Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/427a0uWYI64ABL3qoX2JnLY9XSs.roa
File: 427a0uWYI64ABL3qoX2JnLY9XSs.roa (raw, json)
Hash identifier: tfWLrwknvwpa6KuUYS58/0mxIx5m8ybJPgxBqGUiKg8=
Subject key identifier: E3:6E:DA:D2:E5:98:23:AE:00:04:BD:EA:A1:7D:89:9C:B6:3D:5D:2B
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 018DAC04878BA5385E58C62254D300EFD2B5
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/427a0uWYI64ABL3qoX2JnLY9XSs.roa
Signing time: Thu 15 Feb 2024 09:06:34 +0000
ROA not before: Thu 15 Feb 2024 09:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20880
IP address blocks: 5.28.64.0/18 maxlen: 18
5.28.64.0/19 maxlen: 19
5.28.96.0/19 maxlen: 19
37.120.0.0/17 maxlen: 17
37.120.0.0/18 maxlen: 18
37.120.64.0/18 maxlen: 18
62.117.0.0/19 maxlen: 20
62.117.0.0/20 maxlen: 24
62.117.0.128/26 maxlen: 26
62.117.0.192/28 maxlen: 28
62.117.16.0/20 maxlen: 20
82.119.0.0/19 maxlen: 19
82.119.0.0/20 maxlen: 20
82.119.16.0/20 maxlen: 20
86.56.0.0/17 maxlen: 17
86.56.0.0/18 maxlen: 18
86.56.64.0/18 maxlen: 18
89.16.128.0/19 maxlen: 19
89.16.128.0/20 maxlen: 20
89.16.144.0/20 maxlen: 20
94.139.0.0/19 maxlen: 19
94.139.0.0/20 maxlen: 20
94.139.16.0/20 maxlen: 20
158.181.64.0/19 maxlen: 19
158.181.64.0/20 maxlen: 20
158.181.68.0/22 maxlen: 22
158.181.72.0/22 maxlen: 22
158.181.76.0/22 maxlen: 22
158.181.80.0/20 maxlen: 20
158.181.80.0/22 maxlen: 22
185.9.224.0/22 maxlen: 22
2a02:2450::/29 maxlen: 29
2a02:2450::/32 maxlen: 32
2a02:2454::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 30 Nov 2024 01:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:04:87:8b:a5:38:5e:58:c6:22:54:d3:00:ef:d2:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Feb 15 09:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e36edad2e59823ae0004bdeaa17d899cb63d5d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:bc:99:d1:07:64:d2:e0:25:34:3c:71:e4:85:
47:f5:d3:57:78:5b:f7:8b:f3:7b:76:ec:af:77:cb:
41:9f:69:2f:63:f9:12:d2:b4:88:69:fd:db:4e:62:
25:83:65:56:45:53:b3:fe:f9:70:ca:1d:4d:3e:01:
3a:c5:06:e9:03:b9:5f:98:ac:ab:49:b7:45:85:8e:
70:8d:d7:87:7c:df:c2:b0:11:d2:92:d0:ce:4f:34:
1b:28:7f:1f:49:07:4e:49:d5:c2:bb:51:d8:2c:25:
46:07:28:5c:a4:a6:9a:f9:8a:89:ae:71:fb:43:f9:
75:40:47:ea:42:be:8e:92:87:6b:dd:08:4f:a0:2b:
72:c3:04:2e:64:cf:c0:60:05:74:c1:04:7b:bf:40:
5c:96:7a:f3:80:c9:54:48:04:4d:37:7a:86:fa:15:
60:9c:d7:21:cf:8d:0f:f3:f2:f1:66:01:22:b1:95:
91:02:83:9c:5e:e8:5c:e4:db:b9:12:8f:7f:32:7d:
ce:63:77:78:8f:e2:5d:1e:16:9a:25:17:1f:88:e5:
b6:65:d2:34:06:6c:bd:a5:51:28:53:d7:08:55:6c:
44:0a:8a:a3:43:57:1b:d6:91:f8:53:62:3c:5a:86:
61:3a:ba:48:e8:fb:63:f1:ed:da:0b:ce:37:e0:73:
50:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6E:DA:D2:E5:98:23:AE:00:04:BD:EA:A1:7D:89:9C:B6:3D:5D:2B
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/427a0uWYI64ABL3qoX2JnLY9XSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
62.117.0.0/19
82.119.0.0/19
86.56.0.0/17
89.16.128.0/19
94.139.0.0/19
158.181.64.0/19
185.9.224.0/22
IPv6:
2a02:2450::/29
Signature Algorithm: sha256WithRSAEncryption
9d:b1:83:c6:14:94:19:30:19:69:10:95:6b:39:1d:94:53:4e:
02:c0:8e:4f:46:e8:0b:dc:6e:43:93:e6:dd:a0:ea:e5:a5:12:
b3:e4:b8:1c:f4:b9:6b:61:1b:7c:a6:c4:73:54:5e:2e:0d:51:
60:21:01:1a:77:4f:84:c5:a4:75:9b:0c:85:ae:d5:89:10:ed:
55:2b:38:c0:33:c1:99:25:c5:a0:11:1c:a2:57:f9:0c:4a:98:
3c:b4:47:f4:0c:48:36:40:4d:7a:26:e6:14:71:1b:d2:c7:72:
ee:7c:9f:2c:ea:86:d9:3f:12:85:fd:da:9e:a9:e0:b5:cf:af:
f5:f0:04:88:73:0b:53:58:c0:4f:f8:49:14:71:8b:7c:f0:1d:
c2:22:74:7b:b4:87:15:94:cf:31:42:aa:96:2f:40:5d:0e:cb:
16:df:8e:8b:39:05:ca:c5:e9:d2:6a:bc:8d:07:75:be:6c:b2:
12:cd:67:6e:1f:91:f1:94:19:86:a2:1c:92:44:a0:f0:c0:e6:
24:fe:8f:3e:e5:88:b1:2e:65:e9:4e:ec:3d:57:09:09:20:08:
1f:55:6c:75:a1:ef:b4:48:bc:f2:d3:72:1c:0d:b4:59:e3:85:
09:49:72:f0:e7:9e:04:d2:e9:2b:f4:33:04:b1:5b:3a:11:cb:
0d:a5:30:ef
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY2sBIeLpTheWMYiVNMA79K1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjQwMjE1MDkwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzZlZGFkMmU1OTgyM2FlMDAwNGJkZWFhMTdkODk5Y2I2M2Q1ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17yZ0Qdk0uAlNDxx5IVH9dNXeFv3
i/N7duyvd8tBn2kvY/kS0rSIaf3bTmIlg2VWRVOz/vlwyh1NPgE6xQbpA7lfmKyr
SbdFhY5wjdeHfN/CsBHSktDOTzQbKH8fSQdOSdXCu1HYLCVGByhcpKaa+YqJrnH7
Q/l1QEfqQr6Okodr3QhPoCtywwQuZM/AYAV0wQR7v0BclnrzgMlUSARNN3qG+hVg
nNchz40P8/LxZgEisZWRAoOcXuhc5Nu5Eo9/Mn3OY3d4j+JdHhaaJRcfiOW2ZdI0
Bmy9pVEoU9cIVWxECoqjQ1cb1pH4U2I8WoZhOrpI6Ptj8e3aC8434HNQhQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFONu2tLlmCOuAAS96qF9iZy2PV0rMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvNDI3YTB1V1lJNjRBQkwzcW9YMkpuTFk5WFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQGBRxAAwQH
JXgAAwQFPnUAAwQFUncAAwQHVjgAAwQFWRCAAwQFXosAAwQFnrVAAwQCuQngMA0E
AgACMAcDBQMqAiRQMA0GCSqGSIb3DQEBCwUAA4IBAQCdsYPGFJQZMBlpEJVrOR2U
U04CwI5PRugL3G5Dk+bdoOrlpRKz5Lgc9LlrYRt8psRzVF4uDVFgIQEad0+ExaR1
mwyFrtWJEO1VKzjAM8GZJcWgERyiV/kMSpg8tEf0DEg2QE16JuYUcRvSx3LufJ8s
6obZPxKF/dqeqeC1z6/18ASIcwtTWMBP+EkUcYt88B3CInR7tIcVlM8xQqqWL0Bd
DssW346LOQXKxenSaryNB3W+bLISzWduH5HxlBmGohySRKDwwOYk/o8+5YixLmXp
Tuw9VwkJIAgfVWx1oe+0SLzy03IcDbRZ44UJSXLw554E0ukr9DMEsVs6EcsNpTDv
-----END CERTIFICATE-----
Generated at Fri Nov 29 07:35:22 2024 by rpki-client on console-ams.rpki-client.org