Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/_Mia4BN2x0AjDutNB76Ltwdzlys.roa
File: _Mia4BN2x0AjDutNB76Ltwdzlys.roa (raw, json)
Hash identifier: UM2XPXUwtyN0ZYTG2XEJO6Sv8ihxBBHHukmy6D4un4k=
Subject key identifier: FC:C8:9A:E0:13:76:C7:40:23:0E:EB:4D:07:BE:8B:B7:07:73:97:2B
Certificate issuer: /CN=19cdd8206c1e352c5065e481797ef77af0c3de8d
Certificate serial: 018CC86F2C4D639CD851102BF24DB7E63E26
Authority key identifier: 19:CD:D8:20:6C:1E:35:2C:50:65:E4:81:79:7E:F7:7A:F0:C3:DE:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gc3YIGweNSxQZeSBeX73evDD3o0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/_Mia4BN2x0AjDutNB76Ltwdzlys.roa
Signing time: Tue 02 Jan 2024 04:29:38 +0000
ROA not before: Tue 02 Jan 2024 04:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51669
IP address blocks: 176.120.176.0/22 maxlen: 22
176.120.176.0/20 maxlen: 20
176.120.180.0/22 maxlen: 22
176.120.184.0/22 maxlen: 22
176.120.188.0/22 maxlen: 22
176.120.190.0/24 maxlen: 24
178.159.48.0/20 maxlen: 20
178.159.48.0/22 maxlen: 22
178.159.56.0/22 maxlen: 22
178.159.52.0/22 maxlen: 22
178.159.60.0/22 maxlen: 22
31.129.128.0/22 maxlen: 22
31.129.132.0/22 maxlen: 22
31.129.128.0/19 maxlen: 19
31.129.133.0/24 maxlen: 24
185.63.217.0/24 maxlen: 24
185.63.216.0/23 maxlen: 23
185.63.216.0/24 maxlen: 24
31.129.136.0/22 maxlen: 22
185.63.218.0/23 maxlen: 23
185.63.219.0/24 maxlen: 24
185.63.218.0/24 maxlen: 24
31.129.144.0/22 maxlen: 22
31.129.140.0/22 maxlen: 22
31.129.148.0/22 maxlen: 22
31.129.152.0/22 maxlen: 22
31.129.156.0/22 maxlen: 22
31.129.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/Gc3YIGweNSxQZeSBeX73evDD3o0.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/Gc3YIGweNSxQZeSBeX73evDD3o0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gc3YIGweNSxQZeSBeX73evDD3o0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:03:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:2c:4d:63:9c:d8:51:10:2b:f2:4d:b7:e6:3e:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19cdd8206c1e352c5065e481797ef77af0c3de8d
Validity
Not Before: Jan 2 04:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fcc89ae01376c740230eeb4d07be8bb70773972b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7e:e6:3e:c7:8c:4a:ff:3c:25:47:21:f1:e3:
fd:23:91:8c:f8:60:36:1c:17:7b:a4:b7:2a:fd:e9:
1b:c4:eb:1b:1f:ab:01:75:2f:83:16:f3:f7:49:ae:
65:a3:8b:7d:a5:02:82:95:95:f9:d9:15:9b:30:2c:
c9:85:1f:ba:7b:fd:59:14:77:73:a2:b6:77:6a:12:
4e:d4:c1:41:08:9e:4a:18:24:62:dd:c5:f6:7c:62:
34:e3:00:71:f9:94:57:94:86:2c:0a:75:8f:6b:d9:
82:67:6d:99:2f:77:19:b3:5c:60:e9:35:0a:65:c4:
cd:f5:79:4b:9a:a0:4c:d4:df:5d:26:f8:7e:d4:4f:
c7:fd:17:b9:4f:c0:9a:4a:72:2b:f7:03:7d:d6:5a:
2d:62:39:05:25:dc:d4:f1:47:da:40:fd:e4:72:c0:
20:02:c7:f7:e2:46:1f:f4:48:1b:16:b7:32:58:7c:
93:67:69:67:45:81:d4:ba:24:0d:66:72:3e:ea:79:
c1:ea:f8:70:d6:fd:e1:c8:c6:c5:ca:6a:80:6a:c4:
3c:4c:90:fb:c4:a6:c8:4d:48:aa:1a:a8:88:03:4a:
2e:6d:b5:bb:bd:55:fa:3f:e4:37:8d:21:73:7c:50:
9d:69:9c:a2:0e:1e:00:d8:f8:27:9c:fe:9e:06:3a:
ed:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C8:9A:E0:13:76:C7:40:23:0E:EB:4D:07:BE:8B:B7:07:73:97:2B
