Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/3SghauLiCSVz-bVB5nfboDxDeRk.roa
File: 3SghauLiCSVz-bVB5nfboDxDeRk.roa (raw, json)
Hash identifier: 1KQA5Foo4FFJpnw2RZZ+hECfTAwdPesvwkAoyDnDQp4=
Subject key identifier: DD:28:21:6A:E2:E2:09:25:73:F9:B5:41:E6:77:DB:A0:3C:43:79:19
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018E522958965380222A041BD8A5A2EE8551
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/3SghauLiCSVz-bVB5nfboDxDeRk.roa
Signing time: Mon 18 Mar 2024 15:23:45 +0000
ROA not before: Mon 18 Mar 2024 15:23:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21341
IP address blocks: 62.220.96.0/21 maxlen: 24
62.220.104.0/21 maxlen: 24
62.220.120.0/22 maxlen: 22
62.220.124.0/23 maxlen: 23
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.48.0/22 maxlen: 24
81.12.58.0/24 maxlen: 24
81.12.59.0/24 maxlen: 24
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
87.107.40.0/24 maxlen: 24
87.107.41.0/24 maxlen: 24
87.107.42.0/23 maxlen: 23
87.107.50.0/23 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 24
87.107.88.0/22 maxlen: 22
87.107.96.0/22 maxlen: 24
87.107.106.0/23 maxlen: 24
87.107.108.0/22 maxlen: 24
87.107.112.0/22 maxlen: 24
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 22
87.107.168.0/22 maxlen: 24
87.107.173.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:29:58:96:53:80:22:2a:04:1b:d8:a5:a2:ee:85:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Mar 18 15:23:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd28216ae2e2092573f9b541e677dba03c437919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:55:0d:0f:50:75:bd:0e:a5:4e:ec:3a:5d:e1:
de:16:af:7f:c8:e3:17:3d:7e:d7:4a:aa:1b:49:9e:
81:9a:76:1c:04:ae:b0:7a:42:b4:ff:ea:bf:74:27:
df:84:63:5c:25:9f:28:6c:88:b5:46:e5:a8:ea:e4:
45:b3:62:e7:69:f5:cf:04:19:2c:a5:90:bb:0e:00:
93:1f:47:20:e3:55:70:2a:ec:28:ae:bf:83:e3:64:
08:47:da:5b:46:70:d7:e3:8d:44:22:0a:e5:c9:b9:
0b:97:a7:5d:97:5d:51:cc:06:b1:31:e7:29:76:0c:
ef:30:16:bc:c7:5d:2e:b2:db:7f:df:d3:da:8c:0d:
5f:aa:32:2f:77:23:e6:f1:0b:52:cc:0c:36:1e:af:
53:2b:df:08:f1:be:79:31:50:2b:1d:1e:46:c1:be:
d1:44:d9:c3:a7:57:e1:59:bd:38:96:8f:71:41:e8:
cf:e1:6d:e8:c1:4c:fc:8c:8c:7c:bd:43:ad:27:3c:
d2:20:e0:b4:56:9d:48:88:27:1c:d4:89:ba:f0:0b:
91:f8:15:1d:0d:28:0c:05:c5:2d:a8:c3:b5:ce:b6:
96:33:12:ae:21:9a:42:54:76:a7:45:6c:b4:cb:58:
66:ef:af:10:5a:31:b8:7a:c4:07:f8:ac:b3:9f:a8:
e2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:28:21:6A:E2:E2:09:25:73:F9:B5:41:E6:77:DB:A0:3C:43:79:19
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/3SghauLiCSVz-bVB5nfboDxDeRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0-62.220.125.255
