Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/XRFRRMIxfFjuAOecKNBz2oM9VXU.roa
File: XRFRRMIxfFjuAOecKNBz2oM9VXU.roa (raw, json)
Hash identifier: eus2a+CT8YLfv8XnrQc4TSuPFEZKnw7hFPbZRS3Uo50=
Subject key identifier: 5D:11:51:44:C2:31:7C:58:EE:00:E7:9C:28:D0:73:DA:83:3D:55:75
Certificate issuer: /CN=0ab36668893a8244d553efca4688d0f1019e4e25
Certificate serial: 018E5B1A29B2CF83152AF33CA7D37041D73E
Authority key identifier: 0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/XRFRRMIxfFjuAOecKNBz2oM9VXU.roa
Signing time: Wed 20 Mar 2024 09:03:45 +0000
ROA not before: Wed 20 Mar 2024 09:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24921
IP address blocks: 5.252.168.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
45.149.160.0/22 maxlen: 22
80.89.72.0/21 maxlen: 21
80.89.72.0/22 maxlen: 22
80.89.76.0/22 maxlen: 22
185.65.160.0/23 maxlen: 23
185.65.162.0/23 maxlen: 23
185.147.56.0/22 maxlen: 22
185.147.56.0/24 maxlen: 24
185.147.57.0/24 maxlen: 24
185.147.58.0/24 maxlen: 24
185.147.59.0/24 maxlen: 24
193.108.29.0/24 maxlen: 24
212.3.192.0/19 maxlen: 19
212.3.192.0/21 maxlen: 21
212.3.192.0/23 maxlen: 23
212.3.194.0/23 maxlen: 23
212.3.196.0/23 maxlen: 23
212.3.198.0/23 maxlen: 23
212.3.201.0/24 maxlen: 24
212.3.204.0/22 maxlen: 22
212.3.208.0/23 maxlen: 23
212.3.210.0/23 maxlen: 23
212.3.221.0/24 maxlen: 24
212.93.97.0/24 maxlen: 24
212.93.100.0/22 maxlen: 22
212.93.104.0/23 maxlen: 23
212.93.106.0/24 maxlen: 24
212.93.107.0/24 maxlen: 24
212.93.108.0/23 maxlen: 23
212.93.110.0/23 maxlen: 23
212.93.112.0/24 maxlen: 24
212.93.113.0/24 maxlen: 24
212.93.114.0/24 maxlen: 24
212.93.115.0/24 maxlen: 24
212.93.116.0/23 maxlen: 23
212.93.118.0/23 maxlen: 23
212.93.120.0/23 maxlen: 23
212.93.122.0/23 maxlen: 23
212.93.127.0/24 maxlen: 24
2a03:ec00:b000::/48 maxlen: 48
2a03:ec00:b008::/48 maxlen: 48
2a03:ec00:b100::/40 maxlen: 40
2a03:ec00:b100::/42 maxlen: 42
2a03:ec00:b140::/42 maxlen: 42
2a03:ec00:b180::/42 maxlen: 42
2a03:ec00:b300::/40 maxlen: 40
2a03:ec00:b400::/40 maxlen: 40
2a03:ec00:b900::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:1a:29:b2:cf:83:15:2a:f3:3c:a7:d3:70:41:d7:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ab36668893a8244d553efca4688d0f1019e4e25
Validity
Not Before: Mar 20 09:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d115144c2317c58ee00e79c28d073da833d5575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a6:82:dc:51:a6:e7:b1:11:b4:a0:c7:99:1c:
05:ef:6a:88:a8:65:5f:28:6a:ad:d3:28:5e:1c:5d:
62:8f:13:c5:d5:17:14:8f:5e:78:fd:f8:f7:53:52:
8d:b0:93:4a:d8:8d:da:90:09:bc:fe:8d:3f:58:d6:
0f:35:2e:11:f6:a3:1c:23:c9:1c:78:3f:13:4e:7f:
57:f2:a0:59:c5:e5:56:8f:2f:ff:ed:de:e1:87:45:
e3:28:01:03:15:79:9a:fa:87:f9:f9:91:ca:8f:88:
0d:a8:34:e0:4a:de:74:ae:53:06:f6:b5:7c:0a:5c:
51:74:fc:32:71:94:1f:6b:9e:7a:9f:cf:c3:a0:28:
95:50:21:4c:3e:ce:53:0c:bd:25:6d:82:17:67:d7:
54:76:0f:de:94:4c:48:12:d4:7c:87:34:9c:62:54:
8b:a5:4f:78:18:38:16:a9:e5:8a:7f:c4:0f:70:21:
52:b5:05:3c:31:e9:cd:d5:6e:64:ff:60:4d:34:41:
bf:48:e1:d8:7e:6d:20:21:b3:69:34:ac:53:89:46:
55:17:80:42:32:29:09:80:1c:71:74:e0:ec:a6:57:
dc:d0:cd:df:40:0d:62:89:3a:e7:a3:ff:80:3f:c4:
74:1e:14:75:e4:af:84:aa:05:b7:a5:97:9f:1b:67:
e9:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:11:51:44:C2:31:7C:58:EE:00:E7:9C:28:D0:73:DA:83:3D:55:75
X509v3 Authority Key Identifier:
keyid:0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/XRFRRMIxfFjuAOecKNBz2oM9VXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.168.0/22
45.140.32.0/22
45.149.160.0/22
80.89.72.0/21
185.65.160.0/22
185.147.56.0/22
193.108.29.0/24
212.3.192.0/19
212.93.97.0/24
212.93.100.0-212.93.123.255
212.93.127.0/24
IPv6:
2a03:ec00:b000::/48
2a03:ec00:b008::/48
2a03:ec00:b100::/40
2a03:ec00:b300::-2a03:ec00:b4ff:ffff:ffff:ffff:ffff:ffff
2a03:ec00:b900::/40
Signature Algorithm: sha256WithRSAEncryption
27:93:7f:c8:14:00:ea:32:e1:ae:9d:18:2a:b4:6c:4e:70:39:
65:11:b6:d5:bf:a0:28:01:17:24:81:0f:46:44:b4:a7:5e:89:
33:2a:0a:9a:8d:e0:a5:79:a8:fe:08:92:c2:f3:00:af:3e:9b:
b9:24:92:dd:76:d2:be:15:a7:e8:e3:fa:6b:10:a1:a3:7b:52:
05:35:a4:75:a4:f8:a9:d9:19:5c:7b:66:b6:77:34:14:c9:9a:
b5:27:49:b6:d7:a2:97:50:89:41:32:22:70:2a:8e:99:a2:76:
61:fb:b1:3b:0e:20:b9:df:25:4f:88:16:41:e5:f2:05:b8:5f:
d2:90:46:b6:15:a1:17:4c:84:0d:db:19:41:8d:c4:7a:07:c5:
64:ad:fb:6a:d1:57:c9:81:c8:08:83:4f:52:b1:b4:08:d7:7f:
ae:fd:8c:d2:9f:6a:4a:ae:a2:b8:e1:bc:9a:75:51:db:9f:6d:
9a:fc:54:96:80:8d:ab:ed:24:40:f0:b9:25:4e:50:ad:3b:52:
42:5e:15:cb:d7:4a:c6:9b:b9:b9:ad:d6:82:67:2b:20:af:9d:
85:b4:78:1a:27:4c:4e:be:ac:64:e4:8c:b4:b8:9e:b1:0c:10:
49:73:b8:56:cd:cd:d6:88:6d:83:1f:a3:99:d0:4d:dd:9c:99:
8e:7b:b8:0f
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAY5bGimyz4MVKvM8p9NwQdc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYjM2NjY4ODkzYTgyNDRkNTUzZWZjYTQ2ODhkMGYxMDE5
ZTRlMjUwHhcNMjQwMzIwMDkwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDExNTE0NGMyMzE3YzU4ZWUwMGU3OWMyOGQwNzNkYTgzM2Q1NTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6aC3FGm57ERtKDHmRwF72qIqGVf
KGqt0yheHF1ijxPF1RcUj154/fj3U1KNsJNK2I3akAm8/o0/WNYPNS4R9qMcI8kc
eD8TTn9X8qBZxeVWjy//7d7hh0XjKAEDFXma+of5+ZHKj4gNqDTgSt50rlMG9rV8
ClxRdPwycZQfa556n8/DoCiVUCFMPs5TDL0lbYIXZ9dUdg/elExIEtR8hzScYlSL
pU94GDgWqeWKf8QPcCFStQU8MenN1W5k/2BNNEG/SOHYfm0gIbNpNKxTiUZVF4BC
MikJgBxxdODsplfc0M3fQA1iiTrno/+AP8R0HhR15K+EqgW3pZefG2fpQwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFF0RUUTCMXxY7gDnnCjQc9qDPVV1MB8GA1UdIwQY
MBaAFAqzZmiJOoJE1VPvykaI0PEBnk4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTkt
MmFmMDY3YTEzMGFhLzEvWFJGUlJNSXhmRmp1QU9lY0tOQnoyb005VlhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTktMmFmMDY3YTEzMGFh
LzEvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjBQBAIAATBKAwQCBfyo
AwQCLYwgAwQCLZWgAwQDUFlIAwQCuUGgAwQCuZM4AwQAwWwdAwQF1APAAwQA1F1h
MAwDBALUXWQDBALUXXgDBADUXX8wOgQCAAIwNAMHACoD7ACwAAMHACoD7ACwCAMG
ACoD7ACxMBADBgAqA+wAswMGACoD7AC0AwYAKgPsALkwDQYJKoZIhvcNAQELBQAD
ggEBACeTf8gUAOoy4a6dGCq0bE5wOWURttW/oCgBFySBD0ZEtKdeiTMqCpqN4KV5
qP4IksLzAK8+m7kkkt120r4Vp+jj+msQoaN7UgU1pHWk+KnZGVx7ZrZ3NBTJmrUn
SbbXopdQiUEyInAqjpmidmH7sTsOILnfJU+IFkHl8gW4X9KQRrYVoRdMhA3bGUGN
xHoHxWSt+2rRV8mByAiDT1KxtAjXf679jNKfakquorjhvJp1UdufbZr8VJaAjavt
JEDwuSVOUK07UkJeFcvXSsabubmt1oJnKyCvnYW0eBonTE6+rGTkjLS4nrEMEElz
uFbNzdaIbYMfo5nQTd2cmY57uA8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:26 2024 by rpki-client on console-fra.rpki-client.org