Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/CcXyKrLKh_ZQZCSRzb3WH-q9pxo.roa
File: CcXyKrLKh_ZQZCSRzb3WH-q9pxo.roa (raw, json)
Hash identifier: fcU7jODB5y6k+oAovMZ6xMTAOaQ3NM6G5kcqZdQntAA=
Subject key identifier: 09:C5:F2:2A:B2:CA:87:F6:50:64:24:91:CD:BD:D6:1F:EA:BD:A7:1A
Certificate issuer: /CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Certificate serial: 018CC349674AB6192C6794A9089CD57D8920
Authority key identifier: 33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/CcXyKrLKh_ZQZCSRzb3WH-q9pxo.roa
Signing time: Mon 01 Jan 2024 04:30:16 +0000
ROA not before: Mon 01 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31214
IP address blocks: 5.11.64.0/20 maxlen: 20
193.39.220.0/22 maxlen: 22
178.210.0.0/19 maxlen: 19
109.111.128.0/19 maxlen: 19
185.234.120.0/22 maxlen: 22
194.50.12.0/22 maxlen: 22
91.109.128.0/19 maxlen: 19
185.251.216.0/22 maxlen: 22
37.60.208.0/20 maxlen: 20
213.149.0.0/19 maxlen: 19
185.238.76.0/22 maxlen: 22
31.192.128.0/19 maxlen: 19
185.16.136.0/22 maxlen: 22
83.219.128.0/19 maxlen: 19
2a03:5800::/32 maxlen: 32
2a06:50c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.mft
rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:67:4a:b6:19:2c:67:94:a9:08:9c:d5:7d:89:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Validity
Not Before: Jan 1 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09c5f22ab2ca87f650642491cdbdd61feabda71a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c1:28:af:6a:45:11:3a:09:66:4b:37:9c:b2:
63:da:bf:5b:c2:1f:6a:34:cf:23:6f:55:e4:bc:df:
4b:44:f0:7b:98:04:b8:a1:9b:ff:47:26:9e:d4:8d:
e2:f4:48:32:86:60:a8:b2:45:a0:98:b2:b7:4e:06:
d3:c9:75:af:56:79:7b:0c:60:db:e6:20:96:52:81:
0f:bf:88:74:ff:b6:fb:15:b8:ba:2b:ca:12:e1:cf:
7d:d1:4a:59:34:a2:58:10:95:82:42:11:76:cc:f2:
a2:86:a7:a4:30:d4:46:12:c8:ee:40:c0:07:48:f7:
70:26:0b:37:7e:a3:a8:b2:c6:d7:36:c3:a6:a3:0a:
43:4b:99:3d:0a:1a:0d:81:ac:3b:5f:4a:b6:08:96:
2f:82:37:3c:bc:33:70:f2:13:c2:3b:74:60:52:cd:
b7:81:36:06:71:85:b8:69:99:ca:f2:48:41:2a:24:
de:b2:bc:fc:68:2e:1e:a1:3e:43:cf:e3:b4:57:f4:
b3:c3:fb:5e:5f:96:28:b8:10:15:7c:fd:92:c8:58:
39:7b:23:7d:1b:d1:81:f3:d1:8d:16:f9:db:75:c0:
ef:14:59:15:28:16:e7:c5:9d:9d:68:0e:2c:fb:cd:
ba:6e:a8:f4:1e:e5:65:88:8c:18:f5:bd:39:b8:47:
e6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C5:F2:2A:B2:CA:87:F6:50:64:24:91:CD:BD:D6:1F:EA:BD:A7:1A
X509v3 Authority Key Identifier:
keyid:33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/CcXyKrLKh_ZQZCSRzb3WH-q9pxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.64.0/20
31.192.128.0/19
37.60.208.0/20
83.219.128.0/19
91.109.128.0/19
109.111.128.0/19
178.210.0.0/19
185.16.136.0/22
185.234.120.0/22
185.238.76.0/22
185.251.216.0/22
193.39.220.0/22
194.50.12.0/22
