Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Nq_K0V58b_RZHQFCMyEVVDSUuFM.roa
File: Nq_K0V58b_RZHQFCMyEVVDSUuFM.roa (raw, json)
Hash identifier: oUJ2gS1mYflwws+s0vM9A97LKvRD10X80EUvCfshvsk=
Subject key identifier: 36:AF:CA:D1:5E:7C:6F:F4:59:1D:01:42:33:21:15:54:34:94:B8:53
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 019198F732A01722D710D9BDFA8EB5558DB3
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Nq_K0V58b_RZHQFCMyEVVDSUuFM.roa
Signing time: Wed 28 Aug 2024 12:30:22 +0000
ROA not before: Wed 28 Aug 2024 12:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21341
IP address blocks: 62.220.96.0/21 maxlen: 24
62.220.104.0/21 maxlen: 24
62.220.120.0/22 maxlen: 22
62.220.124.0/23 maxlen: 23
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.48.0/22 maxlen: 24
81.12.58.0/24 maxlen: 24
81.12.59.0/24 maxlen: 24
87.107.0.0/21 maxlen: 24
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
87.107.40.0/24 maxlen: 24
87.107.41.0/24 maxlen: 24
87.107.42.0/23 maxlen: 23
87.107.50.0/23 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 24
87.107.88.0/22 maxlen: 22
87.107.96.0/22 maxlen: 24
87.107.106.0/23 maxlen: 24
87.107.112.0/22 maxlen: 24
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 23
87.107.132.0/23 maxlen: 24
87.107.168.0/22 maxlen: 24
87.107.173.0/24 maxlen: 24
87.107.232.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:f7:32:a0:17:22:d7:10:d9:bd:fa:8e:b5:55:8d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Aug 28 12:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=36afcad15e7c6ff4591d0142332115543494b853
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e3:06:c3:c7:61:38:29:05:9e:1c:de:2f:a5:
57:29:fe:45:68:63:ac:b3:d1:78:9d:c0:3b:b0:96:
36:83:d7:e0:e3:a7:de:65:ea:17:67:52:db:16:fb:
20:c0:24:1f:07:82:7a:2f:57:2f:b0:6b:8b:0a:b4:
8a:66:b3:b4:ab:d5:01:ab:7e:d4:59:85:bc:e2:d6:
0e:2c:ce:31:ab:6a:83:ce:a4:d7:85:bb:20:62:5c:
d7:40:bd:1e:dd:c3:46:cb:20:9d:8e:b8:db:d7:20:
04:6f:0c:94:77:aa:a8:58:d0:53:8a:65:29:e5:60:
2b:64:66:88:99:cb:ce:e3:a4:b1:64:5b:75:f2:b6:
34:9b:94:63:43:c3:52:7c:35:cb:a1:be:46:9b:e7:
39:0a:52:56:b6:1b:6c:4d:50:77:fa:3d:24:91:ad:
52:88:61:2b:9a:5d:41:96:6f:7e:e0:bb:7c:4f:2b:
cb:08:39:ab:01:33:9d:e4:19:b4:a0:92:76:c4:55:
77:2e:fd:9f:c8:51:13:39:0a:c0:23:c7:46:7b:50:
4a:3e:46:15:e1:40:81:d4:61:04:a0:b1:39:ae:99:
78:0f:2f:c5:cc:eb:6c:fe:e7:e8:21:f7:85:05:85:
f0:e5:71:ff:e3:87:04:2c:97:c5:0e:f8:81:08:d2:
ee:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:AF:CA:D1:5E:7C:6F:F4:59:1D:01:42:33:21:15:54:34:94:B8:53
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Nq_K0V58b_RZHQFCMyEVVDSUuFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0-62.220.125.255
