Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/xzyvESbk91O-sTMajAzJYvx_Phc.roa
File: xzyvESbk91O-sTMajAzJYvx_Phc.roa (raw, json)
Hash identifier: Zyj0OBucwQPbi8iWQb0O53UPypipa3+8/ZAj46D38Pc=
Subject key identifier: C7:3C:AF:11:26:E4:F7:53:BE:B1:33:1A:8C:0C:C9:62:FC:7F:3E:17
Certificate issuer: /CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Certificate serial: 018F860A7B0572F75A9C3E90FC9FA4A104C2
Authority key identifier: 18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/xzyvESbk91O-sTMajAzJYvx_Phc.roa
Signing time: Fri 17 May 2024 10:13:04 +0000
ROA not before: Fri 17 May 2024 10:13:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14061
IP address blocks: 5.42.203.0/24 maxlen: 24
5.101.96.0/20 maxlen: 24
37.139.0.0/19 maxlen: 22
46.101.0.0/16 maxlen: 22
80.240.128.0/20 maxlen: 22
82.196.0.0/20 maxlen: 22
95.85.0.0/18 maxlen: 22
146.185.128.0/19 maxlen: 22
146.185.160.0/19 maxlen: 22
167.172.0.0/16 maxlen: 22
178.62.0.0/16 maxlen: 22
178.128.0.0/17 maxlen: 22
178.128.128.0/17 maxlen: 22
185.14.184.0/22 maxlen: 22
188.166.0.0/16 maxlen: 22
188.226.128.0/17 maxlen: 22
2a03:b0c0::/32 maxlen: 48
2a12:1840::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:0a:7b:05:72:f7:5a:9c:3e:90:fc:9f:a4:a1:04:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Validity
Not Before: May 17 10:13:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c73caf1126e4f753beb1331a8c0cc962fc7f3e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:df:f2:19:2d:10:31:35:0e:b5:fd:ba:98:17:
c4:93:59:a8:ab:99:56:a5:79:10:24:58:41:d0:04:
6e:44:f2:d5:d0:df:14:6c:bf:75:ed:3a:32:7b:9f:
06:81:4a:3c:3b:dc:b1:59:b9:bb:7e:cf:7f:74:a0:
7c:68:4d:bd:13:99:0d:04:33:ca:16:ad:f8:de:48:
8f:27:82:98:5e:1d:6f:5b:9b:37:92:c9:78:46:69:
dd:d7:1e:65:9b:9a:db:6d:23:a0:de:3a:32:dd:f6:
65:35:40:19:db:57:ba:2f:d7:0a:3f:26:c1:f8:27:
1e:6c:4c:a3:2b:f4:f2:79:cf:63:38:d7:1a:a8:00:
68:6b:3a:e8:69:7b:cc:81:b7:f7:a0:34:92:d5:46:
61:48:10:28:9e:ce:f7:c7:e3:13:72:f0:17:40:01:
67:0f:d8:d9:67:40:4a:04:99:cb:68:f4:0e:50:c9:
18:16:42:1d:73:31:06:b8:29:01:59:8a:63:bf:02:
63:fc:1d:bd:48:7e:6d:fa:6b:a4:db:97:6e:89:eb:
49:c2:e9:80:aa:cc:64:8d:ef:51:b2:7b:7e:17:b1:
4b:b7:8a:34:f6:3a:30:57:f4:c9:76:00:b5:53:ca:
1a:3e:17:e2:11:93:ca:14:82:4f:c3:b2:a6:6c:e7:
e2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3C:AF:11:26:E4:F7:53:BE:B1:33:1A:8C:0C:C9:62:FC:7F:3E:17
X509v3 Authority Key Identifier:
keyid:18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/xzyvESbk91O-sTMajAzJYvx_Phc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.203.0/24
5.101.96.0/20
37.139.0.0/19
46.101.0.0/16
80.240.128.0/20
82.196.0.0/20
95.85.0.0/18
146.185.128.0/18
