Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/UOLafGzKf5-G__8SNd2lWnrt1k0.roa
File: UOLafGzKf5-G__8SNd2lWnrt1k0.roa (raw, json)
Hash identifier: TBjHVQ3xvNDS9bK9K8GycWIg6X5X6BeLA+UrvLNHgfk=
Subject key identifier: 50:E2:DA:7C:6C:CA:7F:9F:86:FF:FF:12:35:DD:A5:5A:7A:ED:D6:4D
Certificate issuer: /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial: 018CC3B736922326FC7A9015543F1EA1B8A1
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/UOLafGzKf5-G__8SNd2lWnrt1k0.roa
Signing time: Mon 01 Jan 2024 06:30:13 +0000
ROA not before: Mon 01 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42926
IP address blocks: 176.53.74.0/24 maxlen: 24
176.53.96.0/24 maxlen: 24
185.184.208.0/22 maxlen: 24
77.75.32.0/21 maxlen: 24
31.210.64.0/18 maxlen: 24
213.128.64.0/19 maxlen: 24
46.45.186.0/24 maxlen: 24
46.45.185.0/24 maxlen: 24
94.101.80.0/20 maxlen: 24
46.45.188.0/24 maxlen: 24
46.45.187.0/24 maxlen: 24
94.101.90.0/24 maxlen: 24
213.128.95.0/24 maxlen: 24
213.128.94.0/24 maxlen: 24
213.128.93.0/24 maxlen: 24
46.45.128.0/18 maxlen: 24
185.25.103.0/24 maxlen: 24
185.25.102.0/24 maxlen: 24
185.25.101.0/24 maxlen: 24
185.25.100.0/24 maxlen: 24
176.53.0.0/17 maxlen: 24
79.98.128.0/21 maxlen: 24
185.157.40.0/22 maxlen: 24
178.211.32.0/19 maxlen: 24
2a00:56a0::/32 maxlen: 48
2a01:790::/32 maxlen: 48
2a0b:5f40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:36:92:23:26:fc:7a:90:15:54:3f:1e:a1:b8:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Validity
Not Before: Jan 1 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=50e2da7c6cca7f9f86ffff1235dda55a7aedd64d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1d:96:49:2e:1a:e8:05:71:19:2b:3e:4b:2e:
eb:18:18:04:5f:1b:62:9f:cb:0e:b8:d8:00:45:39:
69:dd:10:5d:99:08:35:e3:1c:07:70:be:ef:03:9b:
c2:8c:9a:53:08:d7:ad:a9:d8:32:49:7e:59:28:3b:
2d:b4:5a:05:24:95:fc:53:d8:c0:6b:96:98:41:37:
b3:d3:e2:d3:98:ed:15:93:b9:d4:09:6f:a8:cc:b7:
01:7b:7a:3a:a3:d0:c0:92:aa:6d:05:36:bc:b4:9a:
a1:ce:65:74:6c:54:44:c9:6b:db:2d:9a:25:91:5b:
74:fb:a5:5d:86:b6:35:b8:aa:3c:b5:fb:3e:c7:33:
f9:ac:66:f1:e6:39:74:25:e1:a6:3c:e8:fc:43:50:
db:e9:44:1f:67:7a:e6:21:dd:e4:39:9a:0a:7c:0d:
d2:d6:0c:bd:6d:09:8e:48:a2:fb:be:c9:92:0e:f8:
1d:9f:ee:8a:03:af:a3:e0:37:97:6a:d0:2a:bb:51:
56:cd:ff:5f:8e:0b:4c:37:45:24:d0:59:09:bd:46:
c0:3d:f7:c2:21:0d:bf:f0:ac:02:6c:c8:a7:1a:20:
89:cb:1c:32:60:d5:01:e4:13:e7:c4:59:0e:72:72:
a3:fe:53:66:02:0e:25:ed:9c:4e:22:98:09:c8:12:
0a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:E2:DA:7C:6C:CA:7F:9F:86:FF:FF:12:35:DD:A5:5A:7A:ED:D6:4D
X509v3 Authority Key Identifier:
keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/UOLafGzKf5-G__8SNd2lWnrt1k0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.64.0/18
