Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1enJwr-6ka1eThUUmLV_6Mstda0.roa
File: 1enJwr-6ka1eThUUmLV_6Mstda0.roa (raw, json)
Hash identifier: ZICt+SFtKMtrBbM8IT7cZwYCtWbrimfuXseU7+Z8Reo=
Subject key identifier: D5:E9:C9:C2:BF:BA:91:AD:5E:4E:15:14:98:B5:7F:E8:CB:2D:75:AD
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018F5E63E79C47CEE8DA13BD3633DB48AA35
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1enJwr-6ka1eThUUmLV_6Mstda0.roa
Signing time: Thu 09 May 2024 17:25:56 +0000
ROA not before: Thu 09 May 2024 17:25:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 62.164.224.0/20 maxlen: 20
66.9.96.0/20 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
93.119.184.0/21 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.56.0/21 maxlen: 24
176.222.48.0/22 maxlen: 24
192.200.192.0/19 maxlen: 24
198.145.112.0/22 maxlen: 24
212.32.96.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 02:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:63:e7:9c:47:ce:e8:da:13:bd:36:33:db:48:aa:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: May 9 17:25:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5e9c9c2bfba91ad5e4e151498b57fe8cb2d75ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:66:f1:a5:c5:37:93:08:76:03:e9:39:0f:f8:
70:07:bc:2b:ca:45:4c:88:fc:c6:d7:7a:27:b3:d3:
ee:91:be:43:db:ec:f0:b1:56:4a:88:b7:2f:bc:b2:
71:cf:cc:89:93:3f:69:d5:91:03:0a:a4:5b:ba:65:
c7:2c:a1:c9:bf:f5:3b:7f:92:c4:b6:65:34:66:9b:
52:9f:50:58:ad:ae:d2:1c:72:62:b3:96:97:63:83:
b4:99:99:1d:15:33:41:40:7d:37:e7:da:61:6e:46:
80:ba:f4:dc:63:28:88:fe:f8:f0:a3:50:fe:c0:b3:
8f:86:56:2c:96:90:94:72:3b:22:f9:2d:db:d2:e3:
76:28:f3:bf:3c:64:32:02:f6:5a:22:51:69:54:7e:
6d:b7:fe:5f:c5:cb:a2:33:51:f8:7b:3d:e6:92:b5:
4d:38:be:20:9c:2d:82:d8:54:b5:6e:16:02:13:0f:
10:7b:4e:42:cf:3b:cb:4a:e0:f6:2e:94:ad:90:8a:
9f:6e:aa:c3:c7:eb:9f:84:16:20:aa:8b:e4:c4:f2:
ec:54:12:d6:6b:d2:0f:43:d6:2e:c8:ca:71:68:0e:
63:9a:aa:41:f1:5d:c3:d5:54:9b:43:84:7d:19:6c:
59:e6:22:d6:f0:c4:7f:50:25:66:82:2a:55:46:19:
45:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E9:C9:C2:BF:BA:91:AD:5E:4E:15:14:98:B5:7F:E8:CB:2D:75:AD
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1enJwr-6ka1eThUUmLV_6Mstda0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.224.0/20
66.9.96.0/20
77.223.192.0-77.223.201.255
79.139.64.0/23
93.119.184.0/21
95.178.8.0/21
116.50.16.0/21
121.127.56.0/21
176.222.48.0/22
192.200.192.0/19
198.145.112.0/22
212.32.96.0/20
Signature Algorithm: sha256WithRSAEncryption
85:27:3a:c8:2a:64:72:48:b2:a3:fa:3f:4c:4a:e4:84:a1:1b:
fb:c7:74:14:47:b9:9b:f7:b8:b1:69:34:b7:5b:e9:48:91:bc:
a2:5b:a7:95:eb:3d:7f:ba:6a:13:8e:00:20:ae:64:f2:2d:60:
27:78:15:38:3a:ff:63:18:79:b4:8d:a0:34:aa:de:0b:63:e6:
06:37:c0:14:6e:76:45:c4:99:ca:49:34:59:f6:b0:d6:0a:eb:
98:13:29:a8:a3:d1:3c:4c:fe:4b:ed:5b:66:f1:61:56:5c:0a:
36:d4:f4:c8:02:8a:aa:ee:78:f3:ba:a7:44:be:e8:b7:a7:48:
33:89:bd:e2:3e:9a:73:73:4f:e5:7f:d4:20:08:84:85:1e:40:
ea:1f:b7:5a:ab:96:a7:39:64:58:12:16:7a:01:c3:dd:cd:ac:
f7:1c:2e:2e:9b:6f:ef:96:52:06:5d:5f:13:d4:16:37:e1:25:
e4:93:5f:7d:66:b7:aa:ee:6c:60:3c:81:9a:d1:75:81:65:8e:
c1:c2:c0:db:81:de:9a:a2:3a:bf:73:12:11:5d:ee:14:f1:1a:
d2:fe:19:63:89:b6:95:fb:b2:7d:b3:f7:9a:36:9d:bf:27:32:
1d:16:8a:6c:5f:41:52:1a:f3:fb:fc:23:df:2d:e1:58:db:b7:
d0:6f:33:65
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAY9eY+ecR87o2hO9NjPbSKo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNTA5MTcyNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWU5YzljMmJmYmE5MWFkNWU0ZTE1MTQ5OGI1N2ZlOGNiMmQ3NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGbxpcU3kwh2A+k5D/hwB7wrykVM
iPzG13ons9Pukb5D2+zwsVZKiLcvvLJxz8yJkz9p1ZEDCqRbumXHLKHJv/U7f5LE
tmU0ZptSn1BYra7SHHJis5aXY4O0mZkdFTNBQH0359phbkaAuvTcYyiI/vjwo1D+
wLOPhlYslpCUcjsi+S3b0uN2KPO/PGQyAvZaIlFpVH5tt/5fxcuiM1H4ez3mkrVN
OL4gnC2C2FS1bhYCEw8Qe05CzzvLSuD2LpStkIqfbqrDx+ufhBYgqovkxPLsVBLW
a9IPQ9YuyMpxaA5jmqpB8V3D1VSbQ4R9GWxZ5iLW8MR/UCVmgipVRhlF8QIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFNXpycK/upGtXk4VFJi1f+jLLXWtMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvMWVuSndyLTZrYTFlVGhVVW1MVl82TXN0ZGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQEPqTgAwQE
QglgMAwDBAZN38ADBAFN38gDBAFPi0ADBANdd7gDBANfsggDBAN0MhADBAN5fzgD
BAKw3jADBAXAyMADBALGkXADBATUIGAwDQYJKoZIhvcNAQELBQADggEBAIUnOsgq
ZHJIsqP6P0xK5IShG/vHdBRHuZv3uLFpNLdb6UiRvKJbp5XrPX+6ahOOACCuZPIt
YCd4FTg6/2MYebSNoDSq3gtj5gY3wBRudkXEmcpJNFn2sNYK65gTKaij0TxM/kvt
W2bxYVZcCjbU9MgCiqruePO6p0S+6LenSDOJveI+mnNzT+V/1CAIhIUeQOoft1qr
lqc5ZFgSFnoBw93NrPccLi6bb++WUgZdXxPUFjfhJeSTX31mt6rubGA8gZrRdYFl
jsHCwNuB3pqiOr9zEhFd7hTxGtL+GWOJtpX7sn2z95o2nb8nMh0WimxfQVIa8/v8
I98t4Vjbt9BvM2U=
-----END CERTIFICATE-----
Generated at Sun Jun 2 07:23:23 2024 by rpki-client on console-ams.rpki-client.org