Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/XyK8MGW8cMHMV5X5pKSsbb11Nus.roa
File: XyK8MGW8cMHMV5X5pKSsbb11Nus.roa (raw, json)
Hash identifier: BeG+Zp5GUfMrxwW+Do4R6Jifig9wgaoSOuHVQ5v9KTM=
Subject key identifier: 5F:22:BC:30:65:BC:70:C1:CC:57:95:F9:A4:A4:AC:6D:BD:75:36:EB
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 0192FBAAB4521818578639F9685E5D331BBB
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/XyK8MGW8cMHMV5X5pKSsbb11Nus.roa
Signing time: Tue 05 Nov 2024 09:32:01 +0000
ROA not before: Tue 05 Nov 2024 09:32:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44407
IP address blocks: 37.140.224.0/21 maxlen: 21
45.81.80.0/22 maxlen: 22
45.87.56.0/22 maxlen: 22
45.132.248.0/22 maxlen: 24
45.148.108.0/22 maxlen: 22
45.156.228.0/22 maxlen: 22
46.247.224.0/19 maxlen: 19
79.132.144.0/20 maxlen: 20
80.240.160.0/20 maxlen: 20
85.112.192.0/19 maxlen: 19
86.105.88.0/21 maxlen: 21
86.107.248.0/21 maxlen: 21
89.35.208.0/21 maxlen: 21
89.43.156.0/22 maxlen: 24
93.190.212.0/22 maxlen: 22
185.16.48.0/22 maxlen: 22
185.176.176.0/22 maxlen: 22
185.181.152.0/22 maxlen: 22
185.183.60.0/22 maxlen: 22
185.183.64.0/22 maxlen: 22
185.183.252.0/22 maxlen: 22
185.184.4.0/22 maxlen: 22
185.198.224.0/22 maxlen: 22
185.204.252.0/22 maxlen: 22
185.209.140.0/22 maxlen: 22
185.223.148.0/22 maxlen: 22
185.243.120.0/22 maxlen: 22
194.36.192.0/22 maxlen: 22
195.123.7.0/24 maxlen: 24
195.177.108.0/22 maxlen: 22
217.26.192.0/20 maxlen: 20
2001:4000::/32 maxlen: 32
2a0a:1c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fb:aa:b4:52:18:18:57:86:39:f9:68:5e:5d:33:1b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Nov 5 09:32:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f22bc3065bc70c1cc5795f9a4a4ac6dbd7536eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:79:81:5a:62:e7:e7:36:89:36:53:2e:2e:ee:
47:df:3e:ea:32:f4:e3:36:7b:52:30:6d:21:40:8e:
07:66:a6:3d:8d:24:ff:87:86:98:50:8b:cb:d7:7a:
be:21:cf:82:86:f7:40:3d:ab:7a:b4:63:a6:0f:ac:
0a:a8:24:81:a2:34:57:b6:8e:cd:e5:34:8f:88:4f:
4c:c9:9e:ea:22:c5:87:4d:e2:95:a0:42:96:26:d2:
dd:cb:29:b7:b7:9e:58:21:99:1b:91:d5:69:ac:2b:
76:fa:88:40:5c:49:fd:44:75:be:e3:74:34:be:65:
c9:1b:6d:51:a3:16:90:7e:b0:5d:1b:bb:79:ed:98:
b3:10:4f:11:03:53:c7:60:85:8d:2c:89:23:42:35:
0a:c6:b2:49:6b:90:65:f1:2b:a7:4a:11:7c:62:bf:
f3:8b:87:cd:f2:0a:49:d9:c7:06:d7:43:f6:8c:98:
ea:89:d0:a6:ef:7c:1d:ab:79:e2:2c:9a:ed:f5:12:
16:d7:25:85:d2:5a:b1:f3:c7:df:88:1b:cc:b3:f7:
3d:42:38:bd:af:7c:45:bf:d2:a1:15:35:d9:80:e6:
80:c9:c0:47:31:0f:b4:d9:ac:05:cf:41:4c:69:b4:
80:7a:80:20:49:04:8f:74:98:a3:5c:d5:82:a5:66:
22:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:22:BC:30:65:BC:70:C1:CC:57:95:F9:A4:A4:AC:6D:BD:75:36:EB
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/XyK8MGW8cMHMV5X5pKSsbb11Nus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.224.0/21
45.81.80.0/22
45.87.56.0/22
45.132.248.0/22
45.148.108.0/22
45.156.228.0/22
