Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rUNyIGbWHEPuRo5qM9wuNpeD7dE.roa
File: rUNyIGbWHEPuRo5qM9wuNpeD7dE.roa (raw, json)
Hash identifier: JUN+wnUHXXrLk9nhHRdz256Nl+fDgazLQA75dz+sYGE=
Subject key identifier: AD:43:72:20:66:D6:1C:43:EE:46:8E:6A:33:DC:2E:36:97:83:ED:D1
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 019199DB298EEA705F4C005E67666FE063DD
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rUNyIGbWHEPuRo5qM9wuNpeD7dE.roa
Signing time: Wed 28 Aug 2024 16:39:22 +0000
ROA not before: Wed 28 Aug 2024 16:39:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202
IP address blocks: 5.159.208.0/21 maxlen: 24
5.181.72.0/22 maxlen: 24
31.192.96.0/21 maxlen: 24
45.8.100.0/22 maxlen: 24
45.132.108.0/22 maxlen: 24
45.137.44.0/22 maxlen: 24
80.74.240.0/21 maxlen: 24
80.74.248.0/21 maxlen: 24
83.150.252.0/22 maxlen: 24
85.95.96.0/19 maxlen: 24
92.42.120.0/21 maxlen: 24
95.129.64.0/21 maxlen: 24
176.58.0.0/21 maxlen: 24
185.79.184.0/22 maxlen: 24
185.90.0.0/22 maxlen: 24
185.94.204.0/22 maxlen: 24
185.99.76.0/22 maxlen: 24
185.145.88.0/22 maxlen: 24
185.178.216.0/22 maxlen: 24
185.182.200.0/23 maxlen: 24
185.204.212.0/22 maxlen: 24
185.229.4.0/22 maxlen: 24
185.246.132.0/22 maxlen: 24
185.247.200.0/22 maxlen: 24
185.248.252.0/24 maxlen: 24
185.248.253.0/24 maxlen: 24
185.248.254.0/24 maxlen: 24
185.248.255.0/24 maxlen: 24
188.94.16.0/21 maxlen: 24
193.24.3.0/24 maxlen: 24
193.24.6.0/24 maxlen: 24
193.24.13.0/24 maxlen: 24
193.24.31.0/24 maxlen: 24
195.26.32.0/19 maxlen: 24
195.88.8.0/23 maxlen: 24
212.11.68.0/22 maxlen: 24
212.11.72.0/22 maxlen: 24
217.145.128.0/20 maxlen: 24
2a00:f1c0::/32 maxlen: 32
2a04:e9c0::/29 maxlen: 29
2a0a:f480::/29 maxlen: 29
2a0d:7680::/29 maxlen: 29
2a0d:bf80::/29 maxlen: 29
2a0e:a1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:99:db:29:8e:ea:70:5f:4c:00:5e:67:66:6f:e0:63:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Aug 28 16:39:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad43722066d61c43ee468e6a33dc2e369783edd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fa:58:c6:ad:ac:64:f0:6a:d0:d9:5d:92:23:
3d:5a:be:7c:a0:c9:bd:ff:42:e0:08:da:08:5a:84:
cf:5b:d3:25:36:6a:d3:0b:4e:76:8b:ce:2c:a2:11:
12:5a:a6:96:0f:98:07:74:3b:1b:bb:bb:28:23:04:
f3:2b:49:84:f3:fa:eb:1b:46:8b:8e:de:f0:fe:98:
90:50:3c:c1:3e:60:13:e2:a1:17:2c:cf:41:7a:1b:
72:2b:5b:f3:42:da:44:af:4e:da:c3:1c:f9:7a:09:
a6:86:8c:b1:6d:53:2b:d5:fe:e7:01:5b:35:75:19:
be:ee:ff:f7:21:4e:8f:ec:2d:bf:b7:b1:75:e7:89:
c1:7b:03:cd:46:fa:f0:69:5e:81:25:25:60:2f:80:
d4:26:f3:ac:28:25:1c:cd:ba:f3:18:70:f8:e2:ff:
83:cf:29:bc:ae:f6:87:97:65:f9:44:47:b6:64:7c:
6c:75:f5:ca:02:83:83:4c:41:58:ff:43:23:5c:be:
4f:71:9f:d2:ee:4f:11:2e:88:62:11:5c:e7:f8:de:
c3:da:33:8e:1c:57:fb:cf:31:13:35:49:0a:04:58:
8d:75:1f:f4:d3:5a:c9:bb:8e:e5:d2:ca:4b:6d:25:
2e:a7:46:65:71:ff:f2:62:ae:22:d5:30:d2:b1:c5:
c4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:43:72:20:66:D6:1C:43:EE:46:8E:6A:33:DC:2E:36:97:83:ED:D1
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/rUNyIGbWHEPuRo5qM9wuNpeD7dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.208.0/21
5.181.72.0/22
