Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/CcP29cftCXdDLknbVNajVPGrxrA.roa
File: CcP29cftCXdDLknbVNajVPGrxrA.roa (raw, json)
Hash identifier: IlSvKpZ0KSQqO6I6mYRlYgjHYGwl79XHMShQPLn/KRk=
Subject key identifier: 09:C3:F6:F5:C7:ED:09:77:43:2E:49:DB:54:D6:A3:54:F1:AB:C6:B0
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 019035D78295CCBD3CCB8AD95EE6ECB393BD
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/CcP29cftCXdDLknbVNajVPGrxrA.roa
Signing time: Thu 20 Jun 2024 13:30:34 +0000
ROA not before: Thu 20 Jun 2024 13:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 5.180.216.0/23 maxlen: 23
5.180.218.0/23 maxlen: 23
5.200.0.0/19 maxlen: 24
31.204.128.0/19 maxlen: 24
31.204.132.0/22 maxlen: 22
31.204.136.0/23 maxlen: 23
89.104.168.0/23 maxlen: 23
89.104.170.0/23 maxlen: 23
91.195.234.0/23 maxlen: 23
91.198.152.0/24 maxlen: 24
91.216.207.0/24 maxlen: 24
104.153.84.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
138.128.136.0/22 maxlen: 22
138.128.140.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
162.245.204.0/22 maxlen: 22
185.41.140.0/22 maxlen: 22
185.50.104.0/22 maxlen: 22
185.52.12.0/22 maxlen: 24
185.179.200.0/23 maxlen: 24
185.179.202.0/23 maxlen: 24
185.197.24.0/22 maxlen: 23
188.122.64.0/19 maxlen: 24
193.43.218.0/23 maxlen: 23
212.19.224.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
213.179.204.0/22 maxlen: 22
213.179.209.0/24 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/23 maxlen: 23
2a00:1630::/29 maxlen: 32
2a00:1630::/32 maxlen: 48
2a00:1631::/32 maxlen: 32
2a00:1632::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
2a00:1d20::/34 maxlen: 34
2a00:1d26::/32 maxlen: 34
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.mft
rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:35:d7:82:95:cc:bd:3c:cb:8a:d9:5e:e6:ec:b3:93:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: Jun 20 13:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09c3f6f5c7ed0977432e49db54d6a354f1abc6b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:be:c9:c4:09:86:5f:a7:f5:a0:34:43:6e:70:
13:8d:05:6f:ab:1f:c3:d7:a1:ca:cf:bf:25:50:7b:
14:a1:ad:84:c3:45:a0:ea:69:56:01:ce:7b:fe:e6:
08:64:8d:c0:98:d6:3d:e6:21:1f:69:7b:6b:9b:33:
df:15:34:4d:a5:b6:c2:6c:89:88:1f:89:da:67:43:
f4:00:6a:84:e3:50:0a:64:01:ff:b3:8f:15:58:d3:
25:18:80:c6:fc:e5:d0:b2:1f:a8:68:31:e5:04:d3:
24:b4:60:5b:53:87:7b:43:be:fb:f9:c3:21:e6:d0:
83:63:9f:f3:a2:46:c8:6b:4b:aa:1b:b6:ef:c2:0e:
e2:e4:b3:ea:e3:f3:c2:91:0a:08:63:f5:dd:55:de:
8a:98:3f:c3:29:be:43:39:b8:ab:e3:2a:30:fa:59:
8f:36:48:3e:40:80:e4:84:27:8d:24:e9:81:ca:01:
84:74:9b:13:29:b6:56:7e:23:96:77:b2:bb:fb:9d:
a0:e4:b3:0f:3f:75:f7:cd:70:d2:e6:82:ef:fe:ec:
7e:1d:10:67:d6:4c:d1:c6:22:4d:d3:21:84:da:0b:
ab:f2:1f:d8:34:08:77:72:82:e7:5b:a0:c2:e0:bf:
c6:85:ab:f6:d5:46:4b:e3:01:24:df:be:aa:62:66:
0d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C3:F6:F5:C7:ED:09:77:43:2E:49:DB:54:D6:A3:54:F1:AB:C6:B0
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/CcP29cftCXdDLknbVNajVPGrxrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
89.104.168.0/22
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
3c:dd:e2:09:58:52:6e:41:2c:77:05:5d:f1:c8:4a:6b:09:12:
bb:07:ae:4e:1b:46:fb:35:05:1f:41:bd:57:8c:45:16:7a:23:
a8:1a:48:02:d2:5e:9c:b7:45:38:9b:f9:22:1b:31:d3:ce:55:
2a:da:5a:81:c3:25:ed:7d:2b:2f:b1:b2:82:5b:0b:32:9e:7f:
8c:ad:7f:df:86:16:a9:b1:0f:38:eb:96:4a:5d:97:c0:78:3b:
14:80:29:ad:e5:40:48:6e:68:6a:02:74:0e:d2:52:0c:ab:32:
e9:35:67:37:5a:9b:a6:43:20:c8:fb:64:f2:29:17:57:a3:71:
73:1b:cc:79:ae:4d:8d:e0:c3:89:59:50:5d:ea:8d:01:4e:df:
68:75:84:4b:b1:a2:3e:c2:0f:b1:bd:94:a6:a2:3e:0f:40:d1:
db:d7:a4:6d:77:a4:8d:63:c5:d3:ba:7a:c4:38:22:05:b5:f9:
25:08:08:5b:44:d2:be:b9:37:70:15:7a:ec:86:c2:c5:f9:1e:
45:d0:83:0c:b4:e4:c8:99:44:bd:fc:b8:af:9b:71:0c:5b:d3:
6d:78:0a:c3:02:01:76:51:13:2e:07:01:0c:01:95:64:b6:7e:
00:ca:10:3f:56:90:88:24:22:1a:00:a0:a1:25:bd:69:3f:64:
59:b6:01:fe
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZA114KVzL08y4rZXubss5O9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjQwNjIwMTMzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWMzZjZmNWM3ZWQwOTc3NDMyZTQ5ZGI1NGQ2YTM1NGYxYWJjNmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr7JxAmGX6f1oDRDbnATjQVvqx/D
16HKz78lUHsUoa2Ew0Wg6mlWAc57/uYIZI3AmNY95iEfaXtrmzPfFTRNpbbCbImI
H4naZ0P0AGqE41AKZAH/s48VWNMlGIDG/OXQsh+oaDHlBNMktGBbU4d7Q777+cMh
5tCDY5/zokbIa0uqG7bvwg7i5LPq4/PCkQoIY/XdVd6KmD/DKb5DObir4yow+lmP
Nkg+QIDkhCeNJOmBygGEdJsTKbZWfiOWd7K7+52g5LMPP3X3zXDS5oLv/ux+HRBn
1kzRxiJN0yGE2gur8h/YNAh3coLnW6DC4L/Ghav21UZL4wEk376qYmYNcQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFAnD9vXH7Ql3Qy5J21TWo1Txq8awMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvQ2NQMjljZnRDWGRETGtuYlZOYWpWUEdyeHJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBkQQCAAEwgYoDBAIF
tNgDBAUFyAADBAUfzIADBAJZaKgDBAFbw+oDBABbxpgDBABb2M8DBAJomVQDBAVt
yMADBAOKgIgDBAKS90wDBAKi9DQDBAKi9cwDBAK5KYwDBAK5MmgDBAK5NAwDBAK5
s8gDBAK5xRgDBAW8ekADBAHBK9oDBALUE+ADBAXVo0ADBAXVs8AwIgQCAAIwHAMF
AyoAFjADBQMqAB0gAwUAKgGVgAMFAyoExgAwDQYJKoZIhvcNAQELBQADggEBADzd
4glYUm5BLHcFXfHISmsJErsHrk4bRvs1BR9BvVeMRRZ6I6gaSALSXpy3RTib+SIb
MdPOVSraWoHDJe19Ky+xsoJbCzKef4ytf9+GFqmxDzjrlkpdl8B4OxSAKa3lQEhu
aGoCdA7SUgyrMuk1Zzdam6ZDIMj7ZPIpF1ejcXMbzHmuTY3gw4lZUF3qjQFO32h1
hEuxoj7CD7G9lKaiPg9A0dvXpG13pI1jxdO6esQ4IgW1+SUICFtE0r65N3AVeuyG
wsX5HkXQgwy05MiZRL38uK+bcQxb0214CsMCAXZREy4HAQwBlWS2fgDKED9WkIgk
IhoAoKElvWk/ZFm2Af4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:26 2024 by rpki-client on console-fra.rpki-client.org