Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iZtB6Q_uw4Ct509LGIzTRUEXIYU.roa
File: iZtB6Q_uw4Ct509LGIzTRUEXIYU.roa (raw, json)
Hash identifier: RbWgY+NGk0ujmLWyXQEVQu6VSToLskVn+M+33M3Ynq8=
Subject key identifier: 89:9B:41:E9:0F:EE:C3:80:AD:E7:4F:4B:18:8C:D3:45:41:17:21:85
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0190CBBFBD1F97B1051E846E56FE9C8228E6
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iZtB6Q_uw4Ct509LGIzTRUEXIYU.roa
Signing time: Fri 19 Jul 2024 16:07:38 +0000
ROA not before: Fri 19 Jul 2024 16:07:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18978
IP address blocks: 5.180.25.0/24 maxlen: 24
5.180.26.0/24 maxlen: 24
5.180.28.0/24 maxlen: 24
5.180.41.0/24 maxlen: 24
5.180.44.0/24 maxlen: 24
5.180.53.0/24 maxlen: 24
5.180.144.0/24 maxlen: 24
5.180.146.0/24 maxlen: 24
45.66.156.0/22 maxlen: 24
45.128.61.0/24 maxlen: 24
45.128.62.0/23 maxlen: 23
45.136.112.0/23 maxlen: 23
45.136.118.0/23 maxlen: 24
45.136.130.0/23 maxlen: 23
45.136.148.0/24 maxlen: 24
45.136.150.0/23 maxlen: 23
85.208.111.0/24 maxlen: 24
85.208.116.0/23 maxlen: 24
85.208.118.0/24 maxlen: 24
85.209.152.0/24 maxlen: 24
85.209.192.0/23 maxlen: 23
194.59.220.0/24 maxlen: 24
194.124.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cb:bf:bd:1f:97:b1:05:1e:84:6e:56:fe:9c:82:28:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jul 19 16:07:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=899b41e90feec380ade74f4b188cd34541172185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cc:44:e6:d8:de:b8:73:4e:ee:81:86:70:b3:
d9:a7:a4:41:bb:fc:36:da:81:8a:12:71:8a:65:dd:
bf:7d:ba:64:5e:aa:04:c7:67:54:94:8f:bb:6d:a1:
dd:c5:ca:77:1f:e7:4f:0e:38:04:16:da:5e:ea:91:
5d:d4:ab:a6:38:e5:74:00:a2:f7:11:92:03:01:24:
8e:b0:50:02:46:45:f8:8e:28:21:c1:bc:6c:d4:18:
75:f0:99:41:17:01:8f:9b:6a:44:3e:f4:bb:0e:29:
da:cf:04:19:cd:ed:4c:db:86:01:89:06:b2:51:da:
a7:46:9d:a2:38:72:77:c2:60:84:6d:58:2b:4d:a4:
34:d1:45:16:b3:51:ac:f8:55:72:7b:87:d4:70:33:
dc:53:92:bf:6a:c9:db:52:fa:fb:93:86:28:98:0e:
cf:4b:4b:7c:df:2f:c4:a2:a8:65:d3:ad:02:75:d0:
fc:72:d2:8d:4a:ca:de:5e:17:95:01:ce:1a:9d:c6:
ed:7b:e1:aa:a8:a1:48:46:75:3a:a9:8a:3b:c5:85:
33:ba:84:86:40:21:13:46:27:89:1f:51:ca:97:ce:
24:56:97:44:83:cc:b1:6e:7a:b4:02:66:c1:61:29:
64:e2:34:e2:fa:0f:34:c8:32:3b:25:6f:8c:5f:46:
2b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9B:41:E9:0F:EE:C3:80:AD:E7:4F:4B:18:8C:D3:45:41:17:21:85
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iZtB6Q_uw4Ct509LGIzTRUEXIYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.25.0-5.180.26.255
5.180.28.0/24
5.180.41.0/24
5.180.44.0/24
5.180.53.0/24
5.180.144.0/24
