Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/U3OaYV-wOvVFY6zJc-1Cns0rrf8.roa
File: U3OaYV-wOvVFY6zJc-1Cns0rrf8.roa (raw, json)
Hash identifier: TK3TTlmeNmLswojx1lQYMJRjBCWZlhllUHswQFlwxew=
Subject key identifier: 53:73:9A:61:5F:B0:3A:F5:45:63:AC:C9:73:ED:42:9E:CD:2B:AD:FF
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FC5FFD7BF48FAF20122BA21A672FF
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/U3OaYV-wOvVFY6zJc-1Cns0rrf8.roa
Signing time: Tue 02 Jan 2024 04:30:17 +0000
ROA not before: Tue 02 Jan 2024 04:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209767
IP address blocks: 91.245.92.0/22 maxlen: 24
109.207.133.0/24 maxlen: 24
109.207.143.0/24 maxlen: 24
109.207.142.0/24 maxlen: 24
176.113.176.0/22 maxlen: 24
176.124.172.0/22 maxlen: 22
91.246.204.0/22 maxlen: 22
91.229.30.0/24 maxlen: 24
91.246.216.0/24 maxlen: 24
178.213.176.0/22 maxlen: 24
176.116.229.0/24 maxlen: 24
91.239.224.0/24 maxlen: 24
176.116.237.0/24 maxlen: 24
91.224.213.0/24 maxlen: 24
46.174.204.0/22 maxlen: 22
91.239.179.0/24 maxlen: 24
91.226.52.0/23 maxlen: 23
91.226.54.0/23 maxlen: 23
31.132.192.0/22 maxlen: 22
31.132.196.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c5:ff:d7:bf:48:fa:f2:01:22:ba:21:a6:72:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53739a615fb03af54563acc973ed429ecd2badff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:74:b7:7c:11:e9:8f:ea:40:bf:42:e3:cf:4a:
ef:3e:88:c1:62:e7:6a:38:29:82:18:85:6b:18:03:
ec:f3:3d:8b:a5:d2:84:50:14:70:ac:21:b7:c1:6f:
97:00:59:e3:68:a4:8c:8e:04:11:36:fa:02:a1:9c:
cf:96:c4:ac:f2:44:3c:5d:cd:5b:35:42:16:a4:40:
8d:1d:10:f7:21:aa:47:5d:4a:e5:3a:e2:a3:7a:7a:
38:3e:5f:c7:89:3b:56:9d:15:88:a5:62:0b:55:ac:
ca:1c:69:7d:0f:5b:14:06:13:12:ff:06:d9:a3:7d:
65:8e:64:e1:9b:71:ef:e2:d2:93:17:71:5c:2d:e6:
e4:b0:bf:43:fe:10:cf:5b:f8:55:f3:e0:98:df:3c:
8a:63:94:71:6a:a7:28:ce:82:d6:9d:53:43:36:35:
a3:37:20:2e:35:15:1b:47:ba:e7:58:7e:4c:f0:5c:
5a:9b:b0:50:9f:f7:06:58:7f:ed:ec:f4:42:4a:90:
77:9e:01:a3:b9:3d:b2:f1:f5:ef:46:cd:84:22:a7:
39:d7:fd:47:2c:41:e4:4f:86:d9:49:53:b6:d8:12:
0e:77:19:04:97:e3:c6:e0:80:c9:5c:66:55:e4:f0:
6b:81:69:10:8d:8b:44:80:87:e5:45:ad:c4:3e:ea:
17:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:73:9A:61:5F:B0:3A:F5:45:63:AC:C9:73:ED:42:9E:CD:2B:AD:FF
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/U3OaYV-wOvVFY6zJc-1Cns0rrf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.192.0/21
46.174.204.0/22
91.224.213.0/24
91.226.52.0/22
