Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/uzQqirHgInc5wLO-uQxBlqyjQ3I.roa
File: uzQqirHgInc5wLO-uQxBlqyjQ3I.roa (raw, json)
Hash identifier: zS5Gt0Z1XqHi7h7cZO4ZALbFikodH9MR7sKg+TtVa98=
Subject key identifier: BB:34:2A:8A:B1:E0:22:77:39:C0:B3:BE:B9:0C:41:96:AC:A3:43:72
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018DA21F13576C9F0E91EE2DA9C057C974A1
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/uzQqirHgInc5wLO-uQxBlqyjQ3I.roa
Signing time: Tue 13 Feb 2024 10:59:21 +0000
ROA not before: Tue 13 Feb 2024 10:59:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42337
IP address blocks: 62.220.112.0/21 maxlen: 21
62.220.113.0/24 maxlen: 24
62.220.116.0/24 maxlen: 24
62.220.118.0/23 maxlen: 24
81.12.0.0/21 maxlen: 24
81.12.32.0/21 maxlen: 24
81.12.40.0/21 maxlen: 24
81.12.54.0/23 maxlen: 24
81.12.56.0/23 maxlen: 23
81.12.60.0/22 maxlen: 24
81.12.64.0/18 maxlen: 24
87.107.16.0/21 maxlen: 24
87.107.28.0/22 maxlen: 24
87.107.32.0/23 maxlen: 23
87.107.36.0/22 maxlen: 24
87.107.44.0/22 maxlen: 24
87.107.48.0/23 maxlen: 23
87.107.56.0/21 maxlen: 24
87.107.64.0/22 maxlen: 24
87.107.72.0/21 maxlen: 24
87.107.80.0/21 maxlen: 24
87.107.92.0/22 maxlen: 24
87.107.100.0/22 maxlen: 22
87.107.136.0/21 maxlen: 24
87.107.148.0/22 maxlen: 24
87.107.156.0/22 maxlen: 24
87.107.176.0/21 maxlen: 24
87.107.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 19:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a2:1f:13:57:6c:9f:0e:91:ee:2d:a9:c0:57:c9:74:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Feb 13 10:59:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb342a8ab1e0227739c0b3beb90c4196aca34372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1a:84:d1:64:59:fb:72:1a:0d:fa:87:9d:0d:
ad:f4:35:21:fb:f0:50:f1:8c:c9:a1:c5:a8:16:b5:
60:a0:99:a2:6e:0d:e4:a3:bd:37:50:7a:a8:1d:7e:
77:7b:c8:ef:c9:4c:2f:36:a0:22:9f:49:af:b2:5a:
d8:6c:c1:46:d1:23:44:63:f0:6e:7e:78:ed:d0:f5:
d9:2b:46:c4:ee:ec:29:97:7b:7b:f2:1b:78:df:f6:
0a:2b:c5:31:b5:0d:c8:df:94:70:fe:35:1b:39:fc:
76:ea:51:99:20:46:0b:5c:64:f9:65:65:7c:4a:63:
34:81:ea:4f:6f:da:33:db:b4:f0:38:c0:96:11:69:
f4:34:ed:04:57:23:fe:b1:e5:2e:a9:68:41:62:ae:
11:c6:cc:a1:c7:4b:0d:57:0e:a8:ad:89:52:d5:d5:
70:91:01:8f:91:82:60:4b:bf:e7:9d:c9:e3:19:f1:
98:bb:7f:e5:10:c5:2c:da:0b:cd:24:13:78:bf:43:
f4:73:96:32:3c:75:79:0d:39:e4:88:9a:a9:dc:7a:
41:d6:df:22:de:ab:f0:94:4d:14:e8:f9:bd:70:66:
6a:4e:0a:2e:95:85:f4:66:35:8a:6a:16:92:dd:03:
2c:37:27:61:ba:d0:94:1a:11:44:ca:ae:0a:1f:14:
93:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:34:2A:8A:B1:E0:22:77:39:C0:B3:BE:B9:0C:41:96:AC:A3:43:72
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/uzQqirHgInc5wLO-uQxBlqyjQ3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.112.0/21
