Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/XaKOLigeN-V93hb5_LmjUY0ky8M.roa
File: XaKOLigeN-V93hb5_LmjUY0ky8M.roa (raw, json)
Hash identifier: rtGFnrRDKCveDc68Rgzg2Sdn9euHWItbTUgeJplUsRg=
Subject key identifier: 5D:A2:8E:2E:28:1E:37:E5:7D:DE:16:F9:FC:B9:A3:51:8D:24:CB:C3
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 018CC5DC4CB44C5E24B8D444B88B440B822E
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/XaKOLigeN-V93hb5_LmjUY0ky8M.roa
Signing time: Mon 01 Jan 2024 16:29:58 +0000
ROA not before: Mon 01 Jan 2024 16:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43612
IP address blocks: 146.255.94.0/23 maxlen: 23
31.11.64.0/21 maxlen: 21
217.16.88.0/22 maxlen: 22
217.16.94.0/24 maxlen: 24
217.16.92.0/23 maxlen: 23
31.11.80.0/21 maxlen: 21
212.110.92.0/23 maxlen: 23
146.255.75.0/24 maxlen: 24
146.255.73.0/24 maxlen: 24
146.255.74.0/24 maxlen: 24
94.100.96.0/20 maxlen: 20
185.80.164.0/22 maxlen: 22
185.100.245.0/24 maxlen: 24
185.100.244.0/24 maxlen: 24
185.5.4.0/22 maxlen: 22
217.196.192.0/20 maxlen: 20
31.11.120.0/21 maxlen: 21
188.44.2.0/24 maxlen: 24
188.44.7.0/24 maxlen: 24
188.44.6.0/24 maxlen: 24
78.157.0.0/19 maxlen: 22
31.3.94.0/24 maxlen: 24
31.3.93.0/24 maxlen: 24
109.69.40.0/21 maxlen: 21
178.249.112.0/21 maxlen: 21
185.89.246.0/23 maxlen: 24
185.89.244.0/22 maxlen: 22
92.53.0.0/18 maxlen: 23
78.157.16.0/22 maxlen: 22
2a01:b780::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4c:b4:4c:5e:24:b8:d4:44:b8:8b:44:0b:82:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Jan 1 16:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5da28e2e281e37e57dde16f9fcb9a3518d24cbc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:9e:19:23:97:a3:03:a5:ac:24:91:59:fe:f7:
ee:ef:e2:54:3f:ec:a8:b5:f4:30:56:4b:82:52:31:
00:4d:08:81:33:61:6e:0f:35:25:83:e9:d7:29:76:
43:88:82:eb:e2:ae:cd:4d:2e:98:b1:39:03:56:b7:
c2:b6:d2:6b:42:cd:fa:f0:27:ed:eb:4a:1f:d3:a7:
16:59:b1:7a:40:e6:52:f4:1c:f1:62:4d:56:0c:b7:
4d:ce:cc:cd:aa:2b:d9:e4:03:41:8a:f5:22:7a:0b:
02:33:6e:2a:16:f1:27:33:86:13:70:77:6c:af:d2:
4f:7d:93:1b:04:0e:55:38:f2:c6:1d:71:c1:82:59:
93:ab:65:27:70:7e:8f:76:3d:cb:1d:68:7a:a4:a4:
4a:b4:ae:22:3f:7a:3f:98:66:47:d8:45:7a:6a:6e:
bb:00:0d:dd:86:14:44:ef:1b:c2:60:52:49:08:11:
b9:af:90:29:b8:7c:ce:30:50:3d:26:41:b0:56:54:
76:ee:7d:f1:8c:09:e2:38:4c:16:e5:32:d2:79:4d:
41:c5:56:16:9d:34:ab:4a:f6:24:5d:e2:78:37:1d:
77:28:a9:04:99:79:85:02:12:d2:4b:f2:7e:e8:96:
4d:60:7b:2a:5d:72:84:4d:59:c6:0b:fc:ec:3f:79:
a4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A2:8E:2E:28:1E:37:E5:7D:DE:16:F9:FC:B9:A3:51:8D:24:CB:C3
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/XaKOLigeN-V93hb5_LmjUY0ky8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.93.0-31.3.94.255