46.45.128.0/18
77.75.32.0/21
79.98.128.0/21
94.101.80.0/20
176.53.0.0/17
178.211.32.0/19
185.25.100.0/22
185.157.40.0/22
185.184.208.0/22
213.128.64.0/19
IPv6:
2a00:56a0::/32
2a01:790::/32
2a0b:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
04:ed:ae:aa:92:39:39:cd:23:a0:86:c3:d0:4c:d6:3f:7e:ee:
47:d7:4c:e9:3f:ae:3d:28:53:cc:04:49:13:94:66:23:bb:7e:
6d:e1:aa:31:38:31:b2:a7:96:1d:bd:55:c4:f5:5d:f6:d4:ed:
4b:2b:42:7f:b1:5c:3b:fb:b8:f2:56:4b:4d:b9:ea:ed:62:be:
74:11:4a:a3:66:6e:d2:c1:84:64:1a:38:14:cd:fa:01:03:6c:
1b:cd:91:aa:b3:aa:f8:61:00:d0:4d:6c:70:17:2b:8c:b9:0d:
ae:82:0b:6d:bd:57:31:30:c1:33:e4:07:ab:e8:f8:1d:8b:a5:
43:ca:ab:2c:af:11:30:b0:63:3b:3f:3d:f1:e8:fd:08:a3:b3:
c4:1b:05:e0:73:35:55:d5:46:3f:27:c0:eb:38:3d:13:99:fb:
93:83:1b:06:bc:3f:1b:22:92:ef:ba:2c:aa:a5:de:1f:23:07:
f6:e0:fb:d0:05:53:b7:9a:60:65:e8:c5:69:3b:3e:d8:30:09:
08:eb:3d:92:d8:ff:ea:c4:0f:18:5f:60:b8:60:d7:44:b8:0a:
de:84:14:9e:da:5f:b7:87:6d:a2:2e:5c:16:7f:86:85:67:e7:
da:aa:50:11:74:ff:4a:88:b7:ec:8d:6a:b6:4b:34:cb:78:55:
2b:a6:79:8d
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYzDtzaSIyb8epAVVD8eobihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzFiYmYxZDNkM2MwZWZlMzZkZTExMDM5MmJlMGM3YWM0
NDdhODQwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGUyZGE3YzZjY2E3ZjlmODZmZmZmMTIzNWRkYTU1YTdhZWRkNjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx2WSS4a6AVxGSs+Sy7rGBgEXxti
n8sOuNgARTlp3RBdmQg14xwHcL7vA5vCjJpTCNetqdgySX5ZKDsttFoFJJX8U9jA
a5aYQTez0+LTmO0Vk7nUCW+ozLcBe3o6o9DAkqptBTa8tJqhzmV0bFREyWvbLZol
kVt0+6VdhrY1uKo8tfs+xzP5rGbx5jl0JeGmPOj8Q1Db6UQfZ3rmId3kOZoKfA3S
1gy9bQmOSKL7vsmSDvgdn+6KA6+j4DeXatAqu1FWzf9fjgtMN0Uk0FkJvUbAPffC
IQ2/8KwCbMinGiCJyxwyYNUB5BPnxFkOcnKj/lNmAg4l7ZxOIpgJyBIKgwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFFDi2nxsyn+fhv//EjXdpVp67dZNMB8GA1UdIwQY
MBaAFPVxu/HT08Dv423hEDkr4MesRHqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYt
YTk2NTdlYjFmOGQ3LzEvVU9MYWZHektmNS1HX184U05kMmxXbnJ0MWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYtYTk2NTdlYjFmOGQ3
LzEvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQGH9JAAwQG
Li2AAwQDTUsgAwQDT2KAAwQEXmVQAwQHsDUAAwQFstMgAwQCuRlkAwQCuZ0oAwQC
ubjQAwQF1YBAMBsEAgACMBUDBQAqAFagAwUAKgEHkAMFAyoLX0AwDQYJKoZIhvcN
AQELBQADggEBAATtrqqSOTnNI6CGw9BM1j9+7kfXTOk/rj0oU8wESROUZiO7fm3h
qjE4MbKnlh29VcT1XfbU7UsrQn+xXDv7uPJWS0256u1ivnQRSqNmbtLBhGQaOBTN
+gEDbBvNkaqzqvhhANBNbHAXK4y5Da6CC229VzEwwTPkB6vo+B2LpUPKqyyvETCw
Yzs/PfHo/Qijs8QbBeBzNVXVRj8nwOs4PROZ+5ODGwa8Pxsiku+6LKql3h8jB/bg
+9AFU7eaYGXoxWk7PtgwCQjrPZLY/+rEDxhfYLhg10S4Ct6EFJ7aX7eHbaIuXBZ/
hoVn59qqUBF0/0qIt+yNarZLNMt4VSumeY0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:04:14 2024 by rpki-client on console-ams.rpki-client.org