Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/xprzbvmiU-QZBmO2k4mFqSAuVNw.roa
File: xprzbvmiU-QZBmO2k4mFqSAuVNw.roa (raw, json)
Hash identifier: JeVShNOjIMql86jIjNBeuq9m/6ceKScpKyKCXzGIctU=
Subject key identifier: C6:9A:F3:6E:F9:A2:53:E4:19:06:63:B6:93:89:85:A9:20:2E:54:DC
Certificate issuer: /CN=b972bd49d551b4ada5bd6bb695618a79451ad34e
Certificate serial: 018F2972D65D9B3942D8972B49DF293CCDF2
Authority key identifier: B9:72:BD:49:D5:51:B4:AD:A5:BD:6B:B6:95:61:8A:79:45:1A:D3:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/xprzbvmiU-QZBmO2k4mFqSAuVNw.roa
Signing time: Mon 29 Apr 2024 10:42:22 +0000
ROA not before: Mon 29 Apr 2024 10:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60672
IP address blocks: 31.24.104.0/21 maxlen: 21
31.28.64.0/24 maxlen: 24
31.28.66.0/24 maxlen: 24
31.28.69.0/24 maxlen: 24
31.28.71.0/24 maxlen: 24
31.28.73.0/24 maxlen: 24
31.28.76.0/22 maxlen: 22
31.28.87.0/24 maxlen: 24
31.28.88.0/21 maxlen: 21
31.28.92.0/24 maxlen: 24
94.126.41.0/24 maxlen: 24
94.126.42.0/24 maxlen: 24
94.126.44.0/23 maxlen: 23
94.126.46.0/24 maxlen: 24
178.18.120.0/22 maxlen: 22
193.192.2.0/23 maxlen: 23
193.193.162.0/23 maxlen: 23
2a01:8000::/32 maxlen: 32
2a10:6740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:29:72:d6:5d:9b:39:42:d8:97:2b:49:df:29:3c:cd:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b972bd49d551b4ada5bd6bb695618a79451ad34e
Validity
Not Before: Apr 29 10:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c69af36ef9a253e4190663b6938985a9202e54dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:6a:cf:00:98:e7:5a:6a:05:1c:87:12:39:d0:
d8:90:fe:fc:69:10:45:9f:6e:01:44:e2:61:3e:04:
cc:82:f3:8f:04:7c:e6:ea:f1:6e:85:17:e8:65:5b:
21:7d:5e:18:7c:77:14:53:b4:49:04:6d:aa:71:1a:
85:f9:f1:21:e5:b1:d1:d5:20:22:30:c0:c1:03:0b:
09:9f:d3:1f:34:b0:89:68:de:23:c6:3d:1f:c9:10:
ea:eb:df:3d:98:84:08:d8:b0:45:60:4d:6e:75:34:
be:ee:d6:72:d5:be:b3:0e:e1:f8:0a:9d:e8:0e:41:
b5:56:c4:8d:fd:db:71:e1:19:60:08:80:e9:a4:01:
c6:1a:57:26:b0:49:fa:9d:0a:ec:f4:5b:58:4b:13:
95:13:2d:25:a3:3d:12:bd:3d:d8:ef:1e:22:8b:1d:
72:7a:9f:c6:1f:4c:0c:c1:70:44:5b:62:58:79:6c:
05:65:e0:fa:3f:40:dc:32:ef:3f:36:58:63:dc:97:
39:04:b9:8e:c8:bc:57:f7:a0:20:8d:b7:c2:5d:fc:
b2:57:37:47:d7:bb:9d:a3:96:d7:cf:ee:e6:eb:3f:
48:4d:e8:a8:0c:84:3e:01:fd:cc:19:3f:a5:7a:59:
15:86:7c:50:97:36:b4:47:0d:eb:a2:1b:74:94:72:
ce:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9A:F3:6E:F9:A2:53:E4:19:06:63:B6:93:89:85:A9:20:2E:54:DC
X509v3 Authority Key Identifier:
keyid:B9:72:BD:49:D5:51:B4:AD:A5:BD:6B:B6:95:61:8A:79:45:1A:D3:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXK9SdVRtK2lvWu2lWGKeUUa004.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/xprzbvmiU-QZBmO2k4mFqSAuVNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/fe07b7-f464-4e67-8299-ca5e685438a2/1/uXK9SdVRtK2lvWu2lWGKeUUa004.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.104.0/21