91.229.30.0/24
91.239.179.0/24
91.239.224.0/24
91.245.92.0/22
91.246.204.0/22
91.246.216.0/24
109.207.133.0/24
109.207.142.0/23
176.113.176.0/22
176.116.229.0/24
176.116.237.0/24
176.124.172.0/22
178.213.176.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:a1:e6:2d:c1:e1:1f:d5:ef:42:79:87:6e:a4:db:36:92:13:
55:10:78:5a:9c:4c:69:e2:43:cc:77:be:99:06:17:b4:6d:8e:
23:1e:19:92:19:90:26:8f:b2:3d:d6:96:41:bf:f2:d0:68:ca:
9b:5d:99:4b:19:27:68:03:e4:79:d7:bd:5f:79:eb:c8:04:cc:
0e:42:73:ec:c5:97:2d:b2:02:15:f2:ef:cd:74:ae:88:26:74:
fa:f1:da:2e:11:41:a7:d9:6e:18:19:88:7d:16:a4:5f:1e:2f:
42:31:0a:96:98:94:32:32:a3:7d:c8:63:61:09:c3:52:f2:6e:
0d:26:ee:1b:86:1e:2c:bc:ee:d9:3e:d6:5c:91:55:ed:f9:15:
cd:3e:39:06:23:15:39:2a:f0:0a:10:ac:04:c0:d4:63:ed:7c:
9a:c0:98:cb:3b:7d:3b:bc:19:5f:6c:88:94:73:7f:05:8e:4f:
72:ba:0a:59:21:38:31:0c:f4:74:ad:cb:69:85:40:17:9b:b6:
d6:3e:74:12:03:9c:de:76:2a:28:b4:94:01:c0:ec:58:9a:06:
74:b2:73:5c:f6:4c:c9:0b:ec:81:88:a9:4d:c9:48:6f:2c:61:
d7:41:a9:f5:53:78:e5:93:53:8e:09:cb:d2:80:78:39:64:31:
a7:0b:db:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYzIb8X/179I+vIBIrohpnL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzczOWE2MTVmYjAzYWY1NDU2M2FjYzk3M2VkNDI5ZWNkMmJhZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnS3fBHpj+pAv0Ljz0rvPojBYudq
OCmCGIVrGAPs8z2LpdKEUBRwrCG3wW+XAFnjaKSMjgQRNvoCoZzPlsSs8kQ8Xc1b
NUIWpECNHRD3IapHXUrlOuKjeno4Pl/HiTtWnRWIpWILVazKHGl9D1sUBhMS/wbZ
o31ljmThm3Hv4tKTF3FcLebksL9D/hDPW/hV8+CY3zyKY5RxaqcozoLWnVNDNjWj
NyAuNRUbR7rnWH5M8Fxam7BQn/cGWH/t7PRCSpB3ngGjuT2y8fXvRs2EIqc51/1H
LEHkT4bZSVO22BIOdxkEl+PG4IDJXGZV5PBrgWkQjYtEgIflRa3EPuoX8QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFFNzmmFfsDr1RWOsyXPtQp7NK63/MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvVTNPYVlWLXdPdlZGWTZ6SmMtMUNuczBycmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQDH4TAAwQC
Lq7MAwQAW+DVAwQCW+I0AwQAW+UeAwQAW++zAwQAW+/gAwQCW/VcAwQCW/bMAwQA
W/bYAwQAbc+FAwQBbc+OAwQCsHGwAwQAsHTlAwQAsHTtAwQCsHysAwQCstWwMA0G
CSqGSIb3DQEBCwUAA4IBAQBcoeYtweEf1e9CeYdupNs2khNVEHhanExp4kPMd76Z
Bhe0bY4jHhmSGZAmj7I91pZBv/LQaMqbXZlLGSdoA+R5171feevIBMwOQnPsxZct
sgIV8u/NdK6IJnT68douEUGn2W4YGYh9FqRfHi9CMQqWmJQyMqN9yGNhCcNS8m4N
Ju4bhh4svO7ZPtZckVXt+RXNPjkGIxU5KvAKEKwEwNRj7XyawJjLO307vBlfbIiU
c38Fjk9yugpZITgxDPR0rctphUAXm7bWPnQSA5zediootJQBwOxYmgZ0snNc9kzJ
C+yBiKlNyUhvLGHXQan1U3jlk1OOCcvSgHg5ZDGnC9sK
-----END CERTIFICATE-----
Generated at Fri May 24 04:54:58 2024 by rpki-client on console-fra.rpki-client.org