Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/v1sZsNUC6VbnO-9TZ8ASCj4rYMM.roa
File: v1sZsNUC6VbnO-9TZ8ASCj4rYMM.roa (raw, json)
Hash identifier: 0d+Q7UDziIZGuROltH+Xiq59360WQR5Xq6tilF8kNdw=
Subject key identifier: BF:5B:19:B0:D5:02:E9:56:E7:3B:EF:53:67:C0:12:0A:3E:2B:60:C3
Certificate issuer: /CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Certificate serial: 019131F99182B2A129366E8674B4C00FD21C
Authority key identifier: 20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/v1sZsNUC6VbnO-9TZ8ASCj4rYMM.roa
Signing time: Thu 08 Aug 2024 12:32:04 +0000
ROA not before: Thu 08 Aug 2024 12:32:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41998
IP address blocks: 5.42.136.0/22 maxlen: 22
5.42.140.0/22 maxlen: 22
31.25.40.0/21 maxlen: 21
37.25.48.0/21 maxlen: 21
46.182.136.0/21 maxlen: 21
62.152.160.0/19 maxlen: 19
83.242.36.0/22 maxlen: 22
83.242.40.0/21 maxlen: 21
83.242.48.0/20 maxlen: 20
91.103.112.0/21 maxlen: 21
93.118.0.0/21 maxlen: 21
93.118.8.0/21 maxlen: 21
93.118.16.0/21 maxlen: 21
93.118.24.0/21 maxlen: 21
94.124.208.0/21 maxlen: 21
94.176.240.0/20 maxlen: 20
145.14.192.0/20 maxlen: 20
149.249.56.0/21 maxlen: 21
153.92.80.0/20 maxlen: 20
171.33.176.0/22 maxlen: 22
171.33.180.0/22 maxlen: 22
185.3.80.0/22 maxlen: 22
185.36.120.0/22 maxlen: 22
185.61.28.0/22 maxlen: 22
185.107.4.0/22 maxlen: 22
185.108.230.0/23 maxlen: 23
188.93.216.0/21 maxlen: 21
188.244.100.0/22 maxlen: 22
193.151.4.0/22 maxlen: 22
194.140.112.0/20 maxlen: 20
212.86.176.0/22 maxlen: 22
212.86.184.0/22 maxlen: 22
213.153.68.0/22 maxlen: 22
213.153.76.0/22 maxlen: 22
213.153.80.0/22 maxlen: 22
213.153.84.0/22 maxlen: 22
213.153.88.0/22 maxlen: 22
213.153.92.0/22 maxlen: 22
217.66.136.0/21 maxlen: 21
217.78.160.0/20 maxlen: 20
2a00:79c0::/32 maxlen: 32
2a02:17b0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:f9:91:82:b2:a1:29:36:6e:86:74:b4:c0:0f:d2:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=204a096504cdbb9f2fb7fd0e66406d526fe10b5a
Validity
Not Before: Aug 8 12:32:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf5b19b0d502e956e73bef5367c0120a3e2b60c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:18:e3:9e:9d:71:af:e4:cc:31:58:12:5b:af:
fb:8f:71:47:0f:5b:30:55:0e:de:b8:c7:f4:af:b1:
19:88:3a:72:33:98:8d:b3:59:82:60:65:d9:90:a1:
84:d0:1b:98:e5:7b:be:c2:d6:13:8f:5e:08:9c:92:
f1:48:47:6a:3e:4d:2c:32:bd:bf:a3:74:07:86:50:
52:19:bd:f1:54:ed:72:92:d0:68:9a:5a:a9:d7:e1:
ad:89:ae:ee:d9:5d:4c:aa:5d:1d:8c:ab:cb:df:11:
21:bf:1e:2d:9a:8c:b2:1f:2a:de:69:86:8d:d9:8f:
00:ae:76:85:14:04:2a:c5:9d:05:ec:92:ef:ac:70:
f5:8d:56:71:b7:1c:5a:e2:d9:6d:12:61:91:12:6d:
f4:6d:3d:6a:78:ca:b8:de:ca:39:90:07:fa:3d:9c:
b2:66:bd:f9:a0:d6:75:d8:be:9c:47:27:a4:2f:94:
46:57:68:d1:34:a0:7c:5e:47:ca:0f:f4:f6:b2:36:
59:ef:46:b9:33:41:56:ff:1b:21:f6:b9:90:29:0e:
ac:6a:98:bf:f7:3c:59:05:d5:fb:66:17:40:d7:4a:
a4:07:2b:3e:ed:2f:30:25:84:38:c7:dd:9a:53:a7:
c2:9b:5c:bd:45:cc:f8:3d:92:97:f4:9c:4a:0f:b4:
33:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:5B:19:B0:D5:02:E9:56:E7:3B:EF:53:67:C0:12:0A:3E:2B:60:C3
X509v3 Authority Key Identifier:
keyid:20:4A:09:65:04:CD:BB:9F:2F:B7:FD:0E:66:40:6D:52:6F:E1:0B:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IEoJZQTNu58vt_0OZkBtUm_hC1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/v1sZsNUC6VbnO-9TZ8ASCj4rYMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e251dc-8b2b-4f3d-b636-15422478800b/1/IEoJZQTNu58vt_0OZkBtUm_hC1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.136.0/21