81.12.8.0-81.12.23.255
81.12.48.0/22
81.12.58.0/23
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.106.0-87.107.117.255
87.107.120.0-87.107.135.255
87.107.168.0/22
87.107.173.0/24
185.60.136.0/22
Signature Algorithm: sha256WithRSAEncryption
39:c9:33:9e:95:d5:c3:a1:d2:8d:00:85:aa:ab:00:db:9a:1e:
97:b2:bb:9a:2a:ca:a1:3e:c3:7b:b1:04:7d:67:de:25:b2:2f:
ef:3d:38:3a:b5:35:34:0a:36:93:45:7a:27:9c:7a:27:10:31:
ee:84:ca:b4:c9:16:9d:c8:e1:89:72:78:4b:f4:73:b7:b8:51:
9e:53:4b:d4:00:8b:5d:44:78:33:b4:88:3d:fb:25:4a:13:77:
e4:17:1b:ec:f2:35:36:4a:ba:18:b8:d1:fb:82:6a:0e:22:b3:
30:14:56:c4:ea:4d:ef:87:75:32:99:8a:48:57:33:60:98:ed:
4e:3e:31:0e:68:65:77:f9:60:15:b9:a5:ba:65:4c:98:c1:11:
83:51:62:ff:0b:ef:9a:9c:87:8e:fa:14:ed:d1:06:7b:51:ba:
7a:40:bc:08:c8:bc:27:e5:b6:42:47:0a:8c:2b:24:32:e1:07:
df:e5:e0:ef:9f:87:ab:79:a1:00:b2:13:3a:74:f4:08:ee:7b:
b3:d1:b0:a9:07:0a:0e:56:16:cc:2f:e4:71:70:c0:31:67:b8:
08:b9:54:de:ad:99:a3:ec:5e:1a:24:a4:22:8d:ae:21:76:de:
7a:e8:5c:09:19:89:f4:80:b8:57:57:dc:6a:4e:f6:2f:0a:cf:
4e:ee:a2:16
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAY5SKViWU4AiKgQb2KWi7oVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMzE4MTUyMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDI4MjE2YWUyZTIwOTI1NzNmOWI1NDFlNjc3ZGJhMDNjNDM3OTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVUND1B1vQ6lTuw6XeHeFq9/yOMX
PX7XSqobSZ6BmnYcBK6wekK0/+q/dCffhGNcJZ8obIi1RuWo6uRFs2LnafXPBBks
pZC7DgCTH0cg41VwKuworr+D42QIR9pbRnDX441EIgrlybkLl6ddl11RzAaxMecp
dgzvMBa8x10ustt/39PajA1fqjIvdyPm8QtSzAw2Hq9TK98I8b55MVArHR5Gwb7R
RNnDp1fhWb04lo9xQejP4W3owUz8jIx8vUOtJzzSIOC0Vp1IiCcc1Im68AuR+BUd
DSgMBcUtqMO1zraWMxKuIZpCVHanRWy0y1hm768QWjG4esQH+Kyzn6jiXwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFN0oIWri4gklc/m1QeZ326A8Q3kZMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvM1NnaGF1TGlDU1Z6LWJWQjVuZmJvRHhEZVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQDUQwQAwQCUQwwAwQBUQw6AwQCV2sY
AwQBV2siAwQCV2soMAwDBAFXazIDBAFXazQDBAJXa0QDBAJXa1gDBAJXa2AwDAME
AVdragMEAVdrdDAMAwQDV2t4AwQDV2uAAwQCV2uoAwQAV2utAwQCuTyIMA0GCSqG
SIb3DQEBCwUAA4IBAQA5yTOeldXDodKNAIWqqwDbmh6XsruaKsqhPsN7sQR9Z94l
si/vPTg6tTU0CjaTRXonnHonEDHuhMq0yRadyOGJcnhL9HO3uFGeU0vUAItdRHgz
tIg9+yVKE3fkFxvs8jU2SroYuNH7gmoOIrMwFFbE6k3vh3UymYpIVzNgmO1OPjEO
aGV3+WAVuaW6ZUyYwRGDUWL/C++anIeO+hTt0QZ7Ubp6QLwIyLwn5bZCRwqMKyQy
4Qff5eDvn4ereaEAshM6dPQI7nuz0bCpBwoOVhbML+RxcMAxZ7gIuVTerZmj7F4a
JKQija4hdt566FwJGYn0gLhXV9xqTvYvCs9O7qIW
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:33:03 2024 by rpki-client on console-fra.rpki-client.org