213.149.0.0/19
IPv6:
2a03:5800::/32
2a06:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:07:ba:e5:2b:9b:65:38:39:82:56:ef:6c:9b:90:35:b1:be:
4b:c9:19:c0:60:4b:6f:88:45:56:d9:a2:33:a8:63:63:5b:ed:
75:87:32:f4:a6:90:a5:d2:a4:1d:e4:bb:50:8a:2d:1f:65:98:
a0:c3:c2:4c:eb:cc:83:00:42:0d:70:7b:37:37:ba:7d:e8:d8:
87:72:57:04:19:e2:70:d9:53:5d:d6:eb:14:1c:ea:c6:b6:d4:
f4:9c:d7:1a:53:1c:ec:3e:fc:70:4c:e7:41:54:f3:cc:25:ad:
76:c2:19:38:9d:b5:2b:0e:42:14:ec:4b:34:f4:85:d9:b6:5c:
28:20:ca:fa:ab:14:4c:a2:59:17:2f:f9:6f:ac:e9:b5:2a:fa:
e6:83:69:6d:11:ed:ef:e6:46:1d:31:ab:0f:17:a1:a6:45:3a:
67:3d:ca:c2:e6:54:8f:86:96:9a:6b:52:b1:ad:68:cc:d3:ab:
6b:20:37:d4:ba:2a:1d:51:1b:de:99:72:f6:4b:d4:0f:21:77:
43:c6:94:98:9a:e7:4a:1d:cd:4b:91:4d:4e:2c:68:e1:cb:9b:
c9:6d:6f:c8:71:18:03:df:b9:5f:05:a4:a3:c4:75:d9:c4:d9:
a1:a0:cb:87:d8:7a:b9:ca:cf:bb:39:00:e3:15:d0:fe:24:a5:
82:af:50:4d
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYzDSWdKthksZ5SpCJzVfYkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZmU4MGFlYTEwMGU5OGMwZGE1ZDFmZmVmOThiMzcxZDEx
ZWRkYTIwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWM1ZjIyYWIyY2E4N2Y2NTA2NDI0OTFjZGJkZDYxZmVhYmRhNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMEor2pFEToJZks3nLJj2r9bwh9q
NM8jb1XkvN9LRPB7mAS4oZv/Ryae1I3i9EgyhmCoskWgmLK3TgbTyXWvVnl7DGDb
5iCWUoEPv4h0/7b7Fbi6K8oS4c990UpZNKJYEJWCQhF2zPKihqekMNRGEsjuQMAH
SPdwJgs3fqOossbXNsOmowpDS5k9ChoNgaw7X0q2CJYvgjc8vDNw8hPCO3RgUs23
gTYGcYW4aZnK8khBKiTesrz8aC4eoT5Dz+O0V/Szw/teX5YouBAVfP2SyFg5eyN9
G9GB89GNFvnbdcDvFFkVKBbnxZ2daA4s+826bqj0HuVliIwY9b05uEfmfQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFAnF8iqyyof2UGQkkc291h/qvacaMB8GA1UdIwQY
MBaAFDP+gK6hAOmMDaXR/++Ys3HRHt2iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTV82QXJxRUE2WXdOcGRIXzc1aXpjZEVlM2FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84MDI1MjUtNWMyYy00NTY0LWJhNWEt
NmNkNjU5YWNiZjA3LzEvQ2NYeUtyTEtoX1pRWkNTUnpiM1dILXE5cHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS84MDI1MjUtNWMyYy00NTY0LWJhNWEtNmNkNjU5YWNiZjA3
LzEvTV82QXJxRUE2WXdOcGRIXzc1aXpjZEVlM2FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEBAULQAME
BR/AgAMEBCU80AMEBVPbgAMEBVttgAMEBW1vgAMEBbLSAAMEArkQiAMEArnqeAME
ArnuTAMEArn72AMEAsEn3AMEAsIyDAMEBdWVADAUBAIAAjAOAwUAKgNYAAMFACoG
UMAwDQYJKoZIhvcNAQELBQADggEBAGsHuuUrm2U4OYJW72ybkDWxvkvJGcBgS2+I
RVbZojOoY2Nb7XWHMvSmkKXSpB3ku1CKLR9lmKDDwkzrzIMAQg1wezc3un3o2Idy
VwQZ4nDZU13W6xQc6sa21PSc1xpTHOw+/HBM50FU88wlrXbCGTidtSsOQhTsSzT0
hdm2XCggyvqrFEyiWRcv+W+s6bUq+uaDaW0R7e/mRh0xqw8XoaZFOmc9ysLmVI+G
lpprUrGtaMzTq2sgN9S6Kh1RG96ZcvZL1A8hd0PGlJia50odzUuRTU4saOHLm8lt
b8hxGAPfuV8FpKPEddnE2aGgy4fYernKz7s5AOMV0P4kpYKvUE0=
-----END CERTIFICATE-----
Generated at Mon May 20 17:31:31 2024 by rpki-client on console-ams.rpki-client.org