Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/sPTUTmSlf8rcwqtA8HeA7J7CxAs.roa
File: sPTUTmSlf8rcwqtA8HeA7J7CxAs.roa (raw, json)
Hash identifier: r0czBmAzlJFIVAeGQx0Gn0uOCU0hba8fN9YIQ5ZSt98=
Subject key identifier: B0:F4:D4:4E:64:A5:7F:CA:DC:C2:AB:40:F0:77:80:EC:9E:C2:C4:0B
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018F7606274B9B90944A94DA5A2E83A5C7E9
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/sPTUTmSlf8rcwqtA8HeA7J7CxAs.roa
Signing time: Tue 14 May 2024 07:34:25 +0000
ROA not before: Tue 14 May 2024 07:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31034
IP address blocks: 5.249.128.0/19 maxlen: 24
31.11.32.0/21 maxlen: 24
31.14.128.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
62.149.128.0/17 maxlen: 24
66.71.128.0/18 maxlen: 24
77.81.224.0/20 maxlen: 24
80.73.224.0/21 maxlen: 24
80.211.0.0/16 maxlen: 24
82.192.128.0/19 maxlen: 24
89.36.208.0/22 maxlen: 24
89.46.64.0/20 maxlen: 24
89.46.104.0/21 maxlen: 24
89.46.192.0/21 maxlen: 24
94.177.160.0/19 maxlen: 24
94.177.192.0/18 maxlen: 24
95.110.128.0/17 maxlen: 24
176.107.144.0/21 maxlen: 24
185.56.8.0/22 maxlen: 24
185.58.116.0/22 maxlen: 24
188.213.160.0/20 maxlen: 24
194.182.110.0/23 maxlen: 24
195.231.0.0/17 maxlen: 24
195.231.64.0/20 maxlen: 24
195.231.80.0/21 maxlen: 24
195.231.88.0/21 maxlen: 24
209.227.224.0/20 maxlen: 24
217.61.0.0/18 maxlen: 24
217.61.56.0/21 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft
rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:06:27:4b:9b:90:94:4a:94:da:5a:2e:83:a5:c7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: May 14 07:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0f4d44e64a57fcadcc2ab40f07780ec9ec2c40b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5c:51:bf:fa:8d:7d:c2:f2:30:95:25:bb:8a:
a5:bf:65:a1:6d:8e:81:a7:94:8a:7c:bb:21:91:df:
aa:fe:89:b6:9c:02:ad:37:96:52:af:f3:60:7b:de:
e2:ae:bd:ea:41:8a:c4:e3:6d:8d:e9:17:29:d5:e6:
f9:37:ab:11:ba:a4:f7:7c:00:d3:88:7e:87:18:32:
d3:54:77:31:e6:dd:3a:36:30:b7:b6:40:2d:b5:37:
b6:b9:9d:e3:63:c7:b7:b9:a0:d3:7a:10:74:97:58:
f2:af:5a:50:75:a2:9d:b6:4d:2d:2e:94:16:b6:43:
a7:46:d9:69:60:63:82:71:3e:a9:b6:ff:3c:4b:61:
29:0c:a2:9c:2a:dc:a3:05:14:39:01:0f:36:a1:9f:
f1:b4:48:b8:12:be:b3:dd:d7:d9:cd:4e:ca:22:a7:
b5:66:92:ba:f0:65:ff:51:ea:58:cc:84:ff:69:15:
c9:22:7d:7f:32:b5:64:24:2c:18:6c:21:23:01:2e:
76:8f:2e:dd:c6:c9:24:2b:12:fa:c5:1b:9d:91:92:
ed:d2:b9:9d:51:19:9f:14:86:7f:6d:6d:9d:c9:f7:
a6:1c:40:3b:ad:e9:da:c1:3f:60:b6:d6:a0:d1:c8:
9e:04:a3:8c:3b:fc:f8:f8:bf:76:fd:2d:8b:55:20:
c6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F4:D4:4E:64:A5:7F:CA:DC:C2:AB:40:F0:77:80:EC:9E:C2:C4:0B
