Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/yUnzJ_kLfiTKOY2F6u16Sxd7muQ.roa
File: yUnzJ_kLfiTKOY2F6u16Sxd7muQ.roa (raw, json)
Hash identifier: PvhE6/zenQEyzMeGUx2ICgGqfFduI3IDTBZca8uc3nY=
Subject key identifier: C9:49:F3:27:F9:0B:7E:24:CA:39:8D:85:EA:ED:7A:4B:17:7B:9A:E4
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 019351AC5A24355DA1D812E9CFFBEEBD114E
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/yUnzJ_kLfiTKOY2F6u16Sxd7muQ.roa
Signing time: Fri 22 Nov 2024 02:21:09 +0000
ROA not before: Fri 22 Nov 2024 02:21:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8708
IP address blocks: 5.2.128.0/17 maxlen: 24
5.12.0.0/14 maxlen: 24
31.14.104.0/21 maxlen: 24
31.14.192.0/21 maxlen: 24
31.14.224.0/22 maxlen: 24
62.231.64.0/18 maxlen: 24
62.231.120.0/24 maxlen: 24
79.112.0.0/13 maxlen: 24
79.112.0.0/14 maxlen: 24
79.114.0.0/15 maxlen: 24
79.117.0.0/16 maxlen: 24
79.118.0.0/15 maxlen: 24
79.118.155.0/24 maxlen: 24
81.18.64.0/19 maxlen: 24
81.196.0.0/16 maxlen: 24
82.76.0.0/14 maxlen: 24
82.79.10.0/24 maxlen: 24
82.137.0.0/18 maxlen: 24
82.137.0.0/21 maxlen: 24
82.137.16.0/20 maxlen: 24
82.137.32.0/19 maxlen: 24
84.232.128.0/17 maxlen: 24
84.232.149.0/24 maxlen: 24
86.120.0.0/13 maxlen: 24
86.121.222.0/24 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
89.43.180.0/23 maxlen: 24
89.46.12.0/22 maxlen: 24
93.113.40.0/22 maxlen: 24
185.129.36.0/22 maxlen: 22
188.24.0.0/15 maxlen: 24
188.26.0.0/17 maxlen: 24
188.26.128.0/18 maxlen: 24
188.26.224.0/19 maxlen: 24
188.27.0.0/16 maxlen: 24
188.27.120.0/24 maxlen: 24
193.111.232.0/24 maxlen: 24
194.102.80.0/24 maxlen: 24
194.102.81.0/24 maxlen: 24
212.54.96.0/19 maxlen: 24
212.54.120.0/24 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.93.128.0/19 maxlen: 24
212.93.143.0/24 maxlen: 24
213.154.100.0/24 maxlen: 24
213.157.160.0/19 maxlen: 24
213.157.189.0/24 maxlen: 24
2a02:2f00::/28 maxlen: 48
2a02:2f01:100::/48 maxlen: 48
2a02:2f09:3100::/48 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
2a03:9c20::/32 maxlen: 32
2a03:9c20:1000::/48 maxlen: 48
2a03:9c20:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:51:ac:5a:24:35:5d:a1:d8:12:e9:cf:fb:ee:bd:11:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Nov 22 02:21:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c949f327f90b7e24ca398d85eaed7a4b177b9ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e3:85:f0:50:ab:78:c0:34:01:cb:38:a8:49:
e6:00:a6:ad:37:61:d5:81:08:8b:9c:cb:36:14:6b:
68:a7:dc:31:dc:92:d9:eb:00:99:6c:f4:40:56:ff:
47:f5:a9:82:15:28:59:e3:06:f8:b2:c4:a9:06:ec:
4a:04:78:6a:5e:21:5f:86:5b:c7:43:e6:8a:95:bf:
c2:ce:89:48:26:4c:b2:cc:e1:79:71:32:a9:57:b4:
5a:58:77:07:4a:39:45:75:50:28:92:ca:75:18:d2:
ee:54:92:f4:5a:a0:b9:ae:21:97:21:07:e5:25:9c:
75:7c:c7:7d:c1:36:4b:f2:a1:7f:bc:56:4f:93:4c:
01:78:ac:18:9c:d9:19:15:7e:4e:72:36:b6:ef:3c:
36:5c:2c:f9:54:72:28:ce:ba:a0:3f:09:e2:98:dd:
7a:a8:35:68:ec:71:2c:eb:e2:40:44:9b:8b:85:d4:
12:a8:ee:36:5f:fb:ad:90:49:b8:94:d9:c2:77:ef:
99:43:3f:76:6c:c4:f7:f1:13:4c:7e:d3:1a:8f:0b:
da:3d:35:e2:c0:87:b0:15:2c:43:f8:e3:ce:df:20:
96:32:fd:a8:21:9a:b0:ea:aa:06:e6:69:57:b8:6a:
