Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/U-XbR7VnzjpXBKIhI55jC61zZp4.roa
File: U-XbR7VnzjpXBKIhI55jC61zZp4.roa (raw, json)
Hash identifier: 5inKMFH0WLD9K/4kBuwfN6tlrLnWFMeQJDnqVlZ6g/Y=
Subject key identifier: 53:E5:DB:47:B5:67:CE:3A:57:04:A2:21:23:9E:63:0B:AD:73:66:9E
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01934AB053B2E3C80E6C2C68E7DB0B292061
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/U-XbR7VnzjpXBKIhI55jC61zZp4.roa
Signing time: Wed 20 Nov 2024 17:48:09 +0000
ROA not before: Wed 20 Nov 2024 17:48:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47376
IP address blocks: 103.215.220.0/22 maxlen: 22
103.215.220.0/24 maxlen: 24
103.215.221.0/24 maxlen: 24
103.215.222.0/24 maxlen: 24
103.215.223.0/24 maxlen: 24
185.221.239.0/24 maxlen: 24
195.28.11.0/24 maxlen: 24
195.234.191.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
195.238.240.0/24 maxlen: 24
195.238.247.0/24 maxlen: 24
2a05:63c0::/29 maxlen: 29
2a05:63c0::/30 maxlen: 30
2a05:63c0::/48 maxlen: 48
2a0f:c040::/29 maxlen: 29
2a10:ef04:1001::/48 maxlen: 48
2a10:ef04:1002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4a:b0:53:b2:e3:c8:0e:6c:2c:68:e7:db:0b:29:20:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Nov 20 17:48:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53e5db47b567ce3a5704a221239e630bad73669e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7a:c4:d7:4e:3a:fc:60:53:5f:a1:32:5b:7d:
34:59:c0:52:85:e8:ba:c4:ff:ec:aa:ec:db:4c:4c:
c1:e2:ec:61:3c:ef:ae:46:c9:cb:c9:7b:37:50:a1:
e4:1b:39:63:f2:bf:78:4d:28:7b:5e:57:b8:dc:86:
1e:03:0f:c1:96:01:aa:e7:40:fa:ff:da:d5:80:11:
3d:f4:3b:9f:3b:e0:ad:3d:9c:af:c4:81:0a:68:6c:
4a:c4:a0:bc:34:13:41:d6:a5:5a:38:35:c4:a5:4c:
0a:6a:15:cd:90:f5:f3:ec:b4:31:6e:07:43:8d:c9:
c9:b3:b1:85:39:63:23:f2:8a:a5:9e:44:fa:50:bd:
53:86:92:c3:a0:3e:83:34:d0:cf:29:8f:60:4b:ba:
ef:52:67:71:dd:0e:24:9c:44:df:a5:09:24:2c:fe:
75:68:8e:cc:ef:6c:f6:b6:bc:49:9e:ca:5d:f1:5f:
ab:80:8b:6c:e0:fb:1c:85:17:07:04:28:56:2f:db:
58:15:a8:ac:1d:df:3a:d9:2d:a3:cf:bd:8a:98:29:
4d:ac:b8:20:9f:9a:d6:65:a4:80:be:b8:79:44:2d:
4d:ea:63:79:4f:fc:34:d9:17:9b:be:81:84:64:34:
bd:e4:f0:09:c0:4f:6b:a9:79:0b:77:70:25:e9:12:
91:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:E5:DB:47:B5:67:CE:3A:57:04:A2:21:23:9E:63:0B:AD:73:66:9E
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/U-XbR7VnzjpXBKIhI55jC61zZp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.220.0/22
185.221.239.0/24
195.28.11.0/24
