Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/CvuWhByZzel6kqP5_WOffWAtOnU.roa
File: CvuWhByZzel6kqP5_WOffWAtOnU.roa (raw, json)
Hash identifier: LF2loxs1V5XaIP9iMCUjbEKKnsI70HCk95S/k9Ab8l8=
Subject key identifier: 0A:FB:96:84:1C:99:CD:E9:7A:92:A3:F9:FD:63:9F:7D:60:2D:3A:75
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018F389B5BBE1AD591B9A5007C21E1051CAC
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/CvuWhByZzel6kqP5_WOffWAtOnU.roa
Signing time: Thu 02 May 2024 09:20:56 +0000
ROA not before: Thu 02 May 2024 09:20:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8849
IP address blocks: 5.44.249.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
89.36.162.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
103.97.91.0/24 maxlen: 24
103.111.112.0/22 maxlen: 22
103.253.36.0/24 maxlen: 24
146.19.196.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
185.224.249.0/24 maxlen: 24
185.230.245.0/24 maxlen: 24
193.35.224.0/24 maxlen: 24
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
2a06:f902:4000::/36 maxlen: 36
2a06:f902:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:9b:5b:be:1a:d5:91:b9:a5:00:7c:21:e1:05:1c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: May 2 09:20:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0afb96841c99cde97a92a3f9fd639f7d602d3a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:0f:3a:7b:49:e9:66:74:bc:9f:12:a0:06:51:
5e:d9:c3:27:c3:ff:39:10:4a:2c:fe:ed:28:ae:d2:
2f:ee:b3:12:0d:31:bd:8e:4a:35:fb:ef:c4:b8:87:
28:de:5c:12:8a:ca:be:c5:13:7e:3d:6b:9a:94:51:
68:5d:b3:2f:4d:a1:6b:ca:06:78:5e:f6:3e:42:e0:
02:bb:39:5a:f9:93:12:64:ff:05:14:00:7e:67:76:
57:34:74:c2:63:0f:4e:9c:d5:d1:57:2e:61:78:e9:
14:a1:3a:a7:ee:fa:c7:12:3d:08:a0:d5:41:ec:0b:
8b:d9:af:ca:66:0e:da:c3:7a:e8:0b:21:e8:88:d5:
60:c5:86:82:29:c8:46:94:59:d0:a5:1d:4f:a6:7b:
93:0f:64:fc:9a:55:d0:37:cf:e0:26:9c:c1:56:16:
77:7e:bc:60:9a:ea:a8:3e:c9:5c:2b:41:c7:7e:b0:
44:c2:ff:bf:5e:25:bb:14:0e:a8:ae:ee:05:1f:75:
2c:dd:52:55:e7:d1:82:8c:14:15:3b:75:42:37:49:
f4:3c:5b:01:40:dd:38:61:cf:3c:3d:61:1b:c8:f4:
e9:16:c9:90:dd:bf:cb:10:b2:66:6c:0a:ce:33:27:
40:63:ee:5d:a6:11:4d:28:52:dc:57:13:be:7c:5a:
33:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:FB:96:84:1C:99:CD:E9:7A:92:A3:F9:FD:63:9F:7D:60:2D:3A:75
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/CvuWhByZzel6kqP5_WOffWAtOnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.174.68.0/22
103.97.91.0/24
103.111.112.0/22
103.253.36.0/24
146.19.196.0/24
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.224.249.0/24
