Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/1-GUJOX3Jx6nFu8a1ttq56DiRPM.roa
File: 1-GUJOX3Jx6nFu8a1ttq56DiRPM.roa (raw, json)
Hash identifier: w80WJqZ2eiwl5yJwH9FVE0RzApOJ3l8Rcu23EbK/BD0=
Subject key identifier: D7:E1:94:24:E5:F7:27:1E:A7:16:EF:1A:D6:DB:6A:E7:A0:E2:44:F3
Certificate issuer: /CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Certificate serial: 018F0F35658F1046BD86406036462DEBD035
Authority key identifier: 0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/1-GUJOX3Jx6nFu8a1ttq56DiRPM.roa
Signing time: Wed 24 Apr 2024 08:25:08 +0000
ROA not before: Wed 24 Apr 2024 08:25:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5391
IP address blocks: 31.216.192.0/19 maxlen: 19
31.217.0.0/17 maxlen: 17
31.217.0.0/19 maxlen: 19
31.217.32.0/19 maxlen: 19
31.217.64.0/19 maxlen: 19
31.217.96.0/19 maxlen: 19
46.188.128.0/17 maxlen: 17
46.188.128.0/19 maxlen: 19
46.188.160.0/19 maxlen: 19
46.188.192.0/19 maxlen: 19
46.188.224.0/19 maxlen: 19
78.0.0.0/16 maxlen: 16
78.1.0.0/16 maxlen: 16
78.2.0.0/16 maxlen: 16
78.3.0.0/16 maxlen: 16
83.131.0.0/16 maxlen: 16
83.131.0.0/18 maxlen: 18
83.131.8.0/24 maxlen: 24
87.252.128.0/19 maxlen: 24
89.172.0.0/16 maxlen: 16
93.136.0.0/16 maxlen: 16
93.137.0.0/16 maxlen: 18
93.138.0.0/16 maxlen: 16
93.139.0.0/16 maxlen: 16
93.140.0.0/16 maxlen: 16
93.141.0.0/16 maxlen: 16
93.142.0.0/16 maxlen: 16
93.143.0.0/16 maxlen: 16
93.159.64.0/19 maxlen: 19
178.160.0.0/17 maxlen: 17
188.125.0.0/20 maxlen: 20
194.152.192.0/18 maxlen: 18
194.152.198.0/24 maxlen: 24
195.29.0.0/16 maxlen: 18
2a00:c30::/29 maxlen: 29
2a00:c30::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/Dg9Icq0cH0_LITtrLts4ii2cmiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/Dg9Icq0cH0_LITtrLts4ii2cmiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0f:35:65:8f:10:46:bd:86:40:60:36:46:2d:eb:d0:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Validity
Not Before: Apr 24 08:25:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7e19424e5f7271ea716ef1ad6db6ae7a0e244f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e7:9f:d0:8b:ff:6e:b3:cf:21:1f:80:21:00:
ab:03:2b:aa:87:fb:8f:b3:77:5a:2d:b6:a9:e3:1b:
5e:7b:1e:55:88:dc:0a:a6:d9:27:79:73:13:f8:95:
72:72:88:af:29:95:12:17:b4:29:aa:73:36:f3:ce:
75:07:65:5a:4c:be:50:00:62:63:4e:27:cc:c1:e7:
72:55:07:6b:fb:b5:03:7c:c1:96:cc:f4:ec:ec:cb:
e3:b0:70:ba:7f:85:c0:c4:b9:73:e6:5f:b5:a9:fc:
d3:a8:ea:00:e5:87:a4:c3:62:fe:fa:82:c4:04:57:
95:f0:71:61:65:78:34:f9:db:8f:a7:90:69:7d:ce:
11:1c:77:06:47:8b:a8:61:58:94:1e:75:0c:d5:07:
b4:b0:40:c4:77:62:61:c8:4a:d1:36:c7:5b:6f:6a:
85:1f:2e:a1:8d:29:81:e0:32:e2:40:a6:bf:71:f0:
d5:b2:91:3e:7e:8e:de:cf:77:a1:92:2d:ed:03:a9:
08:e7:fd:7d:a6:53:25:9b:cb:44:67:82:eb:ed:ad:
2b:48:8c:b7:e6:43:1b:e2:3f:63:8a:c8:2b:cc:1a:
5d:56:bf:3d:51:2d:cb:6a:f8:5c:2e:31:b2:6a:71:
ef:cc:57:aa:0f:22:22:8b:4a:bd:ef:7b:1a:a9:08:
29:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E1:94:24:E5:F7:27:1E:A7:16:EF:1A:D6:DB:6A:E7:A0:E2:44:F3
