Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/RA55IVMAepW2D8xMF2mzocG24Cc.roa
File: RA55IVMAepW2D8xMF2mzocG24Cc.roa (raw, json)
Hash identifier: wkK+gYRzR3oUjLMF2E1Bwz4BdFL4Z0GeQESdfRKO6mc=
Subject key identifier: 44:0E:79:21:53:00:7A:95:B6:0F:CC:4C:17:69:B3:A1:C1:B6:E0:27
Certificate issuer: /CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Certificate serial: 018E0EDF39D34FA85CBE5999F0C61E2BEA5B
Authority key identifier: 19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/RA55IVMAepW2D8xMF2mzocG24Cc.roa
Signing time: Tue 05 Mar 2024 13:48:14 +0000
ROA not before: Tue 05 Mar 2024 13:48:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202246
IP address blocks: 109.204.176.0/20 maxlen: 20
109.204.176.0/22 maxlen: 22
109.204.180.0/23 maxlen: 23
109.204.184.0/22 maxlen: 22
109.204.188.0/23 maxlen: 23
171.22.241.0/24 maxlen: 24
185.128.16.0/22 maxlen: 22
2a10:a5c0::/29 maxlen: 29
2a10:a5c0::/32 maxlen: 32
2a10:a5c0::/36 maxlen: 36
2a10:a5c0:1000::/36 maxlen: 36
2a10:a5c0:4000::/36 maxlen: 36
2a10:a5c0:5000::/36 maxlen: 36
2a10:a5c0:8000::/36 maxlen: 36
2a10:a5c0:9000::/36 maxlen: 36
2a10:a5c0:c000::/36 maxlen: 36
2a10:a5c0:d000::/36 maxlen: 36
2a10:a5c1::/32 maxlen: 32
2a10:a5c2::/32 maxlen: 32
2a10:a5c3::/32 maxlen: 32
2a10:a5c4::/32 maxlen: 32
2a10:a5c5::/32 maxlen: 32
2a10:a5c6::/32 maxlen: 32
2a10:a5c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:df:39:d3:4f:a8:5c:be:59:99:f0:c6:1e:2b:ea:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Validity
Not Before: Mar 5 13:48:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=440e792153007a95b60fcc4c1769b3a1c1b6e027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3b:01:5f:04:1f:c7:0e:e9:c6:24:1c:76:a3:
98:70:c8:ff:95:ab:93:67:39:7e:15:09:78:9d:a3:
d6:82:55:12:73:18:df:87:ad:72:23:72:72:1f:bf:
c3:cf:db:3c:9b:6c:1a:79:fc:49:83:99:2b:5d:6b:
22:4c:1e:60:be:ff:89:2c:3e:57:84:4e:c6:46:52:
6c:a9:d4:d9:5e:09:9b:3e:75:24:d5:91:ff:e7:20:
3a:f0:06:cd:28:69:c0:1f:bf:a6:c8:0f:76:fb:71:
87:b4:a9:1b:f4:16:34:70:ef:6e:e3:8e:86:2b:5c:
9a:30:fa:69:03:38:37:ad:0f:13:c9:88:17:80:9c:
21:ce:09:0d:88:41:c9:33:e6:83:e7:c5:a7:0a:c9:
4c:08:1d:a3:fe:eb:0d:5a:15:7b:c0:cb:25:75:a7:
2a:b9:f5:71:0b:b4:a9:1a:46:c2:60:bc:f0:3d:5c:
de:d4:f1:22:13:f3:9a:61:42:4c:25:5b:e1:b3:8f:
b9:f2:65:f7:72:71:f1:7b:78:dc:17:af:a6:0d:b1:
25:10:45:58:c2:78:90:9f:40:69:c0:19:02:c1:a1:
f7:27:aa:e6:b6:cc:95:0b:93:48:25:45:0a:11:b4:
13:56:76:aa:95:81:a5:92:71:33:64:21:ef:67:1e:
4f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:0E:79:21:53:00:7A:95:B6:0F:CC:4C:17:69:B3:A1:C1:B6:E0:27
X509v3 Authority Key Identifier:
keyid:19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/RA55IVMAepW2D8xMF2mzocG24Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.204.176.0/20
171.22.241.0/24
185.128.16.0/22
IPv6:
2a10:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:56:58:7a:43:3f:ca:af:8d:b6:12:4c:dd:70:be:b5:9a:02:
57:2d:77:13:46:7e:2b:55:95:c8:2b:e8:f2:c4:af:5b:cb:d1:
8b:fd:f8:50:3d:86:6c:c6:49:97:0f:d1:65:ed:6a:30:a7:ae:
62:26:93:ad:0b:8f:ed:35:a1:d2:8e:e3:cd:b0:53:e2:88:a4:
be:e3:da:82:46:3e:2d:91:32:0a:50:29:45:c7:aa:86:10:86:
62:b4:01:b0:6e:4d:93:82:2a:e0:e8:29:39:23:01:11:2a:e8:
5f:37:5b:7a:fe:40:33:a6:10:59:1a:33:88:b2:f3:8a:58:ec:
20:32:17:d8:7c:21:2b:4b:0c:14:b0:9f:30:63:4c:86:0d:0a:
88:af:8a:ed:f5:c4:a4:80:11:a5:ac:e5:f1:5c:a7:bd:57:57:
a2:14:30:b7:52:c9:d7:08:45:5c:ef:40:7c:14:5c:5c:5c:90:
f9:de:3c:17:25:05:5a:08:76:37:3f:cf:cd:81:4c:be:4a:56:
4c:46:0b:b5:8a:cd:c9:dd:c4:a1:96:b2:07:9c:d0:ef:4f:10:
77:d3:d3:73:d5:83:a3:61:f2:2a:09:66:0d:67:d5:eb:ab:87:
44:41:29:11:07:38:6a:86:ac:df:bd:ff:b6:ff:dc:d7:76:ee:
4c:33:d3:cc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY4O3znTT6hcvlmZ8MYeK+pbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTNjYjQ4NTY4MjFkMTRjZDJlMGI3NjdjMjkzMWEyMmMx
NTRlN2MwHhcNMjQwMzA1MTM0ODE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDBlNzkyMTUzMDA3YTk1YjYwZmNjNGMxNzY5YjNhMWMxYjZlMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjsBXwQfxw7pxiQcdqOYcMj/lauT
Zzl+FQl4naPWglUScxjfh61yI3JyH7/Dz9s8m2waefxJg5krXWsiTB5gvv+JLD5X
hE7GRlJsqdTZXgmbPnUk1ZH/5yA68AbNKGnAH7+myA92+3GHtKkb9BY0cO9u446G
K1yaMPppAzg3rQ8TyYgXgJwhzgkNiEHJM+aD58WnCslMCB2j/usNWhV7wMsldacq
ufVxC7SpGkbCYLzwPVze1PEiE/OaYUJMJVvhs4+58mX3cnHxe3jcF6+mDbElEEVY
wniQn0BpwBkCwaH3J6rmtsyVC5NIJUUKEbQTVnaqlYGlknEzZCHvZx5P2QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEQOeSFTAHqVtg/MTBdps6HBtuAnMB8GA1UdIwQY
MBaAFBkTy0hWgh0UzS4LdnwpMaIsFU58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTkt
MDc3OWRmMWRkNjRkLzEvUkE1NUlWTUFlcFcyRDh4TUYybXpvY0cyNENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTktMDc3OWRmMWRkNjRk
LzEvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEbcywAwQA
qxbxAwQCuYAQMA0EAgACMAcDBQMqEKXAMA0GCSqGSIb3DQEBCwUAA4IBAQCjVlh6
Qz/Kr422EkzdcL61mgJXLXcTRn4rVZXIK+jyxK9by9GL/fhQPYZsxkmXD9Fl7Wow
p65iJpOtC4/tNaHSjuPNsFPiiKS+49qCRj4tkTIKUClFx6qGEIZitAGwbk2Tgirg
6Ck5IwERKuhfN1t6/kAzphBZGjOIsvOKWOwgMhfYfCErSwwUsJ8wY0yGDQqIr4rt
9cSkgBGlrOXxXKe9V1eiFDC3UsnXCEVc70B8FFxcXJD53jwXJQVaCHY3P8/NgUy+
SlZMRgu1is3J3cShlrIHnNDvTxB309Nz1YOjYfIqCWYNZ9Xrq4dEQSkRBzhqhqzf
vf+2/9zXdu5MM9PM
-----END CERTIFICATE-----
Generated at Sat May 11 08:19:35 2024 by rpki-client on console-fra.rpki-client.org