Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/XEuHkVsbTKhTWFqfk9nXxTwbwAo.roa
File: XEuHkVsbTKhTWFqfk9nXxTwbwAo.roa (raw, json)
Hash identifier: wu+r83K4umrYHYEFk4Qztz7EU7s/bxVn8Muw/eGmsJE=
Subject key identifier: 5C:4B:87:91:5B:1B:4C:A8:53:58:5A:9F:93:D9:D7:C5:3C:1B:C0:0A
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 018DF8FBCE59F7027255223613A8EC357516
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/XEuHkVsbTKhTWFqfk9nXxTwbwAo.roa
Signing time: Fri 01 Mar 2024 07:47:48 +0000
ROA not before: Fri 01 Mar 2024 07:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25144
IP address blocks: 31.223.128.0/19 maxlen: 19
31.223.128.0/21 maxlen: 21
31.223.136.0/21 maxlen: 21
31.223.144.0/21 maxlen: 21
31.223.152.0/21 maxlen: 21
46.239.0.0/18 maxlen: 18
62.101.144.0/20 maxlen: 20
81.93.64.0/19 maxlen: 19
81.93.66.0/24 maxlen: 24
81.93.67.0/24 maxlen: 24
81.93.69.0/24 maxlen: 24
81.93.73.0/24 maxlen: 24
81.93.84.0/24 maxlen: 24
81.93.86.0/24 maxlen: 24
81.93.91.0/24 maxlen: 24
81.93.92.0/24 maxlen: 24
89.111.192.0/18 maxlen: 18
89.111.192.0/19 maxlen: 19
89.111.192.0/24 maxlen: 24
89.111.200.0/24 maxlen: 24
89.111.224.0/19 maxlen: 19
89.111.225.0/24 maxlen: 24
89.111.226.0/24 maxlen: 24
89.111.227.0/24 maxlen: 24
89.111.231.0/24 maxlen: 24
89.111.235.0/24 maxlen: 24
89.111.236.0/24 maxlen: 24
89.111.240.0/24 maxlen: 24
89.111.244.0/22 maxlen: 22
89.111.246.0/24 maxlen: 24
89.111.248.0/22 maxlen: 22
94.250.0.0/18 maxlen: 18
94.250.18.0/24 maxlen: 24
94.250.64.0/18 maxlen: 18
109.165.128.0/17 maxlen: 17
185.35.156.0/22 maxlen: 22
217.24.128.0/20 maxlen: 20
2a00:cb00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f8:fb:ce:59:f7:02:72:55:22:36:13:a8:ec:35:75:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Mar 1 07:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c4b87915b1b4ca853585a9f93d9d7c53c1bc00a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d9:cf:f0:1c:b4:9b:91:f7:90:a8:cb:1d:0c:
5d:89:09:5d:84:58:98:86:2b:04:0f:c5:df:bb:2e:
f5:51:07:e0:c9:ad:77:ee:9f:0f:5a:37:86:b1:c7:
0d:44:eb:39:1c:65:77:34:7c:63:28:f9:8a:92:7d:
fc:df:0b:63:9b:91:5a:6f:55:a8:9b:ce:65:fa:da:
ac:1a:d4:81:6c:5b:a6:ba:33:4e:c8:0b:e6:ba:67:
d9:4f:d7:cc:8f:31:68:3d:15:5a:88:44:bf:fd:64:
40:e2:c3:25:a5:f3:10:cc:bb:41:63:cb:5d:42:25:
43:63:4a:52:f2:6f:f2:48:4b:c5:16:8d:61:a7:c9:
b7:68:7f:b6:8e:ea:8b:23:a3:7d:fc:31:7e:a6:d9:
61:bb:5d:b5:76:bf:d2:97:b1:0d:9a:20:13:1c:89:
80:71:d3:17:82:cc:15:ab:00:9c:d3:5c:1e:b9:92:
f3:33:93:83:a4:01:f0:5b:9b:0f:25:fa:6b:56:dc:
d7:3a:74:b5:b7:b0:24:20:6e:f4:89:d5:2f:af:1c:
96:07:c7:38:58:ee:71:33:d0:b8:da:ca:e1:e4:54:
47:91:b2:df:9d:fe:1b:6a:f4:e9:33:a3:78:d3:94:
64:4f:a1:44:19:95:40:ee:d9:2f:be:29:3b:f4:4a:
12:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4B:87:91:5B:1B:4C:A8:53:58:5A:9F:93:D9:D7:C5:3C:1B:C0:0A
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/XEuHkVsbTKhTWFqfk9nXxTwbwAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.128.0/19
46.239.0.0/18
62.101.144.0/20
81.93.64.0/19
89.111.192.0/18
94.250.0.0/17
109.165.128.0/17
185.35.156.0/22
217.24.128.0/20
IPv6:
2a00:cb00::/32
Signature Algorithm: sha256WithRSAEncryption
a9:46:c3:cf:60:37:34:97:61:c5:5e:17:3e:a3:96:50:0c:a8:
c2:ec:dd:1d:f8:5b:9a:b7:70:ec:29:1b:2a:a2:6f:0f:b8:82:
df:65:eb:99:06:5d:94:b4:b5:34:10:1a:82:f5:54:d5:35:50:
8f:ae:21:3d:75:91:a2:43:7b:0c:7a:2c:8c:3c:9a:70:0e:83:
a6:73:95:f3:8c:1c:37:9a:48:bf:fa:40:cc:fd:a3:06:f5:0e:
6b:c8:b2:eb:5c:a6:30:81:cd:f1:0b:92:92:31:f7:61:87:4a:
13:2a:b2:d3:25:4a:80:03:53:b5:91:66:62:66:f2:4a:c4:ad:
52:35:cf:03:6a:1c:1b:1f:4a:b4:30:56:01:8e:49:d1:ac:79:
d2:5a:56:28:6e:d1:bf:48:cf:b0:39:0e:2a:be:8a:f4:cd:2f:
f2:2b:a4:c7:0c:69:a5:3e:12:a2:25:88:fe:52:18:7d:80:2b:
c1:09:53:38:59:00:f1:35:ed:5f:95:cc:4e:cf:c3:05:01:57:
2f:7e:27:b6:85:81:0c:2b:ac:d5:6b:4f:a9:46:de:40:ff:d8:
56:14:95:36:75:63:23:8b:03:bf:03:d5:4f:b4:03:06:e4:d1:
00:16:ab:63:02:ab:5f:2b:0e:40:6f:c5:8f:1e:d7:52:f3:5a:
a4:f5:3b:34
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY34+85Z9wJyVSI2E6jsNXUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjQwMzAxMDc0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRiODc5MTViMWI0Y2E4NTM1ODVhOWY5M2Q5ZDdjNTNjMWJjMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9nP8By0m5H3kKjLHQxdiQldhFiY
hisED8Xfuy71UQfgya137p8PWjeGsccNROs5HGV3NHxjKPmKkn383wtjm5Fab1Wo
m85l+tqsGtSBbFumujNOyAvmumfZT9fMjzFoPRVaiES//WRA4sMlpfMQzLtBY8td
QiVDY0pS8m/ySEvFFo1hp8m3aH+2juqLI6N9/DF+ptlhu121dr/Sl7ENmiATHImA
cdMXgswVqwCc01weuZLzM5ODpAHwW5sPJfprVtzXOnS1t7AkIG70idUvrxyWB8c4
WO5xM9C42srh5FRHkbLfnf4bavTpM6N405RkT6FEGZVA7tkvvik79EoS2wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFxLh5FbG0yoU1han5PZ18U8G8AKMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvWEV1SGtWc2JUS2hUV0ZxZms5blh4VHdid0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFH9+AAwQG
Lu8AAwQEPmWQAwQFUV1AAwQGWW/AAwQHXvoAAwQHbaWAAwQCuSOcAwQE2RiAMA0E
AgACMAcDBQAqAMsAMA0GCSqGSIb3DQEBCwUAA4IBAQCpRsPPYDc0l2HFXhc+o5ZQ
DKjC7N0d+Fuat3DsKRsqom8PuILfZeuZBl2UtLU0EBqC9VTVNVCPriE9dZGiQ3sM
eiyMPJpwDoOmc5XzjBw3mki/+kDM/aMG9Q5ryLLrXKYwgc3xC5KSMfdhh0oTKrLT
JUqAA1O1kWZiZvJKxK1SNc8DahwbH0q0MFYBjknRrHnSWlYobtG/SM+wOQ4qvor0
zS/yK6THDGmlPhKiJYj+Uhh9gCvBCVM4WQDxNe1flcxOz8MFAVcvfie2hYEMK6zV
a0+pRt5A/9hWFJU2dWMjiwO/A9VPtAMG5NEAFqtjAqtfKw5Ab8WPHtdS81qk9Ts0
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:37:49 2024 by rpki-client on console-ams.rpki-client.org