Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/18KM6bducT4q0JOa87aIhR3aQus.roa
File: 18KM6bducT4q0JOa87aIhR3aQus.roa (raw, json)
Hash identifier: Rq1T6dviRS5070136ku9inoD+rgM965NXOkaYap4ZEU=
Subject key identifier: D7:C2:8C:E9:B7:6E:71:3E:2A:D0:93:9A:F3:B6:88:85:1D:DA:42:EB
Certificate issuer: /CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Certificate serial: 0190D97A729CA82B3F964E68921B861B0A3B
Authority key identifier: 85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/18KM6bducT4q0JOa87aIhR3aQus.roa
Signing time: Mon 22 Jul 2024 08:06:38 +0000
ROA not before: Mon 22 Jul 2024 08:06:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20875
IP address blocks: 5.133.128.0/19 maxlen: 24
37.8.128.0/20 maxlen: 24
37.19.24.0/21 maxlen: 24
46.35.128.0/19 maxlen: 24
62.113.0.0/19 maxlen: 24
85.94.128.0/19 maxlen: 24
92.240.32.0/19 maxlen: 24
95.156.128.0/18 maxlen: 24
159.20.16.0/21 maxlen: 24
185.17.44.0/22 maxlen: 24
185.24.160.0/22 maxlen: 24
185.38.144.0/22 maxlen: 24
212.39.96.0/19 maxlen: 24
212.125.144.0/20 maxlen: 24
2a02:28b8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d9:7a:72:9c:a8:2b:3f:96:4e:68:92:1b:86:1b:0a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af5310805ec7561a1a22f9c890c9731fb6debf
Validity
Not Before: Jul 22 08:06:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7c28ce9b76e713e2ad0939af3b688851dda42eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d2:04:69:b8:ce:8f:60:c0:ee:62:3c:74:98:
fd:f3:bc:36:6e:2b:6f:46:08:46:dc:db:cb:78:c0:
0e:44:04:88:a1:b1:f7:ba:ac:2b:b2:ac:4c:72:aa:
d9:79:d3:f1:27:30:a7:d1:16:19:51:9c:1c:de:46:
57:de:11:01:dc:fa:91:21:73:aa:e0:3b:fb:15:5c:
63:fb:9b:e4:f1:56:ff:6f:02:ad:11:48:db:64:7f:
26:db:89:6e:d3:7d:5f:d3:1f:e6:27:a1:c5:d2:24:
53:68:55:ce:f9:84:e7:e7:d3:e4:ef:8a:14:b9:42:
9f:a7:17:5b:d4:1d:d5:b8:56:c4:61:f1:23:3f:62:
ba:99:93:ff:7a:0c:11:69:9f:d7:15:6c:ca:0b:ce:
13:d7:32:e2:6a:0d:ef:c4:77:a0:02:e5:f4:3b:81:
b6:44:11:63:1c:30:39:d6:fc:f3:6e:f7:29:d8:7d:
92:11:e9:cb:ac:60:58:f7:96:8e:2e:85:6e:c7:e1:
5e:4c:46:c9:29:d7:fa:6d:38:f8:7a:91:93:f7:73:
97:2f:05:ea:f4:d5:fa:b1:ce:ae:88:dd:6c:e3:82:
0d:da:f4:20:cb:28:2e:23:f8:7d:1b:1a:2a:bf:a9:
d6:ec:7f:95:99:83:58:e8:5b:9e:2a:7a:87:56:cd:
c1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C2:8C:E9:B7:6E:71:3E:2A:D0:93:9A:F3:B6:88:85:1D:DA:42:EB
X509v3 Authority Key Identifier:
keyid:85:AF:53:10:80:5E:C7:56:1A:1A:22:F9:C8:90:C9:73:1F:B6:DE:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha9TEIBex1YaGiL5yJDJcx-23r8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/18KM6bducT4q0JOa87aIhR3aQus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/001406-2e1f-4aeb-90a7-7528350d4c13/1/ha9TEIBex1YaGiL5yJDJcx-23r8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.128.0/19
37.8.128.0/20