98:e8:e0:89:c4:0c:8a:b4:2d:83:18:09:9d:d1:34:
bf:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:49:F3:27:F9:0B:7E:24:CA:39:8D:85:EA:ED:7A:4B:17:7B:9A:E4
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/yUnzJ_kLfiTKOY2F6u16Sxd7muQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.104.0/21
31.14.192.0/21
31.14.224.0/22
62.231.64.0/18
79.112.0.0/13
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.43.180.0/23
89.46.12.0/22
93.113.40.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
193.111.232.0/24
194.102.80.0/23
212.54.96.0/19
212.93.128.0/19
213.154.100.0/24
213.157.160.0/19
IPv6:
2a02:2f00::/28
2a03:9c20::/32
Signature Algorithm: sha256WithRSAEncryption
61:9e:b4:32:53:4a:dd:15:24:6f:b3:b3:8c:24:e0:b8:2c:1a:
bb:0e:26:ae:bb:01:4b:2f:63:df:30:b8:60:84:8e:cd:e7:2a:
a0:7a:cc:75:c6:d1:40:2f:b7:d7:1d:6c:b6:73:86:30:10:7d:
99:ca:2b:ae:af:1c:6a:d5:3f:03:da:9e:d9:a9:7c:72:1c:44:
e9:b8:6a:7e:a9:87:d4:1c:e6:8d:69:42:02:75:df:11:bf:83:
0b:c6:3b:87:24:0f:76:bf:80:3e:f0:fe:81:b3:e3:6a:b1:67:
2f:02:59:47:be:5f:6b:83:dd:c7:df:56:ff:47:bf:a7:4d:da:
ad:0d:2b:a8:b1:6c:90:d2:98:0a:3f:c4:2d:25:ed:d6:06:3d:
c6:30:33:63:80:7d:17:68:a6:59:49:37:e3:df:8f:c9:70:c5:
df:5b:d9:6b:87:d1:7f:4c:7b:22:1c:31:d7:3f:2e:8b:d6:c3:
7c:f3:d4:ff:19:44:6b:cb:f3:5b:f4:13:fc:29:23:e1:97:62:
30:ee:6a:7d:88:2f:65:f7:b2:7b:5d:b7:96:31:29:ac:9d:af:
94:0f:a4:db:18:44:73:9d:e7:f8:af:ae:40:f1:91:7d:e6:09:
c1:e6:c8:d1:32:42:a8:1f:1a:92:65:5e:5a:2c:05:f2:21:e0:
3d:db:3b:31
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAZNRrFokNV2h2BLpz/vuvRFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjQxMTIyMDIyMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTQ5ZjMyN2Y5MGI3ZTI0Y2EzOThkODVlYWVkN2E0YjE3N2I5YWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveOF8FCreMA0Acs4qEnmAKatN2HV
gQiLnMs2FGtop9wx3JLZ6wCZbPRAVv9H9amCFShZ4wb4ssSpBuxKBHhqXiFfhlvH
Q+aKlb/CzolIJkyyzOF5cTKpV7RaWHcHSjlFdVAoksp1GNLuVJL0WqC5riGXIQfl
JZx1fMd9wTZL8qF/vFZPk0wBeKwYnNkZFX5Ocja27zw2XCz5VHIozrqgPwnimN16
qDVo7HEs6+JARJuLhdQSqO42X/utkEm4lNnCd++ZQz92bMT38RNMftMajwvaPTXi
wIewFSxD+OPO3yCWMv2oIZqw6qoG5mlXuGqY6OCJxAyKtC2DGAmd0TS/XQIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFMlJ8yf5C34kyjmNherteksXe5rkMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEveVVuekpfa0xmaVRLT1kyRjZ1MTZTeGQ3bXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzCBpgQCAAEwgZ8DBAcF
AoADAwIFDAMEAx8OaAMEAx8OwAMEAh8O4AMEBj7nQAMDA09wAwQFURJAAwMAUcQD
AwJSTAMEBlKJAAMEB1TogAMDA1Z4AwQBWSu0AwQCWS4MAwQCXXEoAwQCuYEkMAsD
AwO8GAMEBrwagDALAwQFvBrgAwMCvBgDBADBb+gDBAHCZlADBAXUNmADBAXUXYAD
BADVmmQDBAXVnaAwFAQCAAIwDgMFBCoCLwADBQAqA5wgMA0GCSqGSIb3DQEBCwUA
A4IBAQBhnrQyU0rdFSRvs7OMJOC4LBq7DiauuwFLL2PfMLhghI7N5yqgesx1xtFA
L7fXHWy2c4YwEH2Zyiuurxxq1T8D2p7ZqXxyHETpuGp+qYfUHOaNaUICdd8Rv4ML
xjuHJA92v4A+8P6Bs+NqsWcvAllHvl9rg93H31b/R7+nTdqtDSuosWyQ0pgKP8Qt
Je3WBj3GMDNjgH0XaKZZSTfj34/JcMXfW9lrh9F/THsiHDHXPy6L1sN889T/GURr
y/Nb9BP8KSPhl2Iw7mp9iC9l97J7XbeWMSmsna+UD6TbGERznef4r65A8ZF95gnB
5sjRMkKoHxqSZV5aLAXyIeA92zsx
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:40:03 2024 by rpki-client on console-fra.rpki-client.org