5.180.146.0/24
45.66.156.0/22
45.128.61.0-45.128.63.255
45.136.112.0/23
45.136.118.0/23
45.136.130.0/23
45.136.148.0/24
45.136.150.0/23
85.208.111.0/24
85.208.116.0-85.208.118.255
85.209.152.0/24
85.209.192.0/23
194.59.220.0/24
194.124.244.0/23
Signature Algorithm: sha256WithRSAEncryption
87:2a:43:25:ad:d1:c8:c4:26:4c:d8:9d:08:fb:72:9f:61:dc:
fa:46:76:03:44:82:af:5d:86:d4:e1:78:83:68:cf:81:be:0a:
ff:15:36:ae:ee:6a:75:a3:2e:49:4f:e7:82:74:fc:d0:4b:83:
ca:60:cb:f2:a6:c5:5c:f5:d5:94:18:c9:d8:81:a0:03:d1:ae:
30:b5:56:07:0c:f0:6d:66:3f:c3:7a:2a:d5:d4:b6:21:97:fc:
fc:15:24:68:61:23:cb:7e:57:3e:02:68:39:37:7f:87:fa:8f:
ac:8d:e0:23:80:bd:39:34:41:2e:50:2f:a2:b4:d8:46:c0:b3:
0c:be:19:a9:69:cd:f7:bb:26:d5:71:6f:7c:c6:e2:54:3f:db:
50:61:e7:d6:77:b2:88:39:76:d5:06:1c:e1:1d:fb:d0:92:48:
9a:d2:40:a7:27:a3:02:11:45:98:9c:c8:39:e7:05:1e:10:b8:
32:11:02:e5:08:d6:8c:74:6d:29:2b:03:d2:ea:f3:04:87:b1:
e5:f7:51:c8:b2:ff:48:43:5d:b0:80:ef:94:b4:5b:80:50:3a:
8b:ec:15:18:8d:aa:07:88:60:c0:ce:79:ca:e7:71:d2:ac:e9:
96:f7:32:6e:a4:2f:88:20:0a:2e:f0:65:39:a7:53:7e:ad:fb:
d0:7a:18:78
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZDLv70fl7EFHoRuVv6cgijmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwNzE5MTYwNzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTliNDFlOTBmZWVjMzgwYWRlNzRmNGIxODhjZDM0NTQxMTcyMTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8xE5tjeuHNO7oGGcLPZp6RBu/w2
2oGKEnGKZd2/fbpkXqoEx2dUlI+7baHdxcp3H+dPDjgEFtpe6pFd1KumOOV0AKL3
EZIDASSOsFACRkX4jighwbxs1Bh18JlBFwGPm2pEPvS7DinazwQZze1M24YBiQay
UdqnRp2iOHJ3wmCEbVgrTaQ00UUWs1Gs+FVye4fUcDPcU5K/asnbUvr7k4YomA7P
S0t83y/Eoqhl060CddD8ctKNSsreXheVAc4ancbte+GqqKFIRnU6qYo7xYUzuoSG
QCETRieJH1HKl84kVpdEg8yxbnq0AmbBYSlk4jTi+g80yDI7JW+MX0YrNQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFImbQekP7sOAredPSxiM00VBFyGFMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaVp0QjZRX3V3NEN0NTA5TEdJelRSVUVYSVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZAwDAME
AAW0GQMEAAW0GgMEAAW0HAMEAAW0KQMEAAW0LAMEAAW0NQMEAAW0kAMEAAW0kgME
Ai1CnDAMAwQALYA9AwQGLYAAAwQBLYhwAwQBLYh2AwQBLYiCAwQALYiUAwQBLYiW
AwQAVdBvMAwDBAJV0HQDBABV0HYDBABV0ZgDBAFV0cADBADCO9wDBAHCfPQwDQYJ
KoZIhvcNAQELBQADggEBAIcqQyWt0cjEJkzYnQj7cp9h3PpGdgNEgq9dhtTheINo
z4G+Cv8VNq7uanWjLklP54J0/NBLg8pgy/KmxVz11ZQYydiBoAPRrjC1VgcM8G1m
P8N6KtXUtiGX/PwVJGhhI8t+Vz4CaDk3f4f6j6yN4COAvTk0QS5QL6K02EbAswy+
Galpzfe7JtVxb3zG4lQ/21Bh59Z3sog5dtUGHOEd+9CSSJrSQKcnowIRRZicyDnn
BR4QuDIRAuUI1ox0bSkrA9Lq8wSHseX3Uciy/0hDXbCA75S0W4BQOovsFRiNqgeI
YMDOecrncdKs6Zb3Mm6kL4ggCi7wZTmnU36t+9B6GHg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:00:56 2024 by rpki-client on console-fra.rpki-client.org