Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/XTbdC5czZcejYHGqtqRZUn2mU-w.roa
File: XTbdC5czZcejYHGqtqRZUn2mU-w.roa (raw, json)
Hash identifier: joo54/IsylRIYq35VEMAMWpDlK0UpDDA5f3OpETcfRw=
Subject key identifier: 5D:36:DD:0B:97:33:65:C7:A3:60:71:AA:B6:A4:59:52:7D:A6:53:EC
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018F0A91F4C3EDAB7E37C604FDC1D9561485
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/XTbdC5czZcejYHGqtqRZUn2mU-w.roa
Signing time: Tue 23 Apr 2024 10:48:08 +0000
ROA not before: Tue 23 Apr 2024 10:48:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21341
IP address blocks: 62.220.96.0/21 maxlen: 24
62.220.104.0/21 maxlen: 24
62.220.120.0/22 maxlen: 22
62.220.124.0/23 maxlen: 23
81.12.8.0/22 maxlen: 22
81.12.12.0/22 maxlen: 22
81.12.16.0/21 maxlen: 21
81.12.48.0/22 maxlen: 24
81.12.58.0/24 maxlen: 24
81.12.59.0/24 maxlen: 24
87.107.0.0/21 maxlen: 24
87.107.24.0/22 maxlen: 22
87.107.34.0/23 maxlen: 23
87.107.40.0/24 maxlen: 24
87.107.41.0/24 maxlen: 24
87.107.42.0/23 maxlen: 23
87.107.50.0/23 maxlen: 24
87.107.51.0/24 maxlen: 24
87.107.52.0/23 maxlen: 23
87.107.68.0/22 maxlen: 24
87.107.88.0/22 maxlen: 22
87.107.96.0/22 maxlen: 24
87.107.106.0/23 maxlen: 24
87.107.108.0/22 maxlen: 24
87.107.112.0/22 maxlen: 24
87.107.116.0/23 maxlen: 23
87.107.120.0/21 maxlen: 24
87.107.128.0/22 maxlen: 22
87.107.132.0/22 maxlen: 22
87.107.168.0/22 maxlen: 24
87.107.173.0/24 maxlen: 24
87.107.232.0/24 maxlen: 24
185.60.136.0/24 maxlen: 24
185.60.137.0/24 maxlen: 24
185.60.138.0/24 maxlen: 24
185.60.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:91:f4:c3:ed:ab:7e:37:c6:04:fd:c1:d9:56:14:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Apr 23 10:48:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d36dd0b973365c7a36071aab6a459527da653ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:83:f2:f9:aa:91:80:a6:9d:06:cb:ab:18:5a:
d0:f0:ff:e0:e9:e6:81:60:f7:a6:38:3f:50:fb:28:
f2:37:8f:46:2f:5c:01:c2:ef:f0:e5:2f:ad:54:fa:
64:04:f1:e9:eb:5f:2a:49:c8:7c:a6:a0:f0:54:f6:
17:b5:89:a9:ed:a8:f3:89:66:af:23:25:65:43:a0:
11:f0:00:a0:75:07:43:07:36:e9:d7:88:ab:a3:dd:
94:4b:31:22:0d:1f:86:cc:cf:ae:bf:83:38:cd:eb:
77:aa:74:78:2b:79:31:da:69:28:5e:d2:0d:3f:9f:
a8:33:2b:3c:f9:c5:5f:91:41:14:55:57:ea:9a:2f:
6e:d0:ed:ff:58:df:dd:e9:a1:f7:c3:33:27:5d:5e:
fc:7a:ed:d5:80:d4:65:f2:5a:e0:bc:e0:f7:a8:be:
48:3e:59:44:5d:a3:89:0b:d4:35:f6:d9:7b:de:e4:
2c:c1:30:6a:98:1f:18:eb:6d:36:03:90:c9:ec:d3:
0f:a4:55:bd:c8:21:ef:0d:83:02:15:dc:9d:88:be:
32:86:ec:e5:02:51:30:36:d5:ac:7b:47:08:ea:0d:
08:7e:c3:e5:a0:51:06:a0:e3:c0:5a:11:aa:80:cf:
09:5c:e5:ad:75:91:15:43:eb:80:1c:db:ea:e9:e1:
df:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:36:DD:0B:97:33:65:C7:A3:60:71:AA:B6:A4:59:52:7D:A6:53:EC