46.247.224.0/19
79.132.144.0/20
80.240.160.0/20
85.112.192.0/19
86.105.88.0/21
86.107.248.0/21
89.35.208.0/21
89.43.156.0/22
93.190.212.0/22
185.16.48.0/22
185.176.176.0/22
185.181.152.0/22
185.183.60.0-185.183.67.255
185.183.252.0/22
185.184.4.0/22
185.198.224.0/22
185.204.252.0/22
185.209.140.0/22
185.223.148.0/22
185.243.120.0/22
194.36.192.0/22
195.123.7.0/24
195.177.108.0/22
217.26.192.0/20
IPv6:
2001:4000::/32
2a0a:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
a1:45:58:6c:77:db:2c:55:f8:3e:07:b9:56:b6:52:9f:f2:bf:
45:7c:71:f2:7c:68:3d:0a:b4:62:ee:da:ba:bd:1c:c3:6e:7b:
b4:65:68:28:20:06:ec:a6:b4:17:eb:85:03:3d:ae:8a:a6:d6:
6b:4a:93:c4:b9:8f:5a:8f:2e:62:72:06:14:7c:ec:bf:f1:6a:
3f:43:95:c7:8b:f9:a5:1b:1f:79:d9:54:06:07:ec:95:86:59:
06:4f:4c:11:6e:e1:97:4d:2a:76:7f:9f:0f:3a:f5:95:dd:d7:
a2:9b:3b:8c:98:54:ca:54:37:ef:0e:93:ed:71:77:0a:95:a1:
fc:8c:9c:4b:0f:44:c6:98:96:24:43:82:e2:be:49:8d:5a:66:
fb:f3:02:e2:cb:b5:e1:03:f5:92:65:0f:6b:9c:c9:2d:83:c6:
f4:3f:ea:b5:db:f0:04:25:4e:44:75:64:7b:7a:45:c0:cd:56:
ec:a1:59:b4:60:6f:b2:f4:38:84:d0:8e:a1:9c:07:42:33:c1:
46:01:1b:71:bc:17:3a:06:2f:12:08:36:7a:76:7b:b9:78:13:
17:11:0f:54:84:cc:f9:b2:4e:2c:e4:0e:6c:70:b1:26:07:d4:
13:35:5c:04:ef:f4:e1:31:86:bd:83:88:52:02:af:2b:e6:44:
6d:30:6b:c1
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZL7qrRSGBhXhjn5aF5dMxu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjQxMTA1MDkzMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjIyYmMzMDY1YmM3MGMxY2M1Nzk1ZjlhNGE0YWM2ZGJkNzUzNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0nmBWmLn5zaJNlMuLu5H3z7qMvTj
NntSMG0hQI4HZqY9jST/h4aYUIvL13q+Ic+ChvdAPat6tGOmD6wKqCSBojRXto7N
5TSPiE9MyZ7qIsWHTeKVoEKWJtLdyym3t55YIZkbkdVprCt2+ohAXEn9RHW+43Q0
vmXJG21RoxaQfrBdG7t57ZizEE8RA1PHYIWNLIkjQjUKxrJJa5Bl8SunShF8Yr/z
i4fN8gpJ2ccG10P2jJjqidCm73wdq3niLJrt9RIW1yWF0lqx88ffiBvMs/c9Qji9
r3xFv9KhFTXZgOaAycBHMQ+02awFz0FMabSAeoAgSQSPdJijXNWCpWYiuQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFF8ivDBlvHDBzFeV+aSkrG29dTbrMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvWHlLOE1HVzhjTUhNVjVYNXBLU3NiYjExTnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCBwwQCAAEwgbwDBAMl
jOADBAItUVADBAItVzgDBAIthPgDBAItlGwDBAItnOQDBAUu9+ADBARPhJADBARQ
8KADBAVVcMADBANWaVgDBANWa/gDBANZI9ADBAJZK5wDBAJdvtQDBAK5EDADBAK5
sLADBAK5tZgwDAMEArm3PAMEArm3QAMEArm3/AMEArm4BAMEArnG4AMEArnM/AME
ArnRjAMEArnflAMEArnzeAMEAsIkwAMEAMN7BwMEAsOxbAMEBNkawDAUBAIAAjAO
AwUAIAFAAAMFAyoKHIAwDQYJKoZIhvcNAQELBQADggEBAKFFWGx32yxV+D4HuVa2
Up/yv0V8cfJ8aD0KtGLu2rq9HMNue7RlaCggBuymtBfrhQM9roqm1mtKk8S5j1qP
LmJyBhR87L/xaj9DlceL+aUbH3nZVAYH7JWGWQZPTBFu4ZdNKnZ/nw869ZXd16Kb
O4yYVMpUN+8Ok+1xdwqVofyMnEsPRMaYliRDguK+SY1aZvvzAuLLteED9ZJlD2uc
yS2DxvQ/6rXb8AQlTkR1ZHt6RcDNVuyhWbRgb7L0OITQjqGcB0IzwUYBG3G8FzoG
LxIINnp2e7l4ExcRD1SEzPmyTizkDmxwsSYH1BM1XATv9OExhr2DiFICryvmRG0w
a8E=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:21 2024 by rpki-client on console-ams.rpki-client.org