Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/Uh-gDZ6bjzVQfsLlDN4py4e01X0.roa
File: Uh-gDZ6bjzVQfsLlDN4py4e01X0.roa (raw, json)
Hash identifier: kP8w4/s8XXu8BYp+0FbY//WvJ2/BKUoKDtP//d9PEr0=
Subject key identifier: 52:1F:A0:0D:9E:9B:8F:35:50:7E:C2:E5:0C:DE:29:CB:87:B4:D5:7D
Certificate issuer: /CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Certificate serial: 018EA36DC9CBE629B8BE927A93FCC3ABB2CC
Authority key identifier: AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/Uh-gDZ6bjzVQfsLlDN4py4e01X0.roa
Signing time: Wed 03 Apr 2024 10:07:44 +0000
ROA not before: Wed 03 Apr 2024 10:07:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62442
IP address blocks: 78.157.32.0/19 maxlen: 19
78.157.32.0/24 maxlen: 24
78.157.34.0/24 maxlen: 24
78.157.35.0/24 maxlen: 24
78.157.36.0/24 maxlen: 24
78.157.37.0/24 maxlen: 24
78.157.38.0/24 maxlen: 24
78.157.39.0/24 maxlen: 24
78.157.40.0/24 maxlen: 24
78.157.41.0/24 maxlen: 24
78.157.42.0/24 maxlen: 24
78.157.43.0/24 maxlen: 24
78.157.44.0/24 maxlen: 24
78.157.45.0/24 maxlen: 24
78.157.46.0/24 maxlen: 24
78.157.47.0/24 maxlen: 24
78.157.48.0/21 maxlen: 21
78.157.48.0/24 maxlen: 24
78.157.49.0/24 maxlen: 24
78.157.50.0/24 maxlen: 24
78.157.51.0/24 maxlen: 24
78.157.52.0/24 maxlen: 24
78.157.53.0/24 maxlen: 24
78.157.54.0/24 maxlen: 24
78.157.55.0/24 maxlen: 24
78.157.56.0/21 maxlen: 21
78.157.56.0/24 maxlen: 24
78.157.57.0/24 maxlen: 24
78.157.58.0/24 maxlen: 24
78.157.59.0/24 maxlen: 24
78.157.60.0/23 maxlen: 23
78.157.60.0/24 maxlen: 24
78.157.61.0/24 maxlen: 24
78.157.62.0/24 maxlen: 24
78.157.63.0/24 maxlen: 24
89.221.84.0/22 maxlen: 22
89.221.88.0/21 maxlen: 21
2a10:8180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.mft
rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jul 2024 20:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:6d:c9:cb:e6:29:b8:be:92:7a:93:fc:c3:ab:b2:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Validity
Not Before: Apr 3 10:07:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=521fa00d9e9b8f35507ec2e50cde29cb87b4d57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:40:9b:c2:76:a7:a7:a5:da:5b:c8:72:2d:97:
85:01:cb:82:be:bd:de:08:38:ff:84:c9:3f:4b:74:
6c:7e:eb:07:a5:bf:be:9d:4c:70:e8:99:80:cb:78:
42:4c:2a:a4:10:ee:33:c4:fb:8e:5c:d7:bf:e1:13:
44:64:08:83:d1:01:b6:2f:92:c1:08:cf:65:42:78:
29:c6:fc:ef:cf:2c:42:98:c3:2b:56:d6:ea:d4:05:
60:bb:48:88:1a:28:6e:5a:9c:27:45:12:b8:c6:ec:
48:17:2b:0c:a2:bc:0a:2a:c7:4a:fb:c9:51:98:83:
b3:28:42:27:8a:41:43:0a:83:2a:b3:da:00:2a:e1:
96:b9:bf:29:a8:64:99:2e:8b:56:51:b3:b4:71:4b:
73:3c:79:9b:78:f8:05:b1:4f:9b:b2:6d:ad:13:2f:
31:aa:a9:df:c3:6b:24:96:75:8e:ea:81:3d:02:82:
1b:0c:e4:8c:d8:b9:a4:c8:0b:c3:19:3a:df:c8:a0:
ef:60:6a:37:f7:10:b7:76:2b:1f:ba:41:71:78:f3:
b2:49:5d:47:1a:35:12:ce:1f:7a:0b:6f:fc:ce:99:
e8:88:75:06:7a:89:32:e3:c0:ea:bd:cd:be:5e:ff:
e6:c7:6a:2d:66:29:97:d9:82:00:5b:04:9c:94:6f:
14:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:1F:A0:0D:9E:9B:8F:35:50:7E:C2:E5:0C:DE:29:CB:87:B4:D5:7D
X509v3 Authority Key Identifier:
keyid:AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/Uh-gDZ6bjzVQfsLlDN4py4e01X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.157.32.0/19
89.221.84.0-89.221.95.255
IPv6:
2a10:8180::/29
Signature Algorithm: sha256WithRSAEncryption
48:f5:13:37:ca:36:ac:a6:c1:89:74:7d:38:cf:84:e3:5d:ae:
2d:9d:82:dd:3d:b6:56:4a:62:fd:c1:cb:97:bc:3e:ab:ea:04:
bc:65:23:bc:3d:24:b9:6e:aa:72:7c:0a:99:d2:fe:35:dc:2f:
9e:62:e2:6c:ea:64:71:20:33:55:36:f7:b4:86:bf:a0:a0:bf:
da:f3:1f:eb:58:45:6e:41:95:5d:74:aa:25:40:5a:b8:7e:4a:
f1:bf:23:08:9a:10:77:e9:f9:ad:da:60:a7:1c:e7:95:2e:9e:
a3:b9:9d:bd:bf:3c:8d:26:27:df:3a:b4:1d:b1:e7:2c:bc:1e:
97:5a:53:05:47:f7:82:1d:3b:78:2e:80:88:ee:e2:9d:69:d0:
44:1b:6e:ae:70:5c:fb:ca:4c:60:f1:9f:72:55:4d:55:87:73:
76:29:ea:14:e7:cc:96:48:86:48:af:2b:39:45:94:3c:aa:61:
8d:3b:51:4e:2b:a0:57:22:7f:eb:06:5a:e8:37:cb:a7:b1:ec:
40:4a:51:f6:08:68:50:75:d4:03:62:56:07:a3:78:93:44:bf:
36:e0:3a:c1:53:8a:8f:13:92:62:b8:b9:00:09:ca:67:67:32:
48:e7:ca:e6:b6:74:fe:4b:08:68:dd:d8:48:24:35:87:49:f0:
6f:74:e6:a1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY6jbcnL5im4vpJ6k/zDq7LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOTY4MWYxNDRkYjE0MzBhYzMxNWM4MzA2ZTFjMTQ3MzBj
NWZlYzIwHhcNMjQwNDAzMTAwNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjFmYTAwZDllOWI4ZjM1NTA3ZWMyZTUwY2RlMjljYjg3YjRkNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUCbwnanp6XaW8hyLZeFAcuCvr3e
CDj/hMk/S3RsfusHpb++nUxw6JmAy3hCTCqkEO4zxPuOXNe/4RNEZAiD0QG2L5LB
CM9lQngpxvzvzyxCmMMrVtbq1AVgu0iIGihuWpwnRRK4xuxIFysMorwKKsdK+8lR
mIOzKEInikFDCoMqs9oAKuGWub8pqGSZLotWUbO0cUtzPHmbePgFsU+bsm2tEy8x
qqnfw2sklnWO6oE9AoIbDOSM2LmkyAvDGTrfyKDvYGo39xC3disfukFxePOySV1H
GjUSzh96C2/8zpnoiHUGeoky48Dqvc2+Xv/mx2otZimX2YIAWwSclG8UiQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFIfoA2em481UH7C5QzeKcuHtNV9MB8GA1UdIwQY
MBaAFK2WgfFE2xQwrDFcgwbhwUcwxf7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2Yt
YTNhMTNlM2E3ZDgwLzEvVWgtZ0RaNmJqelZRZnNMbERONHB5NGUwMVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2YtYTNhMTNlM2E3ZDgw
LzEvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQFTp0gMAwD
BAJZ3VQDBAVZ3UAwDQQCAAIwBwMFAyoQgYAwDQYJKoZIhvcNAQELBQADggEBAEj1
EzfKNqymwYl0fTjPhONdri2dgt09tlZKYv3By5e8PqvqBLxlI7w9JLluqnJ8CpnS
/jXcL55i4mzqZHEgM1U297SGv6Cgv9rzH+tYRW5BlV10qiVAWrh+SvG/IwiaEHfp
+a3aYKcc55UunqO5nb2/PI0mJ986tB2x5yy8HpdaUwVH94IdO3gugIju4p1p0EQb
bq5wXPvKTGDxn3JVTVWHc3Yp6hTnzJZIhkivKzlFlDyqYY07UU4roFcif+sGWug3
y6ex7EBKUfYIaFB11ANiVgejeJNEvzbgOsFTio8TkmK4uQAJymdnMkjnyua2dP5L
CGjd2EgkNYdJ8G905qE=
-----END CERTIFICATE-----
Generated at Sat Jul 6 05:15:07 2024 by rpki-client on console-fra.rpki-client.org