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/XTbdC5czZcejYHGqtqRZUn2mU-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.96.0/20
62.220.120.0-62.220.125.255
81.12.8.0-81.12.23.255
81.12.48.0/22
81.12.58.0/23
87.107.0.0/21
87.107.24.0/22
87.107.34.0/23
87.107.40.0/22
87.107.50.0-87.107.53.255
87.107.68.0/22
87.107.88.0/22
87.107.96.0/22
87.107.106.0-87.107.117.255
87.107.120.0-87.107.135.255
87.107.168.0/22
87.107.173.0/24
87.107.232.0/24
185.60.136.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:5e:25:5d:d6:4f:bc:b0:d7:d0:15:8b:e9:f2:5b:91:f5:3f:
00:12:27:eb:0a:8f:a1:27:4a:90:09:4a:4a:92:3a:54:5b:64:
ef:3f:79:c2:a3:7e:9e:be:90:b1:54:4d:32:53:ea:de:8a:9c:
c8:ca:42:28:3d:bf:9c:8f:90:d6:c6:c7:58:dc:36:54:66:b4:
b6:6b:93:eb:f4:82:2d:0c:8c:d2:8c:c5:e6:42:7a:d0:fe:91:
d0:05:14:41:c8:b9:80:31:84:22:c2:56:7a:81:f1:e3:89:30:
28:0b:84:f5:e3:d3:b5:50:6a:a8:36:34:dc:0d:ba:11:27:b4:
2e:66:3e:32:27:bc:d4:96:49:4c:33:32:cb:28:84:9b:e7:33:
ba:1f:01:26:e4:b9:6a:b1:4a:04:87:18:1c:17:1f:01:fa:ce:
ca:fd:8f:61:9a:d5:bb:f0:f9:a4:9e:79:7b:7e:4e:1f:38:2e:
7a:c1:41:ed:d4:a5:48:8c:24:b8:ef:83:79:c2:6f:f4:34:60:
30:72:ef:ad:9e:2c:8e:d4:b0:97:9d:69:b6:e3:60:e3:60:f1:
03:15:8e:1a:96:19:b3:e6:1c:f6:26:be:87:27:42:4c:1d:64:
5d:e9:d2:c6:f2:2b:93:1c:83:a2:11:6b:a7:dc:cb:58:66:2c:
41:f1:9d:be
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAY8KkfTD7at+N8YE/cHZVhSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwNDIzMTA0ODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDM2ZGQwYjk3MzM2NWM3YTM2MDcxYWFiNmE0NTk1MjdkYTY1M2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IPy+aqRgKadBsurGFrQ8P/g6eaB
YPemOD9Q+yjyN49GL1wBwu/w5S+tVPpkBPHp618qSch8pqDwVPYXtYmp7ajziWav
IyVlQ6AR8ACgdQdDBzbp14iro92USzEiDR+GzM+uv4M4zet3qnR4K3kx2mkoXtIN
P5+oMys8+cVfkUEUVVfqmi9u0O3/WN/d6aH3wzMnXV78eu3VgNRl8lrgvOD3qL5I
PllEXaOJC9Q19tl73uQswTBqmB8Y6202A5DJ7NMPpFW9yCHvDYMCFdydiL4yhuzl
AlEwNtWse0cI6g0IfsPloFEGoOPAWhGqgM8JXOWtdZEVQ+uAHNvq6eHfHwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFF023QuXM2XHo2BxqrakWVJ9plPsMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvWFRiZEM1Y3paY2VqWUhHcXRxUlpVbjJtVS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBAQ+
3GAwDAMEAz7ceAMEAT7cfDAMAwQDUQwIAwQDUQwQAwQCUQwwAwQBUQw6AwQDV2sA
AwQCV2sYAwQBV2siAwQCV2soMAwDBAFXazIDBAFXazQDBAJXa0QDBAJXa1gDBAJX
a2AwDAMEAVdragMEAVdrdDAMAwQDV2t4AwQDV2uAAwQCV2uoAwQAV2utAwQAV2vo
AwQCuTyIMA0GCSqGSIb3DQEBCwUAA4IBAQB7XiVd1k+8sNfQFYvp8luR9T8AEifr
Co+hJ0qQCUpKkjpUW2TvP3nCo36evpCxVE0yU+reipzIykIoPb+cj5DWxsdY3DZU
ZrS2a5Pr9IItDIzSjMXmQnrQ/pHQBRRByLmAMYQiwlZ6gfHjiTAoC4T149O1UGqo
NjTcDboRJ7QuZj4yJ7zUlklMMzLLKISb5zO6HwEm5LlqsUoEhxgcFx8B+s7K/Y9h
mtW78Pmknnl7fk4fOC56wUHt1KVIjCS474N5wm/0NGAwcu+tniyO1LCXnWm242Dj
YPEDFY4alhmz5hz2Jr6HJ0JMHWRd6dLG8iuTHIOiEWun3MtYZixB8Z2+
-----END CERTIFICATE-----
Generated at Fri May 17 07:10:15 2024 by rpki-client on console-fra.rpki-client.org