Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/J_kIXPt_8luDVB5wTY2JaMMdfZg.roa
File: J_kIXPt_8luDVB5wTY2JaMMdfZg.roa (raw, json)
Hash identifier: 9hvBdVByrAvXukddCZ0U3ffRj2s+7OJzJIDfNVs/kMY=
Subject key identifier: 27:F9:08:5C:FB:7F:F2:5B:83:54:1E:70:4D:8D:89:68:C3:1D:7D:98
Certificate issuer: /CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Certificate serial: 01932C6A632091E1ADBCF20DE2C9067ABCEA
Authority key identifier: 60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/J_kIXPt_8luDVB5wTY2JaMMdfZg.roa
Signing time: Thu 14 Nov 2024 20:43:09 +0000
ROA not before: Thu 14 Nov 2024 20:43:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 931
IP address blocks: 5.252.164.0/24 maxlen: 24
5.252.165.0/24 maxlen: 24
5.252.166.0/24 maxlen: 24
5.252.167.0/24 maxlen: 24
31.216.59.0/24 maxlen: 24
45.87.60.0/24 maxlen: 24
45.87.61.0/24 maxlen: 24
45.87.62.0/24 maxlen: 24
45.87.63.0/24 maxlen: 24
45.130.152.0/24 maxlen: 24
45.130.153.0/24 maxlen: 24
45.130.154.0/24 maxlen: 24
45.130.155.0/24 maxlen: 24
45.143.144.0/24 maxlen: 24
45.143.145.0/24 maxlen: 24
45.143.146.0/24 maxlen: 24
45.143.147.0/24 maxlen: 24
89.36.230.0/24 maxlen: 24
89.37.100.0/24 maxlen: 24
89.46.43.0/24 maxlen: 24
94.154.8.0/24 maxlen: 24
103.104.248.0/24 maxlen: 24
103.104.249.0/24 maxlen: 24
103.104.250.0/24 maxlen: 24
103.104.251.0/24 maxlen: 24
103.202.52.0/24 maxlen: 24
103.202.53.0/24 maxlen: 24
103.202.54.0/24 maxlen: 24
103.202.55.0/24 maxlen: 24
178.211.157.0/24 maxlen: 24
185.162.74.0/24 maxlen: 24
185.162.75.0/24 maxlen: 24
185.234.115.0/24 maxlen: 24
188.210.236.0/24 maxlen: 24
194.49.68.0/24 maxlen: 24
194.49.69.0/24 maxlen: 24
194.49.78.0/24 maxlen: 24
194.49.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2c:6a:63:20:91:e1:ad:bc:f2:0d:e2:c9:06:7a:bc:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60a540ce450456345ec8e098ef4f53634d74bf1f
Validity
Not Before: Nov 14 20:43:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27f9085cfb7ff25b83541e704d8d8968c31d7d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f8:14:a1:a7:f6:ff:af:ac:e0:f0:07:22:59:
87:93:0e:a6:0b:26:68:58:5b:0c:e7:43:e4:be:59:
ce:e2:b2:bb:35:e2:14:47:42:22:0a:43:7e:05:9a:
07:9e:12:ca:81:70:b0:5f:c4:b6:76:37:e0:28:53:
e2:89:9d:5a:70:48:78:90:9c:c2:3a:41:1a:35:d1:
83:e9:2c:7e:60:c6:5f:51:96:e6:8a:c2:8a:9e:f3:
2b:b3:74:bc:e8:dc:72:da:45:1e:e0:14:0e:48:60:
65:bc:ba:70:4f:c1:19:e5:82:45:ae:5b:86:1c:91:
64:c1:84:60:a5:a0:54:82:61:3d:60:1a:c5:68:e4:
ad:b1:78:12:1d:78:e4:fe:2b:90:4e:2d:b7:ed:46:
27:a2:e8:b4:4e:33:78:2a:8d:d7:fe:04:66:fe:ce:
90:4c:2a:ec:cc:c1:20:fb:d7:5c:f8:0a:9e:86:88:
6e:c2:db:08:6a:48:b0:b3:5d:86:d0:af:70:dd:cd:
5a:6d:f7:d8:8e:57:0e:c7:04:96:e0:6e:60:58:d5:
19:44:0e:20:69:ab:36:77:8f:f9:60:c2:af:d4:03:
ff:d3:88:cd:32:17:68:02:3f:a9:01:15:3b:0d:67:
b7:f0:c1:9f:b1:e1:fc:5b:ab:d0:b1:94:96:7e:0f:
50:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F9:08:5C:FB:7F:F2:5B:83:54:1E:70:4D:8D:89:68:C3:1D:7D:98
X509v3 Authority Key Identifier:
keyid:60:A5:40:CE:45:04:56:34:5E:C8:E0:98:EF:4F:53:63:4D:74:BF:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YKVAzkUEVjReyOCY709TY010vx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/J_kIXPt_8luDVB5wTY2JaMMdfZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/195a47-a2cb-4f00-8531-e473531f6fe8/1/YKVAzkUEVjReyOCY709TY010vx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.164.0/22
31.216.59.0/24
45.87.60.0/22
45.130.152.0/22
45.143.144.0/22
89.36.230.0/24
89.37.100.0/24
89.46.43.0/24
94.154.8.0/24
103.104.248.0/22
103.202.52.0/22
178.211.157.0/24
185.162.74.0/23
185.234.115.0/24
188.210.236.0/24
194.49.68.0/23
194.49.78.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:9f:2d:2d:e6:60:cd:88:d8:e2:3a:f5:6b:2e:d2:48:a1:b1:
a7:f1:2b:69:62:98:61:8f:f6:ef:c4:fb:24:0c:43:45:06:e5:
2b:62:62:b5:f4:7f:df:dd:dc:4b:3a:a7:b9:6f:bd:52:07:54:
e1:0d:98:cf:61:0d:4a:54:42:c5:51:ee:7a:c7:4c:bb:5e:74:
bd:84:a2:b0:4d:a5:54:55:d0:b1:35:26:6a:cc:0d:91:04:5f:
7a:0e:28:ca:2f:56:ac:f0:90:81:a8:12:b2:50:0d:e9:46:c6:
86:52:80:9d:6c:3a:d7:b3:98:26:15:b4:05:98:98:2d:a0:31:
c7:79:11:12:33:18:23:79:4e:39:72:fc:eb:41:87:2d:af:bd:
40:37:37:46:eb:e8:75:b4:7d:97:09:28:28:27:6c:27:6d:50:
06:02:37:43:e5:5d:b5:86:c5:df:dc:f0:50:98:73:45:76:b1:
d0:db:17:1b:1f:db:d8:bc:ee:89:2c:4d:32:26:06:fe:5c:b7:
66:6b:3d:65:6c:26:9d:a9:2d:e0:b3:72:22:6b:16:0c:55:7b:
15:49:a6:77:51:3f:82:01:da:0c:22:1f:79:dc:ea:01:a0:5a:
6e:25:10:ce:dc:a7:f8:61:97:96:ee:b0:ff:b9:4b:ae:b3:ee:
5e:3d:6f:b6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZMsamMgkeGtvPIN4skGerzqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYTU0MGNlNDUwNDU2MzQ1ZWM4ZTA5OGVmNGY1MzYzNGQ3
NGJmMWYwHhcNMjQxMTE0MjA0MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2Y5MDg1Y2ZiN2ZmMjViODM1NDFlNzA0ZDhkODk2OGMzMWQ3ZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvgUoaf2/6+s4PAHIlmHkw6mCyZo
WFsM50PkvlnO4rK7NeIUR0IiCkN+BZoHnhLKgXCwX8S2djfgKFPiiZ1acEh4kJzC
OkEaNdGD6Sx+YMZfUZbmisKKnvMrs3S86Nxy2kUe4BQOSGBlvLpwT8EZ5YJFrluG
HJFkwYRgpaBUgmE9YBrFaOStsXgSHXjk/iuQTi237UYnoui0TjN4Ko3X/gRm/s6Q
TCrszMEg+9dc+AqehohuwtsIakiws12G0K9w3c1abffYjlcOxwSW4G5gWNUZRA4g
aas2d4/5YMKv1AP/04jNMhdoAj+pARU7DWe38MGfseH8W6vQsZSWfg9QKwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFCf5CFz7f/Jbg1QecE2NiWjDHX2YMB8GA1UdIwQY
MBaAFGClQM5FBFY0XsjgmO9PU2NNdL8fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEt
ZTQ3MzUzMWY2ZmU4LzEvSl9rSVhQdF84bHVEVkI1d1RZMkphTU1kZlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTVhNDctYTJjYi00ZjAwLTg1MzEtZTQ3MzUzMWY2ZmU4
LzEvWUtWQXprVUVWalJleU9DWTcwOVRZMDEwdng4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQCBfykAwQA
H9g7AwQCLVc8AwQCLYKYAwQCLY+QAwQAWSTmAwQAWSVkAwQAWS4rAwQAXpoIAwQC
Z2j4AwQCZ8o0AwQAstOdAwQBuaJKAwQAuepzAwQAvNLsAwQBwjFEAwQBwjFOMA0G
CSqGSIb3DQEBCwUAA4IBAQBqny0t5mDNiNjiOvVrLtJIobGn8StpYphhj/bvxPsk
DENFBuUrYmK19H/f3dxLOqe5b71SB1ThDZjPYQ1KVELFUe56x0y7XnS9hKKwTaVU
VdCxNSZqzA2RBF96DijKL1as8JCBqBKyUA3pRsaGUoCdbDrXs5gmFbQFmJgtoDHH
eRESMxgjeU45cvzrQYctr71ANzdG6+h1tH2XCSgoJ2wnbVAGAjdD5V21hsXf3PBQ
mHNFdrHQ2xcbH9vYvO6JLE0yJgb+XLdmaz1lbCadqS3gs3IiaxYMVXsVSaZ3UT+C
AdoMIh953OoBoFpuJRDO3Kf4YZeW7rD/uUuus+5ePW+2
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:31:38 2024 by rpki-client on console-ams.rpki-client.org