Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9bEpvqcASUPQkmOmzEVhr-HBRF4.roa
File: 9bEpvqcASUPQkmOmzEVhr-HBRF4.roa (raw, json)
Hash identifier: s9fwps1S1zSuJ65JeQw4a7hsieRMi2LrXZuGBayOEGU=
Subject key identifier: F5:B1:29:BE:A7:00:49:43:D0:92:63:A6:CC:45:61:AF:E1:C1:44:5E
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01933E37E2CB9CB6A05C16C12B117CDBEF0F
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9bEpvqcASUPQkmOmzEVhr-HBRF4.roa
Signing time: Mon 18 Nov 2024 07:41:10 +0000
ROA not before: Mon 18 Nov 2024 07:41:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57013
IP address blocks: 31.222.255.0/24 maxlen: 24
45.159.86.0/24 maxlen: 24
185.187.18.0/24 maxlen: 24
194.26.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:37:e2:cb:9c:b6:a0:5c:16:c1:2b:11:7c:db:ef:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Nov 18 07:41:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5b129bea7004943d09263a6cc4561afe1c1445e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9b:ef:4c:e9:48:f8:6c:b1:b9:ae:a2:bc:72:
5b:41:8a:2f:32:cb:24:f3:c0:db:86:a1:a4:62:00:
fc:d5:68:ef:c7:06:94:a0:90:a1:22:bc:3a:61:50:
00:d0:16:e0:7e:f0:35:9a:ac:d2:c3:ac:bb:55:49:
20:8f:50:0f:99:29:63:4b:0b:fe:00:90:60:7e:18:
10:29:c4:58:00:70:0d:ad:e1:48:c6:be:7b:22:53:
29:b1:cd:aa:24:02:ba:28:a8:47:56:03:bf:78:44:
d2:2e:e2:6b:8e:ca:5b:77:37:9b:a8:84:21:66:63:
81:d4:56:a2:59:83:1b:13:91:0e:cc:fd:56:92:cb:
8e:f4:66:7d:6d:20:20:62:a9:53:1d:a3:ce:cd:15:
33:2b:22:20:4b:d0:90:b1:ae:e8:d5:37:f8:9d:59:
ae:16:cc:37:d5:57:36:53:80:b7:ea:ed:9e:6c:2e:
d8:44:f9:36:cd:dd:0f:c9:c7:cf:3a:3b:f5:ff:14:
a9:fb:14:dd:b3:fa:de:56:5a:90:2e:9a:f0:67:44:
b1:0b:f8:fa:de:96:11:8c:89:c9:86:ce:81:c2:16:
1e:b2:c7:a5:10:49:62:ee:2a:95:25:d9:9c:f2:fe:
18:67:f5:30:92:c9:3c:80:4c:0f:45:fb:1b:88:96:
27:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B1:29:BE:A7:00:49:43:D0:92:63:A6:CC:45:61:AF:E1:C1:44:5E
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/9bEpvqcASUPQkmOmzEVhr-HBRF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.255.0/24
45.159.86.0/24
185.187.18.0/24
194.26.220.0/24
Signature Algorithm: sha256WithRSAEncryption
00:f1:2d:33:cf:67:fe:57:5b:61:67:17:2e:8a:ff:c4:c0:82:
ee:c7:6b:da:75:2b:d2:ea:24:ed:02:24:d5:f9:5f:ba:af:a6:
d2:9e:11:e4:22:19:2e:47:7c:3f:60:68:39:11:73:47:10:50:
55:9e:c2:1d:b2:aa:93:be:53:4a:4b:75:87:3c:61:73:30:58:
0e:16:c3:30:3f:14:80:87:7c:8e:bd:f4:88:ea:ad:99:c9:46:
06:94:1e:ef:ef:34:a1:55:cf:82:57:43:73:c8:4a:27:3c:bf:
72:b5:f4:33:7f:5e:21:de:6e:26:14:fd:07:34:4a:05:8e:32:
35:af:9b:35:0d:fa:78:04:d6:4f:f6:5d:4c:ff:b4:1b:a5:21:
bf:ff:dc:e4:3b:97:ab:02:1f:7d:a5:bc:f1:bf:81:62:8e:96:
ac:c0:f0:05:93:83:ea:79:24:5e:27:85:b2:b9:89:a7:41:6e:
ac:bc:01:81:54:79:bb:3e:15:02:2f:97:9d:fd:60:7b:56:82:
dd:86:bd:98:71:ba:29:ae:1d:3c:44:1e:30:bf:21:cb:6f:4d:
9b:38:0e:88:f5:9e:cf:4d:8f:8b:45:8e:1c:50:3c:4a:f2:74:
ea:1a:e9:f2:9d:7c:76:8e:1f:8d:39:d8:e6:07:c4:47:52:13:
30:ec:41:73
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZM+N+LLnLagXBbBKxF82+8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQxMTE4MDc0MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWIxMjliZWE3MDA0OTQzZDA5MjYzYTZjYzQ1NjFhZmUxYzE0NDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZvvTOlI+Gyxua6ivHJbQYovMssk
88DbhqGkYgD81WjvxwaUoJChIrw6YVAA0BbgfvA1mqzSw6y7VUkgj1APmSljSwv+
AJBgfhgQKcRYAHANreFIxr57IlMpsc2qJAK6KKhHVgO/eETSLuJrjspbdzebqIQh
ZmOB1FaiWYMbE5EOzP1WksuO9GZ9bSAgYqlTHaPOzRUzKyIgS9CQsa7o1Tf4nVmu
Fsw31Vc2U4C36u2ebC7YRPk2zd0PycfPOjv1/xSp+xTds/reVlqQLprwZ0SxC/j6
3pYRjInJhs6BwhYesselEEli7iqVJdmc8v4YZ/Uwksk8gEwPRfsbiJYnvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPWxKb6nAElD0JJjpsxFYa/hwUReMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvOWJFcHZxY0FTVVBRa21PbXpFVmhyLUhCUkY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH97/AwQA
LZ9WAwQAubsSAwQAwhrcMA0GCSqGSIb3DQEBCwUAA4IBAQAA8S0zz2f+V1thZxcu
iv/EwILux2vadSvS6iTtAiTV+V+6r6bSnhHkIhkuR3w/YGg5EXNHEFBVnsIdsqqT
vlNKS3WHPGFzMFgOFsMwPxSAh3yOvfSI6q2ZyUYGlB7v7zShVc+CV0NzyEonPL9y
tfQzf14h3m4mFP0HNEoFjjI1r5s1Dfp4BNZP9l1M/7QbpSG//9zkO5erAh99pbzx
v4FijpaswPAFk4PqeSReJ4WyuYmnQW6svAGBVHm7PhUCL5ed/WB7VoLdhr2Ycbop
rh08RB4wvyHLb02bOA6I9Z7PTY+LRY4cUDxK8nTqGunynXx2jh+NOdjmB8RHUhMw
7EFz
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:27:32 2024 by rpki-client on console-ams.rpki-client.org