Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/PGIQZhZ6fx7XUxkVl6I7KumLIpc.roa
File: PGIQZhZ6fx7XUxkVl6I7KumLIpc.roa (raw, json)
Hash identifier: wIBDWLxPTA7Sek5mlvCdtUGplA8fAoQYwITbjQn3xtM=
Subject key identifier: 3C:62:10:66:16:7A:7F:1E:D7:53:19:15:97:A2:3B:2A:E9:8B:22:97
Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial: 018DCBF9E6DAA0C387C045CEABDE0A02C53C
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/PGIQZhZ6fx7XUxkVl6I7KumLIpc.roa
Signing time: Wed 21 Feb 2024 14:02:48 +0000
ROA not before: Wed 21 Feb 2024 14:02:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44574
IP address blocks: 5.153.96.0/21 maxlen: 24
5.153.192.0/19 maxlen: 24
31.12.96.0/19 maxlen: 24
31.13.0.0/21 maxlen: 24
37.252.32.0/19 maxlen: 24
91.199.78.0/24 maxlen: 24
93.121.0.0/17 maxlen: 24
95.172.224.0/19 maxlen: 24
151.249.0.0/18 maxlen: 24
159.20.32.0/19 maxlen: 24
185.196.80.0/22 maxlen: 24
212.105.160.0/19 maxlen: 24
2001:67c:2544::/48 maxlen: 48
2a00:10e8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:f9:e6:da:a0:c3:87:c0:45:ce:ab:de:0a:02:c5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Validity
Not Before: Feb 21 14:02:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c621066167a7f1ed753191597a23b2ae98b2297
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:c9:a1:f0:ed:c2:1a:31:b1:a3:13:2a:ce:
2f:81:a4:7b:a6:ec:41:fc:cc:14:c0:3b:7c:b1:24:
e9:7e:f8:9e:d6:6c:f5:af:f6:86:ed:ab:ec:b4:d8:
b3:69:16:e7:ca:66:5a:03:93:9f:33:e0:53:e1:40:
e8:66:c0:8c:bc:f0:34:bb:c8:38:55:e7:91:da:bf:
5a:b3:45:7b:ca:08:12:e5:be:10:07:89:35:da:f0:
e7:08:20:ba:57:47:9c:14:d3:fe:5f:ec:a2:fa:4d:
f9:55:60:81:83:90:00:30:09:69:bb:a6:20:ea:f4:
65:ff:e1:69:56:3c:0e:83:a5:51:9f:78:3e:63:8f:
ea:05:bf:62:0c:67:25:e0:9f:14:33:42:5c:de:d7:
e0:75:2e:a1:67:8f:3f:2a:1d:91:ef:10:d4:64:86:
18:e3:d1:fe:99:fd:01:71:36:94:4a:4c:a2:08:31:
72:99:30:d0:8b:66:22:e4:ff:71:06:52:7b:5b:49:
91:d8:24:61:41:5d:88:fa:2c:a4:e0:24:52:6f:c9:
af:45:1a:1a:5d:c8:e3:6c:28:9b:ea:79:32:b1:05:
f2:01:14:fa:e6:03:44:76:65:9a:94:80:f5:4d:8d:
61:51:7e:3a:8d:29:5e:a8:bf:44:97:64:e7:6a:f8:
26:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:62:10:66:16:7A:7F:1E:D7:53:19:15:97:A2:3B:2A:E9:8B:22:97
X509v3 Authority Key Identifier:
keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/PGIQZhZ6fx7XUxkVl6I7KumLIpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.96.0/21
5.153.192.0/19
31.12.96.0/19
31.13.0.0/21
37.252.32.0/19
91.199.78.0/24
93.121.0.0/17
95.172.224.0/19
151.249.0.0/18
159.20.32.0/19
185.196.80.0/22
212.105.160.0/19
IPv6:
