Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/L5Xb0Cu7gFKmFJrgMRrS8Yd37QU.roa
File: L5Xb0Cu7gFKmFJrgMRrS8Yd37QU.roa (raw, json)
Hash identifier: aDoAzWbTBGFGz/kOkQh9eq2KNPi2w/ceCS6yzjdVW7Q=
Subject key identifier: 2F:95:DB:D0:2B:BB:80:52:A6:14:9A:E0:31:1A:D2:F1:87:77:ED:05
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 019344181945F52CFC53151FF6862CD02E1C
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/L5Xb0Cu7gFKmFJrgMRrS8Yd37QU.roa
Signing time: Tue 19 Nov 2024 11:04:10 +0000
ROA not before: Tue 19 Nov 2024 11:04:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48309
IP address blocks: 31.25.104.0/22 maxlen: 22
31.25.108.0/24 maxlen: 24
31.25.109.0/24 maxlen: 24
31.25.110.0/23 maxlen: 23
37.191.64.0/22 maxlen: 22
37.191.68.0/22 maxlen: 22
37.191.72.0/22 maxlen: 22
37.191.74.0/24 maxlen: 24
37.191.76.0/22 maxlen: 22
37.191.80.0/21 maxlen: 24
37.191.88.0/22 maxlen: 22
37.191.92.0/22 maxlen: 24
188.136.128.0/24 maxlen: 24
188.136.129.0/24 maxlen: 24
188.136.130.0/24 maxlen: 24
188.136.131.0/24 maxlen: 24
188.136.132.0/24 maxlen: 24
188.136.133.0/24 maxlen: 24
188.136.134.0/24 maxlen: 24
188.136.135.0/24 maxlen: 24
188.136.140.0/22 maxlen: 24
188.136.141.0/24 maxlen: 24
188.136.142.0/24 maxlen: 24
188.136.143.0/24 maxlen: 24
188.136.144.0/22 maxlen: 22
188.136.144.0/24 maxlen: 24
188.136.145.0/24 maxlen: 24
188.136.146.0/24 maxlen: 24
188.136.147.0/24 maxlen: 24
188.136.149.0/24 maxlen: 24
188.136.150.0/24 maxlen: 24
188.136.151.0/24 maxlen: 24
188.136.152.0/24 maxlen: 24
188.136.153.0/24 maxlen: 24
188.136.154.0/24 maxlen: 24
188.136.155.0/24 maxlen: 24
188.136.156.0/24 maxlen: 24
188.136.157.0/24 maxlen: 24
188.136.158.0/24 maxlen: 24
188.136.159.0/24 maxlen: 24
188.136.160.0/24 maxlen: 24
188.136.161.0/24 maxlen: 24
188.136.162.0/24 maxlen: 24
188.136.163.0/24 maxlen: 24
188.136.164.0/24 maxlen: 24
188.136.165.0/24 maxlen: 24
188.136.166.0/24 maxlen: 24
188.136.167.0/24 maxlen: 24
188.136.168.0/24 maxlen: 24
188.136.169.0/24 maxlen: 24
188.136.170.0/24 maxlen: 24
188.136.171.0/24 maxlen: 24
188.136.172.0/24 maxlen: 24
188.136.173.0/24 maxlen: 24
188.136.175.0/24 maxlen: 24
188.136.185.0/24 maxlen: 24
188.136.187.0/24 maxlen: 24
188.136.189.0/24 maxlen: 24
188.136.190.0/24 maxlen: 24
188.136.191.0/24 maxlen: 24
188.136.192.0/23 maxlen: 23
188.136.194.0/24 maxlen: 24
188.136.196.0/24 maxlen: 24
188.136.200.0/24 maxlen: 24
188.136.209.0/24 maxlen: 24
188.136.210.0/24 maxlen: 24
188.136.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:18:19:45:f5:2c:fc:53:15:1f:f6:86:2c:d0:2e:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Nov 19 11:04:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f95dbd02bbb8052a6149ae0311ad2f18777ed05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f9:9e:65:3f:9c:53:7a:60:64:d5:e9:c1:16:
8c:73:5c:09:2b:55:ea:14:7f:45:44:5d:cf:30:a8:
29:00:9f:cf:c3:67:b9:e1:9f:70:55:81:46:57:ec:
88:d9:53:e7:e8:a2:e2:19:43:2b:71:7a:35:56:b7:
b5:a3:8f:c8:c0:af:68:39:34:72:f5:4f:9f:b4:4d:
a6:99:49:e1:54:24:13:aa:6e:4a:86:69:3e:07:8c:
c5:81:d0:a4:79:d7:22:46:36:51:c3:9e:14:cf:12:
6f:dd:55:9c:92:86:f9:1c:a5:bb:0c:5f:56:3c:9b:
62:c7:56:71:2c:b7:aa:d2:87:2c:57:86:0e:b6:1a:
