Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/0JgR8Jbn8of-8WVIz06t7EbMCOQ.roa
File: 0JgR8Jbn8of-8WVIz06t7EbMCOQ.roa (raw, json)
Hash identifier: L0L098CXe5qrVQiuk5R+OmjyqWyTGZPLga0FNlAfgMY=
Subject key identifier: D0:98:11:F0:96:E7:F2:87:FE:F1:65:48:CF:4E:AD:EC:46:CC:08:E4
Certificate issuer: /CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Certificate serial: 019327E52A2CEEB21823E7E1AC83B47450F1
Authority key identifier: 11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/0JgR8Jbn8of-8WVIz06t7EbMCOQ.roa
Signing time: Wed 13 Nov 2024 23:39:09 +0000
ROA not before: Wed 13 Nov 2024 23:39:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 31.164.0.0/15 maxlen: 16
62.167.0.0/16 maxlen: 16
62.167.0.0/17 maxlen: 17
62.167.128.0/17 maxlen: 17
84.226.0.0/15 maxlen: 16
89.217.0.0/16 maxlen: 16
89.217.0.0/17 maxlen: 17
89.217.128.0/17 maxlen: 17
178.38.0.0/15 maxlen: 16
188.154.0.0/15 maxlen: 16
193.192.224.0/19 maxlen: 19
194.158.224.0/19 maxlen: 19
194.230.0.0/16 maxlen: 16
194.230.0.0/17 maxlen: 17
194.230.128.0/17 maxlen: 17
195.112.64.0/19 maxlen: 19
195.141.0.0/16 maxlen: 16
212.35.32.0/19 maxlen: 19
212.98.32.0/19 maxlen: 19
212.161.128.0/17 maxlen: 17
2001:1700::/27 maxlen: 27
2001:1700::/28 maxlen: 28
2001:1710::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.mft
rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:27:e5:2a:2c:ee:b2:18:23:e7:e1:ac:83:b4:74:50:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=115dbc00433e29f2adeb038fea2fbd7048fb632f
Validity
Not Before: Nov 13 23:39:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d09811f096e7f287fef16548cf4eadec46cc08e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:50:9e:24:69:85:06:b1:52:7c:81:12:33:af:
1f:65:d2:f1:e2:08:c3:7f:1d:28:2c:f4:d9:e9:92:
14:a8:8d:7e:16:c1:0f:d7:9f:34:d9:7d:b1:a9:09:
19:88:86:f3:84:c2:1f:7e:0d:db:bb:1f:99:c0:3f:
7c:a9:12:d2:cc:09:50:17:f7:a4:94:0a:4f:22:a6:
5a:0a:19:72:95:1e:70:a0:53:ab:11:e9:4b:59:9d:
e7:20:7b:f3:ff:2a:98:45:75:8e:6a:b4:52:bd:e9:
64:19:b3:41:bb:4e:66:1d:6f:6c:b0:40:14:b1:b1:
95:5e:83:65:de:16:31:0c:31:4e:eb:fd:aa:49:c5:
c9:05:70:4c:e3:e0:64:3f:48:36:c0:f4:73:0c:7d:
cc:cc:66:fe:4c:a4:f0:98:29:d8:b6:28:1c:42:54:
cb:24:fd:38:27:fb:d5:3a:bb:70:dc:b6:8c:22:6c:
52:9e:74:15:ee:5c:38:30:06:4b:79:31:67:92:30:
a8:07:d5:dc:03:b9:6f:d5:f4:59:ae:46:d1:b3:cf:
04:ef:fb:d7:86:a0:fd:c5:2b:33:3d:02:03:09:c7:
a4:0d:3b:c9:6f:9e:30:8e:02:13:ec:d1:57:80:3f:
88:b7:13:18:9d:e4:1d:3a:30:1e:d2:65:2e:f3:76:
95:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:98:11:F0:96:E7:F2:87:FE:F1:65:48:CF:4E:AD:EC:46:CC:08:E4
X509v3 Authority Key Identifier:
keyid:11:5D:BC:00:43:3E:29:F2:AD:EB:03:8F:EA:2F:BD:70:48:FB:63:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EV28AEM-KfKt6wOP6i-9cEj7Yy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/0JgR8Jbn8of-8WVIz06t7EbMCOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/65a71d-0236-44d5-8ce9-229b4ae742de/1/EV28AEM-KfKt6wOP6i-9cEj7Yy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.164.0.0/15