167.172.0.0/16
178.62.0.0/16
178.128.0.0/16
185.14.184.0/22
188.166.0.0/16
188.226.128.0/17
IPv6:
2a03:b0c0::/32
2a12:1840::/29
Signature Algorithm: sha256WithRSAEncryption
28:9a:82:16:c7:46:da:ff:e0:aa:a4:d5:5b:b5:56:e4:bd:a2:
43:ae:c5:aa:a3:e8:be:28:9e:b0:9e:5c:42:07:97:96:90:81:
4e:f4:81:9b:16:e0:d2:be:8d:96:86:e0:ee:c7:1f:2b:c5:dd:
ae:78:af:59:95:93:33:51:dd:14:ac:1f:3b:12:74:e0:e5:5e:
79:75:6a:06:1f:d0:a1:c1:5e:09:1c:07:f6:83:e2:6f:76:dd:
a1:45:b6:f3:3b:99:83:27:c3:64:95:84:9f:70:6d:96:3e:3f:
c4:19:ce:73:82:16:42:39:a5:0c:c7:2e:3e:fe:f1:0e:47:5c:
0c:0b:c6:15:bd:7e:8a:33:7f:4d:cc:44:86:1b:bc:21:5b:6e:
f1:e4:c5:6d:f7:5f:db:44:29:88:ae:fd:be:6d:23:e5:18:f7:
92:de:26:94:88:30:96:d4:f8:72:15:23:5f:70:42:1f:4e:ec:
57:bb:db:41:19:b5:15:6b:82:32:3b:0f:46:fc:83:e8:5b:3f:
32:c3:63:3b:98:89:ab:0e:62:60:e2:dd:31:76:2c:10:48:8d:
47:51:f2:f7:4a:38:c8:d3:5a:48:76:93:9c:c0:bb:e3:8c:3b:
49:34:1b:d1:d6:7d:7e:f4:52:78:42:cc:43:49:14:60:d6:eb:
23:42:a2:45
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAY+GCnsFcvdanD6Q/J+koQTCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDhiZjdmZTQ4YjA1N2Y5ZjJmM2Q1ZDFhNjMxMGZkOWUx
NGM1NzEwHhcNMjQwNTE3MTAxMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzNjYWYxMTI2ZTRmNzUzYmViMTMzMWE4YzBjYzk2MmZjN2YzZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd/yGS0QMTUOtf26mBfEk1moq5lW
pXkQJFhB0ARuRPLV0N8UbL917Toye58GgUo8O9yxWbm7fs9/dKB8aE29E5kNBDPK
Fq343kiPJ4KYXh1vW5s3ksl4Rmnd1x5lm5rbbSOg3joy3fZlNUAZ21e6L9cKPybB
+CcebEyjK/Tyec9jONcaqABoazroaXvMgbf3oDSS1UZhSBAons73x+MTcvAXQAFn
D9jZZ0BKBJnLaPQOUMkYFkIdczEGuCkBWYpjvwJj/B29SH5t+muk25duietJwumA
qsxkje9Rsnt+F7FLt4o09jowV/TJdgC1U8oaPhfiEZPKFIJPw7KmbOfiEQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFMc8rxEm5PdTvrEzGowMyWL8fz4XMB8GA1UdIwQY
MBaAFBgIv3/kiwV/ny89XRpjEP2eFMVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMt
OWQzOTJlZWUwZjY2LzEveHp5dkVTYms5MU8tc1RNYWpBekpZdnhfUGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMtOWQzOTJlZWUwZjY2
LzEvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBVBAIAATBPAwQABSrLAwQE
BWVgAwQFJYsAAwMALmUDBARQ8IADBARSxAADBAZfVQADBAaSuYADAwCnrAMDALI+
AwMAsoADBAK5DrgDAwC8pgMEB7zigDAUBAIAAjAOAwUAKgOwwAMFAyoSGEAwDQYJ
KoZIhvcNAQELBQADggEBACiaghbHRtr/4Kqk1Vu1VuS9okOuxaqj6L4onrCeXEIH
l5aQgU70gZsW4NK+jZaG4O7HHyvF3a54r1mVkzNR3RSsHzsSdODlXnl1agYf0KHB
XgkcB/aD4m923aFFtvM7mYMnw2SVhJ9wbZY+P8QZznOCFkI5pQzHLj7+8Q5HXAwL
xhW9foozf03MRIYbvCFbbvHkxW33X9tEKYiu/b5tI+UY95LeJpSIMJbU+HIVI19w
Qh9O7Fe720EZtRVrgjI7D0b8g+hbPzLDYzuYiasOYmDi3TF2LBBIjUdR8vdKOMjT
Wkh2k5zAu+OMO0k0G9HWfX70UnhCzENJFGDW6yNCokU=
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:54:23 2024 by rpki-client on console-fra.rpki-client.org