Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/_uTBR4Ra93MtvNc0g0mIoYtD2xc.roa
File: _uTBR4Ra93MtvNc0g0mIoYtD2xc.roa (raw, json)
Hash identifier: +Jwz/e9sjqK+VDaF9mVJs3gy0bKSzqAT9EJSW+tzlzA=
Subject key identifier: FE:E4:C1:47:84:5A:F7:73:2D:BC:D7:34:83:49:88:A1:8B:43:DB:17
Certificate issuer: /CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Certificate serial: 01936D36929E36AED4C9101A5E35DF82F59C
Authority key identifier: BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/_uTBR4Ra93MtvNc0g0mIoYtD2xc.roa
Signing time: Wed 27 Nov 2024 10:41:53 +0000
ROA not before: Wed 27 Nov 2024 10:41:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20904
IP address blocks: 5.61.88.0/21 maxlen: 24
37.35.80.0/21 maxlen: 21
46.254.208.0/22 maxlen: 22
77.95.242.0/24 maxlen: 24
77.95.245.0/24 maxlen: 24
77.95.246.0/23 maxlen: 23
80.75.96.0/20 maxlen: 20
80.75.106.0/24 maxlen: 24
84.240.64.0/19 maxlen: 19
93.174.192.0/21 maxlen: 22
149.126.176.0/21 maxlen: 21
185.16.168.0/22 maxlen: 22
185.25.76.0/22 maxlen: 22
185.67.80.0/22 maxlen: 22
188.64.0.0/21 maxlen: 21
2a00:1a58::/32 maxlen: 32
2a00:74a0::/32 maxlen: 32
2a04:240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 10:42:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:36:92:9e:36:ae:d4:c9:10:1a:5e:35:df:82:f5:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Validity
Not Before: Nov 27 10:41:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fee4c147845af7732dbcd734834988a18b43db17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ca:b4:5a:c9:19:ae:45:35:3d:3c:c5:d9:d8:
31:0e:9f:a3:92:67:00:e2:f2:e6:09:00:ec:a2:1c:
79:3f:2f:93:77:06:aa:31:aa:45:98:54:e8:01:34:
ea:d4:8e:75:1e:b5:45:ae:20:7d:e8:01:74:dc:72:
a6:c5:f1:61:4f:e3:e3:b3:e1:50:07:af:3d:5b:12:
f1:6d:81:9c:bb:4f:43:18:d5:3b:db:c1:b7:12:07:
66:66:f9:0a:60:5a:0e:31:fa:6a:36:a6:f5:26:a3:
39:1b:1d:fb:84:f4:ad:78:c3:4f:5f:9c:37:c5:c8:
df:fb:a1:fe:a3:b9:53:f7:0a:c4:27:ff:b0:ba:24:
99:16:9b:65:62:3d:1a:dd:c9:89:c4:e2:66:63:34:
d9:8e:76:45:6d:60:36:71:51:c6:81:d7:b8:01:48:
16:dd:e0:b1:01:86:bf:a2:42:ba:bf:48:f0:b7:61:
ba:d6:74:11:46:ee:3a:a4:95:40:3a:01:b9:1a:f6:
14:e8:e6:d5:cb:f2:a8:05:4a:a6:a1:bd:24:b0:89:
a9:0c:84:67:ea:10:1d:a0:b1:8b:82:43:e1:55:e5:
cd:6c:7c:45:9f:41:03:b3:90:4f:67:c5:07:ee:7e:
5c:1b:79:5e:5f:c6:a9:cc:18:45:48:31:55:a9:8c:
6e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E4:C1:47:84:5A:F7:73:2D:BC:D7:34:83:49:88:A1:8B:43:DB:17
X509v3 Authority Key Identifier:
keyid:BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/_uTBR4Ra93MtvNc0g0mIoYtD2xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.88.0/21
37.35.80.0/21
46.254.208.0/22
77.95.242.0/24
77.95.245.0-77.95.247.255
80.75.96.0/20
84.240.64.0/19