81.12.8.0-81.12.23.255
81.12.48.0/22
81.12.58.0/23
87.107.0.0/21
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.106.0/23
87.107.112.0-87.107.117.255
87.107.120.0-87.107.135.255
87.107.168.0/22
87.107.173.0/24
87.107.232.0/24
185.60.136.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:fa:21:c4:81:8a:b4:53:92:6d:54:45:37:68:b5:eb:65:02:
da:ce:e7:d6:bd:87:34:f7:e9:bc:ee:f9:30:ea:f9:01:03:8b:
db:77:48:46:82:f0:cb:1c:2c:60:2b:d4:ca:04:d1:4f:f8:dd:
b6:a7:2c:ca:15:e4:21:a6:83:46:cc:53:ff:85:e4:7b:e2:a4:
eb:9e:1e:28:82:e7:83:ef:0d:15:28:ab:9c:4b:30:10:71:3b:
9b:eb:e0:35:9d:53:0b:fd:84:e9:80:b6:8b:3c:cd:52:c6:b1:
44:89:54:6a:c1:77:b5:3a:98:c4:56:12:bb:2d:d3:00:64:b1:
ca:8a:45:b5:1b:33:10:96:18:47:ea:2c:8e:62:21:5f:49:91:
07:66:c6:c3:01:5d:74:fc:16:d9:9b:4d:b5:13:eb:a9:03:d1:
a0:ef:01:41:23:96:a2:cb:e0:9b:2e:4f:96:27:44:1c:a9:f7:
52:70:6c:63:f0:46:0d:f5:45:44:2c:af:59:48:8b:6d:50:a9:
c3:a6:ef:4e:ed:14:e7:28:ed:c6:13:77:90:ca:26:a5:5d:52:
ff:26:4a:c7:fa:33:30:49:ba:f6:a1:8a:9f:47:96:d6:a8:cf:
5d:fb:6a:2e:c3:c4:66:02:1e:a4:f9:aa:59:c5:eb:f8:e4:a7:
a1:d2:08:5a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAZGY9zKgFyLXENm9+o61VY2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwODI4MTIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmFmY2FkMTVlN2M2ZmY0NTkxZDAxNDIzMzIxMTU1NDM0OTRiODUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuMGw8dhOCkFnhzeL6VXKf5FaGOs
s9F4ncA7sJY2g9fg46feZeoXZ1LbFvsgwCQfB4J6L1cvsGuLCrSKZrO0q9UBq37U
WYW84tYOLM4xq2qDzqTXhbsgYlzXQL0e3cNGyyCdjrjb1yAEbwyUd6qoWNBTimUp
5WArZGaImcvO46SxZFt18rY0m5RjQ8NSfDXLob5Gm+c5ClJWthtsTVB3+j0kka1S
iGErml1Blm9+4Lt8TyvLCDmrATOd5Bm0oJJ2xFV3Lv2fyFETOQrAI8dGe1BKPkYV
4UCB1GEEoLE5rpl4Dy/FzOts/ufoIfeFBYXw5XH/44cELJfFDviBCNLucQIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFDavytFefG/0WR0BQjMhFVQ0lLhTMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvTnFfSzBWNThiX1JaSFFGQ015RVZWRFNVdUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQDUQwQAwQCUQwwAwQBUQw6AwQDV2sA
AwQCV2sYAwQBV2siAwQCV2soMAwDBAFXazIDBAFXazQDBAJXa0QDBAJXa1gDBAJX
a2ADBAFXa2owDAMEBFdrcAMEAVdrdDAMAwQDV2t4AwQDV2uAAwQCV2uoAwQAV2ut
AwQAV2voAwQCuTyIMA0GCSqGSIb3DQEBCwUAA4IBAQB9+iHEgYq0U5JtVEU3aLXr
ZQLazufWvYc09+m87vkw6vkBA4vbd0hGgvDLHCxgK9TKBNFP+N22pyzKFeQhpoNG
zFP/heR74qTrnh4ogueD7w0VKKucSzAQcTub6+A1nVML/YTpgLaLPM1SxrFEiVRq
wXe1OpjEVhK7LdMAZLHKikW1GzMQlhhH6iyOYiFfSZEHZsbDAV10/BbZm021E+up
A9Gg7wFBI5aiy+CbLk+WJ0QcqfdScGxj8EYN9UVELK9ZSIttUKnDpu9O7RTnKO3G
E3eQyialXVL/JkrH+jMwSbr2oYqfR5bWqM9d+2ouw8RmAh6k+apZxev45Keh0gha
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:57:37 2024 by rpki-client on console-fra.rpki-client.org