Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/D9wtqvrW25tQOAKvPZYDMhrnz_w.roa
File: D9wtqvrW25tQOAKvPZYDMhrnz_w.roa (raw, json)
Hash identifier: 0ozczbdVnQxY4ru858h6habmFItrrJPr4NtDjROoE6g=
Subject key identifier: 0F:DC:2D:AA:FA:D6:DB:9B:50:38:02:AF:3D:96:03:32:1A:E7:CF:FC
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 019340080ECBAFD4B6E5FDF8BA272EB1CB6C
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/D9wtqvrW25tQOAKvPZYDMhrnz_w.roa
Signing time: Mon 18 Nov 2024 16:08:10 +0000
ROA not before: Mon 18 Nov 2024 16:08:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 5.252.92.0/24 maxlen: 24
5.253.158.0/24 maxlen: 24
5.253.159.0/24 maxlen: 24
62.122.228.0/22 maxlen: 22
62.122.228.0/24 maxlen: 24
62.122.230.0/24 maxlen: 24
62.122.231.0/24 maxlen: 24
185.167.181.0/24 maxlen: 24
185.204.203.0/24 maxlen: 24
185.218.160.0/24 maxlen: 24
185.218.161.0/24 maxlen: 24
185.218.162.0/24 maxlen: 24
185.218.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.mft
rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:08:0e:cb:af:d4:b6:e5:fd:f8:ba:27:2e:b1:cb:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Nov 18 16:08:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0fdc2daafad6db9b503802af3d9603321ae7cffc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c2:1b:02:12:34:02:d7:8a:9f:34:00:c6:f9:
be:59:02:db:3c:41:ba:07:e5:63:1d:47:f2:09:63:
ac:47:a1:ee:7c:c2:1f:06:4d:aa:35:4c:fc:33:ec:
24:50:4f:46:cf:c5:4f:66:d3:cb:41:16:2e:e2:4b:
bf:ae:c8:91:5d:45:ec:25:fe:8d:f3:10:7b:74:1d:
ba:64:76:ba:ff:76:86:92:3f:53:84:fb:33:7f:af:
fe:bc:7b:ac:cf:27:a3:cd:e0:f0:eb:c8:d2:d6:a3:
30:a4:fd:8d:e5:bc:27:c8:b7:ca:37:59:ca:89:ee:
0f:f6:b8:8e:f8:b5:a6:7a:80:61:81:6e:d5:d9:2c:
9a:a3:6c:5a:49:b4:77:0e:13:ec:2f:67:a3:de:01:
a3:10:af:50:c2:f5:1f:0b:45:b0:03:4c:43:f7:6e:
26:62:1c:5b:79:64:3d:f4:14:54:05:e7:a0:fb:93:
52:ba:e5:47:a4:21:6a:b5:d8:06:ee:a4:45:03:3a:
f8:8a:94:66:97:e8:d6:4e:12:24:97:0c:9e:66:cb:
21:05:98:f5:a3:fd:ff:24:02:05:c2:78:8c:6f:68:
a4:e2:58:ca:3a:94:08:99:1d:72:a6:a0:23:74:ab:
ea:fa:cf:74:ce:a1:ea:4d:79:00:eb:1b:dc:01:2d:
ff:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:DC:2D:AA:FA:D6:DB:9B:50:38:02:AF:3D:96:03:32:1A:E7:CF:FC
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/D9wtqvrW25tQOAKvPZYDMhrnz_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.92.0/24
5.253.158.0/23
62.122.228.0/22
185.167.181.0/24
185.204.203.0/24
185.218.160.0/22
Signature Algorithm: sha256WithRSAEncryption
16:87:28:21:a2:b8:db:72:42:f7:fd:ad:c9:62:60:d5:b9:e7:
80:ef:8b:12:a8:f4:ed:0f:a7:d8:93:db:72:1f:7e:4e:f7:d0:
1a:35:b3:33:99:50:56:60:7e:6a:d2:a9:e5:33:63:2b:e1:ff:
c3:f1:a0:72:9f:9c:d1:92:63:39:7f:49:2f:ca:d2:9a:bc:c4:
20:03:7c:20:60:15:92:c9:01:17:b1:c9:9a:77:47:26:74:19:
c3:0a:ac:29:d5:ea:73:0b:27:bb:52:22:57:a8:2c:d1:4f:1c:
3b:56:71:43:bf:5a:40:fd:49:7a:95:73:10:37:34:38:63:af:
0a:03:05:9e:3d:7b:92:c2:6f:25:66:42:e7:30:7b:ea:37:f7:
c3:a2:88:5b:08:46:48:9e:01:b7:9b:34:89:71:70:39:0d:02:
b0:35:55:14:2b:98:ac:1e:04:a6:36:a5:10:78:96:2c:ec:1c:
11:01:db:cf:3c:b4:3f:7a:1c:2b:a3:09:fb:71:b2:8d:e5:96:
12:7a:03:bc:88:46:95:2a:05:38:ad:6b:80:c2:cd:dc:70:c8:
1d:a3:0b:f6:6a:b9:84:54:db:36:55:ca:74:52:e0:e0:e0:ce:
6c:97:46:f0:dc:45:ca:31:d1:97:6b:5b:ae:49:30:39:29:6a:
cd:9e:95:c3
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZNACA7Lr9S25f34uicusctsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjQxMTE4MTYwODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmRjMmRhYWZhZDZkYjliNTAzODAyYWYzZDk2MDMzMjFhZTdjZmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8IbAhI0AteKnzQAxvm+WQLbPEG6
B+VjHUfyCWOsR6HufMIfBk2qNUz8M+wkUE9Gz8VPZtPLQRYu4ku/rsiRXUXsJf6N
8xB7dB26ZHa6/3aGkj9ThPszf6/+vHuszyejzeDw68jS1qMwpP2N5bwnyLfKN1nK
ie4P9riO+LWmeoBhgW7V2Syao2xaSbR3DhPsL2ej3gGjEK9QwvUfC0WwA0xD924m
YhxbeWQ99BRUBeeg+5NSuuVHpCFqtdgG7qRFAzr4ipRml+jWThIklwyeZsshBZj1
o/3/JAIFwniMb2ik4ljKOpQImR1ypqAjdKvq+s90zqHqTXkA6xvcAS3/+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA/cLar61tubUDgCrz2WAzIa58/8MB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvRDl3dHF2clcyNXRRT0FLdlBaWURNaHJuel93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABfxcAwQB
Bf2eAwQCPnrkAwQAuae1AwQAuczLAwQCudqgMA0GCSqGSIb3DQEBCwUAA4IBAQAW
hyghorjbckL3/a3JYmDVueeA74sSqPTtD6fYk9tyH35O99AaNbMzmVBWYH5q0qnl
M2Mr4f/D8aByn5zRkmM5f0kvytKavMQgA3wgYBWSyQEXscmad0cmdBnDCqwp1epz
Cye7UiJXqCzRTxw7VnFDv1pA/Ul6lXMQNzQ4Y68KAwWePXuSwm8lZkLnMHvqN/fD
oohbCEZIngG3mzSJcXA5DQKwNVUUK5isHgSmNqUQeJYs7BwRAdvPPLQ/ehwrown7
cbKN5ZYSegO8iEaVKgU4rWuAws3ccMgdowv2armEVNs2Vcp0UuDg4M5sl0bw3EXK
MdGXa1uuSTA5KWrNnpXD
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:12 2024 by rpki-client on console-fra.rpki-client.org