Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/umvqWs00O7saQaGNLRh7U6zLEnU.roa
File: umvqWs00O7saQaGNLRh7U6zLEnU.roa (raw, json)
Hash identifier: EVfmfMMj1qBk+d0VXNaTBgKnJsj50DwvPPJg9Ol519A=
Subject key identifier: BA:6B:EA:5A:CD:34:3B:BB:1A:41:A1:8D:2D:18:7B:53:AC:CB:12:75
Certificate issuer: /CN=6eab53640b0931924b73f760925845150a6ccca5
Certificate serial: 01933009D0EF6472E3A21DBDBD56DAFEEBAF
Authority key identifier: 6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/umvqWs00O7saQaGNLRh7U6zLEnU.roa
Signing time: Fri 15 Nov 2024 13:36:09 +0000
ROA not before: Fri 15 Nov 2024 13:36:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25447
IP address blocks: 62.93.64.0/19 maxlen: 19
62.93.68.0/24 maxlen: 24
62.93.73.0/24 maxlen: 24
62.93.74.0/24 maxlen: 24
62.93.76.0/24 maxlen: 24
62.93.88.0/24 maxlen: 24
62.93.96.0/20 maxlen: 20
62.93.96.0/21 maxlen: 21
62.93.104.0/21 maxlen: 24
62.93.112.0/22 maxlen: 22
62.93.120.0/21 maxlen: 21
82.192.0.0/19 maxlen: 19
82.192.0.0/23 maxlen: 23
82.192.5.0/24 maxlen: 24
82.192.6.0/24 maxlen: 24
82.192.18.0/24 maxlen: 24
85.13.0.0/18 maxlen: 18
85.13.2.0/24 maxlen: 24
85.13.8.0/24 maxlen: 24
85.13.14.0/24 maxlen: 24
85.13.16.0/24 maxlen: 24
176.61.160.0/19 maxlen: 24
185.51.220.0/22 maxlen: 24
188.117.192.0/18 maxlen: 18
188.117.200.0/22 maxlen: 22
188.117.208.0/22 maxlen: 22
188.117.220.0/22 maxlen: 22
188.117.240.0/20 maxlen: 20
217.16.112.0/20 maxlen: 20
217.16.113.0/24 maxlen: 24
217.16.114.0/24 maxlen: 24
217.16.124.0/24 maxlen: 24
217.16.127.0/24 maxlen: 24
217.199.80.0/20 maxlen: 20
217.199.83.0/24 maxlen: 24
217.199.90.0/24 maxlen: 24
2a03:4e40::/29 maxlen: 29
2a03:4e40::/32 maxlen: 32
2a03:4e47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:30:09:d0:ef:64:72:e3:a2:1d:bd:bd:56:da:fe:eb:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eab53640b0931924b73f760925845150a6ccca5
Validity
Not Before: Nov 15 13:36:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba6bea5acd343bbb1a41a18d2d187b53accb1275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d5:d0:95:8c:28:30:02:25:9b:fa:0e:b6:cc:
87:81:9d:d5:cd:84:99:d0:ad:5b:48:42:16:91:50:
97:4e:15:de:83:b2:39:b7:8f:1c:47:a8:db:a6:77:
a8:9d:6b:1f:0c:f7:9c:09:d6:0e:39:35:de:ba:2a:
26:36:61:e2:ae:67:79:5c:d4:60:ea:16:8e:8b:ab:
76:bf:63:a2:e2:f3:f3:89:bc:fb:5c:11:50:6a:60:
66:5c:b0:38:dc:f2:56:cf:fd:2d:1d:43:da:6e:37:
16:48:3c:ff:af:8e:a4:cc:a1:d5:fc:7c:7f:b4:e2:
72:74:0a:17:51:15:0e:5b:1c:43:29:da:94:19:a1:
f1:49:e0:d5:ac:c3:ae:d0:0f:35:4e:b9:b9:4a:45:
51:0a:84:cb:61:09:c1:78:31:44:f6:5e:51:ca:8c:
b5:67:a8:66:c2:4c:6f:08:fe:3d:a1:96:c1:9d:0f:
e8:d0:a5:24:26:0e:a6:d6:89:a0:9a:32:14:df:94:
33:0c:55:4d:86:52:4e:f9:f5:b2:0e:f9:c5:1e:28:
30:a8:d0:7d:c3:18:20:d6:03:92:a7:9a:82:dd:15:
98:c2:67:db:f7:d2:34:3f:8b:58:cc:4f:85:49:18:
f7:2c:45:24:ce:02:60:39:20:c6:ab:7d:a6:96:8f:
60:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6B:EA:5A:CD:34:3B:BB:1A:41:A1:8D:2D:18:7B:53:AC:CB:12:75
X509v3 Authority Key Identifier:
keyid:6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/umvqWs00O7saQaGNLRh7U6zLEnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.93.64.0-62.93.115.255
62.93.120.0/21
82.192.0.0/19
85.13.0.0/18
176.61.160.0/19
185.51.220.0/22
188.117.192.0/18
217.16.112.0/20
217.199.80.0/20
IPv6:
2a03:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
45:86:92:5c:c0:70:10:cd:f3:6a:10:68:5f:4f:0a:82:2c:37:
b9:33:d0:cd:90:20:f2:d0:6e:9f:8f:bd:ce:a3:07:27:8c:1e:
94:c3:b7:87:bf:4f:e4:ae:bc:78:db:44:07:fd:20:43:b0:73:
06:fa:50:c8:6b:e8:56:b5:25:c2:0a:f4:9b:80:85:d5:8a:ad:
69:f0:5c:14:26:01:c6:ea:7a:c9:9b:b3:ca:38:ea:89:79:9b:
8c:67:06:dd:03:74:65:db:ac:df:0b:c0:c8:9f:64:39:d6:ba:
a9:bf:b2:c3:6d:09:03:93:6f:13:0e:23:04:30:b2:b4:0b:5a:
4f:e7:64:db:33:62:03:a8:6e:9f:33:36:ae:08:b3:d2:70:60:
ee:5f:05:1c:8e:be:d6:90:5f:31:42:d2:f6:ef:d3:9f:f4:ab:
72:46:00:09:ee:26:4a:f5:b4:9b:9a:d7:a4:07:13:7a:62:a3:
91:7e:d8:fa:25:da:30:51:13:73:76:52:41:8d:e0:44:eb:e6:
eb:04:19:5a:52:a0:8a:96:b9:ea:b9:81:44:96:42:d7:50:8f:
aa:27:ce:a3:4b:33:cd:a0:3f:c6:16:59:1e:6e:4a:bf:ba:e5:
c9:35:15:4c:b2:3b:29:03:1a:d3:b5:7f:d0:8d:a1:6a:df:d3:
83:2a:53:c0
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZMwCdDvZHLjoh29vVba/uuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYWI1MzY0MGIwOTMxOTI0YjczZjc2MDkyNTg0NTE1MGE2
Y2NjYTUwHhcNMjQxMTE1MTMzNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZiZWE1YWNkMzQzYmJiMWE0MWExOGQyZDE4N2I1M2FjY2IxMjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dXQlYwoMAIlm/oOtsyHgZ3VzYSZ
0K1bSEIWkVCXThXeg7I5t48cR6jbpneonWsfDPecCdYOOTXeuiomNmHirmd5XNRg
6haOi6t2v2Oi4vPzibz7XBFQamBmXLA43PJWz/0tHUPabjcWSDz/r46kzKHV/Hx/
tOJydAoXURUOWxxDKdqUGaHxSeDVrMOu0A81Trm5SkVRCoTLYQnBeDFE9l5Ryoy1
Z6hmwkxvCP49oZbBnQ/o0KUkJg6m1omgmjIU35QzDFVNhlJO+fWyDvnFHigwqNB9
wxgg1gOSp5qC3RWYwmfb99I0P4tYzE+FSRj3LEUkzgJgOSDGq32mlo9gdQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFLpr6lrNNDu7GkGhjS0Ye1OsyxJ1MB8GA1UdIwQY
MBaAFG6rU2QLCTGSS3P3YJJYRRUKbMylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAt
NTMwNDYzMjM5NTFmLzEvdW12cVdzMDBPN3NhUWFHTkxSaDdVNnpMRW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAtNTMwNDYzMjM5NTFm
LzEvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+MAwDBAY+XUAD
BAI+XXADBAM+XXgDBAVSwAADBAZVDQADBAWwPaADBAK5M9wDBAa8dcADBATZEHAD
BATZx1AwDQQCAAIwBwMFAyoDTkAwDQYJKoZIhvcNAQELBQADggEBAEWGklzAcBDN
82oQaF9PCoIsN7kz0M2QIPLQbp+Pvc6jByeMHpTDt4e/T+SuvHjbRAf9IEOwcwb6
UMhr6Fa1JcIK9JuAhdWKrWnwXBQmAcbqesmbs8o46ol5m4xnBt0DdGXbrN8LwMif
ZDnWuqm/ssNtCQOTbxMOIwQwsrQLWk/nZNszYgOobp8zNq4Is9JwYO5fBRyOvtaQ
XzFC0vbv05/0q3JGAAnuJkr1tJua16QHE3pio5F+2Pol2jBRE3N2UkGN4ETr5usE
GVpSoIqWueq5gUSWQtdQj6onzqNLM82gP8YWWR5uSr+65ck1FUyyOykDGtO1f9CN
oWrf04MqU8A=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:16:49 2024 by rpki-client on console-fra.rpki-client.org