62.167.0.0/16
84.226.0.0/15
89.217.0.0/16
178.38.0.0/15
188.154.0.0/15
193.192.224.0/19
194.158.224.0/19
194.230.0.0/16
195.112.64.0/19
195.141.0.0/16
212.35.32.0/19
212.98.32.0/19
212.161.128.0/17
IPv6:
2001:1700::/27
Signature Algorithm: sha256WithRSAEncryption
b9:09:20:a3:a2:cd:9c:1e:55:ae:ee:f6:fa:71:5c:75:dc:b9:
39:1d:c0:0a:f7:d5:24:24:b7:1b:74:1b:00:b3:bd:a8:10:07:
14:e5:19:f4:ea:ae:99:54:30:c2:f3:be:94:cc:da:55:b5:9e:
bf:67:04:2f:56:55:43:aa:9f:8e:ac:e2:7e:a1:79:f0:03:f1:
76:98:76:8b:6b:e7:a5:16:e8:02:57:de:a1:4c:8e:57:5a:d5:
3a:e4:d9:03:ee:27:6b:ac:22:57:3b:ff:4e:bb:9b:f8:9f:99:
5c:50:11:c3:ea:ac:8e:63:2b:1c:aa:40:82:24:59:c8:4b:94:
a2:9d:b1:d8:5d:0b:f0:a6:fd:e1:ff:6f:7c:f8:2c:4c:ed:58:
d0:d8:97:e9:f4:8e:4c:cd:f4:95:b2:5b:01:54:52:ea:16:32:
22:b4:8d:c1:be:79:df:ea:db:23:b8:a2:d1:35:8e:7c:a8:ae:
16:8e:e2:60:c2:c5:de:f2:20:3d:7f:c7:a2:aa:0a:a6:cb:5a:
03:c6:d7:a9:7b:27:fd:0d:47:e9:c0:f9:80:3d:6f:fa:7d:2a:
b5:6c:bc:d7:d3:c2:3d:ae:d5:e9:5a:5c:77:19:2a:72:de:bf:
9d:52:53:f8:e4:1e:72:f6:87:fb:69:86:cf:5f:e7:fd:91:d0:
9c:9f:94:a7
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZMn5Sos7rIYI+fhrIO0dFDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNWRiYzAwNDMzZTI5ZjJhZGViMDM4ZmVhMmZiZDcwNDhm
YjYzMmYwHhcNMjQxMTEzMjMzOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDk4MTFmMDk2ZTdmMjg3ZmVmMTY1NDhjZjRlYWRlYzQ2Y2MwOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1CeJGmFBrFSfIESM68fZdLx4gjD
fx0oLPTZ6ZIUqI1+FsEP15802X2xqQkZiIbzhMIffg3bux+ZwD98qRLSzAlQF/ek
lApPIqZaChlylR5woFOrEelLWZ3nIHvz/yqYRXWOarRSvelkGbNBu05mHW9ssEAU
sbGVXoNl3hYxDDFO6/2qScXJBXBM4+BkP0g2wPRzDH3MzGb+TKTwmCnYtigcQlTL
JP04J/vVOrtw3LaMImxSnnQV7lw4MAZLeTFnkjCoB9XcA7lv1fRZrkbRs88E7/vX
hqD9xSszPQIDCcekDTvJb54wjgIT7NFXgD+ItxMYneQdOjAe0mUu83aVPQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFNCYEfCW5/KH/vFlSM9OrexGzAjkMB8GA1UdIwQY
MBaAFBFdvABDPinyresDj+ovvXBI+2MvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTkt
MjI5YjRhZTc0MmRlLzEvMEpnUjhKYm44b2YtOFdWSXowNnQ3RWJNQ09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC82NWE3MWQtMDIzNi00NGQ1LThjZTktMjI5YjRhZTc0MmRl
LzEvRVYyOEFFTS1LZkt0NndPUDZpLTljRWo3WXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwMBH6QDAwA+
pwMDAVTiAwMAWdkDAwGyJgMDAbyaAwQFwcDgAwQFwp7gAwMAwuYDBAXDcEADAwDD
jQMEBdQjIAMEBdRiIAMEB9ShgDANBAIAAjAHAwUFIAEXADANBgkqhkiG9w0BAQsF
AAOCAQEAuQkgo6LNnB5Vru72+nFcddy5OR3ACvfVJCS3G3QbALO9qBAHFOUZ9Oqu
mVQwwvO+lMzaVbWev2cEL1ZVQ6qfjqzifqF58APxdph2i2vnpRboAlfeoUyOV1rV
OuTZA+4na6wiVzv/Trub+J+ZXFARw+qsjmMrHKpAgiRZyEuUop2x2F0L8Kb94f9v
fPgsTO1Y0NiX6fSOTM30lbJbAVRS6hYyIrSNwb553+rbI7ii0TWOfKiuFo7iYMLF
3vIgPX/HoqoKpstaA8bXqXsn/Q1H6cD5gD1v+n0qtWy819PCPa7V6Vpcdxkqct6/
nVJT+OQecvaH+2mGz1/n/ZHQnJ+Upw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:10:26 2024 by rpki-client on console-ams.rpki-client.org