X509v3 Authority Key Identifier:
keyid:19:CD:D8:20:6C:1E:35:2C:50:65:E4:81:79:7E:F7:7A:F0:C3:DE:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gc3YIGweNSxQZeSBeX73evDD3o0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/_Mia4BN2x0AjDutNB76Ltwdzlys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/Gc3YIGweNSxQZeSBeX73evDD3o0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.128.0/19
176.120.176.0/20
178.159.48.0/20
185.63.216.0/22
Signature Algorithm: sha256WithRSAEncryption
01:aa:2c:51:b2:8c:f0:5e:88:45:30:c3:f9:bd:d8:62:52:fe:
24:a6:29:11:b8:11:a5:c7:6e:56:8c:8e:2f:d6:7a:cf:0c:cc:
d0:07:68:41:51:1a:64:8d:11:2d:bd:ea:ff:c5:85:99:a2:b7:
76:36:9c:40:a7:da:56:ac:db:61:65:28:56:db:77:66:ef:3e:
3c:03:de:ef:4c:dc:87:dc:ab:bb:c4:b2:e3:d6:c7:26:12:0a:
7c:3d:87:9f:6a:96:01:f7:94:13:73:27:ce:48:5e:b6:9e:4d:
4c:5e:33:4a:a9:83:41:7f:d9:5a:ff:7f:18:ae:d6:60:74:1d:
77:8b:09:39:3e:0d:67:f4:dc:e8:36:5a:78:19:ad:78:ca:42:
16:44:a9:ac:9e:63:75:08:39:d1:f6:01:74:7b:d1:35:56:26:
c8:0e:5f:24:e5:fb:6b:4c:ae:bd:56:0e:c7:70:97:ac:41:9c:
4b:cb:a3:c6:3b:f7:30:f7:7f:f2:ad:74:70:d4:56:43:1b:a4:
e0:fc:a8:2e:92:13:55:83:9f:a1:e6:a2:61:8b:40:5f:a1:4c:
a1:50:aa:5a:75:f9:23:97:e6:61:80:07:28:c3:c4:b7:20:0c:
f0:35:15:00:f3:42:d3:c9:11:e9:17:6b:74:24:d1:a8:bc:86:
e6:3a:24:e3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIbyxNY5zYURAr8k235j4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Y2RkODIwNmMxZTM1MmM1MDY1ZTQ4MTc5N2VmNzdhZjBj
M2RlOGQwHhcNMjQwMTAyMDQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2M4OWFlMDEzNzZjNzQwMjMwZWViNGQwN2JlOGJiNzA3NzM5NzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon7mPseMSv88JUch8eP9I5GM+GA2
HBd7pLcq/ekbxOsbH6sBdS+DFvP3Sa5lo4t9pQKClZX52RWbMCzJhR+6e/1ZFHdz
orZ3ahJO1MFBCJ5KGCRi3cX2fGI04wBx+ZRXlIYsCnWPa9mCZ22ZL3cZs1xg6TUK
ZcTN9XlLmqBM1N9dJvh+1E/H/Re5T8CaSnIr9wN91lotYjkFJdzU8UfaQP3kcsAg
Asf34kYf9EgbFrcyWHyTZ2lnRYHUuiQNZnI+6nnB6vhw1v3hyMbFymqAasQ8TJD7
xKbITUiqGqiIA0oubbW7vVX6P+Q3jSFzfFCdaZyiDh4A2PgnnP6eBjrtFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPzImuATdsdAIw7rTQe+i7cHc5crMB8GA1UdIwQY
MBaAFBnN2CBsHjUsUGXkgXl+93rww96NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2MzWUlHd2VOU3hRWmVTQmVYNzNldkREM28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mMjUwNjYtOWViYS00M2FjLWJiYjQt
N2IxNzc4ZGRmN2E5LzEvX01pYTRCTjJ4MEFqRHV0TkI3Nkx0d2R6bHlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9mMjUwNjYtOWViYS00M2FjLWJiYjQtN2IxNzc4ZGRmN2E5
LzEvR2MzWUlHd2VOU3hRWmVTQmVYNzNldkREM28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFH4GAAwQE
sHiwAwQEsp8wAwQCuT/YMA0GCSqGSIb3DQEBCwUAA4IBAQABqixRsozwXohFMMP5
vdhiUv4kpikRuBGlx25WjI4v1nrPDMzQB2hBURpkjREtver/xYWZord2NpxAp9pW
rNthZShW23dm7z48A97vTNyH3Ku7xLLj1scmEgp8PYefapYB95QTcyfOSF62nk1M
XjNKqYNBf9la/38YrtZgdB13iwk5Pg1n9NzoNlp4Ga14ykIWRKmsnmN1CDnR9gF0
e9E1VibIDl8k5ftrTK69Vg7HcJesQZxLy6PGO/cw93/yrXRw1FZDG6Tg/KgukhNV
g5+h5qJhi0BfoUyhUKpadfkjl+ZhgAcow8S3IAzwNRUA80LTyRHpF2t0JNGovIbm
OiTj
-----END CERTIFICATE-----
Generated at Fri May 17 18:41:49 2024 by rpki-client on console-fra.rpki-client.org