Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/B52Yj_NpH-0Dw9iCD42Cl8CHtsw.roa
File: B52Yj_NpH-0Dw9iCD42Cl8CHtsw.roa (raw, json)
Hash identifier: hzpkREU4vrZkwN7xVIcZpo9NowUfp2ffeZl5I7Umhqs=
Subject key identifier: 07:9D:98:8F:F3:69:1F:ED:03:C3:D8:82:0F:8D:82:97:C0:87:B6:CC
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01918E7476CC1D44DCEAB3A5CD34C4828E93
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/B52Yj_NpH-0Dw9iCD42Cl8CHtsw.roa
Signing time: Mon 26 Aug 2024 11:31:22 +0000
ROA not before: Mon 26 Aug 2024 11:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15468
IP address blocks: 5.143.176.0/20 maxlen: 21
5.143.184.0/21 maxlen: 21
31.172.192.0/19 maxlen: 19
31.172.192.0/20 maxlen: 20
31.172.192.0/21 maxlen: 21
31.172.200.0/21 maxlen: 21
31.172.208.0/20 maxlen: 20
31.172.208.0/21 maxlen: 21
31.172.216.0/21 maxlen: 21
62.148.128.0/19 maxlen: 19
62.148.128.0/20 maxlen: 20
62.148.144.0/20 maxlen: 20
94.242.128.0/18 maxlen: 18
94.242.128.0/19 maxlen: 19
94.242.128.0/20 maxlen: 20
94.242.144.0/20 maxlen: 20
94.242.144.0/24 maxlen: 24
94.242.145.0/24 maxlen: 24
94.242.146.0/24 maxlen: 24
94.242.148.0/24 maxlen: 24
94.242.149.0/24 maxlen: 24
94.242.150.0/24 maxlen: 24
94.242.151.0/24 maxlen: 24
94.242.160.0/19 maxlen: 19
94.242.160.0/20 maxlen: 20
94.242.176.0/20 maxlen: 20
95.107.16.0/20 maxlen: 20
95.107.16.0/21 maxlen: 21
95.107.24.0/21 maxlen: 21
95.107.112.0/20 maxlen: 20
95.107.112.0/21 maxlen: 21
95.107.120.0/21 maxlen: 21
109.225.0.0/18 maxlen: 18
109.225.0.0/19 maxlen: 19
109.225.0.0/20 maxlen: 20
109.225.16.0/20 maxlen: 20
109.225.32.0/19 maxlen: 20
109.225.40.0/22 maxlen: 22
212.106.32.0/19 maxlen: 19
212.106.32.0/20 maxlen: 20
212.106.32.0/21 maxlen: 21
212.106.40.0/21 maxlen: 21
212.106.48.0/20 maxlen: 20
212.106.48.0/21 maxlen: 21
212.106.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:74:76:cc:1d:44:dc:ea:b3:a5:cd:34:c4:82:8e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 26 11:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=079d988ff3691fed03c3d8820f8d8297c087b6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e8:d4:30:9d:cf:8b:05:47:2f:bc:c5:43:b5:
b3:a6:0f:45:fc:cb:bf:1b:26:5b:4c:0a:01:a6:46:
8b:bb:32:54:64:8f:63:a7:b1:d6:0e:e5:f3:1d:56:
bb:4b:ba:cd:79:e9:10:1a:7c:29:cb:e7:ca:c2:b1:
03:44:57:b1:65:0d:36:b5:8b:b8:99:a8:4d:e2:57:
1d:d1:f2:ed:f2:21:f9:04:f9:3f:28:f7:de:90:fc:
5e:9c:7a:f6:b9:1a:44:d6:74:fd:09:b7:69:dc:68:
86:c0:b6:6e:08:3e:ad:79:a6:7b:46:6f:65:23:7c:
c2:f7:c7:e7:67:bf:85:da:10:21:6b:d6:93:6a:d6:
62:f2:cd:47:86:04:04:f8:ad:d8:cb:86:3f:94:0e:
3c:f0:d4:5e:61:b3:49:a4:4b:15:fa:b9:da:fb:28:
d4:7a:0e:fc:95:9d:62:ed:b9:7b:a9:bb:3e:3c:23:
52:a7:d4:cb:42:d9:f9:12:4e:80:d9:af:1e:5b:14:
a7:e1:26:57:63:36:27:13:8a:3b:10:4f:f3:8c:52:
c2:8f:da:c6:0d:35:c8:d9:7e:1b:dc:01:02:ac:5c:
3f:04:47:22:dd:c7:bd:45:83:76:ca:45:93:06:a1:
f3:d1:8e:a2:f3:62:ed:2a:aa:d7:4b:37:7a:57:21:
d4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9D:98:8F:F3:69:1F:ED:03:C3:D8:82:0F:8D:82:97:C0:87:B6:CC
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/B52Yj_NpH-0Dw9iCD42Cl8CHtsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.176.0/20
31.172.192.0/19
62.148.128.0/19
94.242.128.0/18
95.107.16.0/20
95.107.112.0/20
109.225.0.0/18
212.106.32.0/19
Signature Algorithm: sha256WithRSAEncryption
45:14:fc:ad:77:5a:5b:f0:4c:9b:b0:51:85:48:d2:e1:8d:d7:
97:02:41:a0:d6:41:90:2b:ed:37:a5:64:fb:3d:ef:1d:a2:8b:
44:dd:3d:e6:e2:95:b0:69:37:ce:a8:0f:fa:fa:8c:f5:aa:5e:
aa:56:fc:6b:bf:e0:00:a6:88:77:c1:ec:2c:00:a3:14:90:47:
97:92:cf:68:14:96:ab:41:05:bb:31:01:d5:e7:a5:02:df:74:
ed:5b:94:b7:74:ce:06:b9:90:5a:aa:d8:86:bb:2a:94:cb:21:
4d:01:ec:de:f2:86:82:d9:bc:e0:70:e5:c0:ae:28:6a:ed:e4:
02:84:05:4d:63:b2:37:4e:1a:94:a5:75:8a:0e:a0:0e:e7:75:
80:83:e9:97:41:0e:e7:9d:1e:b1:44:11:66:82:b4:00:f4:7e:
06:6e:b2:02:41:d7:ac:09:28:7c:35:b3:37:6e:46:40:31:81:
81:55:ea:ee:e7:5c:d2:74:50:c9:b8:87:66:3d:1b:aa:61:52:
4b:60:98:bf:9a:a9:38:4a:12:87:66:51:e2:94:f7:54:39:5d:
fd:82:4b:68:38:6a:02:ca:0e:2e:99:54:b1:4a:9d:a7:a7:98:
a2:5b:89:ca:67:11:fe:74:11:33:6b:1c:eb:cc:59:e2:5e:de:
0f:71:e0:20
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZGOdHbMHUTc6rOlzTTEgo6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI2MTEzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzlkOTg4ZmYzNjkxZmVkMDNjM2Q4ODIwZjhkODI5N2MwODdiNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+jUMJ3PiwVHL7zFQ7Wzpg9F/Mu/
GyZbTAoBpkaLuzJUZI9jp7HWDuXzHVa7S7rNeekQGnwpy+fKwrEDRFexZQ02tYu4
mahN4lcd0fLt8iH5BPk/KPfekPxenHr2uRpE1nT9Cbdp3GiGwLZuCD6teaZ7Rm9l
I3zC98fnZ7+F2hAha9aTatZi8s1HhgQE+K3Yy4Y/lA488NReYbNJpEsV+rna+yjU
eg78lZ1i7bl7qbs+PCNSp9TLQtn5Ek6A2a8eWxSn4SZXYzYnE4o7EE/zjFLCj9rG
DTXI2X4b3AECrFw/BEci3ce9RYN2ykWTBqHz0Y6i82LtKqrXSzd6VyHUcQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAedmI/zaR/tA8PYgg+NgpfAh7bMMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQjUyWWpfTnBILTBEdzlpQ0Q0MkNsOENIdHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEBY+wAwQF
H6zAAwQFPpSAAwQGXvKAAwQEX2sQAwQEX2twAwQGbeEAAwQF1GogMA0GCSqGSIb3
DQEBCwUAA4IBAQBFFPytd1pb8EybsFGFSNLhjdeXAkGg1kGQK+03pWT7Pe8dootE
3T3m4pWwaTfOqA/6+oz1ql6qVvxrv+AApoh3wewsAKMUkEeXks9oFJarQQW7MQHV
56UC33TtW5S3dM4GuZBaqtiGuyqUyyFNAeze8oaC2bzgcOXArihq7eQChAVNY7I3
ThqUpXWKDqAO53WAg+mXQQ7nnR6xRBFmgrQA9H4GbrICQdesCSh8NbM3bkZAMYGB
Veru51zSdFDJuIdmPRuqYVJLYJi/mqk4ShKHZlHilPdUOV39gktoOGoCyg4umVSx
Sp2np5iiW4nKZxH+dBEzaxzrzFniXt4PceAg
-----END CERTIFICATE-----
Generated at Sat Sep 28 13:04:55 2024 by rpki-client on console-fra.rpki-client.org