a6:57:f5:d7:aa:55:16:42:cb:93:26:29:c6:2f:b5:
b0:e0:de:c0:64:4b:11:d1:c2:4e:78:fb:aa:ed:eb:
ec:11:90:bb:7e:a7:90:df:4d:6c:55:86:5e:d3:95:
45:6a:fc:e4:6b:d3:db:a6:71:f9:4d:c7:1c:17:9a:
bb:0b:c9:bf:19:23:89:0e:71:59:b5:44:bc:3e:b1:
5f:f3:97:8c:96:dd:8d:5a:ab:d5:b7:d0:94:dd:e0:
c9:66:5e:f1:eb:ca:20:96:d6:08:80:b8:e1:11:0a:
ad:c5:81:7c:14:e4:16:0c:4b:ff:57:55:b0:86:d9:
e4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:95:DB:D0:2B:BB:80:52:A6:14:9A:E0:31:1A:D2:F1:87:77:ED:05
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/L5Xb0Cu7gFKmFJrgMRrS8Yd37QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.104.0/21
37.191.64.0/19
188.136.128.0/21
188.136.140.0-188.136.147.255
188.136.149.0-188.136.173.255
188.136.175.0/24
188.136.185.0/24
188.136.187.0/24
188.136.189.0-188.136.194.255
188.136.196.0/24
188.136.200.0/24
188.136.209.0-188.136.211.255
Signature Algorithm: sha256WithRSAEncryption
27:c2:0e:ea:a2:af:73:85:6f:dc:09:19:0a:c8:e7:a9:e0:0e:
1c:8d:42:b2:ee:13:ad:c3:82:9b:13:c4:e2:aa:14:9d:ae:0c:
cd:db:23:b4:6c:a9:16:7d:d3:37:f1:02:59:f9:43:2c:2f:92:
00:5d:13:f4:23:ac:18:e2:49:43:bf:a8:08:26:8b:41:c5:2b:
3b:15:e3:32:79:6b:10:95:00:32:8a:42:e5:5d:52:a9:f7:d2:
a3:a8:50:15:28:77:9c:03:6e:8f:44:ca:81:8e:cc:f8:03:67:
95:0d:55:97:77:d2:6b:be:b2:bc:87:98:59:bf:7c:64:0f:b0:
99:d2:72:24:4c:77:ce:58:a9:f4:ca:d2:00:94:7c:d0:52:a9:
31:9d:26:f0:2b:77:af:ee:9b:42:db:31:52:2a:20:76:4e:2b:
2a:70:0d:bb:29:51:1b:e5:3f:36:73:a8:74:d9:17:27:13:30:
c9:b1:78:cb:6d:cd:e8:d9:30:f2:e4:d8:2c:34:a5:36:41:b8:
95:78:8a:31:83:9f:fc:4a:a6:39:02:4f:12:1f:35:3c:a7:38:
20:ce:d6:4c:db:97:31:bd:21:00:c3:7a:dd:17:b7:84:19:e0:
81:f1:da:dc:84:91:2f:f3:36:a4:45:27:e2:d7:60:18:f8:c7:
d2:51:da:a5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZNEGBlF9Sz8UxUf9oYs0C4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQxMTE5MTEwNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjk1ZGJkMDJiYmI4MDUyYTYxNDlhZTAzMTFhZDJmMTg3NzdlZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/meZT+cU3pgZNXpwRaMc1wJK1Xq
FH9FRF3PMKgpAJ/Pw2e54Z9wVYFGV+yI2VPn6KLiGUMrcXo1Vre1o4/IwK9oOTRy
9U+ftE2mmUnhVCQTqm5Khmk+B4zFgdCkedciRjZRw54UzxJv3VWckob5HKW7DF9W
PJtix1ZxLLeq0ocsV4YOthqmV/XXqlUWQsuTJinGL7Ww4N7AZEsR0cJOePuq7evs
EZC7fqeQ301sVYZe05VFavzka9PbpnH5TcccF5q7C8m/GSOJDnFZtUS8PrFf85eM
lt2NWqvVt9CU3eDJZl7x68ogltYIgLjhEQqtxYF8FOQWDEv/V1WwhtnkiQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFC+V29Aru4BSphSa4DEa0vGHd+0FMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvTDVYYjBDdTdnRkttRkpyZ01SclM4WWQzN1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAx8ZaAME
BSW/QAMEA7yIgDAMAwQCvIiMAwQCvIiQMAwDBAC8iJUDBAG8iKwDBAC8iK8DBAC8
iLkDBAC8iLswDAMEALyIvQMEALyIwgMEALyIxAMEALyIyDAMAwQAvIjRAwQCvIjQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAnwg7qoq9zhW/cCRkKyOep4A4cjUKy7hOtw4Kb
E8TiqhSdrgzN2yO0bKkWfdM38QJZ+UMsL5IAXRP0I6wY4klDv6gIJotBxSs7FeMy
eWsQlQAyikLlXVKp99KjqFAVKHecA26PRMqBjsz4A2eVDVWXd9JrvrK8h5hZv3xk
D7CZ0nIkTHfOWKn0ytIAlHzQUqkxnSbwK3ev7ptC2zFSKiB2TisqcA27KVEb5T82
c6h02RcnEzDJsXjLbc3o2TDy5NgsNKU2QbiVeIoxg5/8SqY5Ak8SHzU8pzggztZM
25cxvSEAw3rdF7eEGeCB8drchJEv8zakRSfi12AY+MfSUdql
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:08 2024 by rpki-client on console-fra.rpki-client.org