Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/IGi4WMU1f6khKH7g2UPeM8V2ri0.roa
File: IGi4WMU1f6khKH7g2UPeM8V2ri0.roa (raw, json)
Hash identifier: dOODh+W9qHQ+kfDp4jGoOrUcGklKuhKIfvUdMDGQoQA=
Subject key identifier: 20:68:B8:58:C5:35:7F:A9:21:28:7E:E0:D9:43:DE:33:C5:76:AE:2D
Certificate issuer: /CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Certificate serial: 018EA2FB59D5C7144CA39F338B915EA4BBB2
Authority key identifier: 1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/IGi4WMU1f6khKH7g2UPeM8V2ri0.roa
Signing time: Wed 03 Apr 2024 08:02:45 +0000
ROA not before: Wed 03 Apr 2024 08:02:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5400
IP address blocks: 62.5.0.0/17 maxlen: 17
62.102.0.0/17 maxlen: 17
62.173.192.0/18 maxlen: 18
62.180.0.0/16 maxlen: 16
82.150.0.0/19 maxlen: 19
185.94.0.0/22 maxlen: 22
194.213.64.0/19 maxlen: 19
195.90.64.0/19 maxlen: 19
195.100.0.0/16 maxlen: 16
195.163.0.0/16 maxlen: 16
195.182.96.0/19 maxlen: 19
212.8.160.0/19 maxlen: 19
212.21.192.0/19 maxlen: 19
212.31.192.0/19 maxlen: 19
212.41.128.0/19 maxlen: 19
212.108.0.0/19 maxlen: 19
212.127.0.0/19 maxlen: 19
212.162.192.0/18 maxlen: 18
213.15.0.0/16 maxlen: 16
213.137.160.0/19 maxlen: 19
213.194.0.0/18 maxlen: 18
213.236.64.0/18 maxlen: 18
2001:740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:fb:59:d5:c7:14:4c:a3:9f:33:8b:91:5e:a4:bb:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Validity
Not Before: Apr 3 08:02:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2068b858c5357fa921287ee0d943de33c576ae2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:12:31:e5:a2:63:25:a1:50:12:d9:6b:48:8d:
49:8f:9e:dd:37:53:67:62:9f:0e:4c:ad:6f:bd:c8:
b6:5f:95:12:8b:e2:b3:74:d5:31:70:b2:a3:97:c7:
9a:a1:cb:e4:c1:fe:9b:18:96:a0:98:4b:5a:33:08:
48:44:91:8e:bf:8d:64:eb:70:7b:08:ff:67:1b:e8:
aa:78:17:4b:1c:1e:a7:41:91:8a:f3:c8:84:9b:d4:
ac:5e:1e:5a:61:3d:b8:e6:9a:38:21:c0:83:cb:c2:
85:37:f7:89:91:d0:8a:88:1d:64:a0:5f:13:91:89:
b1:3b:59:b8:77:d6:e7:74:ee:18:74:3c:56:5d:e2:
0e:89:8f:a7:b4:48:8e:d3:82:04:09:78:2d:1b:c6:
a4:60:9f:10:91:f1:bc:ea:95:49:dd:98:8b:58:74:
7e:e8:af:fd:8d:77:70:f0:b3:4c:2f:98:2b:29:13:
7f:b7:bd:99:af:b9:ac:38:59:e3:94:d4:53:d0:27:
74:fe:b9:b6:e8:ec:a8:6e:5a:6e:4a:1c:d5:95:2b:
7d:6b:54:83:6e:df:1a:3d:b9:79:1e:e2:e1:3a:e3:
de:f8:0f:c7:7f:5a:52:ae:d0:84:8a:71:63:e5:8e:
68:2b:2e:f0:89:fb:5e:29:98:4e:26:36:88:df:1c:
25:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:68:B8:58:C5:35:7F:A9:21:28:7E:E0:D9:43:DE:33:C5:76:AE:2D
X509v3 Authority Key Identifier:
keyid:1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/IGi4WMU1f6khKH7g2UPeM8V2ri0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.5.0.0/17
62.102.0.0/17
62.173.192.0/18
62.180.0.0/16
82.150.0.0/19
185.94.0.0/22
194.213.64.0/19
195.90.64.0/19
195.100.0.0/16
