Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/wrSMUbFUhVZg1ozS85o4gI0GQFM.roa
File: wrSMUbFUhVZg1ozS85o4gI0GQFM.roa (raw, json)
Hash identifier: D1RFpHMWPXREdx5dfliBkze2l8fgXcRq/4zqhZTqqQg=
Subject key identifier: C2:B4:8C:51:B1:54:85:56:60:D6:8C:D2:F3:9A:38:80:8D:06:40:53
Certificate issuer: /CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Certificate serial: 018D53DCDC53B1A3502B935347FAAB213A32
Authority key identifier: BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/wrSMUbFUhVZg1ozS85o4gI0GQFM.roa
Signing time: Mon 29 Jan 2024 06:16:39 +0000
ROA not before: Mon 29 Jan 2024 06:16:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20904
IP address blocks: 5.61.88.0/21 maxlen: 24
37.35.80.0/21 maxlen: 21
46.254.208.0/21 maxlen: 21
77.95.246.0/23 maxlen: 23
80.75.96.0/20 maxlen: 20
80.75.106.0/24 maxlen: 24
84.240.64.0/19 maxlen: 19
84.240.96.0/19 maxlen: 19
93.174.192.0/21 maxlen: 22
149.126.176.0/21 maxlen: 21
185.25.76.0/22 maxlen: 22
185.67.80.0/22 maxlen: 22
188.64.0.0/21 maxlen: 21
2a00:1a58::/32 maxlen: 32
2a00:74a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:53:dc:dc:53:b1:a3:50:2b:93:53:47:fa:ab:21:3a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1
Validity
Not Before: Jan 29 06:16:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2b48c51b154855660d68cd2f39a38808d064053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:eb:28:03:2d:c4:cb:22:f1:1b:70:56:bc:83:
28:b4:1a:7b:fd:2e:3d:b9:22:40:2a:3f:e5:e8:cf:
49:54:96:5f:28:aa:ab:2d:52:0f:66:4d:32:83:0a:
00:42:bb:a0:d3:34:93:7d:0e:6e:24:38:4e:50:18:
24:cb:db:42:31:8e:3d:96:da:6f:3e:40:4d:e9:39:
d9:fd:34:50:8d:21:6a:81:01:c2:b2:ed:24:5f:73:
b5:f1:49:35:43:06:e4:2c:f7:f3:8c:2a:49:bf:41:
48:ec:73:2c:c3:96:18:40:f0:bf:79:27:9d:79:96:
37:6f:bc:bf:43:79:cd:5e:31:0b:ad:dc:26:07:dd:
8a:86:04:d0:cc:25:bb:cb:57:48:c8:8a:52:4a:59:
9a:04:06:62:4c:70:24:fe:76:6e:02:5c:fd:41:21:
7d:37:fd:f3:4c:2d:bc:0f:2e:74:ce:03:aa:89:bd:
52:11:6d:07:73:d5:ce:85:85:68:41:f0:c9:2b:93:
52:dd:51:8d:4d:a4:6e:5b:51:6c:98:05:17:b4:a7:
d9:24:58:ec:11:ef:38:68:e0:8f:dd:38:2f:d8:c8:
38:8a:97:dd:3b:77:c7:94:ff:85:a0:4b:8f:6f:f6:
41:28:41:03:18:d3:d0:77:23:65:b4:35:a4:e7:b0:
2b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B4:8C:51:B1:54:85:56:60:D6:8C:D2:F3:9A:38:80:8D:06:40:53
X509v3 Authority Key Identifier:
keyid:BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/wrSMUbFUhVZg1ozS85o4gI0GQFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.88.0/21
37.35.80.0/21
46.254.208.0/21
77.95.246.0/23
80.75.96.0/20
84.240.64.0/18
93.174.192.0/21
149.126.176.0/21