31.28.64.0/24
31.28.66.0/24
31.28.69.0/24
31.28.71.0/24
31.28.73.0/24
31.28.76.0/22
31.28.87.0-31.28.95.255
94.126.41.0-94.126.42.255
94.126.44.0-94.126.46.255
178.18.120.0/22
193.192.2.0/23
193.193.162.0/23
IPv6:
2a01:8000::/32
2a10:6740::/32
Signature Algorithm: sha256WithRSAEncryption
1c:60:f8:f6:15:e4:57:47:35:ed:36:1d:5a:51:8f:a9:67:af:
56:60:05:b8:70:36:a6:33:86:02:ea:7d:bf:3e:91:94:f1:69:
9a:ab:c4:2c:2d:a2:53:04:45:bf:78:d3:28:6e:5d:63:05:22:
6a:ca:76:c2:5f:63:64:99:0e:2f:d5:b1:0a:99:a3:92:e5:75:
99:5c:94:d0:6a:4a:15:ce:c4:f0:61:47:fa:47:40:f0:a0:dd:
f5:e4:6b:14:7d:8d:5c:74:1d:38:7b:f3:c0:45:b6:20:f9:95:
b2:23:69:df:2c:41:fe:6d:36:1f:72:1f:c0:4d:73:6a:0e:aa:
8a:43:b0:4f:2a:60:73:c2:3a:2b:7d:d8:7e:b3:50:01:aa:90:
45:85:8d:11:d8:55:aa:4e:e4:65:ca:49:ca:d9:53:ca:a6:8f:
d1:a4:8a:41:43:3b:90:19:7b:ce:4b:97:1a:7b:af:c9:61:d3:
75:b1:9e:76:98:a3:9b:42:34:8d:c4:82:57:47:63:0f:87:5f:
40:98:74:11:5d:c7:09:a6:5d:25:9d:09:2f:d8:b1:30:1c:3d:
f7:b0:28:fa:0a:ac:87:b3:5f:b2:5c:54:39:95:7a:0c:19:f7:
74:59:6d:a2:e9:63:13:11:b1:c5:c4:86:f6:6f:42:06:99:9c:
a4:4b:c1:19
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgISAY8pctZdmzlC2JcrSd8pPM3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NzJiZDQ5ZDU1MWI0YWRhNWJkNmJiNjk1NjE4YTc5NDUx
YWQzNGUwHhcNMjQwNDI5MTA0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjlhZjM2ZWY5YTI1M2U0MTkwNjYzYjY5Mzg5ODVhOTIwMmU1NGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72rPAJjnWmoFHIcSOdDYkP78aRBF
n24BROJhPgTMgvOPBHzm6vFuhRfoZVshfV4YfHcUU7RJBG2qcRqF+fEh5bHR1SAi
MMDBAwsJn9MfNLCJaN4jxj0fyRDq6989mIQI2LBFYE1udTS+7tZy1b6zDuH4Cp3o
DkG1VsSN/dtx4RlgCIDppAHGGlcmsEn6nQrs9FtYSxOVEy0loz0SvT3Y7x4iix1y
ep/GH0wMwXBEW2JYeWwFZeD6P0DcMu8/Nlhj3Jc5BLmOyLxX96AgjbfCXfyyVzdH
17udo5bXz+7m6z9ITeioDIQ+Af3MGT+lelkVhnxQlza0Rw3roht0lHLO6QIDAQAB
o4ICgjCCAn4wHQYDVR0OBBYEFMaa8275olPkGQZjtpOJhakgLlTcMB8GA1UdIwQY
MBaAFLlyvUnVUbStpb1rtpVhinlFGtNOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mZTA3YjctZjQ2NC00ZTY3LTgyOTkt
Y2E1ZTY4NTQzOGEyLzEveHByemJ2bWlVLVFaQm1PMms0bUZxU0F1Vk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mZTA3YjctZjQ2NC00ZTY3LTgyOTktY2E1ZTY4NTQzOGEy
LzEvdVhLOVNkVlJ0SzJsdld1MmxXR0tlVVVhMDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBsBAIAATBmAwQDHxho
AwQAHxxAAwQAHxxCAwQAHxxFAwQAHxxHAwQAHxxJAwQCHxxMMAwDBAAfHFcDBAUf
HEAwDAMEAF5+KQMEAF5+KjAMAwQCXn4sAwQAXn4uAwQCshJ4AwQBwcACAwQBwcGi
MBQEAgACMA4DBQAqAYAAAwUAKhBnQDANBgkqhkiG9w0BAQsFAAOCAQEAHGD49hXk
V0c17TYdWlGPqWevVmAFuHA2pjOGAup9vz6RlPFpmqvELC2iUwRFv3jTKG5dYwUi
asp2wl9jZJkOL9WxCpmjkuV1mVyU0GpKFc7E8GFH+kdA8KDd9eRrFH2NXHQdOHvz
wEW2IPmVsiNp3yxB/m02H3IfwE1zag6qikOwTypgc8I6K33YfrNQAaqQRYWNEdhV
qk7kZcpJytlTyqaP0aSKQUM7kBl7zkuXGnuvyWHTdbGedpijm0I0jcSCV0djD4df
QJh0EV3HCaZdJZ0JL9ixMBw997Ao+gqsh7NfslxUOZV6DBn3dFltouljExGxxcSG
9m9CBpmcpEvBGQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:44:02 2024 by rpki-client on console-ams.rpki-client.org