195.163.0.0/16
195.182.96.0/19
212.8.160.0/19
212.21.192.0/19
212.31.192.0/19
212.41.128.0/19
212.108.0.0/19
212.127.0.0/19
212.162.192.0/18
213.15.0.0/16
213.137.160.0/19
213.194.0.0/18
213.236.64.0/18
IPv6:
2001:740::/32
Signature Algorithm: sha256WithRSAEncryption
a6:fc:59:82:41:f5:c8:dc:85:cf:6b:9c:b5:e1:d6:cf:43:11:
85:98:1c:30:07:fc:7d:fa:de:74:bb:b4:07:a6:74:1a:0c:9f:
5a:00:a1:f0:20:3e:15:06:84:8f:77:75:d6:f1:28:2c:24:94:
74:0f:59:78:72:91:1b:8d:8b:18:0c:3f:cd:9f:68:80:c1:1b:
27:06:a0:83:11:e3:a1:a4:67:42:f5:ab:f1:1b:3a:c0:00:13:
f3:ab:ed:da:7e:06:db:e0:5c:bc:bf:a4:b0:84:5f:1b:eb:fc:
ac:74:60:46:7a:65:2e:3b:0d:a9:25:72:1f:55:0b:af:4c:4a:
33:94:39:bd:a1:bc:31:b3:88:89:bc:f8:1c:5c:3b:72:00:dd:
e8:ba:5a:01:fc:01:3c:89:8a:1a:25:1f:9a:ae:b8:f5:a7:e3:
f0:a5:e3:ee:74:52:db:36:18:de:be:26:eb:47:bd:55:7f:a7:
31:45:a2:b5:fc:5f:c6:80:27:ef:b2:88:f3:8e:b6:ad:e0:54:
df:71:38:38:67:2e:21:b3:97:1d:90:c4:ab:99:14:96:07:45:
35:6c:9a:b8:5a:fc:47:34:d7:93:cd:c6:8f:c7:ff:a7:62:d8:
c6:6b:8e:44:1a:bd:69:8b:e9:0f:24:0b:92:7e:3b:6b:7e:ce:
e3:45:06:75
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAY6i+1nVxxRMo58zi5FepLuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZDNkOGUyOWUwNjNiOWQyNzQwYWIzZGU2YzcyMjU1ZWM4
ZDA1NTcwHhcNMjQwNDAzMDgwMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY4Yjg1OGM1MzU3ZmE5MjEyODdlZTBkOTQzZGUzM2M1NzZhZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRIx5aJjJaFQEtlrSI1Jj57dN1Nn
Yp8OTK1vvci2X5USi+KzdNUxcLKjl8eaocvkwf6bGJagmEtaMwhIRJGOv41k63B7
CP9nG+iqeBdLHB6nQZGK88iEm9SsXh5aYT245po4IcCDy8KFN/eJkdCKiB1koF8T
kYmxO1m4d9bndO4YdDxWXeIOiY+ntEiO04IECXgtG8akYJ8QkfG86pVJ3ZiLWHR+
6K/9jXdw8LNML5grKRN/t72Zr7msOFnjlNRT0Cd0/rm26OyoblpuShzVlSt9a1SD
bt8aPbl5HuLhOuPe+A/Hf1pSrtCEinFj5Y5oKy7wifteKZhOJjaI3xwlAQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFCBouFjFNX+pISh+4NlD3jPFdq4tMB8GA1UdIwQY
MBaAFB7T2OKeBjudJ0CrPebHIlXsjQVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUt
OWRjYTVjYzgwZGQ5LzEvSUdpNFdNVTFmNmtoS0g3ZzJVUGVNOFYycmkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUtOWRjYTVjYzgwZGQ5
LzEvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBhwQCAAEwgYADBAc+
BQADBAc+ZgADBAY+rcADAwA+tAMEBVKWAAMEArleAAMEBcLVQAMEBcNaQAMDAMNk
AwMAw6MDBAXDtmADBAXUCKADBAXUFcADBAXUH8ADBAXUKYADBAXUbAADBAXUfwAD
BAbUosADAwDVDwMEBdWJoAMEBtXCAAMEBtXsQDANBAIAAjAHAwUAIAEHQDANBgkq
hkiG9w0BAQsFAAOCAQEApvxZgkH1yNyFz2ucteHWz0MRhZgcMAf8ffredLu0B6Z0
GgyfWgCh8CA+FQaEj3d11vEoLCSUdA9ZeHKRG42LGAw/zZ9ogMEbJwaggxHjoaRn
QvWr8Rs6wAAT86vt2n4G2+BcvL+ksIRfG+v8rHRgRnplLjsNqSVyH1ULr0xKM5Q5
vaG8MbOIibz4HFw7cgDd6LpaAfwBPImKGiUfmq649afj8KXj7nRS2zYY3r4m60e9
VX+nMUWitfxfxoAn77KI8462reBU33E4OGcuIbOXHZDEq5kUlgdFNWyauFr8RzTX
k83Gj8f/p2LYxmuORBq9aYvpDyQLkn47a37O40UGdQ==
-----END CERTIFICATE-----
Generated at Mon May 20 06:54:17 2024 by rpki-client on console-ams.rpki-client.org