185.25.76.0/22
185.67.80.0/22
188.64.0.0/21
IPv6:
2a00:1a58::/32
2a00:74a0::/32
Signature Algorithm: sha256WithRSAEncryption
06:f7:13:f4:26:49:fa:b0:fc:16:6f:a7:e2:ab:1d:e8:87:b4:
91:e2:88:a2:04:88:73:51:e1:e8:05:52:cc:54:60:29:e7:84:
af:6f:d9:e4:50:d4:1c:2d:6b:f1:e4:db:18:7d:bb:78:44:86:
07:16:63:19:3e:c9:be:94:1a:b3:fe:4d:49:da:e2:f4:8e:c2:
40:9d:14:9e:92:20:f4:06:1a:b8:1a:d7:b4:c0:6e:5f:50:4f:
2b:1c:0a:58:84:6e:cb:03:0d:74:5f:e1:58:d1:bf:24:9e:0b:
f8:f9:a6:1f:f8:12:a8:d6:a3:ea:6f:ce:3f:33:4b:81:80:ed:
98:ad:59:de:c3:53:8d:65:b4:7d:ca:21:e2:bb:6b:d6:6a:d9:
90:2e:d5:6e:da:86:07:05:10:aa:3f:ea:9c:7b:1b:be:88:86:
36:29:95:2a:c1:a1:aa:78:ac:b8:7e:6c:6d:d6:11:f0:87:3c:
54:62:3a:b7:b8:f7:d0:23:f6:f7:6c:1e:e3:14:4e:78:b8:a0:
dd:b0:ac:f8:1b:8f:4a:16:90:89:bd:d5:c4:b5:26:61:65:ef:
4e:9b:bd:a8:e5:12:38:b7:f8:f1:37:48:b5:2f:f6:ef:b1:3c:
e4:2c:f4:77:02:94:95:4c:9c:57:6c:9d:5f:7b:92:84:52:2f:
38:a8:45:98
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY1T3NxTsaNQK5NTR/qrIToyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMzFiY2Y5MjNjNWYyNWNhZmJkYWJkZmRkNDZlNTExZjk1
ZGYwZDEwHhcNMjQwMTI5MDYxNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmI0OGM1MWIxNTQ4NTU2NjBkNjhjZDJmMzlhMzg4MDhkMDY0MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsusoAy3EyyLxG3BWvIMotBp7/S49
uSJAKj/l6M9JVJZfKKqrLVIPZk0ygwoAQrug0zSTfQ5uJDhOUBgky9tCMY49ltpv
PkBN6TnZ/TRQjSFqgQHCsu0kX3O18Uk1QwbkLPfzjCpJv0FI7HMsw5YYQPC/eSed
eZY3b7y/Q3nNXjELrdwmB92KhgTQzCW7y1dIyIpSSlmaBAZiTHAk/nZuAlz9QSF9
N/3zTC28Dy50zgOqib1SEW0Hc9XOhYVoQfDJK5NS3VGNTaRuW1FsmAUXtKfZJFjs
Ee84aOCP3Tgv2Mg4ipfdO3fHlP+FoEuPb/ZBKEEDGNPQdyNltDWk57ArTQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFMK0jFGxVIVWYNaM0vOaOICNBkBTMB8GA1UdIwQY
MBaAFLoxvPkjxfJcr72r391G5RH5XfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYt
MWJhMzQzZjE3ZWMyLzEvd3JTTVViRlVoVlpnMW96Uzg1bzRnSTBHUUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYtMWJhMzQzZjE3ZWMy
LzEvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQDBT1YAwQD
JSNQAwQDLv7QAwQBTV/2AwQEUEtgAwQGVPBAAwQDXa7AAwQDlX6wAwQCuRlMAwQC
uUNQAwQDvEAAMBQEAgACMA4DBQAqABpYAwUAKgB0oDANBgkqhkiG9w0BAQsFAAOC
AQEABvcT9CZJ+rD8Fm+n4qsd6Ie0keKIogSIc1Hh6AVSzFRgKeeEr2/Z5FDUHC1r
8eTbGH27eESGBxZjGT7JvpQas/5NSdri9I7CQJ0UnpIg9AYauBrXtMBuX1BPKxwK
WIRuywMNdF/hWNG/JJ4L+PmmH/gSqNaj6m/OPzNLgYDtmK1Z3sNTjWW0fcoh4rtr
1mrZkC7VbtqGBwUQqj/qnHsbvoiGNimVKsGhqnisuH5sbdYR8Ic8VGI6t7j30CP2
92we4xROeLig3bCs+BuPShaQib3VxLUmYWXvTpu9qOUSOLf48TdItS/277E85Cz0
dwKUlUycV2ydX3uShFIvOKhFmA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:00:41 2024 by rpki-client on console-ams.rpki-client.org