Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/xsBpuuYnzOLz3dQfGWdkgbyI1ds.roa
File: xsBpuuYnzOLz3dQfGWdkgbyI1ds.roa (raw, json)
Hash identifier: SkX0hxlAKlLLmfoLBW8nm8q5PSbxhGDqkx9PTiKF8IA=
Subject key identifier: C6:C0:69:BA:E6:27:CC:E2:F3:DD:D4:1F:19:67:64:81:BC:88:D5:DB
Certificate issuer: /CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Certificate serial: 0190BA7A9664681DD2227F97D550533C138F
Authority key identifier: 21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/xsBpuuYnzOLz3dQfGWdkgbyI1ds.roa
Signing time: Tue 16 Jul 2024 07:38:34 +0000
ROA not before: Tue 16 Jul 2024 07:38:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9063
IP address blocks: 31.220.32.0/22 maxlen: 22
37.230.0.0/19 maxlen: 19
91.184.160.0/19 maxlen: 19
93.186.0.0/20 maxlen: 20
109.75.80.0/20 maxlen: 20
176.126.64.0/23 maxlen: 23
176.126.68.0/23 maxlen: 23
176.126.71.0/24 maxlen: 24
176.126.72.0/23 maxlen: 23
176.126.75.0/24 maxlen: 24
176.126.76.0/24 maxlen: 24
176.126.79.0/24 maxlen: 24
176.126.80.0/23 maxlen: 23
176.126.82.0/24 maxlen: 24
185.35.109.0/24 maxlen: 24
185.35.110.0/23 maxlen: 23
185.161.200.0/23 maxlen: 23
185.166.189.0/24 maxlen: 24
185.166.190.0/23 maxlen: 23
185.168.8.0/24 maxlen: 24
185.168.11.0/24 maxlen: 24
185.186.144.0/23 maxlen: 23
185.194.151.0/24 maxlen: 24
185.203.123.0/24 maxlen: 24
185.222.139.0/24 maxlen: 24
185.231.252.0/22 maxlen: 22
194.35.184.0/23 maxlen: 23
194.35.188.0/23 maxlen: 23
212.82.48.0/20 maxlen: 20
212.88.128.0/19 maxlen: 19
217.24.224.0/20 maxlen: 20
2a02:5a0::/29 maxlen: 29
2a02:5a0::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ba:7a:96:64:68:1d:d2:22:7f:97:d5:50:53:3c:13:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Validity
Not Before: Jul 16 07:38:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6c069bae627cce2f3ddd41f19676481bc88d5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f7:97:90:d7:cb:99:59:7b:f8:dd:85:ea:ae:
90:68:7a:b3:a5:6f:42:0d:26:0f:06:57:0c:a8:3d:
ac:59:4a:32:19:fe:ae:c0:9f:c2:46:55:fc:1d:17:
ab:08:71:95:ba:66:d2:63:c0:ff:56:a2:a9:be:62:
68:3e:79:b4:70:ba:13:9e:e6:b4:99:f2:ea:cf:02:
b1:91:e3:89:87:de:b2:b7:ef:c8:9b:c2:e4:6e:c2:
b1:f6:ec:20:9a:85:9c:84:0a:44:83:2a:b5:69:c3:
2b:f6:e7:82:83:4a:13:01:d1:36:c5:ec:aa:9e:2f:
dc:0c:00:f7:04:3d:df:4c:fd:2e:20:2f:9c:a7:90:
47:45:e2:98:b8:67:a4:21:d7:6d:bf:f6:bd:cf:e0:
af:d4:0b:ac:d5:4d:70:bb:bf:66:ee:bc:12:e9:a2:
54:51:d7:3b:fe:de:bf:fb:fd:c1:8a:bf:f1:d0:01:
27:3c:dd:66:97:83:9e:e6:bb:17:21:b6:4e:07:1a:
87:3e:94:39:99:b7:44:19:85:3a:6e:be:ac:50:85:
8b:cf:79:7d:9d:eb:71:b9:bd:9a:08:e7:d0:6b:f7:
51:4e:4c:85:d1:24:d5:74:c6:1f:b0:93:e5:77:ec:
b7:21:99:d5:7c:86:20:b5:1a:5d:48:01:01:e4:17:
6d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C0:69:BA:E6:27:CC:E2:F3:DD:D4:1F:19:67:64:81:BC:88:D5:DB
X509v3 Authority Key Identifier:
keyid:21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/xsBpuuYnzOLz3dQfGWdkgbyI1ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.32.0/22
37.230.0.0/19
91.184.160.0/19
93.186.0.0/20
109.75.80.0/20
176.126.64.0/23
176.126.68.0/23
