Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/M9aRoldSPL80zu-Kaoagp2WP3ZQ.roa
File: M9aRoldSPL80zu-Kaoagp2WP3ZQ.roa (raw, json)
Hash identifier: 8fJuMkijRNl9SzEIDk8/AYrDLIsWhRWm1dwF7UBzYis=
Subject key identifier: 33:D6:91:A2:57:52:3C:BF:34:CE:EF:8A:6A:86:A0:A7:65:8F:DD:94
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 018CC80155531F598C36A81A192D2A62423B
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/M9aRoldSPL80zu-Kaoagp2WP3ZQ.roa
Signing time: Tue 02 Jan 2024 02:29:39 +0000
ROA not before: Tue 02 Jan 2024 02:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51964
IP address blocks: 57.92.0.0/15 maxlen: 24
57.199.0.0/16 maxlen: 24
57.7.0.0/16 maxlen: 24
57.76.0.0/14 maxlen: 32
57.98.0.0/16 maxlen: 24
57.66.0.0/15 maxlen: 32
57.194.0.0/15 maxlen: 24
57.205.0.0/16 maxlen: 24
57.96.0.0/15 maxlen: 24
57.80.0.0/14 maxlen: 32
57.70.0.0/16 maxlen: 32
57.86.0.0/15 maxlen: 32
57.100.0.0/16 maxlen: 24
57.68.0.0/15 maxlen: 32
57.207.0.0/16 maxlen: 24
57.74.0.0/16 maxlen: 32
57.90.0.0/16 maxlen: 32
57.202.0.0/15 maxlen: 24
57.197.0.0/16 maxlen: 24
57.21.0.0/16 maxlen: 24
57.208.0.0/12 maxlen: 24
57.200.0.0/16 maxlen: 24
57.72.0.0/15 maxlen: 32
57.35.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:55:53:1f:59:8c:36:a8:1a:19:2d:2a:62:42:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 2 02:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33d691a257523cbf34ceef8a6a86a0a7658fdd94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ea:79:4b:b9:4e:f3:51:cf:20:91:ab:9e:c3:
93:7b:c9:b5:4d:af:78:23:ca:a9:f5:48:f4:a9:12:
f1:6f:ea:1d:09:d9:fd:f1:be:f9:82:f5:ba:21:91:
3e:e5:65:c8:cc:6a:c0:e7:d7:48:f1:db:ed:8a:8f:
08:4c:56:91:05:a9:61:f5:e2:ff:ae:72:0c:5d:b7:
1a:e8:8f:12:2c:12:2e:c8:05:ac:99:2c:00:93:54:
70:d3:e1:f8:50:5d:43:20:95:1d:44:a2:a2:b1:2a:
0a:8d:73:db:21:81:cb:32:36:15:2c:7d:32:aa:8f:
fd:ed:c0:a0:13:2f:b6:bc:3d:fe:9d:33:cf:94:4f:
7a:59:73:c0:aa:32:b0:65:87:20:7b:69:d3:86:93:
27:4e:a2:dd:5f:d8:fb:51:8e:ef:85:b0:53:3f:3e:
36:2d:28:4c:ac:eb:11:be:e9:b5:41:1a:9c:bc:a6:
f9:98:e5:fc:2e:08:20:cd:dc:ac:20:67:f2:cf:03:
b6:d7:46:9f:c6:24:6f:94:30:2d:78:7f:22:d5:1c:
77:1c:da:bf:64:47:7d:26:7f:e1:9e:65:a0:40:7b:
72:14:09:9c:e9:8e:6f:1e:54:48:c0:83:91:5e:66:
90:d5:5c:3d:92:16:24:63:30:eb:d5:c4:69:ee:59:
6d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D6:91:A2:57:52:3C:BF:34:CE:EF:8A:6A:86:A0:A7:65:8F:DD:94
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/M9aRoldSPL80zu-Kaoagp2WP3ZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.7.0.0/16
57.21.0.0/16
57.35.0.0/16
57.66.0.0-57.70.255.255
57.72.0.0-57.74.255.255
