Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/_rOrmearDBwszoxH17eywsvUlag.roa
File: _rOrmearDBwszoxH17eywsvUlag.roa (raw, json)
Hash identifier: hy+JNOGnypqLCKbBhoXe0krN4kNWRumI8oPpZHbt0ys=
Subject key identifier: FE:B3:AB:99:E6:AB:0C:1C:2C:CE:8C:47:D7:B7:B2:C2:CB:D4:95:A8
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 019341362DDBE119BC16DA44A4A93B7DF00B
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/_rOrmearDBwszoxH17eywsvUlag.roa
Signing time: Mon 18 Nov 2024 21:38:09 +0000
ROA not before: Mon 18 Nov 2024 21:38:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47232
IP address blocks: 5.39.200.0/22 maxlen: 24
5.39.200.0/23 maxlen: 23
46.29.224.0/21 maxlen: 32
46.29.228.0/23 maxlen: 32
78.111.112.0/20 maxlen: 32
78.111.114.0/23 maxlen: 32
78.111.116.0/23 maxlen: 32
91.192.32.0/22 maxlen: 22
93.91.144.0/20 maxlen: 32
93.91.149.0/24 maxlen: 32
93.91.150.0/23 maxlen: 32
93.91.152.0/24 maxlen: 32
93.91.153.0/24 maxlen: 32
93.91.154.0/24 maxlen: 32
185.15.108.0/22 maxlen: 32
185.52.172.0/24 maxlen: 32
185.64.220.0/22 maxlen: 32
185.125.128.0/22 maxlen: 32
213.108.162.0/23 maxlen: 32
217.75.208.0/20 maxlen: 32
2a02:17a0::/29 maxlen: 48
2a02:17a0:d000::/36 maxlen: 36
2a03:2a80::/29 maxlen: 48
2a03:2a82::/31 maxlen: 48
2a04:7bc0::/29 maxlen: 48
2a04:7bc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:41:36:2d:db:e1:19:bc:16:da:44:a4:a9:3b:7d:f0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Nov 18 21:38:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=feb3ab99e6ab0c1c2cce8c47d7b7b2c2cbd495a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:e8:3c:03:19:ff:8e:49:18:b1:52:4e:b7:f5:
87:b7:7c:83:28:bf:8d:c7:82:18:7f:30:3c:05:48:
ff:99:b9:8f:a4:de:d5:57:11:ea:be:16:2e:fe:fd:
54:ed:95:8c:cb:77:42:6a:3a:1c:94:ec:0e:2a:fb:
07:bf:a4:21:37:19:57:3c:cb:7b:2f:b7:3d:5e:ae:
b3:44:57:e3:e9:36:f2:d8:74:42:b2:36:1a:32:49:
cf:e9:fd:c7:b2:73:7a:b0:db:97:a1:56:0c:25:86:
8f:83:7b:e7:f8:58:47:5d:3b:54:5d:64:12:24:9d:
a4:ad:cc:db:36:00:4f:f5:25:b0:a2:3e:ac:5e:dc:
b3:a5:1a:f0:b1:62:de:50:df:bb:c3:be:31:22:95:
13:c2:a3:10:f3:7a:c6:7d:4d:a7:4e:1b:1c:bd:96:
3f:7a:74:ca:ac:b3:ce:88:c9:04:54:a8:66:86:d1:
b9:75:08:67:8c:78:48:95:48:38:7d:44:76:bb:8d:
cf:cd:24:6d:df:f9:cb:4e:d5:c2:c7:03:fa:a6:55:
5a:6f:52:a1:6d:92:9f:d1:e7:e9:db:30:2f:1b:8c:
7c:1f:c4:ed:f9:72:1e:5d:d4:fe:df:4f:bb:fa:1b:
76:f3:7b:0e:db:8a:f0:d6:fe:f5:0b:98:73:ff:31:
75:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B3:AB:99:E6:AB:0C:1C:2C:CE:8C:47:D7:B7:B2:C2:CB:D4:95:A8
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/_rOrmearDBwszoxH17eywsvUlag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.200.0/22
