Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/urWr6X3FvAQscGEaU-3gR6wSsHk.roa
File: urWr6X3FvAQscGEaU-3gR6wSsHk.roa (raw, json)
Hash identifier: D8bRXDk//AfyNIQHagzIcjogOKK4JJawt/ktz8sa6tA=
Subject key identifier: BA:B5:AB:E9:7D:C5:BC:04:2C:70:61:1A:53:ED:E0:47:AC:12:B0:79
Certificate issuer: /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial: 018F9B392538DE12525C936F504709C92D8C
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/urWr6X3FvAQscGEaU-3gR6wSsHk.roa
Signing time: Tue 21 May 2024 12:56:04 +0000
ROA not before: Tue 21 May 2024 12:56:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42925
IP address blocks: 31.44.128.0/20 maxlen: 24
31.44.128.0/21 maxlen: 24
31.44.136.0/21 maxlen: 24
37.60.40.0/21 maxlen: 24
37.60.40.0/22 maxlen: 24
37.60.44.0/22 maxlen: 24
95.86.64.0/18 maxlen: 24
95.86.64.0/19 maxlen: 24
95.86.96.0/19 maxlen: 24
147.236.102.0/23 maxlen: 24
147.236.212.0/22 maxlen: 24
147.236.224.0/22 maxlen: 24
164.138.112.0/20 maxlen: 24
164.138.112.0/21 maxlen: 24
164.138.120.0/21 maxlen: 24
185.10.64.0/22 maxlen: 24
185.139.229.0/24 maxlen: 24
212.76.96.0/19 maxlen: 24
212.76.96.0/20 maxlen: 24
212.76.112.0/20 maxlen: 24
213.151.32.0/19 maxlen: 24
213.151.32.0/24 maxlen: 24
213.151.48.0/20 maxlen: 24
217.194.196.0/22 maxlen: 24
217.194.200.0/21 maxlen: 24
2a01:6500::/29 maxlen: 29
2a01:6500::/32 maxlen: 32
2a01:6500:3::/48 maxlen: 48
2a01:6500:a040::/46 maxlen: 46
2a01:6500:a044::/46 maxlen: 46
2a01:6500:a048::/46 maxlen: 46
2a01:6500:a050::/46 maxlen: 46
2a01:6500:a054::/46 maxlen: 46
2a01:6500:a058::/46 maxlen: 46
2a01:6501::/32 maxlen: 32
2a01:6502::/32 maxlen: 32
2a01:6502:a54::/46 maxlen: 46
2a01:6502:a58::/46 maxlen: 46
2a01:6503::/32 maxlen: 32
2a01:6504::/32 maxlen: 32
2a01:6505::/32 maxlen: 32
2a01:6506::/32 maxlen: 32
2a01:6507::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.mft
rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:39:25:38:de:12:52:5c:93:6f:50:47:09:c9:2d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Validity
Not Before: May 21 12:56:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bab5abe97dc5bc042c70611a53ede047ac12b079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:02:98:e4:c6:63:cf:9c:20:c6:62:d7:8e:65:
85:3b:bc:6b:f2:cb:7b:7a:d2:09:cf:d4:d8:90:cf:
d9:83:c8:f1:27:82:26:7e:bf:ea:76:9a:b2:ec:f6:
a7:f4:67:1f:e0:e1:2c:ef:93:83:45:20:cc:7e:bf:
e5:6f:4a:ff:4e:66:bc:1f:37:b3:5c:d9:ed:c2:e3:
df:8c:20:e1:f5:a5:5f:8c:69:32:9c:22:08:6d:b3:
02:01:62:28:6a:b9:f1:61:cc:3a:f8:94:47:b3:44:
5a:7e:31:8a:24:ec:73:5a:fa:d2:70:83:84:bf:ac:
15:af:ca:1d:62:0b:5d:f4:50:e0:eb:62:6e:41:7c:
16:a8:25:b0:12:d5:90:ea:c3:24:89:ab:da:b6:9d:
31:dc:06:98:7a:2b:ee:3c:0d:02:0e:b6:24:63:94:
14:05:81:15:3e:42:53:d0:fd:f7:60:be:9e:e6:68:
8c:c0:78:9f:6e:6b:d1:8a:a1:21:72:73:fa:0d:d7:
ed:74:a0:db:92:3e:77:44:12:6a:fd:b3:c5:d1:06:
d5:77:22:90:10:e1:f4:a8:22:be:57:6e:96:42:25:
bd:58:14:82:dc:ac:0a:71:63:a0:4b:ea:46:d9:9a:
9e:55:e0:8a:1f:fa:05:32:26:98:0e:d2:1d:3a:04:
52:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B5:AB:E9:7D:C5:BC:04:2C:70:61:1A:53:ED:E0:47:AC:12:B0:79
X509v3 Authority Key Identifier:
keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/urWr6X3FvAQscGEaU-3gR6wSsHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.128.0/20
37.60.40.0/21
95.86.64.0/18
147.236.102.0/23
147.236.212.0/22
147.236.224.0/22
164.138.112.0/20
185.10.64.0/22
185.139.229.0/24
212.76.96.0/19
213.151.32.0/19
217.194.196.0-217.194.207.255
IPv6:
2a01:6500::/29
Signature Algorithm: sha256WithRSAEncryption
05:d6:fc:fb:5f:bc:06:9a:b9:e1:6c:74:dd:c8:63:46:fc:02:
ad:05:c3:bb:6a:af:9d:fe:b4:66:47:ef:a8:86:41:7b:dc:5a:
a3:53:7f:71:3d:8a:35:08:63:b2:64:25:b9:fa:f8:43:cc:ae:
89:5a:31:53:07:d4:fc:d3:96:2f:d1:87:98:79:ef:fb:55:a3:
9d:cb:66:d9:a3:12:c7:53:80:ae:e8:01:04:5a:bb:19:23:4d:
e6:cc:86:3f:30:66:d8:1a:e4:25:0f:ba:91:fe:2d:05:44:b4:
a8:87:42:ef:b3:22:b3:2c:9c:51:13:ec:21:8c:30:9d:b9:d5:
b8:bc:ba:d7:2e:19:98:7d:82:71:b6:8a:8a:fe:99:c0:23:f5:
10:2b:36:64:59:39:53:e8:44:ec:9a:46:59:ed:48:27:59:74:
4b:6e:53:c3:cc:37:a6:9f:ec:94:bf:ad:57:d7:e6:f9:2d:65:
bd:7b:3d:6c:b3:2b:76:bf:85:49:9b:60:c6:14:3f:34:3e:73:
7f:74:06:b3:cc:ea:0b:18:e2:57:29:c3:bc:dd:2c:9c:b9:e9:
23:30:cf:bc:fb:f1:0a:23:0b:96:77:b9:49:61:14:94:af:8d:
0c:e3:80:51:98:bc:cb:45:56:35:7f:86:14:82:36:88:a6:3c:
45:7c:e2:61
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAY+bOSU43hJSXJNvUEcJyS2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjY2QwY2FjZmFmYTJlMGQzMTQ5NWRkOTUwZjc2YWY1Zjk4
YmE1ZDcwHhcNMjQwNTIxMTI1NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWI1YWJlOTdkYzViYzA0MmM3MDYxMWE1M2VkZTA0N2FjMTJiMDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQKY5MZjz5wgxmLXjmWFO7xr8st7
etIJz9TYkM/Zg8jxJ4Imfr/qdpqy7Pan9Gcf4OEs75ODRSDMfr/lb0r/Tma8Hzez
XNntwuPfjCDh9aVfjGkynCIIbbMCAWIoarnxYcw6+JRHs0RafjGKJOxzWvrScIOE
v6wVr8odYgtd9FDg62JuQXwWqCWwEtWQ6sMkiavatp0x3AaYeivuPA0CDrYkY5QU
BYEVPkJT0P33YL6e5miMwHifbmvRiqEhcnP6DdftdKDbkj53RBJq/bPF0QbVdyKQ
EOH0qCK+V26WQiW9WBSC3KwKcWOgS+pG2ZqeVeCKH/oFMiaYDtIdOgRSLQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFLq1q+l9xbwELHBhGlPt4EesErB5MB8GA1UdIwQY
MBaAFHzNDKz6+i4NMUld2VD3avX5i6XXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUt
NDM5ZmM4ZjliMzg2LzEvdXJXcjZYM0Z2QVFzY0dFYVUtM2dSNndTc0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9iZTVkY2YtY2IwNS00NjFhLTg2OGUtNDM5ZmM4ZjliMzg2
LzEvZk0wTXJQcjZMZzB4U1YzWlVQZHE5Zm1McGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQEHyyAAwQD
JTwoAwQGX1ZAAwQBk+xmAwQCk+zUAwQCk+zgAwQEpIpwAwQCuQpAAwQAuYvlAwQF
1ExgAwQF1ZcgMAwDBALZwsQDBATZwsAwDQQCAAIwBwMFAyoBZQAwDQYJKoZIhvcN
AQELBQADggEBAAXW/PtfvAaaueFsdN3IY0b8Aq0Fw7tqr53+tGZH76iGQXvcWqNT
f3E9ijUIY7JkJbn6+EPMrolaMVMH1PzTli/Rh5h57/tVo53LZtmjEsdTgK7oAQRa
uxkjTebMhj8wZtga5CUPupH+LQVEtKiHQu+zIrMsnFET7CGMMJ251bi8utcuGZh9
gnG2ior+mcAj9RArNmRZOVPoROyaRlntSCdZdEtuU8PMN6af7JS/rVfX5vktZb17
PWyzK3a/hUmbYMYUPzQ+c390BrPM6gsY4lcpw7zdLJy56SMwz7z78QojC5Z3uUlh
FJSvjQzjgFGYvMtFVjV/hhSCNoimPEV84mE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:53 2024 by rpki-client on console-fra.rpki-client.org