2001:67c:2544::/48
2a00:10e8::/29
Signature Algorithm: sha256WithRSAEncryption
19:d2:32:49:24:2c:b3:e9:0a:47:44:4f:3e:6d:69:a1:be:58:
2a:b6:c8:ff:18:a1:8d:f3:4e:20:18:b8:b6:11:91:31:50:dd:
61:6b:e9:d3:74:73:c5:be:a0:66:16:d3:33:94:86:04:fd:c4:
a5:4e:70:1f:61:55:a7:8a:cb:68:41:96:85:e5:1d:12:ac:5f:
85:30:e5:8d:3c:9c:c1:bf:25:2e:69:9c:a8:be:12:84:5b:98:
29:9c:8d:ba:82:61:b4:35:a2:8a:42:4f:21:a3:23:0e:d3:d7:
51:20:ae:1c:62:7f:dd:24:e8:67:7e:20:07:58:56:24:83:04:
b1:79:de:f3:29:66:96:00:3a:6b:dc:6d:3e:f6:3e:77:5d:ad:
7c:13:e4:2c:59:6d:67:2a:29:d8:15:26:6b:74:1c:8d:1e:89:
47:0b:18:66:2a:6f:5a:f0:b6:07:41:86:99:9f:0f:cf:dd:dd:
a7:6f:6b:f3:33:67:8b:20:4b:1b:77:81:80:2e:c7:43:65:22:
b6:7b:8e:ab:9d:bb:ad:d5:ca:1f:64:f2:69:c5:06:09:d4:82:
8e:a7:bd:46:2b:6b:8c:58:c9:04:02:7b:cc:ac:26:64:ec:a8:
48:73:c8:0e:60:98:5a:b6:b5:b9:7a:f3:84:e0:cb:2c:cd:bc:
d9:29:8a:d0
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY3L+ebaoMOHwEXOq94KAsU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTk2ZDAyYTgyMmY0NjI1M2MyYWVlNjgwNDQxZDVhYzI3
YzNkZjUwHhcNMjQwMjIxMTQwMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzYyMTA2NjE2N2E3ZjFlZDc1MzE5MTU5N2EyM2IyYWU5OGIyMjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLbJofDtwhoxsaMTKs4vgaR7puxB
/MwUwDt8sSTpfvie1mz1r/aG7avstNizaRbnymZaA5OfM+BT4UDoZsCMvPA0u8g4
VeeR2r9as0V7yggS5b4QB4k12vDnCCC6V0ecFNP+X+yi+k35VWCBg5AAMAlpu6Yg
6vRl/+FpVjwOg6VRn3g+Y4/qBb9iDGcl4J8UM0Jc3tfgdS6hZ48/Kh2R7xDUZIYY
49H+mf0BcTaUSkyiCDFymTDQi2Yi5P9xBlJ7W0mR2CRhQV2I+iyk4CRSb8mvRRoa
XcjjbCib6nkysQXyART65gNEdmWalID1TY1hUX46jSleqL9El2Tnavgm0wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFDxiEGYWen8e11MZFZeiOyrpiyKXMB8GA1UdIwQY
MBaAFL2pbQKoIvRiU8Ku5oBEHVrCfD31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzIt
Y2Y4M2Q2ZTQwNTU4LzEvUEdJUVpoWjZmeDdYVXhrVmw2STdLdW1MSXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzItY2Y4M2Q2ZTQwNTU4
LzEvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBOBAIAATBIAwQDBZlgAwQF
BZnAAwQFHwxgAwQDHw0AAwQFJfwgAwQAW8dOAwQHXXkAAwQFX6zgAwQGl/kAAwQF
nxQgAwQCucRQAwQF1GmgMBYEAgACMBADBwAgAQZ8JUQDBQMqABDoMA0GCSqGSIb3
DQEBCwUAA4IBAQAZ0jJJJCyz6QpHRE8+bWmhvlgqtsj/GKGN804gGLi2EZExUN1h
a+nTdHPFvqBmFtMzlIYE/cSlTnAfYVWnistoQZaF5R0SrF+FMOWNPJzBvyUuaZyo
vhKEW5gpnI26gmG0NaKKQk8hoyMO09dRIK4cYn/dJOhnfiAHWFYkgwSxed7zKWaW
ADpr3G0+9j53Xa18E+QsWW1nKinYFSZrdByNHolHCxhmKm9a8LYHQYaZnw/P3d2n
b2vzM2eLIEsbd4GALsdDZSK2e46rnbut1cofZPJpxQYJ1IKOp71GK2uMWMkEAnvM
rCZk7KhIc8gOYJhatrW5evOE4MsszbzZKYrQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:33:29 2024 by rpki-client on console-ams.rpki-client.org