31.25.40.0/21
37.25.48.0/21
46.182.136.0/21
62.152.160.0/19
83.242.36.0-83.242.63.255
91.103.112.0/21
93.118.0.0/19
94.124.208.0/21
94.176.240.0/20
145.14.192.0/20
149.249.56.0/21
153.92.80.0/20
171.33.176.0/21
185.3.80.0/22
185.36.120.0/22
185.61.28.0/22
185.107.4.0/22
185.108.230.0/23
188.93.216.0/21
188.244.100.0/22
193.151.4.0/22
194.140.112.0/20
212.86.176.0/22
212.86.184.0/22
213.153.68.0/22
213.153.76.0-213.153.95.255
217.66.136.0/21
217.78.160.0/20
IPv6:
2a00:79c0::/32
2a02:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:7a:cd:d3:5c:bb:79:45:d2:f0:a3:cf:ac:9f:02:54:17:16:
33:b2:b1:ec:33:e3:8c:a1:10:08:64:47:3a:6c:9c:a8:7c:c6:
c4:5b:d3:da:f8:0f:c8:0b:d3:37:ef:65:bc:a8:18:02:ec:ef:
38:e5:5a:3c:e1:13:e1:7c:5c:11:b3:de:21:fd:22:9e:79:6b:
d7:75:65:77:d9:64:83:01:99:85:bd:e2:8b:e0:a8:a2:d7:de:
f2:62:e8:f9:da:76:88:89:4d:28:63:68:4d:b9:49:68:e1:9f:
e0:19:9c:d4:c5:68:2c:df:cf:88:e3:92:bc:b2:4d:24:50:92:
2c:b0:b9:07:07:43:69:d3:eb:4e:ac:ee:ee:9c:b4:97:3e:11:
98:97:09:81:72:6c:59:c0:b0:dc:30:58:b5:5e:0b:3c:79:3c:
62:43:c8:fd:a9:c8:28:af:54:46:14:94:87:15:4d:c1:74:01:
8f:00:ce:a6:83:76:6c:51:6c:00:42:30:0b:99:a7:f3:4f:38:
52:15:62:30:6b:95:0e:a0:e2:96:cf:f5:2b:fb:18:77:f6:2a:
13:c2:b6:89:77:3d:76:c3:71:fd:e2:50:33:6e:5a:ef:3d:56:
a5:ee:44:6a:60:8b:12:02:1c:91:77:cb:88:a7:94:b4:8a:16:
14:0e:c2:cb
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZEx+ZGCsqEpNm6GdLTAD9IcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNGEwOTY1MDRjZGJiOWYyZmI3ZmQwZTY2NDA2ZDUyNmZl
MTBiNWEwHhcNMjQwODA4MTIzMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjViMTliMGQ1MDJlOTU2ZTczYmVmNTM2N2MwMTIwYTNlMmI2MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRjjnp1xr+TMMVgSW6/7j3FHD1sw
VQ7euMf0r7EZiDpyM5iNs1mCYGXZkKGE0BuY5Xu+wtYTj14InJLxSEdqPk0sMr2/
o3QHhlBSGb3xVO1yktBomlqp1+Gtia7u2V1Mql0djKvL3xEhvx4tmoyyHyreaYaN
2Y8ArnaFFAQqxZ0F7JLvrHD1jVZxtxxa4tltEmGREm30bT1qeMq43so5kAf6PZyy
Zr35oNZ12L6cRyekL5RGV2jRNKB8XkfKD/T2sjZZ70a5M0FW/xsh9rmQKQ6sapi/
9zxZBdX7ZhdA10qkBys+7S8wJYQ4x92aU6fCm1y9Rcz4PZKX9JxKD7QzdwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFL9bGbDVAulW5zvvU2fAEgo+K2DDMB8GA1UdIwQY
MBaAFCBKCWUEzbufL7f9DmZAbVJv4QtaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYt
MTU0MjI0Nzg4MDBiLzEvdjFzWnNOVUM2VmJuTy05VFo4QVNDajRyWU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lMjUxZGMtOGIyYi00ZjNkLWI2MzYtMTU0MjI0Nzg4MDBi
LzEvSUVvSlpRVE51NTh2dF8wT1prQnRVbV9oQzFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCBxQQCAAEwgb4DBAMF
KogDBAMfGSgDBAMlGTADBAMutogDBAU+mKAwDAMEAlPyJAMEBlPyAAMEA1tncAME
BV12AAMEA1580AMEBF6w8AMEBJEOwAMEA5X5OAMEBJlcUAMEA6shsAMEArkDUAME
ArkkeAMEArk9HAMEArlrBAMEAbls5gMEA7xd2AMEArz0ZAMEAsGXBAMEBMKMcAME
AtRWsAMEAtRWuAMEAtWZRDAMAwQC1ZlMAwQF1ZlAAwQD2UKIAwQE2U6gMBQEAgAC
MA4DBQAqAHnAAwUAKgIXsDANBgkqhkiG9w0BAQsFAAOCAQEAHHrN01y7eUXS8KPP
rJ8CVBcWM7Kx7DPjjKEQCGRHOmycqHzGxFvT2vgPyAvTN+9lvKgYAuzvOOVaPOET
4XxcEbPeIf0innlr13Vld9lkgwGZhb3ii+Cootfe8mLo+dp2iIlNKGNoTblJaOGf
4Bmc1MVoLN/PiOOSvLJNJFCSLLC5BwdDadPrTqzu7py0lz4RmJcJgXJsWcCw3DBY
tV4LPHk8YkPI/anIKK9URhSUhxVNwXQBjwDOpoN2bFFsAEIwC5mn8084UhViMGuV
DqDils/1K/sYd/YqE8K2iXc9dsNx/eJQM25a7z1Wpe5EamCLEgIckXfLiKeUtIoW
FA7Cyw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:19 2024 by rpki-client on console-ams.rpki-client.org