Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/DRa7g4yngXA3ws_VLg1lsxFYv94.roa
File: DRa7g4yngXA3ws_VLg1lsxFYv94.roa (raw, json)
Hash identifier: nBTt4YVWvIDarV+4fXTPI2C1NYcH4H3iDSTWfs4sSj4=
Subject key identifier: 0D:16:BB:83:8C:A7:81:70:37:C2:CF:D5:2E:0D:65:B3:11:58:BF:DE
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 01903532B79E8C3A5FBDA1F730243B62B2E8
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/DRa7g4yngXA3ws_VLg1lsxFYv94.roa
Signing time: Thu 20 Jun 2024 10:30:34 +0000
ROA not before: Thu 20 Jun 2024 10:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12430
IP address blocks: 5.224.0.0/15 maxlen: 15
31.4.0.0/16 maxlen: 24
37.222.0.0/15 maxlen: 24
46.24.0.0/14 maxlen: 14
46.25.0.0/21 maxlen: 21
46.25.60.0/22 maxlen: 22
46.136.0.0/16 maxlen: 16
62.87.0.0/17 maxlen: 24
77.208.0.0/14 maxlen: 24
77.224.0.0/13 maxlen: 13
87.124.192.0/18 maxlen: 18
87.125.0.0/16 maxlen: 24
87.235.0.0/16 maxlen: 16
89.6.0.0/15 maxlen: 15
93.113.16.0/21 maxlen: 21
93.113.136.0/21 maxlen: 21
94.248.64.0/18 maxlen: 18
95.60.0.0/14 maxlen: 14
95.60.32.0/21 maxlen: 21
148.56.0.0/16 maxlen: 16
159.147.0.0/16 maxlen: 16
178.57.128.0/18 maxlen: 18
178.139.0.0/16 maxlen: 22
188.84.0.0/14 maxlen: 14
188.86.112.0/22 maxlen: 22
188.211.228.0/22 maxlen: 22
193.125.0.0/16 maxlen: 16
194.220.0.0/16 maxlen: 16
212.73.32.0/19 maxlen: 24
212.145.0.0/16 maxlen: 16
212.166.128.0/17 maxlen: 23
217.130.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:32:b7:9e:8c:3a:5f:bd:a1:f7:30:24:3b:62:b2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jun 20 10:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d16bb838ca7817037c2cfd52e0d65b31158bfde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:09:1c:d7:73:56:a5:ff:63:76:01:0f:1d:a0:
73:3c:35:11:79:02:b9:a7:e0:85:25:4b:31:f8:b4:
e8:38:e6:32:99:5d:08:ab:6c:34:5d:a9:5a:9c:da:
c8:54:5f:c8:e0:50:e6:98:c1:d3:4e:2d:cc:29:dd:
89:0f:15:17:fe:17:39:e8:fc:52:89:23:cb:c4:1c:
e1:69:72:6c:63:43:a4:f8:67:0c:43:80:b4:f0:59:
bf:07:a6:eb:e4:54:0c:9c:82:96:68:ed:05:9c:70:
81:94:9f:27:32:c9:76:4f:c9:7f:5c:49:f9:ab:ce:
13:91:aa:51:7b:19:cb:86:67:05:81:dc:b3:8b:e7:
77:54:7b:2d:21:8e:5a:71:8e:10:b5:39:94:31:2d:
dd:9d:77:80:56:52:05:3f:21:af:66:45:ac:ca:ea:
e7:e6:83:58:65:1a:4c:ac:33:79:3e:72:20:b0:a9:
cd:20:61:e1:b9:b2:1e:7b:1c:dd:2f:db:44:23:b5:
b2:65:3f:77:74:14:b3:85:a0:74:74:65:af:b8:6b:
19:74:e5:6e:73:87:5a:82:22:79:55:20:3a:97:5f:
f9:86:f6:03:9a:64:9c:6d:29:c7:d8:a1:30:7b:82:
93:c3:c3:f0:fc:fe:0f:95:a7:48:8a:6b:35:f6:28:
79:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:16:BB:83:8C:A7:81:70:37:C2:CF:D5:2E:0D:65:B3:11:58:BF:DE
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/DRa7g4yngXA3ws_VLg1lsxFYv94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.224.0.0/15
31.4.0.0/16
