Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/Yv0PPtOQlEuSWVvTqVeG_Rvw1gA.roa
File: Yv0PPtOQlEuSWVvTqVeG_Rvw1gA.roa (raw, json)
Hash identifier: hrcon0y1HH5qkzvVRsT9kC0k9SVNOATmAWXgu9ZAiTw=
Subject key identifier: 62:FD:0F:3E:D3:90:94:4B:92:59:5B:D3:A9:57:86:FD:1B:F0:D6:00
Certificate issuer: /CN=5f96676cf398d3994c4dd4a296594614dff586c7
Certificate serial: 0190CB3A11F562C4E9302A3CE0663F9B1AC6
Authority key identifier: 5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/Yv0PPtOQlEuSWVvTqVeG_Rvw1gA.roa
Signing time: Fri 19 Jul 2024 13:41:38 +0000
ROA not before: Fri 19 Jul 2024 13:41:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198417
IP address blocks: 31.14.64.0/24 maxlen: 24
31.14.218.0/24 maxlen: 24
31.14.232.0/24 maxlen: 24
31.14.253.0/24 maxlen: 24
37.153.137.0/24 maxlen: 24
86.105.194.0/24 maxlen: 24
86.105.197.0/24 maxlen: 24
86.106.21.0/24 maxlen: 24
86.106.82.0/24 maxlen: 24
86.106.178.0/24 maxlen: 24
86.107.188.0/24 maxlen: 24
89.32.124.0/24 maxlen: 24
89.32.128.0/24 maxlen: 24
89.32.201.0/24 maxlen: 24
89.32.205.0/24 maxlen: 24
89.34.218.0/24 maxlen: 24
89.38.56.0/24 maxlen: 24
89.38.71.0/24 maxlen: 24
89.39.151.0/24 maxlen: 24
89.40.68.0/24 maxlen: 24
89.40.131.0/24 maxlen: 24
89.41.30.0/24 maxlen: 24
89.42.34.0/24 maxlen: 24
89.43.39.0/24 maxlen: 24
89.44.106.0/24 maxlen: 24
89.45.9.0/24 maxlen: 24
89.46.128.0/24 maxlen: 24
89.46.129.0/24 maxlen: 24
89.46.130.0/24 maxlen: 24
89.47.35.0/24 maxlen: 24
92.114.34.0/24 maxlen: 24
92.114.99.0/24 maxlen: 24
93.113.88.0/24 maxlen: 24
93.113.108.0/24 maxlen: 24
93.114.141.0/24 maxlen: 24
93.114.250.0/24 maxlen: 24
94.177.64.0/24 maxlen: 24
94.177.119.0/24 maxlen: 24
159.20.112.0/24 maxlen: 24
159.20.113.0/24 maxlen: 24
159.20.114.0/24 maxlen: 24
159.20.115.0/24 maxlen: 24
159.20.116.0/24 maxlen: 24
176.223.162.0/24 maxlen: 24
176.223.180.0/24 maxlen: 24
188.208.18.0/24 maxlen: 24
188.215.40.0/24 maxlen: 24
188.215.41.0/24 maxlen: 24
188.215.42.0/24 maxlen: 24
188.215.43.0/24 maxlen: 24
188.240.16.0/24 maxlen: 24
188.240.46.0/24 maxlen: 24
2a10:3ec0::/29 maxlen: 29
2a10:3ec0:32::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 16:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cb:3a:11:f5:62:c4:e9:30:2a:3c:e0:66:3f:9b:1a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f96676cf398d3994c4dd4a296594614dff586c7
Validity
Not Before: Jul 19 13:41:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62fd0f3ed390944b92595bd3a95786fd1bf0d600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:4c:b3:40:5e:5c:3d:c0:30:33:44:5e:45:e5:
d2:da:58:db:1a:89:c7:4c:16:f6:f2:e3:66:d8:ad:
ea:a9:b7:1c:c0:b0:93:c5:08:f2:f3:54:88:a0:a9:
23:90:8a:b8:49:b9:61:ab:cf:5d:b3:6f:06:9c:a6:
a5:ab:82:7f:6d:84:c8:cf:3d:75:02:21:37:e2:b6:
d5:29:96:d6:51:59:22:6c:5a:fd:c1:04:36:e6:ce:
37:7f:f7:10:87:9c:e4:f6:c8:48:d8:73:3d:c3:ff:
aa:63:46:48:e4:10:7a:44:36:ef:ed:27:fb:94:78:
5d:b9:f5:97:d1:ef:de:ce:8d:e5:83:9e:38:a9:d5:
0f:25:47:f2:8d:94:2b:53:36:8b:79:41:49:d7:9c:
d4:04:bc:d8:6e:be:65:ac:89:81:53:7e:0d:a8:7c:
c4:f9:50:c2:41:be:af:09:81:83:1c:ee:c1:27:15:
ca:19:20:6d:cd:cf:f9:92:1d:cf:74:74:c1:60:c4:
53:c5:cc:89:ed:c5:7d:36:09:6b:c4:41:b1:8c:58:
c9:8d:a7:19:c2:b4:68:99:a3:e2:9d:eb:de:a5:0e:
23:af:b9:ae:78:c1:51:5f:3b:c0:5b:aa:85:3a:bd:
41:2c:ec:f3:0f:a8:e5:d3:30:88:1d:a2:17:45:08:
42:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FD:0F:3E:D3:90:94:4B:92:59:5B:D3:A9:57:86:FD:1B:F0:D6:00
X509v3 Authority Key Identifier:
keyid:5F:96:67:6C:F3:98:D3:99:4C:4D:D4:A2:96:59:46:14:DF:F5:86:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5ZnbPOY05lMTdSilllGFN_1hsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/Yv0PPtOQlEuSWVvTqVeG_Rvw1gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6a6805-5ce0-4128-a04c-f62f35af4371/1/X5ZnbPOY05lMTdSilllGFN_1hsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.64.0/24
31.14.218.0/24
31.14.232.0/24
31.14.253.0/24
37.153.137.0/24
86.105.194.0/24
86.105.197.0/24
86.106.21.0/24
86.106.82.0/24
86.106.178.0/24
86.107.188.0/24
89.32.124.0/24
89.32.128.0/24
89.32.201.0/24
89.32.205.0/24
89.34.218.0/24
89.38.56.0/24
89.38.71.0/24
89.39.151.0/24
89.40.68.0/24
89.40.131.0/24
89.41.30.0/24
89.42.34.0/24
89.43.39.0/24
89.44.106.0/24
89.45.9.0/24
89.46.128.0-89.46.130.255
89.47.35.0/24
92.114.34.0/24
92.114.99.0/24
93.113.88.0/24
93.113.108.0/24
93.114.141.0/24
93.114.250.0/24
94.177.64.0/24
94.177.119.0/24
159.20.112.0-159.20.116.255
176.223.162.0/24
176.223.180.0/24
188.208.18.0/24
188.215.40.0/22
188.240.16.0/24
188.240.46.0/24
IPv6:
2a10:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
87:f9:b8:94:c1:87:cb:07:15:5d:2b:fc:9a:13:d4:41:9c:9f:
64:58:77:3e:4a:16:45:a8:f5:f6:6f:5b:aa:e0:82:54:3a:4d:
03:db:b5:78:32:64:5f:8c:53:14:a1:6e:5d:19:89:d8:a6:9e:
d5:de:6f:1f:70:5c:be:9b:1c:43:64:45:07:55:a2:29:07:a4:
fa:34:4a:5c:18:a8:ed:28:94:8e:d5:f0:56:18:5a:12:5a:57:
15:64:a4:33:9a:cd:6f:66:f5:98:0a:79:78:48:00:7c:13:7f:
92:73:5c:f5:7c:f1:b7:52:a5:ca:32:55:4b:c0:5c:c7:8d:65:
8f:c9:5b:f5:26:5b:d4:fa:53:7e:2c:53:55:b9:c7:a6:e0:f0:
cf:a6:11:04:50:f7:db:8d:95:75:fb:9f:1d:24:94:43:64:08:
a2:9b:09:51:e8:48:cd:8a:dd:e2:15:be:45:08:66:db:f7:91:
e4:e9:c9:b9:68:5b:77:c3:df:5e:f2:c8:ff:07:2e:74:f6:88:
93:ca:00:76:7c:0a:5a:80:c7:fb:24:f8:17:e1:87:56:fe:2b:
69:1a:6e:8e:41:88:43:64:55:13:65:fd:b5:8d:63:b1:bc:a2:
ec:02:9e:a1:bf:3f:8c:1f:9f:2d:20:ff:a8:63:aa:c9:08:01:
7c:b6:dc:59
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAZDLOhH1YsTpMCo84GY/mxrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTY2NzZjZjM5OGQzOTk0YzRkZDRhMjk2NTk0NjE0ZGZm
NTg2YzcwHhcNMjQwNzE5MTM0MTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmZkMGYzZWQzOTA5NDRiOTI1OTViZDNhOTU3ODZmZDFiZjBkNjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70yzQF5cPcAwM0ReReXS2ljbGonH
TBb28uNm2K3qqbccwLCTxQjy81SIoKkjkIq4Sblhq89ds28GnKalq4J/bYTIzz11
AiE34rbVKZbWUVkibFr9wQQ25s43f/cQh5zk9shI2HM9w/+qY0ZI5BB6RDbv7Sf7
lHhdufWX0e/ezo3lg544qdUPJUfyjZQrUzaLeUFJ15zUBLzYbr5lrImBU34NqHzE
+VDCQb6vCYGDHO7BJxXKGSBtzc/5kh3PdHTBYMRTxcyJ7cV9NglrxEGxjFjJjacZ
wrRomaPinevepQ4jr7mueMFRXzvAW6qFOr1BLOzzD6jl0zCIHaIXRQhCRwIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFGL9Dz7TkJRLkllb06lXhv0b8NYAMB8GA1UdIwQY
MBaAFF+WZ2zzmNOZTE3UopZZRhTf9YbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMt
ZjYyZjM1YWY0MzcxLzEvWXYwUFB0T1FsRXVTV1Z2VHFWZUdfUnZ3MWdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC82YTY4MDUtNWNlMC00MTI4LWEwNGMtZjYyZjM1YWY0Mzcx
LzEvWDVabmJQT1kwNWxNVGRTaWxsbEdGTl8xaHNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTCCARoEAgABMIIB
EgMEAB8OQAMEAB8O2gMEAB8O6AMEAB8O/QMEACWZiQMEAFZpwgMEAFZpxQMEAFZq
FQMEAFZqUgMEAFZqsgMEAFZrvAMEAFkgfAMEAFkggAMEAFkgyQMEAFkgzQMEAFki
2gMEAFkmOAMEAFkmRwMEAFknlwMEAFkoRAMEAFkogwMEAFkpHgMEAFkqIgMEAFkr
JwMEAFksagMEAFktCTAMAwQHWS6AAwQAWS6CAwQAWS8jAwQAXHIiAwQAXHJjAwQA
XXFYAwQAXXFsAwQAXXKNAwQAXXL6AwQAXrFAAwQAXrF3MAwDBASfFHADBACfFHQD
BACw36IDBACw37QDBAC80BIDBAK81ygDBAC88BADBAC88C4wDQQCAAIwBwMFAyoQ
PsAwDQYJKoZIhvcNAQELBQADggEBAIf5uJTBh8sHFV0r/JoT1EGcn2RYdz5KFkWo
9fZvW6rgglQ6TQPbtXgyZF+MUxShbl0ZidimntXebx9wXL6bHENkRQdVoikHpPo0
SlwYqO0olI7V8FYYWhJaVxVkpDOazW9m9ZgKeXhIAHwTf5JzXPV88bdSpcoyVUvA
XMeNZY/JW/UmW9T6U34sU1W5x6bg8M+mEQRQ99uNlXX7nx0klENkCKKbCVHoSM2K
3eIVvkUIZtv3keTpybloW3fD317yyP8HLnT2iJPKAHZ8ClqAx/sk+Bfhh1b+K2ka
bo5BiENkVRNl/bWNY7G8ouwCnqG/P4wfny0g/6hjqskIAXy23Fk=
-----END CERTIFICATE-----
Generated at Tue Nov 26 22:12:30 2024 by rpki-client on console-ams.rpki-client.org