Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/ldtOLu8U6qp4EFdvlThR5Moa9Do.roa
File: ldtOLu8U6qp4EFdvlThR5Moa9Do.roa (raw, json)
Hash identifier: pPurCdJ4gRIKL1o8lc1wz63eAH4fwTZkxoZMCETDGhw=
Subject key identifier: 95:DB:4E:2E:EF:14:EA:AA:78:10:57:6F:95:38:51:E4:CA:1A:F4:3A
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 018E39873116D866165AAF36E9754D1909E5
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/ldtOLu8U6qp4EFdvlThR5Moa9Do.roa
Signing time: Wed 13 Mar 2024 20:35:44 +0000
ROA not before: Wed 13 Mar 2024 20:35:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197637
IP address blocks: 31.25.152.0/21 maxlen: 21
37.99.200.0/21 maxlen: 21
37.123.120.0/21 maxlen: 21
109.75.96.0/24 maxlen: 24
109.75.97.0/24 maxlen: 24
109.75.98.0/24 maxlen: 24
109.75.99.0/24 maxlen: 24
109.75.104.0/24 maxlen: 24
109.75.106.0/24 maxlen: 24
109.75.107.0/24 maxlen: 24
109.75.108.0/22 maxlen: 22
153.92.32.0/21 maxlen: 21
185.8.86.0/23 maxlen: 23
185.62.88.0/22 maxlen: 22
185.65.198.0/23 maxlen: 23
185.68.76.0/22 maxlen: 22
185.211.16.0/22 maxlen: 22
193.57.0.0/22 maxlen: 22
195.42.244.0/22 maxlen: 22
2a04:6ec0::/29 maxlen: 29
2a04:6ec0::/32 maxlen: 32
2a0b:6240::/29 maxlen: 29
2a0c:90c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 23:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:87:31:16:d8:66:16:5a:af:36:e9:75:4d:19:09:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Mar 13 20:35:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95db4e2eef14eaaa7810576f953851e4ca1af43a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9a:9f:6f:78:f7:d2:df:30:6c:cb:98:8e:64:
f5:6c:fb:87:7f:03:53:da:fb:48:95:8d:66:74:5b:
27:a1:8d:62:5c:c4:29:d8:1d:fb:e2:72:1d:74:8c:
4b:59:99:45:b8:c2:2c:47:e4:f9:56:d4:73:c0:68:
27:f1:71:04:30:0d:1b:db:5b:bf:c1:5b:46:cb:c0:
ee:05:fc:40:6f:95:a5:66:81:f5:5c:0d:e4:89:5a:
5e:22:d9:ea:cf:69:f6:a0:ec:69:17:18:29:0f:91:
63:0c:ae:25:5e:3c:8b:95:c2:d0:a4:fd:3e:81:df:
7d:ea:85:e9:4f:bd:d6:63:ef:d7:ac:54:86:4e:74:
e6:ad:65:47:90:64:d6:64:e6:e0:bc:ba:45:58:66:
32:8a:a4:1b:93:16:96:21:04:fc:b9:cb:e1:e8:a4:
0d:bf:b4:7d:8d:dd:5c:d3:28:c6:8f:6d:ec:70:1f:
0c:d3:ca:78:47:38:d3:d9:9a:13:76:53:50:62:98:
71:71:1f:d9:b8:0a:78:4a:0f:f5:16:b5:96:c1:b1:
e6:59:fb:ca:b6:67:54:2a:7d:73:55:8b:55:e6:d3:
b3:ff:bc:c8:c7:b6:1c:47:d4:dd:7f:c3:ce:2e:e5:
9f:72:49:e2:ff:28:ae:47:a8:6b:0b:35:54:f2:94:
eb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DB:4E:2E:EF:14:EA:AA:78:10:57:6F:95:38:51:E4:CA:1A:F4:3A
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/ldtOLu8U6qp4EFdvlThR5Moa9Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.152.0/21
37.99.200.0/21
37.123.120.0/21
109.75.96.0/22