37.222.0.0/15
46.24.0.0/14
46.136.0.0/16
62.87.0.0/17
77.208.0.0/14
77.224.0.0/13
87.124.192.0-87.125.255.255
87.235.0.0/16
89.6.0.0/15
93.113.16.0/21
93.113.136.0/21
94.248.64.0/18
95.60.0.0/14
148.56.0.0/16
159.147.0.0/16
178.57.128.0/18
178.139.0.0/16
188.84.0.0/14
188.211.228.0/22
193.125.0.0/16
194.220.0.0/16
212.73.32.0/19
212.145.0.0/16
212.166.128.0/17
217.130.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:8f:23:3c:38:42:2c:ff:1a:b2:a5:26:e5:ce:ae:7a:e1:2c:
12:68:6d:66:0a:35:23:fd:80:79:3f:04:96:6f:16:bc:cb:72:
3f:d0:00:53:19:0e:fa:60:9b:98:55:30:69:4c:c7:f2:f5:32:
4c:ad:e3:a8:bb:a7:92:ce:03:73:28:d7:77:7b:0f:4f:33:af:
9e:e6:37:fe:d0:a3:29:6a:ef:90:fb:ff:f5:9a:62:b8:ae:5c:
c7:0c:92:fd:f2:1b:f5:8c:2c:f7:0e:d3:15:1c:4c:73:95:d8:
a7:42:55:c0:f0:e6:58:14:b7:35:9a:15:92:e8:05:5f:87:81:
44:03:51:52:ce:df:6f:39:1c:38:ea:1b:a1:fd:f1:86:03:0f:
60:70:03:75:b9:08:cc:61:f6:f5:c0:4d:8d:56:d5:04:a9:a4:
f0:24:2d:fe:1e:12:92:ae:ac:eb:cc:c0:ba:91:53:21:67:e8:
5a:49:a7:3d:29:f7:8a:03:15:b9:ba:eb:42:1f:b4:64:3e:25:
46:6d:ef:95:81:f9:23:fe:ec:be:e0:83:8a:20:5d:c3:39:37:
b0:6d:0e:3e:01:83:96:59:b9:79:1a:2b:27:2a:fa:e7:67:71:
85:76:3c:bf:23:52:ba:71:4c:0e:1d:ef:f3:93:e7:06:4f:83:
44:c8:81:6f
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZA1MreejDpfvaH3MCQ7YrLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjQwNjIwMTAzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDE2YmI4MzhjYTc4MTcwMzdjMmNmZDUyZTBkNjViMzExNThiZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gkc13NWpf9jdgEPHaBzPDUReQK5
p+CFJUsx+LToOOYymV0Iq2w0XalanNrIVF/I4FDmmMHTTi3MKd2JDxUX/hc56PxS
iSPLxBzhaXJsY0Ok+GcMQ4C08Fm/B6br5FQMnIKWaO0FnHCBlJ8nMsl2T8l/XEn5
q84TkapRexnLhmcFgdyzi+d3VHstIY5acY4QtTmUMS3dnXeAVlIFPyGvZkWsyurn
5oNYZRpMrDN5PnIgsKnNIGHhubIeexzdL9tEI7WyZT93dBSzhaB0dGWvuGsZdOVu
c4dagiJ5VSA6l1/5hvYDmmScbSnH2KEwe4KTw8Pw/P4PladIims19ih5fQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFA0Wu4OMp4FwN8LP1S4NZbMRWL/eMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvRFJhN2c0eW5nWEEzd3NfVkxnMWxzeEZZdjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBngQCAAEwgZcDAwEF
4AMDAB8EAwMBJd4DAwIuGAMDAC6IAwQHPlcAAwMCTdADAwNN4DALAwQGV3zAAwMB
V3wDAwBX6wMDAVkGAwQDXXEQAwQDXXGIAwQGXvhAAwMCXzwDAwCUOAMDAJ+TAwQG
sjmAAwMAsosDAwK8VAMEArzT5AMDAMF9AwMAwtwDBAXUSSADAwDUkQMEB9SmgAMD
ANmCMA0GCSqGSIb3DQEBCwUAA4IBAQBZjyM8OEIs/xqypSblzq564SwSaG1mCjUj
/YB5PwSWbxa8y3I/0ABTGQ76YJuYVTBpTMfy9TJMreOou6eSzgNzKNd3ew9PM6+e
5jf+0KMpau+Q+//1mmK4rlzHDJL98hv1jCz3DtMVHExzldinQlXA8OZYFLc1mhWS
6AVfh4FEA1FSzt9vORw46huh/fGGAw9gcAN1uQjMYfb1wE2NVtUEqaTwJC3+HhKS
rqzrzMC6kVMhZ+haSac9KfeKAxW5uutCH7RkPiVGbe+Vgfkj/uy+4IOKIF3DOTew
bQ4+AYOWWbl5GisnKvrnZ3GFdjy/I1K6cUwOHe/zk+cGT4NEyIFv
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:05 2024 by rpki-client on console-fra.rpki-client.org