185.230.245.0/24
193.35.224.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
2a06:f902:8000::/36
Signature Algorithm: sha256WithRSAEncryption
a3:56:6a:27:a6:f5:4d:9f:63:bb:0d:b7:6b:24:05:b1:c0:0c:
59:6c:13:eb:d0:fe:c1:6a:2b:2f:f9:8b:9d:91:cd:59:72:c6:
5b:dd:21:ef:f1:31:46:17:99:98:e3:6c:22:d1:48:45:71:03:
fa:31:25:98:0f:7c:91:2b:68:da:18:fc:82:a1:df:b3:1d:bd:
a7:d9:cb:03:5b:fe:64:06:d2:d9:3e:90:03:d0:1b:40:dc:ed:
a0:aa:09:d1:b2:35:43:e2:5e:32:76:35:f9:69:cb:7a:17:27:
22:19:58:16:a3:77:72:8d:e9:99:13:ab:29:07:9f:71:a5:b3:
fb:43:20:be:f4:06:9a:56:e3:ec:3f:8d:6e:47:2b:cb:ce:ea:
c7:ec:4e:4c:1b:2a:91:bc:7c:0f:39:a3:61:a2:7d:cb:7a:d7:
37:d1:49:ad:fe:9f:4b:47:2f:8e:5f:d6:02:da:6e:01:15:e8:
61:89:7f:ac:f7:e9:fe:17:2d:49:e3:7a:8e:f8:65:45:af:9f:
b2:eb:97:8b:5c:62:4c:8f:58:0f:28:90:34:6e:65:8a:0f:1d:
26:47:a8:f2:c7:f7:34:5d:22:63:b1:5e:57:ec:be:6b:e9:c9:
85:d5:16:17:e7:5b:23:1f:5f:97:bb:a8:68:62:74:5d:99:2e:
6d:0b:e7:bf
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAY84m1u+GtWRuaUAfCHhBRysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjQwNTAyMDkyMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWZiOTY4NDFjOTljZGU5N2E5MmEzZjlmZDYzOWY3ZDYwMmQzYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7w86e0npZnS8nxKgBlFe2cMnw/85
EEos/u0ortIv7rMSDTG9jko1++/EuIco3lwSisq+xRN+PWualFFoXbMvTaFrygZ4
XvY+QuACuzla+ZMSZP8FFAB+Z3ZXNHTCYw9OnNXRVy5heOkUoTqn7vrHEj0IoNVB
7AuL2a/KZg7aw3roCyHoiNVgxYaCKchGlFnQpR1PpnuTD2T8mlXQN8/gJpzBVhZ3
frxgmuqoPslcK0HHfrBEwv+/XiW7FA6oru4FH3Us3VJV59GCjBQVO3VCN0n0PFsB
QN04Yc88PWEbyPTpFsmQ3b/LELJmbArOMydAY+5dphFNKFLcVxO+fFoz8QIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFAr7loQcmc3pepKj+f1jn31gLTp1MB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvQ3Z1V2hCeVp6ZWw2a3FQNV9XT2ZmV0F0T25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjB4BAIAATByAwQABSz5
AwQAH97iAwQAPnq7AwQBWNIkAwQBWSSiAwQAWSjiAwQAW8BRAwQCX65EAwQAZ2Fb
AwQCZ29wAwQAZ/0kAwQAkhPEAwQAnv9MAwQAsGHAAwQBuYzSAwQAuZM1AwQAueD5
AwQAueb1AwQAwSPgMC4EAgACMCgDBgQqBvkBQAMGBCoG+QGAAwYEKgb5AcADBgQq
BvkCQAMGBCoG+QKAMA0GCSqGSIb3DQEBCwUAA4IBAQCjVmonpvVNn2O7DbdrJAWx
wAxZbBPr0P7Baisv+Yudkc1ZcsZb3SHv8TFGF5mY42wi0UhFcQP6MSWYD3yRK2ja
GPyCod+zHb2n2csDW/5kBtLZPpAD0BtA3O2gqgnRsjVD4l4ydjX5act6FyciGVgW
o3dyjemZE6spB59xpbP7QyC+9AaaVuPsP41uRyvLzurH7E5MGyqRvHwPOaNhon3L
etc30Umt/p9LRy+OX9YC2m4BFehhiX+s9+n+Fy1J43qO+GVFr5+y65eLXGJMj1gP
KJA0bmWKDx0mR6jyx/c0XSJjsV5X7L5r6cmF1RYX51sjH1+Xu6hoYnRdmS5tC+e/
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:41:18 2024 by rpki-client on console-ams.rpki-client.org