X509v3 Authority Key Identifier:
keyid:0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/1-GUJOX3Jx6nFu8a1ttq56DiRPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/Dg9Icq0cH0_LITtrLts4ii2cmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.192.0/19
31.217.0.0/17
46.188.128.0/17
78.0.0.0/14
83.131.0.0/16
87.252.128.0/19
89.172.0.0/16
93.136.0.0/13
93.159.64.0/19
178.160.0.0/17
188.125.0.0/20
194.152.192.0/18
195.29.0.0/16
IPv6:
2a00:c30::/29
Signature Algorithm: sha256WithRSAEncryption
b2:d1:a5:3d:08:6d:51:e8:41:6f:29:53:38:d4:22:31:79:86:
03:67:48:11:89:64:4a:37:2a:a4:b4:c1:c8:21:c2:74:cc:c5:
c6:32:ea:62:b4:59:b8:66:2a:c8:d4:a0:8f:f1:2a:a3:c4:f8:
8b:a8:ab:b1:76:06:6d:44:2d:1f:1f:b1:86:fd:93:89:90:19:
9a:86:fb:24:18:32:cb:a3:11:81:51:db:6b:96:44:9a:3d:01:
a9:9a:07:c8:7a:0e:11:75:9d:47:b7:b1:18:d5:6f:39:48:f2:
c3:46:11:72:fa:c7:bf:1b:2b:52:47:44:b2:b7:b4:14:d7:9d:
d2:a8:96:7a:62:ba:8d:65:c7:98:bf:ef:04:fb:e8:db:b0:54:
3f:fd:84:d8:58:3e:18:70:b2:98:d3:3e:05:27:9b:eb:b7:e3:
d9:6a:eb:dd:c5:47:ed:44:df:2b:63:23:33:f7:5e:70:5c:6d:
2f:3b:f7:5f:ca:ff:38:03:ad:df:35:25:2f:1c:53:3a:84:9a:
81:4c:72:ec:4a:b3:da:d9:43:70:70:95:24:af:4c:f8:98:df:
c0:bc:3f:86:74:db:0a:22:55:83:ae:6e:eb:6c:0c:1e:d2:7e:
87:9d:33:60:02:51:b6:e5:be:1c:bc:28:4a:cf:79:34:5d:a8:
7f:63:e5:4d
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAY8PNWWPEEa9hkBgNkYt69A1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGY0ODcyYWQxYzFmNGZjYjIxM2I2YjJlZGIzODhhMmQ5
YzlhMjMwHhcNMjQwNDI0MDgyNTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2UxOTQyNGU1ZjcyNzFlYTcxNmVmMWFkNmRiNmFlN2EwZTI0NGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOef0Iv/brPPIR+AIQCrAyuqh/uP
s3daLbap4xteex5ViNwKptkneXMT+JVycoivKZUSF7QpqnM28851B2VaTL5QAGJj
TifMwedyVQdr+7UDfMGWzPTs7MvjsHC6f4XAxLlz5l+1qfzTqOoA5Yekw2L++oLE
BFeV8HFhZXg0+duPp5Bpfc4RHHcGR4uoYViUHnUM1Qe0sEDEd2JhyErRNsdbb2qF
Hy6hjSmB4DLiQKa/cfDVspE+fo7ez3ehki3tA6kI5/19plMlm8tEZ4Lr7a0rSIy3
5kMb4j9jisgrzBpdVr89US3LavhcLjGyanHvzFeqDyIii0q973saqQgpRwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFNfhlCTl9ycepxbvGtbbaueg4kTzMB8GA1UdIwQY
MBaAFA4PSHKtHB9PyyE7ay7bOIotnJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQt
YzAxZjgwYTFjODA1LzEvMS1HVUpPWDNKeDZuRnU4YTF0dHE1NkRpUlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQtYzAxZjgwYTFjODA1
LzEvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBPBAIAATBJAwQFH9jAAwQH
H9kAAwQHLryAAwMCTgADAwBTgwMEBVf8gAMDAFmsAwMDXYgDBAVdn0ADBAeyoAAD
BAS8fQADBAbCmMADAwDDHTANBAIAAjAHAwUDKgAMMDANBgkqhkiG9w0BAQsFAAOC
AQEAstGlPQhtUehBbylTONQiMXmGA2dIEYlkSjcqpLTByCHCdMzFxjLqYrRZuGYq
yNSgj/Eqo8T4i6irsXYGbUQtHx+xhv2TiZAZmob7JBgyy6MRgVHba5ZEmj0BqZoH
yHoOEXWdR7exGNVvOUjyw0YRcvrHvxsrUkdEsre0FNed0qiWemK6jWXHmL/vBPvo
27BUP/2E2Fg+GHCymNM+BSeb67fj2Wrr3cVH7UTfK2MjM/decFxtLzv3X8r/OAOt
3zUlLxxTOoSagUxy7Eqz2tlDcHCVJK9M+JjfwLw/hnTbCiJVg65u62wMHtJ+h50z
YAJRtuW+HLwoSs95NF2of2PlTQ==
-----END CERTIFICATE-----
Generated at Sat May 18 02:41:51 2024 by rpki-client on console-fra.rpki-client.org