
SJAEP7t5ihdGPtW2uuMCMbo72gngsVwBwjmKtpZaDdJ+XxKOd1jNHU4dZIK2Ys8/
/7wcELDTdo9buGS2SwUF+VIjGvKjSKGk19YC/W4dVvgO2LfQm+sF3BRp6bL5yZKK
nWlQVR/Zk1u31BGHAKYhV1Fcv7XCQzNnSXVJ9iXdOlQdnvX/GiBd4N59QWi0tIWU
Mk9C8PsRBKS0fxWIRgqsLMgz0APIEKwNN69cpyuBlwfduNT8hX0TMugSi8QyG+9w
bZrDW6vEw66oINYNlA6k/42U1RflAkNDmt0=
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:09:08 2024 by rpki-client on console-fra.rpki-client.org