109.75.104.0/24
109.75.106.0-109.75.111.255
153.92.32.0/21
185.8.86.0/23
185.62.88.0/22
185.65.198.0/23
185.68.76.0/22
185.211.16.0/22
193.57.0.0/22
195.42.244.0/22
IPv6:
2a04:6ec0::/29
2a0b:6240::/29
2a0c:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:f1:b9:0e:5b:56:4c:d7:bd:e7:a7:13:0f:29:04:b5:89:83:
99:de:e8:43:ca:25:e8:49:71:b6:12:7d:a3:61:b9:da:1f:bf:
56:03:d1:f3:32:5f:f7:3f:b5:b6:74:ba:a5:77:4a:01:ee:d6:
df:a5:f9:28:65:d7:f3:a7:80:d3:e8:d1:d3:42:15:f7:02:a7:
de:39:a4:e3:dd:b7:65:e0:aa:7c:d4:9f:14:ca:a9:9e:90:6e:
e4:48:34:b6:ac:d1:c1:ae:cb:20:55:1a:6c:fc:a0:f8:ff:12:
c3:4a:d3:74:61:6a:0b:b5:1d:33:aa:d3:d4:45:89:3f:1e:b3:
6e:7a:39:5c:52:84:8e:a8:11:73:b0:13:de:c6:2d:54:55:b8:
ce:a2:e7:00:24:05:3b:69:56:75:8f:15:fd:5a:71:08:95:2e:
c6:2a:39:06:35:1d:18:4f:31:14:e0:aa:f5:d9:db:51:5f:0e:
3c:4a:89:9b:74:b2:5a:3b:a0:1e:6c:00:e1:1e:37:c0:4b:44:
d8:68:0c:4f:e7:c0:ae:39:68:d6:03:0f:9b:21:f5:4b:91:1c:
89:2e:ac:e3:3e:01:ae:d6:c5:a4:20:0e:41:68:ca:15:38:96:
46:b3:b2:1f:e8:bd:84:6c:13:ba:2e:30:a7:5f:01:83:cd:b4:
5c:74:47:be
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAY45hzEW2GYWWq826XVNGQnlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjQwMzEzMjAzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWRiNGUyZWVmMTRlYWFhNzgxMDU3NmY5NTM4NTFlNGNhMWFmNDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZqfb3j30t8wbMuYjmT1bPuHfwNT
2vtIlY1mdFsnoY1iXMQp2B374nIddIxLWZlFuMIsR+T5VtRzwGgn8XEEMA0b21u/
wVtGy8DuBfxAb5WlZoH1XA3kiVpeItnqz2n2oOxpFxgpD5FjDK4lXjyLlcLQpP0+
gd996oXpT73WY+/XrFSGTnTmrWVHkGTWZObgvLpFWGYyiqQbkxaWIQT8ucvh6KQN
v7R9jd1c0yjGj23scB8M08p4RzjT2ZoTdlNQYphxcR/ZuAp4Sg/1FrWWwbHmWfvK
tmdUKn1zVYtV5tOz/7zIx7YcR9Tdf8POLuWfckni/yiuR6hrCzVU8pTr2wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFJXbTi7vFOqqeBBXb5U4UeTKGvQ6MB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvbGR0T0x1OFU2cXA0RUZkdmxUaFI1TW9hOURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2EtYzM4M2E5MDEwMDA1
LzEvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBiBAIAATBcAwQDHxmY
AwQDJWPIAwQDJXt4AwQCbUtgAwQAbUtoMAwDBAFtS2oDBARtS2ADBAOZXCADBAG5
CFYDBAK5PlgDBAG5QcYDBAK5REwDBAK50xADBALBOQADBALDKvQwGwQCAAIwFQMF
AyoEbsADBQMqC2JAAwUDKgyQwDANBgkqhkiG9w0BAQsFAAOCAQEAk/G5DltWTNe9
56cTDykEtYmDmd7oQ8ol6ElxthJ9o2G52h+/VgPR8zJf9z+1tnS6pXdKAe7W36X5
KGXX86eA0+jR00IV9wKn3jmk4923ZeCqfNSfFMqpnpBu5Eg0tqzRwa7LIFUabPyg
+P8Sw0rTdGFqC7UdM6rT1EWJPx6zbno5XFKEjqgRc7AT3sYtVFW4zqLnACQFO2lW
dY8V/VpxCJUuxio5BjUdGE8xFOCq9dnbUV8OPEqJm3SyWjugHmwA4R43wEtE2GgM
T+fArjlo1gMPmyH1S5EciS6s4z4BrtbFpCAOQWjKFTiWRrOyH+i9hGwTui4wp18B
g820XHRHvg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:18:26 2024 by rpki-client on console-ams.rpki-client.org