31.192.96.0/21
45.8.100.0/22
45.132.108.0/22
45.137.44.0/22
80.74.240.0/20
83.150.252.0/22
85.95.96.0/19
92.42.120.0/21
95.129.64.0/21
176.58.0.0/21
185.79.184.0/22
185.90.0.0/22
185.94.204.0/22
185.99.76.0/22
185.145.88.0/22
185.178.216.0/22
185.182.200.0/23
185.204.212.0/22
185.229.4.0/22
185.246.132.0/22
185.247.200.0/22
185.248.252.0/22
188.94.16.0/21
193.24.3.0/24
193.24.6.0/24
193.24.13.0/24
193.24.31.0/24
195.26.32.0/19
195.88.8.0/23
212.11.68.0-212.11.75.255
217.145.128.0/20
IPv6:
2a00:f1c0::/32
2a04:e9c0::/29
2a0a:f480::/29
2a0d:7680::/29
2a0d:bf80::/29
2a0e:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:af:c7:bf:cf:c9:89:2a:3c:84:f2:f9:18:c3:96:4f:3c:94:
a8:17:80:6a:96:d0:27:cd:06:56:93:6d:4c:e0:f2:12:a3:13:
a2:cf:3a:5f:cb:93:a7:35:03:8d:ff:a0:ed:70:e5:22:74:80:
5d:eb:99:00:64:62:cb:b6:13:67:64:3f:89:1f:d7:d0:02:1e:
86:5e:2c:76:ff:9b:bb:6f:aa:1a:3d:c3:c2:ab:4f:53:b2:3d:
9e:9f:b7:b0:70:05:0e:d9:bd:0d:ad:f5:78:19:78:40:bf:cd:
64:9f:f7:63:60:96:ee:4c:66:5a:74:1e:71:67:38:a1:05:f9:
a2:1d:aa:98:d0:b1:a6:0b:8f:ab:56:40:45:e1:35:29:a9:2a:
e5:99:8d:33:e7:36:a3:80:b0:9c:70:92:a6:f8:18:14:c5:1d:
83:4d:5b:e2:dd:b8:04:83:5c:70:9f:36:5f:81:06:68:1f:57:
25:6a:b5:2d:b7:9b:21:3c:8f:de:67:42:04:49:4d:5b:db:95:
30:c9:f9:e1:50:8c:04:14:55:6f:85:7d:a3:37:b6:d5:61:ac:
c7:0a:c2:92:62:d9:fa:d3:e3:bd:b4:da:83:a4:d3:ae:76:3d:
4a:ec:4a:af:1d:a6:51:95:0d:be:3c:1b:83:ce:8f:50:eb:4e:
30:dc:22:3f
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZGZ2ymO6nBfTABeZ2Zv4GPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjQwODI4MTYzOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDQzNzIyMDY2ZDYxYzQzZWU0NjhlNmEzM2RjMmUzNjk3ODNlZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPpYxq2sZPBq0NldkiM9Wr58oMm9
/0LgCNoIWoTPW9MlNmrTC052i84sohESWqaWD5gHdDsbu7soIwTzK0mE8/rrG0aL
jt7w/piQUDzBPmAT4qEXLM9BehtyK1vzQtpEr07awxz5egmmhoyxbVMr1f7nAVs1
dRm+7v/3IU6P7C2/t7F154nBewPNRvrwaV6BJSVgL4DUJvOsKCUczbrzGHD44v+D
zym8rvaHl2X5REe2ZHxsdfXKAoODTEFY/0MjXL5PcZ/S7k8RLohiEVzn+N7D2jOO
HFf7zzETNUkKBFiNdR/001rJu47l0spLbSUup0Zlcf/yYq4i1TDSscXEeQIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFK1DciBm1hxD7kaOajPcLjaXg+3RMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvclVOeUlHYldIRVB1Um81cU05d3VOcGVEN2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCB1QQCAAEwgc4D
BAMFn9ADBAIFtUgDBAMfwGADBAItCGQDBAIthGwDBAItiSwDBARQSvADBAJTlvwD
BAVVX2ADBANcKngDBANfgUADBAOwOgADBAK5T7gDBAK5WgADBAK5XswDBAK5Y0wD
BAK5kVgDBAK5stgDBAG5tsgDBAK5zNQDBAK55QQDBAK59oQDBAK598gDBAK5+PwD
BAO8XhADBADBGAMDBADBGAYDBADBGA0DBADBGB8DBAXDGiADBAHDWAgwDAMEAtQL
RAMEAtQLSAMEBNmRgDAwBAIAAjAqAwUAKgDxwAMFAyoE6cADBQMqCvSAAwUDKg12
gAMFAyoNv4ADBQMqDqHAMA0GCSqGSIb3DQEBCwUAA4IBAQCwr8e/z8mJKjyE8vkY
w5ZPPJSoF4BqltAnzQZWk21M4PISoxOizzpfy5OnNQON/6DtcOUidIBd65kAZGLL
thNnZD+JH9fQAh6GXix2/5u7b6oaPcPCq09Tsj2en7ewcAUO2b0NrfV4GXhAv81k
n/djYJbuTGZadB5xZzihBfmiHaqY0LGmC4+rVkBF4TUpqSrlmY0z5zajgLCccJKm
+BgUxR2DTVvi3bgEg1xwnzZfgQZoH1clarUtt5shPI/eZ0IESU1b25UwyfnhUIwE
FFVvhX2jN7bVYazHCsKSYtn60+O9tNqDpNOudj1K7EqvHaZRlQ2+PBuDzo9Q604w
3CI/
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:02 2024 by rpki-client on console-ams.rpki-client.org