Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/8b24hkZy1y7mINaV7K-ujsZXeT0.roa
File: 8b24hkZy1y7mINaV7K-ujsZXeT0.roa (raw, json)
Hash identifier: KirrbcEhfkR4L6UNcGbTsKi49LX9sJcUh3zpVUFN5N0=
Subject key identifier: F1:BD:B8:86:46:72:D7:2E:E6:20:D6:95:EC:AF:AE:8E:C6:57:79:3D
Certificate issuer: /CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Certificate serial: 0192BDEE31C01774A9F7B000F9C80B3C898B
Authority key identifier: 05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/8b24hkZy1y7mINaV7K-ujsZXeT0.roa
Signing time: Thu 24 Oct 2024 09:49:16 +0000
ROA not before: Thu 24 Oct 2024 09:49:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60187
IP address blocks: 5.150.64.0/24 maxlen: 24
5.150.65.0/24 maxlen: 24
5.150.66.0/24 maxlen: 24
5.150.67.0/24 maxlen: 24
5.150.68.0/24 maxlen: 24
5.150.69.0/24 maxlen: 24
5.150.70.0/24 maxlen: 24
5.150.71.0/24 maxlen: 24
5.150.74.0/24 maxlen: 24
5.150.76.0/24 maxlen: 24
5.150.80.0/20 maxlen: 20
5.150.96.0/22 maxlen: 22
5.150.100.0/22 maxlen: 22
5.150.104.0/22 maxlen: 22
5.150.108.0/22 maxlen: 22
5.150.112.0/22 maxlen: 22
5.150.116.0/22 maxlen: 22
5.150.120.0/22 maxlen: 22
5.150.124.0/22 maxlen: 22
171.33.192.0/21 maxlen: 21
171.33.192.0/22 maxlen: 22
171.33.196.0/22 maxlen: 22
171.33.200.0/21 maxlen: 21
171.33.208.0/21 maxlen: 21
171.33.216.0/21 maxlen: 21
2a02:af40::/29 maxlen: 29
2a02:af40::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bd:ee:31:c0:17:74:a9:f7:b0:00:f9:c8:0b:3c:89:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Validity
Not Before: Oct 24 09:49:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1bdb8864672d72ee620d695ecafae8ec657793d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:41:5c:8e:af:26:c1:4b:66:59:1a:c3:19:60:
8d:2a:8d:03:97:1a:83:87:b0:69:dd:28:7a:fc:f5:
dc:72:1a:c1:dd:52:b2:02:f5:de:ad:bf:a1:36:63:
12:e5:f7:a4:ca:a4:9c:43:51:38:13:d3:b0:3a:ee:
2c:5f:b4:29:ff:f7:ba:cc:b4:a3:ae:f6:82:7d:4a:
7e:02:80:47:c1:3d:a2:e6:fe:24:9b:c3:5f:50:ee:
53:b4:83:8e:80:af:cc:b5:bd:d9:6c:ee:43:8c:cf:
f4:48:0d:6f:84:a3:48:34:62:bf:fd:d6:be:e1:65:
51:15:a8:3c:05:47:85:79:d0:7f:34:83:d0:20:0e:
fc:f7:56:67:e2:1c:48:29:7c:6a:5f:3c:1c:3b:d4:
39:36:e0:eb:11:3b:09:92:f1:71:d5:13:c0:04:58:
01:61:6c:3c:0e:a4:4f:27:db:4f:dd:33:7a:c6:af:
4f:3a:dd:65:1d:97:f5:f3:34:d9:88:a2:3d:95:67:
2e:5a:46:f5:c0:9d:22:b4:62:04:db:78:8e:75:8d:
96:48:3b:67:f0:ea:f7:27:c5:d8:70:08:75:61:fd:
ec:ae:30:c0:e3:d7:5d:c9:49:29:cd:11:ff:1a:58:
87:ac:98:36:24:34:10:c2:fd:1b:0e:0e:2d:8c:6c:
64:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BD:B8:86:46:72:D7:2E:E6:20:D6:95:EC:AF:AE:8E:C6:57:79:3D
X509v3 Authority Key Identifier:
keyid:05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/8b24hkZy1y7mINaV7K-ujsZXeT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.64.0/21
5.150.74.0/24
5.150.76.0/24
5.150.80.0-5.150.127.255
171.33.192.0/19
IPv6:
2a02:af40::/29
Signature Algorithm: sha256WithRSAEncryption
77:fb:c3:db:b4:13:df:49:74:f6:f6:46:f9:eb:7a:10:36:f6:
e5:f1:64:c8:d8:b0:1d:e9:8a:fc:2e:e2:f2:08:da:99:2e:9b:
79:a5:15:67:d9:af:40:a1:b1:24:38:36:c5:f1:15:c1:26:09:
67:a6:b3:7c:ca:20:fd:6c:0b:d4:e5:89:1d:c9:41:12:f4:c1:
b8:e5:6c:9b:da:a3:c5:91:b4:22:47:55:5d:b7:03:c8:6a:c5:
40:7e:44:0f:16:cf:3e:16:ae:3d:5d:d3:8a:39:8f:d2:82:a2:
a3:50:09:5c:de:e6:3b:1d:c1:fc:32:91:61:04:3e:d5:ef:5b:
e8:38:95:e0:6c:45:10:74:27:ba:87:03:41:ff:a6:ff:9f:8e:
36:72:d3:d6:df:a8:8e:ab:2d:f5:35:46:a6:7e:3d:9c:bc:4b:
af:25:b3:d7:e3:0c:24:f4:57:d4:80:35:05:26:50:24:2a:09:
f1:15:17:23:94:c3:e5:e7:75:57:5b:3d:6e:df:46:03:53:92:
f7:bf:c5:9b:4c:db:03:33:91:43:30:ab:ed:43:54:82:91:fb:
c7:f8:4c:40:ce:20:f9:f8:20:53:23:ee:7a:ca:39:51:69:d9:
80:0e:1c:71:61:62:b9:5d:ee:10:69:c4:4e:45:8f:0c:74:f2:
0d:20:cf:c5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZK97jHAF3Sp97AA+cgLPImLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmNkZTMxOWEzZGNhMmNmNjc0NGQyODgxY2E5MWI4M2Ri
OWJkZWEwHhcNMjQxMDI0MDk0OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWJkYjg4NjQ2NzJkNzJlZTYyMGQ2OTVlY2FmYWU4ZWM2NTc3OTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kFcjq8mwUtmWRrDGWCNKo0DlxqD
h7Bp3Sh6/PXcchrB3VKyAvXerb+hNmMS5fekyqScQ1E4E9OwOu4sX7Qp//e6zLSj
rvaCfUp+AoBHwT2i5v4km8NfUO5TtIOOgK/Mtb3ZbO5DjM/0SA1vhKNINGK//da+
4WVRFag8BUeFedB/NIPQIA7891Zn4hxIKXxqXzwcO9Q5NuDrETsJkvFx1RPABFgB
YWw8DqRPJ9tP3TN6xq9POt1lHZf18zTZiKI9lWcuWkb1wJ0itGIE23iOdY2WSDtn
8Or3J8XYcAh1Yf3srjDA49ddyUkpzRH/GliHrJg2JDQQwv0bDg4tjGxk6wIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFPG9uIZGctcu5iDWleyvro7GV3k9MB8GA1UdIwQY
MBaAFAW83jGaPcos9nRNKIHKkbg9ub3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMt
Njg2N2M0YWUzMTYxLzEvOGIyNGhrWnkxeTdtSU5hVjdLLXVqc1pYZVQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMtNjg2N2M0YWUzMTYx
LzEvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQDBZZAAwQA
BZZKAwQABZZMMAwDBAQFllADBAcFlgADBAWrIcAwDQQCAAIwBwMFAyoCr0AwDQYJ
KoZIhvcNAQELBQADggEBAHf7w9u0E99JdPb2RvnrehA29uXxZMjYsB3pivwu4vII
2pkum3mlFWfZr0ChsSQ4NsXxFcEmCWems3zKIP1sC9TliR3JQRL0wbjlbJvao8WR
tCJHVV23A8hqxUB+RA8Wzz4Wrj1d04o5j9KCoqNQCVze5jsdwfwykWEEPtXvW+g4
leBsRRB0J7qHA0H/pv+fjjZy09bfqI6rLfU1RqZ+PZy8S68ls9fjDCT0V9SANQUm
UCQqCfEVFyOUw+XndVdbPW7fRgNTkve/xZtM2wMzkUMwq+1DVIKR+8f4TEDOIPn4
IFMj7nrKOVFp2YAOHHFhYrld7hBpxE5Fjwx08g0gz8U=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:16:07 2024 by rpki-client on console-ams.rpki-client.org