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/sPTUTmSlf8rcwqtA8HeA7J7CxAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
66.71.128.0/18
77.81.224.0/20
80.73.224.0/21
80.211.0.0/16
82.192.128.0/19
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
188.213.160.0/20
194.182.110.0/23
195.231.0.0/17
209.227.224.0/20
217.61.0.0/18
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
62:ce:f7:12:d7:3f:79:50:f9:dc:7b:a5:3f:e2:93:4f:67:6c:
73:c1:96:29:a6:48:0d:11:41:04:fd:b5:c2:c9:a8:3e:76:93:
38:b8:ab:8e:d2:a9:f7:6c:f1:75:eb:a5:8c:e9:b2:35:4b:e3:
ee:b8:2d:62:56:22:45:a5:84:74:ec:3f:54:f5:7e:2a:49:2a:
7f:08:f7:98:a0:8b:cb:45:83:c4:f5:90:92:d8:c7:4a:37:d4:
5b:c3:77:0c:e0:5b:e6:c5:32:f5:95:ad:ba:89:76:21:00:15:
a0:c4:d8:ad:c7:6a:57:94:49:71:b4:a6:aa:2b:cc:45:3b:39:
44:16:9f:43:e4:12:4c:a9:ad:d6:a2:f3:1d:fb:40:57:67:1d:
67:85:52:6f:f9:41:70:10:6a:3e:c6:3d:5b:e4:4f:f0:9f:b8:
5d:54:e3:50:8d:99:81:fd:85:d0:57:06:8e:a0:b9:06:c9:9a:
8f:31:16:3d:49:2a:0c:94:39:62:8c:a5:3c:12:a9:ec:15:98:
5b:08:92:5c:d7:3b:a4:3a:7b:a9:56:99:d4:33:ed:a0:4f:ed:
31:d1:4b:ef:05:52:34:24:77:77:7c:b3:b6:6c:0c:16:05:60:
66:fb:ac:23:ee:ca:e1:36:be:5d:df:3f:96:23:c4:15:f0:9d:
06:ab:ab:3a
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAY92BidLm5CUSpTaWi6DpcfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjQwNTE0MDczNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY0ZDQ0ZTY0YTU3ZmNhZGNjMmFiNDBmMDc3ODBlYzllYzJjNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lxRv/qNfcLyMJUlu4qlv2WhbY6B
p5SKfLshkd+q/om2nAKtN5ZSr/Nge97irr3qQYrE422N6Rcp1eb5N6sRuqT3fADT
iH6HGDLTVHcx5t06NjC3tkAttTe2uZ3jY8e3uaDTehB0l1jyr1pQdaKdtk0tLpQW
tkOnRtlpYGOCcT6ptv88S2EpDKKcKtyjBRQ5AQ82oZ/xtEi4Er6z3dfZzU7KIqe1
ZpK68GX/UepYzIT/aRXJIn1/MrVkJCwYbCEjAS52jy7dxskkKxL6xRudkZLt0rmd
URmfFIZ/bW2dyfemHEA7renawT9gttag0cieBKOMO/z4+L92/S2LVSDGOQIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFLD01E5kpX/K3MKrQPB3gOyewsQLMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvc1BUVVRtU2xmOHJjd3F0QThIZUE3SjdDeEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBAZCR4ADBARNUeADBANQSeADAwBQ
0wMEBVLAgAMEAlkk0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdf
boADBAOwa5ADBAK5OAgDBAK5OnQDBAS81aADBAHCtm4DBAfD5wADBATR4+ADBAbZ
PQAwDQQCAAIwBwMFAyoAbUAwDQYJKoZIhvcNAQELBQADggEBAGLO9xLXP3lQ+dx7
pT/ik09nbHPBlimmSA0RQQT9tcLJqD52kzi4q47Sqfds8XXrpYzpsjVL4+64LWJW
IkWlhHTsP1T1fipJKn8I95igi8tFg8T1kJLYx0o31FvDdwzgW+bFMvWVrbqJdiEA
FaDE2K3HaleUSXG0pqorzEU7OUQWn0PkEkyprdai8x37QFdnHWeFUm/5QXAQaj7G
PVvkT/CfuF1U41CNmYH9hdBXBo6guQbJmo8xFj1JKgyUOWKMpTwSqewVmFsIklzX
O6Q6e6lWmdQz7aBP7THRS+8FUjQkd3d8s7ZsDBYFYGb7rCPuyuE2vl3fP5YjxBXw
nQarqzo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:16 2024 by rpki-client on console-fra.rpki-client.org