195.234.191.0/24
195.238.231.0/24
195.238.240.0/24
195.238.247.0/24
IPv6:
2a05:63c0::/29
2a0f:c040::/29
2a10:ef04:1001::-2a10:ef04:1002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
60:62:21:c5:f9:4d:76:65:e4:6d:05:ca:59:77:c4:bc:d9:a0:
68:c2:f8:29:52:a8:42:29:60:d7:da:02:73:00:1c:56:6d:2e:
a1:64:9f:65:c5:bd:14:d7:79:14:e1:82:4f:fe:e6:8d:6e:c9:
b3:6e:51:42:a4:3a:c9:32:dc:15:c4:1c:da:84:ba:34:d4:8c:
4a:28:1b:26:25:6d:60:b2:04:2f:38:70:0d:aa:13:fb:1e:43:
81:40:9f:af:45:2b:5f:5b:be:73:25:d6:63:cd:87:ad:ef:67:
e5:88:dd:de:bd:bd:16:60:82:54:57:12:fd:2c:18:33:a7:63:
4a:69:51:0c:f3:79:3c:45:23:3e:14:7a:42:aa:26:ab:f7:78:
f3:b4:89:d1:24:00:b1:4e:56:c8:be:33:29:2d:5a:dd:27:83:
79:d7:50:a6:81:10:4c:55:6e:54:92:5f:19:d9:8a:c0:ce:d8:
c3:a8:c7:c3:92:27:7f:09:af:85:0d:ca:5a:ea:d4:6e:e2:f8:
73:c5:f3:7a:50:a2:fd:a3:88:44:a8:f5:5b:39:45:d8:58:b3:
47:b9:cc:36:70:b0:b5:3b:47:6c:9d:75:40:2f:92:fd:bf:28:
7d:35:76:72:1c:0b:4d:43:90:82:3f:b5:d3:8d:97:20:d6:c1:
cb:fa:67:c5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZNKsFOy48gObCxo59sLKSBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjQxMTIwMTc0ODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2U1ZGI0N2I1NjdjZTNhNTcwNGEyMjEyMzllNjMwYmFkNzM2NjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3rE1046/GBTX6EyW300WcBShei6
xP/squzbTEzB4uxhPO+uRsnLyXs3UKHkGzlj8r94TSh7Xle43IYeAw/BlgGq50D6
/9rVgBE99DufO+CtPZyvxIEKaGxKxKC8NBNB1qVaODXEpUwKahXNkPXz7LQxbgdD
jcnJs7GFOWMj8oqlnkT6UL1ThpLDoD6DNNDPKY9gS7rvUmdx3Q4knETfpQkkLP51
aI7M72z2trxJnspd8V+rgIts4PschRcHBChWL9tYFaisHd862S2jz72KmClNrLgg
n5rWZaSAvrh5RC1N6mN5T/w02RebvoGEZDS95PAJwE9rqXkLd3Al6RKRCwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFFPl20e1Z846VwSiISOeYwutc2aeMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvVS1YYlI3Vm56anBYQktJaEk1NWpDNjF6WnA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAwBAIAATAqAwQCZ9fcAwQA
ud3vAwQAwxwLAwQAw+q/AwQAw+7nAwQAw+7wAwQAw+73MCgEAgACMCIDBQMqBWPA
AwUDKg/AQDASAwcAKhDvBBABAwcAKhDvBBACMA0GCSqGSIb3DQEBCwUAA4IBAQBg
YiHF+U12ZeRtBcpZd8S82aBowvgpUqhCKWDX2gJzABxWbS6hZJ9lxb0U13kU4YJP
/uaNbsmzblFCpDrJMtwVxBzahLo01IxKKBsmJW1gsgQvOHANqhP7HkOBQJ+vRStf
W75zJdZjzYet72fliN3evb0WYIJUVxL9LBgzp2NKaVEM83k8RSM+FHpCqiar93jz
tInRJACxTlbIvjMpLVrdJ4N511CmgRBMVW5Ukl8Z2YrAztjDqMfDkid/Ca+FDcpa
6tRu4vhzxfN6UKL9o4hEqPVbOUXYWLNHucw2cLC1O0dsnXVAL5L9vyh9NXZyHAtN
Q5CCP7XTjZcg1sHL+mfF
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:15:10 2024 by rpki-client on console-ams.rpki-client.org