Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/5_w_xHo6Z8m68Z-lx21GLpiwHvM.roa
File: 5_w_xHo6Z8m68Z-lx21GLpiwHvM.roa (raw, json)
Hash identifier: 43OOLtB6qO/hoQfINJeCzlCQfGxhnpaGrP2302mIWGQ=
Subject key identifier: E7:FC:3F:C4:7A:3A:67:C9:BA:F1:9F:A5:C7:6D:46:2E:98:B0:1E:F3
Certificate issuer: /CN=4a409555105040578cb296070074f45107252eeb
Certificate serial: 018CC26D4CD73C1B3C24BDF1B0C620A4F9F3
Authority key identifier: 4A:40:95:55:10:50:40:57:8C:B2:96:07:00:74:F4:51:07:25:2E:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/5_w_xHo6Z8m68Z-lx21GLpiwHvM.roa
Signing time: Mon 01 Jan 2024 00:29:52 +0000
ROA not before: Mon 01 Jan 2024 00:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21211
IP address blocks: 212.122.79.0/24 maxlen: 24
212.122.80.0/23 maxlen: 23
212.122.88.0/22 maxlen: 22
212.122.92.0/23 maxlen: 23
212.122.95.0/24 maxlen: 24
84.240.0.0/22 maxlen: 22
84.240.0.0/18 maxlen: 18
84.240.4.0/22 maxlen: 22
213.159.48.0/20 maxlen: 20
84.240.8.0/21 maxlen: 21
84.240.16.0/20 maxlen: 20
212.122.64.0/19 maxlen: 19
212.122.68.0/22 maxlen: 22
212.122.65.0/24 maxlen: 24
212.122.72.0/24 maxlen: 24
212.122.73.0/24 maxlen: 24
185.25.0.0/22 maxlen: 22
213.159.32.0/19 maxlen: 19
213.159.32.0/20 maxlen: 20
213.159.33.0/24 maxlen: 24
31.44.96.0/20 maxlen: 20
31.44.96.0/21 maxlen: 21
78.157.64.0/19 maxlen: 19
31.44.104.0/21 maxlen: 21
2a03:280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/SkCVVRBQQFeMspYHAHT0UQclLus.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/SkCVVRBQQFeMspYHAHT0UQclLus.mft
rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4c:d7:3c:1b:3c:24:bd:f1:b0:c6:20:a4:f9:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a409555105040578cb296070074f45107252eeb
Validity
Not Before: Jan 1 00:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7fc3fc47a3a67c9baf19fa5c76d462e98b01ef3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:92:27:66:58:f4:35:84:4b:d2:4a:66:c6:36:
22:c3:32:da:a2:90:d2:0d:76:ec:24:d5:d8:3f:95:
79:99:bd:15:66:ad:f3:2f:1a:b7:2f:fc:58:11:c2:
b8:3c:8c:9b:9c:25:08:02:3c:87:30:d7:c8:0a:f9:
fb:19:0d:c6:da:47:31:c2:aa:6e:d0:f9:56:0a:12:
22:bf:73:cb:4c:1b:c3:d3:5e:55:9b:1d:f1:18:77:
2d:31:87:36:3c:bd:94:84:a7:27:67:97:ea:39:4f:
6c:74:fb:2f:0f:90:c2:86:e3:35:5c:6d:ef:62:53:
18:44:e0:86:29:fe:08:05:88:70:0c:ae:b1:33:fe:
73:48:11:78:e7:57:47:d6:29:07:08:df:07:ec:76:
3c:37:d4:d6:90:6e:ab:a0:03:37:6d:5e:d7:8a:1f:
3b:0a:a6:55:a8:f8:13:00:80:66:c7:26:93:1a:91:
40:ac:7f:19:8a:ec:69:61:0e:04:d3:c9:13:02:0d:
fa:c9:32:54:aa:13:16:26:f8:36:1d:5a:88:7e:08:
53:92:94:5e:b6:5c:8a:dd:43:35:45:3e:bd:c1:09:
97:28:af:a2:aa:9d:0f:86:88:e6:34:ca:56:82:7f:
55:60:9e:58:ea:9b:3a:95:82:72:f5:9e:90:92:a2:
d0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FC:3F:C4:7A:3A:67:C9:BA:F1:9F:A5:C7:6D:46:2E:98:B0:1E:F3
X509v3 Authority Key Identifier:
keyid:4A:40:95:55:10:50:40:57:8C:B2:96:07:00:74:F4:51:07:25:2E:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SkCVVRBQQFeMspYHAHT0UQclLus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/5_w_xHo6Z8m68Z-lx21GLpiwHvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5731da-6665-4161-80c1-5e79b4435e2c/1/SkCVVRBQQFeMspYHAHT0UQclLus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.96.0/20
78.157.64.0/19
84.240.0.0/18
185.25.0.0/22
212.122.64.0/19
213.159.32.0/19
IPv6:
2a03:280::/32
Signature Algorithm: sha256WithRSAEncryption
83:1f:5f:4a:78:0e:55:d4:39:fa:94:6a:fc:86:a5:6b:0f:9f:
81:1f:0e:f9:2e:82:a2:8a:5c:e6:39:70:d6:70:ee:2e:bc:db:
fd:f2:b7:1d:8e:d4:aa:50:bc:70:b9:19:7f:c3:33:3e:b7:ac:
6b:02:ac:fc:af:79:79:6b:c5:8f:c6:15:e6:40:73:66:cd:3d:
3a:b0:f0:eb:7f:e4:da:e9:28:51:e1:cb:3a:6d:d5:f8:64:0c:
97:a4:12:a2:ff:08:84:c4:73:d5:f8:2f:66:02:90:1a:e4:b4:
73:a6:2c:af:f5:ca:58:7d:e0:8b:53:c4:f8:e5:8f:db:a0:1a:
84:8c:6c:61:b0:dc:9f:a7:c1:ac:dd:8f:63:c9:1a:54:41:04:
19:20:b8:f5:d4:72:ba:2b:a2:22:ae:78:80:60:c9:82:30:c5:
36:48:6c:a1:7b:9b:e2:9f:ac:ad:b4:ae:70:56:4b:b0:aa:1c:
c6:81:5c:bd:eb:96:dc:27:b0:78:cc:bc:f9:31:58:77:1f:35:
8b:29:0f:42:bc:b2:bb:fd:60:c6:db:ca:c8:43:6a:62:f2:a0:
e5:7d:65:b9:0e:55:97:9b:91:03:c6:41:0f:a9:29:07:96:c6:
d0:27:c8:4e:d0:5e:37:03:b3:ee:33:8b:e4:d5:d0:9d:d6:68:
9c:e5:88:5a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzCbUzXPBs8JL3xsMYgpPnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDA5NTU1MTA1MDQwNTc4Y2IyOTYwNzAwNzRmNDUxMDcy
NTJlZWIwHhcNMjQwMTAxMDAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2ZjM2ZjNDdhM2E2N2M5YmFmMTlmYTVjNzZkNDYyZTk4YjAxZWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JInZlj0NYRL0kpmxjYiwzLaopDS
DXbsJNXYP5V5mb0VZq3zLxq3L/xYEcK4PIybnCUIAjyHMNfICvn7GQ3G2kcxwqpu
0PlWChIiv3PLTBvD015Vmx3xGHctMYc2PL2UhKcnZ5fqOU9sdPsvD5DChuM1XG3v
YlMYROCGKf4IBYhwDK6xM/5zSBF451dH1ikHCN8H7HY8N9TWkG6roAM3bV7Xih87
CqZVqPgTAIBmxyaTGpFArH8ZiuxpYQ4E08kTAg36yTJUqhMWJvg2HVqIfghTkpRe
tlyK3UM1RT69wQmXKK+iqp0PhojmNMpWgn9VYJ5Y6ps6lYJy9Z6QkqLQGwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOf8P8R6OmfJuvGfpcdtRi6YsB7zMB8GA1UdIwQY
MBaAFEpAlVUQUEBXjLKWBwB09FEHJS7rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tDVlZSQlFRRmVNc3BZSEFIVDBVUWNsTHVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81NzMxZGEtNjY2NS00MTYxLTgwYzEt
NWU3OWI0NDM1ZTJjLzEvNV93X3hIbzZaOG02OFotbHgyMUdMcGl3SHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81NzMxZGEtNjY2NS00MTYxLTgwYzEtNWU3OWI0NDM1ZTJj
LzEvU2tDVlZSQlFRRmVNc3BZSEFIVDBVUWNsTHVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEHyxgAwQF
Tp1AAwQGVPAAAwQCuRkAAwQF1HpAAwQF1Z8gMA0EAgACMAcDBQAqAwKAMA0GCSqG
SIb3DQEBCwUAA4IBAQCDH19KeA5V1Dn6lGr8hqVrD5+BHw75LoKiilzmOXDWcO4u
vNv98rcdjtSqULxwuRl/wzM+t6xrAqz8r3l5a8WPxhXmQHNmzT06sPDrf+Ta6ShR
4cs6bdX4ZAyXpBKi/wiExHPV+C9mApAa5LRzpiyv9cpYfeCLU8T45Y/boBqEjGxh
sNyfp8Gs3Y9jyRpUQQQZILj11HK6K6IirniAYMmCMMU2SGyhe5vin6yttK5wVkuw
qhzGgVy965bcJ7B4zLz5MVh3HzWLKQ9CvLK7/WDG28rIQ2pi8qDlfWW5DlWXm5ED
xkEPqSkHlsbQJ8hO0F43A7PuM4vk1dCd1mic5Yha
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:10:30 2024 by rpki-client on console-ams.rpki-client.org