57.76.0.0-57.83.255.255
57.86.0.0/15
57.90.0.0/16
57.92.0.0/15
57.96.0.0-57.98.255.255
57.100.0.0/16
57.194.0.0/15
57.197.0.0/16
57.199.0.0-57.200.255.255
57.202.0.0/15
57.205.0.0/16
57.207.0.0-57.223.255.255
Signature Algorithm: sha256WithRSAEncryption
66:33:43:db:b6:e6:f1:b3:02:5f:f9:2e:c1:61:a3:72:e3:46:
b2:92:0a:1b:f6:49:f5:04:08:86:75:70:96:6e:b0:9a:47:15:
6f:4a:bc:b3:a5:9d:2f:f9:36:d7:1e:50:8b:44:f1:b1:7f:7e:
f6:5d:51:f0:c6:7f:d0:ac:fd:4d:c6:5a:89:1e:8c:2a:09:f8:
68:83:2d:2a:fb:36:a4:f1:f1:f2:f4:83:c8:2d:a0:f6:d7:20:
75:94:17:15:7a:b8:d0:10:00:78:ec:6b:9f:33:35:43:c6:62:
b1:d6:47:b0:f1:68:32:9c:d7:af:e9:c9:4a:34:a9:d0:7b:43:
d6:5c:ff:68:70:c3:f8:a5:cf:11:d0:ba:4e:fe:1a:91:d1:d1:
43:57:84:39:87:8b:7d:d7:0c:13:05:99:9a:15:a9:f1:a4:be:
d5:99:ba:f3:85:f6:75:6e:ce:19:04:c5:64:a5:23:d0:34:25:
a9:b5:0f:a3:18:15:05:d0:db:cc:9e:1e:10:f0:ac:44:57:75:
d2:9f:a7:ee:a9:3e:75:d4:41:dd:08:69:a1:ba:d9:96:bf:f1:
a0:7b:d3:07:14:77:49:77:7c:5f:ec:40:9c:ae:e1:6e:29:e5:
7c:95:19:0d:d3:60:6c:9d:b3:36:86:63:3d:55:11:cd:9b:7f:
9b:60:39:a3
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYzIAVVTH1mMNqgaGS0qYkI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjQwMTAyMDIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2Q2OTFhMjU3NTIzY2JmMzRjZWVmOGE2YTg2YTBhNzY1OGZkZDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOp5S7lO81HPIJGrnsOTe8m1Ta94
I8qp9Uj0qRLxb+odCdn98b75gvW6IZE+5WXIzGrA59dI8dvtio8ITFaRBalh9eL/
rnIMXbca6I8SLBIuyAWsmSwAk1Rw0+H4UF1DIJUdRKKisSoKjXPbIYHLMjYVLH0y
qo/97cCgEy+2vD3+nTPPlE96WXPAqjKwZYcge2nThpMnTqLdX9j7UY7vhbBTPz42
LShMrOsRvum1QRqcvKb5mOX8LgggzdysIGfyzwO210afxiRvlDAteH8i1Rx3HNq/
ZEd9Jn/hnmWgQHtyFAmc6Y5vHlRIwIORXmaQ1Vw9khYkYzDr1cRp7lltzwIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFDPWkaJXUjy/NM7vimqGoKdlj92UMB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvTTlhUm9sZFNQTDgwenUtS2FvYWdwMldQM1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDCBhQQCAAEwfwMDADkH
AwMAORUDAwA5IzAKAwMBOUIDAwA5RjAKAwMDOUgDAwA5SjAKAwMCOUwDAwI5UAMD
ATlWAwMAOVoDAwE5XDAKAwMFOWADAwA5YgMDADlkAwMBOcIDAwA5xTAKAwMAOccD
AwA5yAMDATnKAwMAOc0wCgMDADnPAwMFOcAwDQYJKoZIhvcNAQELBQADggEBAGYz
Q9u25vGzAl/5LsFho3LjRrKSChv2SfUECIZ1cJZusJpHFW9KvLOlnS/5NtceUItE
8bF/fvZdUfDGf9Cs/U3GWokejCoJ+GiDLSr7NqTx8fL0g8gtoPbXIHWUFxV6uNAQ
AHjsa58zNUPGYrHWR7DxaDKc16/pyUo0qdB7Q9Zc/2hww/ilzxHQuk7+GpHR0UNX
hDmHi33XDBMFmZoVqfGkvtWZuvOF9nVuzhkExWSlI9A0Jam1D6MYFQXQ28yeHhDw
rERXddKfp+6pPnXUQd0IaaG62Za/8aB70wcUd0l3fF/sQJyu4W4p5XyVGQ3TYGyd
szaGYz1VEc2bf5tgOaM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:28:15 2024 by rpki-client on console-ams.rpki-client.org