Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/EAmBdiXx9Mrk6agGnAxAYd5IPxU.roa
File: EAmBdiXx9Mrk6agGnAxAYd5IPxU.roa (raw, json)
Hash identifier: 3Bo3CDbAmUzUvqTHgwBvsr8SP7ULvO8vmKKT0cBaF3g=
Subject key identifier: 10:09:81:76:25:F1:F4:CA:E4:E9:A8:06:9C:0C:40:61:DE:48:3F:15
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0191B84124A9592578F57D7CEA172C65F826
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/EAmBdiXx9Mrk6agGnAxAYd5IPxU.roa
Signing time: Tue 03 Sep 2024 14:19:22 +0000
ROA not before: Tue 03 Sep 2024 14:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.157.132.0/22 maxlen: 22
5.157.152.0/21 maxlen: 21
5.157.168.0/22 maxlen: 24
5.157.172.0/22 maxlen: 24
5.157.192.0/22 maxlen: 22
5.157.196.0/22 maxlen: 22
5.157.200.0/21 maxlen: 21
5.157.208.0/21 maxlen: 21
5.157.216.0/22 maxlen: 24
5.157.220.0/22 maxlen: 24
5.157.228.0/22 maxlen: 22
5.157.232.0/21 maxlen: 21
5.157.248.0/21 maxlen: 21
37.35.48.0/22 maxlen: 22
37.35.52.0/24 maxlen: 24
62.216.72.0/22 maxlen: 22
62.216.72.0/24 maxlen: 24
62.216.73.0/24 maxlen: 24
62.216.74.0/24 maxlen: 24
62.216.75.0/24 maxlen: 24
62.216.80.0/22 maxlen: 22
62.216.80.0/24 maxlen: 24
62.216.81.0/24 maxlen: 24
62.216.82.0/24 maxlen: 24
62.216.83.0/24 maxlen: 24
62.216.92.0/24 maxlen: 24
62.216.93.0/24 maxlen: 24
62.216.94.0/24 maxlen: 24
62.216.95.0/24 maxlen: 24
178.157.68.0/22 maxlen: 22
178.157.94.0/24 maxlen: 24
178.157.100.0/24 maxlen: 24
178.157.101.0/24 maxlen: 24
178.157.112.0/21 maxlen: 21
178.157.120.0/22 maxlen: 22
188.74.144.0/22 maxlen: 22
188.74.148.0/22 maxlen: 22
188.74.160.0/21 maxlen: 21
188.74.180.0/24 maxlen: 24
188.74.184.0/22 maxlen: 22
188.74.192.0/21 maxlen: 21
188.74.200.0/21 maxlen: 21
188.74.216.0/21 maxlen: 21
188.74.224.0/21 maxlen: 21
188.74.232.0/21 maxlen: 21
188.74.248.0/21 maxlen: 21
188.119.128.0/20 maxlen: 24
188.119.168.0/21 maxlen: 21
188.119.184.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 14:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b8:41:24:a9:59:25:78:f5:7d:7c:ea:17:2c:65:f8:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Sep 3 14:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1009817625f1f4cae4e9a8069c0c4061de483f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:31:eb:6d:4f:8a:a4:5e:4c:00:69:ff:ca:9d:
31:00:7c:53:d2:17:a7:a4:3c:28:40:ca:39:c2:b1:
68:72:d2:a2:72:a7:b5:e6:24:55:74:bd:e0:5b:06:
90:ba:82:52:41:70:97:0f:9c:89:49:20:74:e9:c3:
09:e3:63:93:c4:54:b2:5c:a7:fc:cb:6a:e6:9d:8d:
a0:20:98:4f:6c:ba:58:f6:ed:b4:ac:8e:48:f0:35:
14:e1:5e:b8:46:5d:f5:32:de:7a:89:23:31:29:6d:
e0:16:d0:52:fe:13:f3:6d:62:f8:aa:e8:7d:59:3b:
9a:30:ef:14:43:70:ff:0d:41:3f:9a:25:b4:37:e6:
27:db:2b:9c:92:d3:2a:2a:eb:e1:64:15:1e:04:65:
80:04:c7:31:45:92:6c:ff:72:14:eb:b7:9e:5d:7d:
89:50:f3:48:26:3e:45:c0:9d:57:46:c6:2f:7d:8a:
f3:e7:fc:b6:b5:f0:88:d0:31:62:81:7e:2e:7c:fa:
63:9c:88:0a:d9:1a:d4:24:e7:74:f3:7b:ae:e2:a4:
6f:1f:cd:f4:44:6b:e6:d8:0c:54:98:dd:e7:87:23:
e0:96:24:c1:a2:86:cc:1f:97:3e:d2:60:d3:1e:9b:
c5:29:d2:30:b3:e0:2b:f4:2e:87:24:0c:51:e3:fb:
e8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:09:81:76:25:F1:F4:CA:E4:E9:A8:06:9C:0C:40:61:DE:48:3F:15
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/EAmBdiXx9Mrk6agGnAxAYd5IPxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.132.0/22
5.157.152.0/21
5.157.168.0/21
5.157.192.0/19
5.157.228.0-5.157.239.255
5.157.248.0/21
37.35.48.0-37.35.52.255
62.216.72.0/22
62.216.80.0/22
62.216.92.0/22
178.157.68.0/22
178.157.94.0/24
178.157.100.0/23
178.157.112.0-178.157.123.255
188.74.144.0/21
188.74.160.0/21
188.74.180.0/24
188.74.184.0/22
188.74.192.0/20
188.74.216.0-188.74.239.255
188.74.248.0/21
188.119.128.0/20
188.119.168.0/21
188.119.184.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:98:a2:1e:e9:c0:65:8b:24:09:5a:1b:be:c2:14:5e:d9:64:
87:c2:6b:14:7a:68:08:75:ad:02:63:50:3d:0f:be:0a:e3:07:
e5:a1:bd:e6:08:69:60:3b:0e:88:42:6b:c6:fb:1e:50:68:a8:
35:90:93:25:4e:28:1c:e8:cc:c3:40:ff:e0:08:1a:70:74:9c:
d3:ea:ab:d4:38:38:42:33:70:b1:d6:f8:40:36:a8:0f:02:c2:
76:8c:fa:64:b3:1c:a4:80:e1:c1:9b:7e:be:2b:f8:4d:85:c8:
7f:20:b7:8d:32:9f:3f:d2:c8:1c:81:1f:94:10:ab:8c:be:82:
47:e4:99:7f:19:2c:df:2a:f3:00:a2:87:09:89:5e:7e:fc:87:
55:e9:0d:b5:7c:66:b6:fb:ff:84:0c:ea:2f:90:1c:06:7c:80:
46:1e:e7:01:95:0b:1a:2f:62:44:9b:fc:c2:2f:f5:a9:6e:4b:
ac:9d:8d:95:91:da:b7:49:00:55:60:d1:af:20:d7:00:04:ce:
39:fb:e2:53:0a:01:50:32:55:50:41:07:93:94:56:24:2c:b0:
b1:38:d9:6e:df:7b:78:7e:e9:60:88:d7:71:17:e3:a3:cf:20:
27:9b:63:36:04:cb:5c:46:ae:2d:f6:d8:5a:d4:a6:2f:6a:56:
b8:f7:ce:4c
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZG4QSSpWSV49X186hcsZfgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwOTAzMTQxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDA5ODE3NjI1ZjFmNGNhZTRlOWE4MDY5YzBjNDA2MWRlNDgzZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTHrbU+KpF5MAGn/yp0xAHxT0hen
pDwoQMo5wrFoctKicqe15iRVdL3gWwaQuoJSQXCXD5yJSSB06cMJ42OTxFSyXKf8
y2rmnY2gIJhPbLpY9u20rI5I8DUU4V64Rl31Mt56iSMxKW3gFtBS/hPzbWL4quh9
WTuaMO8UQ3D/DUE/miW0N+Yn2yucktMqKuvhZBUeBGWABMcxRZJs/3IU67eeXX2J
UPNIJj5FwJ1XRsYvfYrz5/y2tfCI0DFigX4ufPpjnIgK2RrUJOd083uu4qRvH830
RGvm2AxUmN3nhyPgliTBoobMH5c+0mDTHpvFKdIws+Ar9C6HJAxR4/voFwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFBAJgXYl8fTK5OmoBpwMQGHeSD8VMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvRUFtQmRpWHg5TXJrNmFnR25BeEFZZDVJUHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAIF
nYQDBAMFnZgDBAMFnagDBAUFncAwDAMEAgWd5AMEBAWd4AMEAwWd+DAMAwQEJSMw
AwQAJSM0AwQCPthIAwQCPthQAwQCPthcAwQCsp1EAwQAsp1eAwQBsp1kMAwDBASy
nXADBAKynXgDBAO8SpADBAO8SqADBAC8SrQDBAK8SrgDBAS8SsAwDAMEA7xK2AME
BLxK4AMEA7xK+AMEBLx3gAMEA7x3qAMEArx3uDANBgkqhkiG9w0BAQsFAAOCAQEA
e5iiHunAZYskCVobvsIUXtlkh8JrFHpoCHWtAmNQPQ++CuMH5aG95ghpYDsOiEJr
xvseUGioNZCTJU4oHOjMw0D/4AgacHSc0+qr1Dg4QjNwsdb4QDaoDwLCdoz6ZLMc
pIDhwZt+viv4TYXIfyC3jTKfP9LIHIEflBCrjL6CR+SZfxks3yrzAKKHCYlefvyH
VekNtXxmtvv/hAzqL5AcBnyARh7nAZULGi9iRJv8wi/1qW5LrJ2NlZHat0kAVWDR
ryDXAATOOfviUwoBUDJVUEEHk5RWJCywsTjZbt97eH7pYIjXcRfjo88gJ5tjNgTL
XEauLfbYWtSmL2pWuPfOTA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:56:49 2024 by rpki-client on console-ams.rpki-client.org