Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/aPH-icjBiJzvW4leUmdzjIn9UFE.roa
File: aPH-icjBiJzvW4leUmdzjIn9UFE.roa (raw, json)
Hash identifier: bq5UEDfxTpcChENoYUpB1rMrzB1L2Me/pElpKjAsnMQ=
Subject key identifier: 68:F1:FE:89:C8:C1:88:9C:EF:5B:89:5E:52:67:73:8C:89:FD:50:51
Certificate issuer: /CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Certificate serial: 018DB18CA81D8905D7C9BC9B55BDF19E3CBA
Authority key identifier: 5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/aPH-icjBiJzvW4leUmdzjIn9UFE.roa
Signing time: Fri 16 Feb 2024 10:53:21 +0000
ROA not before: Fri 16 Feb 2024 10:53:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12360
IP address blocks: 5.57.192.0/21 maxlen: 24
77.236.104.0/21 maxlen: 24
77.236.112.0/21 maxlen: 24
79.171.176.0/21 maxlen: 24
82.115.96.0/19 maxlen: 24
93.119.240.0/20 maxlen: 24
178.248.216.0/21 maxlen: 24
185.5.168.0/22 maxlen: 24
185.39.108.0/22 maxlen: 24
192.54.67.0/24 maxlen: 24
192.54.68.0/22 maxlen: 24
212.7.160.0/19 maxlen: 24
217.17.16.0/20 maxlen: 24
2a01:5580::/32 maxlen: 48
2a02:1628::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 04:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:8c:a8:1d:89:05:d7:c9:bc:9b:55:bd:f1:9e:3c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Validity
Not Before: Feb 16 10:53:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68f1fe89c8c1889cef5b895e5267738c89fd5051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:38:2b:f9:37:75:69:3e:07:2f:4e:20:be:b2:
ed:92:f5:5e:db:30:9d:9c:11:84:f1:4e:d1:fa:f5:
6b:54:eb:28:bf:6d:fc:ef:a2:ab:b5:40:a8:6f:c3:
e7:2b:96:22:7a:98:17:a3:03:45:d6:b3:65:1e:53:
6b:22:16:a1:07:39:31:ed:ba:ab:f4:db:2a:78:54:
c2:31:3b:47:79:d2:e9:d7:c5:4b:e8:dc:67:69:c9:
df:76:25:e1:8c:55:74:b8:da:8e:56:05:95:c5:14:
00:17:5b:64:07:72:72:2a:1f:c9:11:7f:30:5b:5f:
32:f8:9c:d2:8f:ed:86:f1:b3:2f:40:e6:c2:91:b8:
a5:cd:98:16:f1:16:b1:37:91:f0:e0:9f:a0:31:7c:
0e:c5:d0:75:9a:5a:85:75:c4:20:f0:0e:d8:fd:f7:
e4:55:09:bf:24:21:0d:73:17:1b:92:6f:a1:14:e4:
cf:8b:b9:aa:ee:01:2f:b5:2e:c4:07:2a:61:26:c4:
33:93:bf:c4:ed:9f:93:38:a8:7a:5a:28:78:ca:c1:
a7:82:02:96:63:6c:ff:26:50:da:27:d6:b3:c9:3a:
a8:33:b7:d8:bf:75:43:9c:1f:df:4a:e4:14:bf:d4:
5b:af:6c:81:20:e3:f4:68:66:b2:e5:d3:d9:85:58:
0f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F1:FE:89:C8:C1:88:9C:EF:5B:89:5E:52:67:73:8C:89:FD:50:51
X509v3 Authority Key Identifier:
keyid:5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/aPH-icjBiJzvW4leUmdzjIn9UFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.192.0/21
77.236.104.0-77.236.119.255
79.171.176.0/21
82.115.96.0/19
93.119.240.0/20
178.248.216.0/21
185.5.168.0/22