37.19.24.0/21
46.35.128.0/19
62.113.0.0/19
85.94.128.0/19
92.240.32.0/19
95.156.128.0/18
159.20.16.0/21
185.17.44.0/22
185.24.160.0/22
185.38.144.0/22
212.39.96.0/19
212.125.144.0/20
IPv6:
2a02:28b8::/29
Signature Algorithm: sha256WithRSAEncryption
7c:54:e5:a8:a6:29:20:92:c9:e7:28:7e:b6:6e:9e:32:4b:5b:
c2:b4:c9:79:37:2b:f6:f3:0e:e4:8f:3b:da:44:ff:1e:bc:bd:
9f:a2:34:b3:d6:62:f5:53:b9:71:30:86:2f:18:af:b3:6b:ae:
46:2b:b9:ce:84:d2:dc:eb:7e:4f:34:89:59:18:a5:85:7f:b1:
7d:77:b8:39:9f:33:62:30:1a:0f:1c:73:87:97:3f:1b:15:1c:
64:20:6a:62:b0:6b:b3:67:1c:e9:8d:37:53:a9:69:ef:eb:a9:
ca:3a:03:eb:60:4e:89:31:06:e0:75:d5:7e:3a:80:44:a8:fa:
74:cc:fd:40:77:1c:e8:4e:38:08:09:98:43:35:96:c4:56:af:
68:23:83:3a:8a:b1:e4:cc:7e:d3:3c:b7:7d:3a:cf:19:a6:c6:
f6:7f:6e:c5:d7:24:c5:1b:71:9d:1e:3c:0a:8d:ac:e7:a3:92:
38:00:38:25:8d:38:74:bd:90:f0:df:3c:fd:a6:87:2f:86:9f:
c5:42:d7:aa:f1:8b:18:cb:f1:12:76:45:04:f5:2a:23:c4:3e:
b6:92:e5:f8:3a:4b:f7:57:9b:78:4e:8a:e0:4c:6e:43:ca:4e:
66:e0:68:c3:6d:c5:d7:84:93:61:89:f1:21:e9:7c:cc:96:de:
ba:6f:06:19
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZDZenKcqCs/lk5okhuGGwo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWY1MzEwODA1ZWM3NTYxYTFhMjJmOWM4OTBjOTczMWZi
NmRlYmYwHhcNMjQwNzIyMDgwNjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2MyOGNlOWI3NmU3MTNlMmFkMDkzOWFmM2I2ODg4NTFkZGE0MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtIEabjOj2DA7mI8dJj987w2bitv
RghG3NvLeMAORASIobH3uqwrsqxMcqrZedPxJzCn0RYZUZwc3kZX3hEB3PqRIXOq
4Dv7FVxj+5vk8Vb/bwKtEUjbZH8m24lu031f0x/mJ6HF0iRTaFXO+YTn59Pk74oU
uUKfpxdb1B3VuFbEYfEjP2K6mZP/egwRaZ/XFWzKC84T1zLiag3vxHegAuX0O4G2
RBFjHDA51vzzbvcp2H2SEenLrGBY95aOLoVux+FeTEbJKdf6bTj4epGT93OXLwXq
9NX6sc6uiN1s44IN2vQgyyguI/h9Gxoqv6nW7H+VmYNY6FueKnqHVs3BnwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFNfCjOm3bnE+KtCTmvO2iIUd2kLrMB8GA1UdIwQY
MBaAFIWvUxCAXsdWGhoi+ciQyXMftt6/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTct
NzUyODM1MGQ0YzEzLzEvMThLTTZiZHVjVDRxMEpPYTg3YUloUjNhUXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8wMDE0MDYtMmUxZi00YWViLTkwYTctNzUyODM1MGQ0YzEz
LzEvaGE5VEVJQmV4MVlhR2lMNXlKREpjeC0yM3I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQFBYWAAwQE
JQiAAwQDJRMYAwQFLiOAAwQFPnEAAwQFVV6AAwQFXPAgAwQGX5yAAwQDnxQQAwQC
uREsAwQCuRigAwQCuSaQAwQF1CdgAwQE1H2QMA0EAgACMAcDBQMqAii4MA0GCSqG
SIb3DQEBCwUAA4IBAQB8VOWopikgksnnKH62bp4yS1vCtMl5Nyv28w7kjzvaRP8e
vL2fojSz1mL1U7lxMIYvGK+za65GK7nOhNLc635PNIlZGKWFf7F9d7g5nzNiMBoP
HHOHlz8bFRxkIGpisGuzZxzpjTdTqWnv66nKOgPrYE6JMQbgddV+OoBEqPp0zP1A
dxzoTjgICZhDNZbEVq9oI4M6irHkzH7TPLd9Os8Zpsb2f27F1yTFG3GdHjwKjazn
o5I4ADgljTh0vZDw3zz9pocvhp/FQteq8YsYy/ESdkUE9SojxD62kuX4Okv3V5t4
TorgTG5Dyk5m4GjDbcXXhJNhifEh6XzMlt66bwYZ
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:07 2024 by rpki-client on console-ams.rpki-client.org