46.29.224.0/21
78.111.112.0/20
91.192.32.0/22
93.91.144.0/20
185.15.108.0/22
185.52.172.0/24
185.64.220.0/22
185.125.128.0/22
213.108.162.0/23
217.75.208.0/20
IPv6:
2a02:17a0::/29
2a03:2a80::/29
2a04:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
64:85:35:ce:f1:66:ea:6f:63:6a:39:03:3d:52:27:0a:f8:e2:
81:08:47:1b:56:70:69:37:67:8b:6b:f9:75:3f:a1:2d:7e:cf:
79:90:e0:14:ef:1f:8c:9e:78:f2:c6:e3:19:a2:99:b0:78:df:
08:e1:5e:cc:dc:34:55:b4:c1:85:d6:e8:aa:06:bc:4c:dc:e3:
41:a9:99:85:15:65:ad:05:e5:88:ca:3d:1d:5e:16:01:68:db:
a8:85:3d:9d:44:50:e5:b9:d6:24:e3:c0:34:98:84:ff:7f:a6:
35:97:9f:44:26:af:d7:19:c2:9c:5e:93:3c:46:69:79:88:f1:
50:93:19:a8:bb:7f:0f:6a:57:2b:90:5a:5f:b8:ca:3f:d9:81:
d9:c3:b4:05:a6:e9:12:d5:88:de:0d:cf:38:31:2d:60:57:d6:
4e:40:21:60:18:14:80:8c:c8:70:a3:74:be:af:55:d4:d7:af:
41:a4:e1:a2:7a:f8:91:0d:aa:5f:ac:59:3b:89:c0:32:07:b0:
9d:8a:14:0f:54:d8:d8:ae:bb:c3:bc:82:5c:7c:8a:a5:17:7e:
77:5e:b6:3f:b8:cb:0d:3e:74:66:00:38:7a:9f:12:58:87:e6:
40:43:b4:3b:8c:3c:eb:3e:fa:d0:11:07:06:5c:f1:01:87:77:
7a:07:4b:a6
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZNBNi3b4Rm8FtpEpKk7ffALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjQxMTE4MjEzODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWIzYWI5OWU2YWIwYzFjMmNjZThjNDdkN2I3YjJjMmNiZDQ5NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3eg8Axn/jkkYsVJOt/WHt3yDKL+N
x4IYfzA8BUj/mbmPpN7VVxHqvhYu/v1U7ZWMy3dCajoclOwOKvsHv6QhNxlXPMt7
L7c9Xq6zRFfj6Tby2HRCsjYaMknP6f3HsnN6sNuXoVYMJYaPg3vn+FhHXTtUXWQS
JJ2krczbNgBP9SWwoj6sXtyzpRrwsWLeUN+7w74xIpUTwqMQ83rGfU2nThscvZY/
enTKrLPOiMkEVKhmhtG5dQhnjHhIlUg4fUR2u43PzSRt3/nLTtXCxwP6plVab1Kh
bZKf0efp2zAvG4x8H8Tt+XIeXdT+30+7+ht283sO24rw1v71C5hz/zF1VQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFP6zq5nmqwwcLM6MR9e3ssLL1JWoMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvX3JPcm1lYXJEQndzem94SDE3ZXl3c3ZVbGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQCBSfIAwQD
Lh3gAwQETm9wAwQCW8AgAwQEXVuQAwQCuQ9sAwQAuTSsAwQCuUDcAwQCuX2AAwQB
1WyiAwQE2UvQMBsEAgACMBUDBQMqAhegAwUDKgMqgAMFAyoEe8AwDQYJKoZIhvcN
AQELBQADggEBAGSFNc7xZupvY2o5Az1SJwr44oEIRxtWcGk3Z4tr+XU/oS1+z3mQ
4BTvH4yeePLG4xmimbB43wjhXszcNFW0wYXW6KoGvEzc40GpmYUVZa0F5YjKPR1e
FgFo26iFPZ1EUOW51iTjwDSYhP9/pjWXn0Qmr9cZwpxekzxGaXmI8VCTGai7fw9q
VyuQWl+4yj/ZgdnDtAWm6RLViN4NzzgxLWBX1k5AIWAYFICMyHCjdL6vVdTXr0Gk
4aJ6+JENql+sWTuJwDIHsJ2KFA9U2Niuu8O8glx8iqUXfndetj+4yw0+dGYAOHqf
EliH5kBDtDuMPOs++tARBwZc8QGHd3oHS6Y=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:40 2024 by rpki-client on console-ams.rpki-client.org