185.39.108.0/22
192.54.67.0-192.54.71.255
212.7.160.0/19
217.17.16.0/20
IPv6:
2a01:5580::/32
2a02:1628::/32
Signature Algorithm: sha256WithRSAEncryption
45:e1:03:df:bf:b8:9a:d7:14:3a:fb:f3:19:15:d0:0c:15:b2:
fa:f6:75:75:66:2b:70:91:b2:74:04:2f:37:a7:2a:84:ce:ed:
dc:b7:43:ac:ab:70:b7:41:da:d4:1e:66:98:65:09:74:22:72:
f7:62:ba:76:e2:f2:58:59:88:91:b1:ed:3d:1f:1d:a6:b4:87:
a1:d4:a3:ad:01:f0:a6:4f:9a:d8:24:86:9c:d3:bb:c4:f4:bc:
a3:af:4a:37:89:b9:2f:cb:cd:9a:fc:17:bd:15:40:96:86:bc:
31:1b:42:72:ba:46:bb:8e:4d:1e:3d:08:00:23:29:55:d6:71:
7d:74:b2:5e:9b:d2:f6:87:9e:cc:a8:3d:ed:5e:59:2f:dc:94:
6f:fe:a0:38:db:42:95:e0:55:db:af:2a:a2:24:a1:43:20:ae:
e9:1b:31:42:a3:fe:4b:4c:3b:1d:d3:60:e2:f3:44:3d:e6:8c:
b9:5e:3b:9d:f7:c9:c9:ec:d5:eb:e1:ac:9f:89:2f:01:d5:85:
cb:53:b6:47:b7:23:ea:de:34:01:04:ef:b0:4d:5b:bd:2e:23:
5e:f6:e4:df:fd:84:ba:2b:b5:8e:9c:a1:e9:bb:9c:cd:4e:66:
01:8d:4b:42:46:97:a1:00:cc:24:6f:85:04:c3:ef:55:c1:22:
83:78:93:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAY2xjKgdiQXXybybVb3xnjy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzU2OTk0YmIyOTJlNDllY2M2MzM3YjdmOTVkNjllZTJh
ZjYxZTEwHhcNMjQwMjE2MTA1MzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGYxZmU4OWM4YzE4ODljZWY1Yjg5NWU1MjY3NzM4Yzg5ZmQ1MDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTgr+Td1aT4HL04gvrLtkvVe2zCd
nBGE8U7R+vVrVOsov23876KrtUCob8PnK5YiepgXowNF1rNlHlNrIhahBzkx7bqr
9NsqeFTCMTtHedLp18VL6NxnacnfdiXhjFV0uNqOVgWVxRQAF1tkB3JyKh/JEX8w
W18y+JzSj+2G8bMvQObCkbilzZgW8RaxN5Hw4J+gMXwOxdB1mlqFdcQg8A7Y/ffk
VQm/JCENcxcbkm+hFOTPi7mq7gEvtS7EByphJsQzk7/E7Z+TOKh6Wih4ysGnggKW
Y2z/JlDaJ9azyTqoM7fYv3VDnB/fSuQUv9Rbr2yBIOP0aGay5dPZhVgPVwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFGjx/onIwYic71uJXlJnc4yJ/VBRMB8GA1UdIwQY
MBaAFFp1aZS7KS5J7MYze3+V1p7ir2HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUt
NGUwYWE0MmExNWE4LzEvYVBILWljakJpSnp2VzRsZVVtZHpqSW45VUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUtNGUwYWE0MmExNWE4
LzEvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwWAQCAAEwUgMEAwU5wDAM
AwQDTexoAwQDTexwAwQDT6uwAwQFUnNgAwQEXXfwAwQDsvjYAwQCuQWoAwQCuSds
MAwDBADANkMDBAPANkADBAXUB6ADBATZERAwFAQCAAIwDgMFACoBVYADBQAqAhYo
MA0GCSqGSIb3DQEBCwUAA4IBAQBF4QPfv7ia1xQ6+/MZFdAMFbL69nV1ZitwkbJ0
BC83pyqEzu3ct0Osq3C3QdrUHmaYZQl0InL3Yrp24vJYWYiRse09Hx2mtIeh1KOt
AfCmT5rYJIac07vE9Lyjr0o3ibkvy82a/Be9FUCWhrwxG0Jyuka7jk0ePQgAIylV
1nF9dLJem9L2h57MqD3tXlkv3JRv/qA420KV4FXbryqiJKFDIK7pGzFCo/5LTDsd
02Di80Q95oy5Xjud98nJ7NXr4ayfiS8B1YXLU7ZHtyPq3jQBBO+wTVu9LiNe9uTf
/YS6K7WOnKHpu5zNTmYBjUtCRpehAMwkb4UEw+9VwSKDeJOb
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:08:17 2024 by rpki-client on console-ams.rpki-client.org