31.11.64.0/21
31.11.80.0/21
31.11.120.0/21
78.157.0.0/19
92.53.0.0/18
94.100.96.0/20
109.69.40.0/21
146.255.73.0-146.255.75.255
146.255.94.0/23
178.249.112.0/21
185.5.4.0/22
185.80.164.0/22
185.89.244.0/22
185.100.244.0/23
188.44.2.0/24
188.44.6.0/23
212.110.92.0/23
217.16.88.0-217.16.94.255
217.196.192.0/20
IPv6:
2a01:b780::/32
Signature Algorithm: sha256WithRSAEncryption
2a:7e:36:a4:a0:23:f7:9a:0e:06:a7:af:ae:10:09:d8:56:3e:
60:50:de:00:9e:83:20:56:96:af:04:f2:58:54:5a:ac:d9:72:
3e:40:d9:7a:e8:4f:4e:45:61:d3:82:2a:19:ab:49:71:55:df:
9b:b5:e4:e4:a6:83:b4:8d:c0:27:0e:6e:da:f5:e6:49:05:87:
18:70:93:30:10:74:52:11:b3:69:4c:0f:01:28:68:ed:80:15:
95:4d:fc:7d:f7:2f:97:c1:7a:68:b3:e2:62:ce:7a:8a:b8:0f:
15:a6:4f:3e:9a:9f:ac:10:3a:06:d1:1f:b4:a8:d3:86:d5:29:
1b:9a:7c:70:2a:12:e0:95:50:71:cc:00:6b:34:77:e5:86:39:
7d:37:a2:5a:80:6b:8d:4f:51:20:fb:ad:e0:6c:27:a6:5c:00:
f4:87:03:94:98:5c:5e:f5:e3:7e:b8:90:0d:fe:fc:25:53:24:
a9:af:f8:e8:9c:33:3f:7d:7c:c6:21:be:d8:22:8e:23:ac:48:
37:3f:ff:fe:ce:5f:3d:a6:4d:40:0e:25:da:dd:39:cc:11:3e:
bf:62:26:05:75:34:c1:e5:78:5e:f2:95:5c:f1:99:15:26:6e:
1d:ff:47:0e:b0:aa:51:9b:f9:42:e0:32:b4:3a:e5:a7:49:7e:
3d:4c:0a:0f
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYzF3Ey0TF4kuNREuItEC4IuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGEyOGUyZTI4MWUzN2U1N2RkZTE2ZjlmY2I5YTM1MThkMjRjYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJ4ZI5ejA6WsJJFZ/vfu7+JUP+yo
tfQwVkuCUjEATQiBM2FuDzUlg+nXKXZDiILr4q7NTS6YsTkDVrfCttJrQs368Cft
60of06cWWbF6QOZS9BzxYk1WDLdNzszNqivZ5ANBivUiegsCM24qFvEnM4YTcHds
r9JPfZMbBA5VOPLGHXHBglmTq2UncH6Pdj3LHWh6pKRKtK4iP3o/mGZH2EV6am67
AA3dhhRE7xvCYFJJCBG5r5ApuHzOMFA9JkGwVlR27n3xjAniOEwW5TLSeU1BxVYW
nTSrSvYkXeJ4Nx13KKkEmXmFAhLSS/J+6JZNYHsqXXKETVnGC/zsP3mkswIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFF2iji4oHjflfd4W+fy5o1GNJMvDMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvWGFLT0xpZ2VOLVY5M2hiNV9MbWpVWTBreThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZAwDAME
AB8DXQMEAB8DXgMEAx8LQAMEAx8LUAMEAx8LeAMEBU6dAAMEBlw1AAMEBF5kYAME
A21FKDAMAwQAkv9JAwQCkv9IAwQBkv9eAwQDsvlwAwQCuQUEAwQCuVCkAwQCuVn0
AwQBuWT0AwQAvCwCAwQBvCwGAwQB1G5cMAwDBAPZEFgDBADZEF4DBATZxMAwDQQC
AAIwBwMFACoBt4AwDQYJKoZIhvcNAQELBQADggEBACp+NqSgI/eaDganr64QCdhW
PmBQ3gCegyBWlq8E8lhUWqzZcj5A2XroT05FYdOCKhmrSXFV35u15OSmg7SNwCcO
btr15kkFhxhwkzAQdFIRs2lMDwEoaO2AFZVN/H33L5fBemiz4mLOeoq4DxWmTz6a
n6wQOgbRH7So04bVKRuafHAqEuCVUHHMAGs0d+WGOX03olqAa41PUSD7reBsJ6Zc
APSHA5SYXF714364kA3+/CVTJKmv+OicMz99fMYhvtgijiOsSDc///7OXz2mTUAO
JdrdOcwRPr9iJgV1NMHleF7ylVzxmRUmbh3/Rw6wqlGb+ULgMrQ65adJfj1MCg8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:52 2024 by rpki-client on console-ams.rpki-client.org