81.12.0.0/21
81.12.32.0/20
81.12.54.0-81.12.57.255
81.12.60.0-81.12.127.255
87.107.16.0/21
87.107.28.0-87.107.33.255
87.107.36.0/22
87.107.44.0-87.107.49.255
87.107.56.0-87.107.67.255
87.107.72.0-87.107.87.255
87.107.92.0/22
87.107.100.0/22
87.107.136.0/21
87.107.148.0/22
87.107.156.0/22
87.107.176.0-87.107.187.255
Signature Algorithm: sha256WithRSAEncryption
39:e2:4d:20:20:5f:7f:91:4c:ab:54:65:de:e4:aa:87:7d:c7:
52:ba:dd:dd:11:c2:a2:ff:9f:25:d6:d9:4c:cb:a7:4e:1d:de:
a5:5b:13:78:1a:4c:22:72:c2:f4:5c:51:93:4f:fb:14:79:f8:
8a:75:fe:23:a6:fb:73:1f:60:a4:86:59:e9:e7:6a:60:a9:cf:
9c:97:47:ed:6a:29:3c:76:07:5d:7b:14:da:b9:a0:51:8b:fc:
bc:18:17:44:28:7a:f7:bd:8b:bc:b5:3f:c3:03:5c:dc:5a:28:
2f:37:1d:75:c2:ee:a5:97:4c:94:47:88:99:85:e8:6b:b7:43:
70:2b:36:99:d7:29:d3:be:31:72:b2:24:5e:2d:ce:15:10:56:
d2:9f:47:e4:bf:5f:9b:ad:bf:8c:05:af:7d:d5:7d:a3:b3:59:
af:42:17:07:0c:e1:4d:02:eb:c3:72:f3:c9:17:fb:c8:ea:83:
1e:48:94:28:49:69:8e:18:01:a4:c8:db:94:71:1e:21:be:d4:
04:83:24:36:2d:eb:4b:e8:9a:27:e6:2d:57:6b:25:f1:b3:18:
7d:4d:f4:f1:5b:bc:3b:2b:ed:ea:4f:a3:b8:4d:b2:59:0d:82:
ea:bb:b7:25:70:07:ac:73:00:e4:4e:69:9f:df:1e:ae:b6:b3:
9d:e3:a7:df
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAY2iHxNXbJ8Oke4tqcBXyXShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMjEzMTA1OTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjM0MmE4YWIxZTAyMjc3MzljMGIzYmViOTBjNDE5NmFjYTM0MzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRqE0WRZ+3IaDfqHnQ2t9DUh+/BQ
8YzJocWoFrVgoJmibg3ko703UHqoHX53e8jvyUwvNqAin0mvslrYbMFG0SNEY/Bu
fnjt0PXZK0bE7uwpl3t78ht43/YKK8UxtQ3I35Rw/jUbOfx26lGZIEYLXGT5ZWV8
SmM0gepPb9oz27TwOMCWEWn0NO0EVyP+seUuqWhBYq4Rxsyhx0sNVw6orYlS1dVw
kQGPkYJgS7/nncnjGfGYu3/lEMUs2gvNJBN4v0P0c5YyPHV5DTnkiJqp3HpB1t8i
3qvwlE0U6Pm9cGZqTgoulYX0ZjWKahaS3QMsNydhutCUGhFEyq4KHxSTEwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFLs0Koqx4CJ3OcCzvrkMQZaso0NyMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvdXpRcWlySGdJbmM1d0xPLXVReEJscXlqUTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAM+
3HADBANRDAADBARRDCAwDAMEAVEMNgMEAVEMODAMAwQCUQw8AwQHUQwAAwQDV2sQ
MAwDBAJXaxwDBAFXayADBAJXayQwDAMEAldrLAMEAVdrMDAMAwQDV2s4AwQCV2tA
MAwDBANXa0gDBANXa1ADBAJXa1wDBAJXa2QDBANXa4gDBAJXa5QDBAJXa5wwDAME
BFdrsAMEAldruDANBgkqhkiG9w0BAQsFAAOCAQEAOeJNICBff5FMq1Rl3uSqh33H
Urrd3RHCov+fJdbZTMunTh3epVsTeBpMInLC9FxRk0/7FHn4inX+I6b7cx9gpIZZ
6edqYKnPnJdH7WopPHYHXXsU2rmgUYv8vBgXRCh6972LvLU/wwNc3FooLzcddcLu
pZdMlEeImYXoa7dDcCs2mdcp074xcrIkXi3OFRBW0p9H5L9fm62/jAWvfdV9o7NZ
r0IXBwzhTQLrw3LzyRf7yOqDHkiUKElpjhgBpMjblHEeIb7UBIMkNi3rS+iaJ+Yt
V2sl8bMYfU308Vu8Oyvt6k+juE2yWQ2C6ru3JXAHrHMA5E5pn98errazneOn3w==
-----END CERTIFICATE-----
Generated at Fri May 17 02:20:24 2024 by rpki-client on console-ams.rpki-client.org