176.126.71.0-176.126.73.255
176.126.75.0-176.126.76.255
176.126.79.0-176.126.82.255
185.35.109.0-185.35.111.255
185.161.200.0/23
185.166.189.0-185.166.191.255
185.168.8.0/24
185.168.11.0/24
185.186.144.0/23
185.194.151.0/24
185.203.123.0/24
185.222.139.0/24
185.231.252.0/22
194.35.184.0/23
194.35.188.0/23
212.82.48.0/20
212.88.128.0/19
217.24.224.0/20
IPv6:
2a02:5a0::/29
Signature Algorithm: sha256WithRSAEncryption
82:ce:26:1e:5b:ca:5d:64:e7:2d:de:d1:6d:e9:58:3a:b1:6d:
55:c4:ab:b5:70:9a:f7:c8:ab:86:5b:9d:00:d5:08:5e:7a:79:
15:a3:7f:9f:a2:81:7d:a5:a3:fc:63:c0:8e:56:4d:4c:28:ae:
cc:34:fa:7e:d3:6c:86:e4:87:50:0e:f6:b8:1e:51:90:aa:3a:
da:e3:52:4d:6c:91:12:66:7b:cc:4f:43:c1:9e:6a:b9:e7:8d:
34:25:31:71:6a:32:52:e7:0c:3e:73:13:b1:85:f0:98:34:90:
48:ce:d4:b5:2a:04:a9:7b:3d:2c:5f:5a:aa:f3:0e:07:07:61:
2f:25:bb:5f:cc:84:34:16:49:8e:4d:bd:20:4e:ad:d1:25:65:
b1:09:da:74:28:41:b4:fa:62:fe:38:f8:23:57:ce:32:3a:04:
30:8c:fc:0a:da:d5:cc:20:65:4f:19:19:81:57:24:92:8a:cb:
34:bf:57:ca:ed:ef:cb:7b:0b:29:54:de:3c:46:ec:e7:10:19:
67:d9:b9:36:a3:61:10:f3:36:eb:6c:be:b9:72:0f:bc:f6:56:
3a:da:01:c1:2c:52:b9:99:82:e7:a5:2b:e8:5d:ce:22:19:df:
69:70:0e:a3:b5:43:63:52:d8:44:63:94:ee:d3:7d:34:be:b5:
31:3c:5b:d5
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAZC6epZkaB3SIn+X1VBTPBOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMmJlMGVhNzFjZjQzN2UwOGVmZGYzZmU3OThlYWY5ODQx
MzFjNDYwHhcNMjQwNzE2MDczODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmMwNjliYWU2MjdjY2UyZjNkZGQ0MWYxOTY3NjQ4MWJjODhkNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyveXkNfLmVl7+N2F6q6QaHqzpW9C
DSYPBlcMqD2sWUoyGf6uwJ/CRlX8HRerCHGVumbSY8D/VqKpvmJoPnm0cLoTnua0
mfLqzwKxkeOJh96yt+/Im8LkbsKx9uwgmoWchApEgyq1acMr9ueCg0oTAdE2xeyq
ni/cDAD3BD3fTP0uIC+cp5BHReKYuGekIddtv/a9z+Cv1Aus1U1wu79m7rwS6aJU
Udc7/t6/+/3Bir/x0AEnPN1ml4Oe5rsXIbZOBxqHPpQ5mbdEGYU6br6sUIWLz3l9
netxub2aCOfQa/dRTkyF0STVdMYfsJPld+y3IZnVfIYgtRpdSAEB5BdtwwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFMbAabrmJ8zi893UHxlnZIG8iNXbMB8GA1UdIwQY
MBaAFCEr4Opxz0N+CO/fP+eY6vmEExxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAt
NzI1NjhmMDZmZTEwLzEveHNCcHV1WW56T0x6M2RRZkdXZGtnYnlJMWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAtNzI1NjhmMDZmZTEw
LzEvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBxQQCAAEwgb4DBAIf
3CADBAUl5gADBAVbuKADBARdugADBARtS1ADBAGwfkADBAGwfkQwDAMEALB+RwME
AbB+SDAMAwQAsH5LAwQAsH5MMAwDBACwfk8DBACwflIwDAMEALkjbQMEBLkjYAME
AbmhyDAMAwQAuaa9AwQGuaaAAwQAuagIAwQAuagLAwQBubqQAwQAucKXAwQAuct7
AwQAud6LAwQCuef8AwQBwiO4AwQBwiO8AwQE1FIwAwQF1FiAAwQE2RjgMA0EAgAC
MAcDBQMqAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQCCziYeW8pdZOct3tFt6Vg6sW1V
xKu1cJr3yKuGW50A1QheenkVo3+fooF9paP8Y8COVk1MKK7MNPp+02yG5IdQDva4
HlGQqjra41JNbJESZnvMT0PBnmq55400JTFxajJS5ww+cxOxhfCYNJBIztS1KgSp
ez0sX1qq8w4HB2EvJbtfzIQ0FkmOTb0gTq3RJWWxCdp0KEG0+mL+OPgjV84yOgQw
jPwK2tXMIGVPGRmBVySSiss0v1fK7e/LewspVN48RuznEBln2bk2o2EQ8zbrbL65
cg+89lY62gHBLFK5mYLnpSvoXc4iGd9pcA6jtUNjUthEY5Tu0300vrUxPFvV
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:58 2024 by rpki-client on console-ams.rpki-client.org