93.174.192.0/21
149.126.176.0/21
185.16.168.0/22
185.25.76.0/22
185.67.80.0/22
188.64.0.0/21
IPv6:
2a00:1a58::/32
2a00:74a0::/32
2a04:240::/29
Signature Algorithm: sha256WithRSAEncryption
19:56:68:47:47:c6:28:df:7a:bd:f4:15:7b:d4:3a:c7:21:55:
b8:17:c6:ee:eb:bb:e6:ff:30:90:99:64:27:68:76:7a:98:6c:
0c:2e:eb:12:4f:8c:57:68:74:b7:b6:1d:97:4f:73:67:17:73:
11:ee:68:af:88:d6:28:1c:fb:4e:74:c9:a0:1f:ad:8d:50:7c:
56:e2:33:74:25:ed:fa:67:c3:70:99:4c:cc:6a:13:d7:e5:f3:
c0:b9:4e:b7:88:51:59:10:2b:d9:04:ae:88:3c:25:00:ba:b9:
41:b7:e2:79:f4:c9:79:38:ae:43:59:b4:ae:00:66:60:85:7d:
16:3e:80:7f:d5:0a:28:02:85:b1:4d:94:44:3b:cd:86:7a:78:
8a:80:bd:ba:92:5e:48:f0:dc:dd:93:9c:ea:0e:bc:db:b9:08:
66:69:61:5d:5c:0e:93:52:eb:35:33:2f:ec:46:11:74:ae:f3:
dd:3f:0d:06:e6:1e:0d:ac:61:12:af:27:7b:2d:20:a2:77:40:
69:c5:21:89:7b:b9:f8:72:be:db:dc:3f:26:30:54:bd:e0:78:
c5:5b:be:e5:0e:68:9a:f0:47:09:88:21:ac:97:7c:55:3b:1f:
e5:f0:51:87:fd:c5:15:ee:91:9d:1c:d2:f2:71:98:a3:98:b5:
a7:07:82:5b
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZNtNpKeNq7UyRAaXjXfgvWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzFiY2Y5MjNjNWYyNWNhZmJkYWJkZmRkNDZlNTExZjk1
ZGYwZDEwHhcNMjQxMTI3MTA0MTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWU0YzE0Nzg0NWFmNzczMmRiY2Q3MzQ4MzQ5ODhhMThiNDNkYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcq0WskZrkU1PTzF2dgxDp+jkmcA
4vLmCQDsohx5Py+TdwaqMapFmFToATTq1I51HrVFriB96AF03HKmxfFhT+Pjs+FQ
B689WxLxbYGcu09DGNU728G3EgdmZvkKYFoOMfpqNqb1JqM5Gx37hPSteMNPX5w3
xcjf+6H+o7lT9wrEJ/+wuiSZFptlYj0a3cmJxOJmYzTZjnZFbWA2cVHGgde4AUgW
3eCxAYa/okK6v0jwt2G61nQRRu46pJVAOgG5GvYU6ObVy/KoBUqmob0ksImpDIRn
6hAdoLGLgkPhVeXNbHxFn0EDs5BPZ8UH7n5cG3leX8apzBhFSDFVqYxuzwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFP7kwUeEWvdzLbzXNINJiKGLQ9sXMB8GA1UdIwQY
MBaAFLoxvPkjxfJcr72r391G5RH5XfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYt
MWJhMzQzZjE3ZWMyLzEvX3VUQlI0UmE5M010dk5jMGcwbUlvWXREMnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYtMWJhMzQzZjE3ZWMy
LzEvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswXAQCAAEwVgMEAwU9WAME
AyUjUAMEAi7+0AMEAE1f8jAMAwQATV/1AwQDTV/wAwQEUEtgAwQFVPBAAwQDXa7A
AwQDlX6wAwQCuRCoAwQCuRlMAwQCuUNQAwQDvEAAMBsEAgACMBUDBQAqABpYAwUA
KgB0oAMFAyoEAkAwDQYJKoZIhvcNAQELBQADggEBABlWaEdHxijfer30FXvUOsch
VbgXxu7ru+b/MJCZZCdodnqYbAwu6xJPjFdodLe2HZdPc2cXcxHuaK+I1igc+050
yaAfrY1QfFbiM3Ql7fpnw3CZTMxqE9fl88C5TreIUVkQK9kErog8JQC6uUG34nn0
yXk4rkNZtK4AZmCFfRY+gH/VCigChbFNlEQ7zYZ6eIqAvbqSXkjw3N2TnOoOvNu5
CGZpYV1cDpNS6zUzL+xGEXSu890/DQbmHg2sYRKvJ3stIKJ3QGnFIYl7ufhyvtvc
PyYwVL3geMVbvuUOaJrwRwmIIayXfFU7H+XwUYf9xRXukZ0c0vJxmKOYtacHgls=
-----END CERTIFICATE-----
Generated at Wed Nov 27 16:41:32 2024 by rpki-client on console-ams.rpki-client.org