Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/D0LyboUtqcUGgqQCg6_0co2Ix68.roa
File: D0LyboUtqcUGgqQCg6_0co2Ix68.roa (raw, json)
Hash identifier: JccX8/7MyophDJkzHa9F1oz6C7IS75Z6DUU6u9yPR1Y=
Subject key identifier: 0F:42:F2:6E:85:2D:A9:C5:06:82:A4:02:83:AF:F4:72:8D:88:C7:AF
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 018FAB22E8BE0A48CA729E7AD06B86289C1C
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/D0LyboUtqcUGgqQCg6_0co2Ix68.roa
Signing time: Fri 24 May 2024 15:05:42 +0000
ROA not before: Fri 24 May 2024 15:05:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30860
IP address blocks: 31.42.184.0/23 maxlen: 23
31.42.186.0/24 maxlen: 24
31.42.187.0/24 maxlen: 24
45.11.56.0/24 maxlen: 24
45.11.57.0/24 maxlen: 24
45.11.58.0/24 maxlen: 24
45.11.59.0/24 maxlen: 24
45.12.0.0/22 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.134.172.0/22 maxlen: 24
62.182.80.0/23 maxlen: 23
62.182.82.0/23 maxlen: 23
62.182.84.0/24 maxlen: 24
62.182.85.0/24 maxlen: 24
62.182.86.0/24 maxlen: 24
62.182.87.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
95.214.232.0/24 maxlen: 24
95.214.233.0/24 maxlen: 24
95.214.234.0/23 maxlen: 23
152.89.60.0/24 maxlen: 24
152.89.61.0/24 maxlen: 24
152.89.62.0/24 maxlen: 24
152.89.63.0/24 maxlen: 24
176.97.112.0/20 maxlen: 24
176.97.114.0/24 maxlen: 24
176.97.124.0/24 maxlen: 24
176.119.24.0/24 maxlen: 24
176.119.25.0/24 maxlen: 24
176.119.26.0/23 maxlen: 23
176.119.26.0/24 maxlen: 24
176.119.27.0/24 maxlen: 24
176.119.28.0/24 maxlen: 24
176.119.29.0/24 maxlen: 24
176.119.30.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
185.66.88.0/23 maxlen: 23
185.66.90.0/24 maxlen: 24
185.66.91.0/24 maxlen: 24
185.254.196.0/23 maxlen: 23
185.254.198.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
193.23.181.0/24 maxlen: 24
194.42.204.0/22 maxlen: 24
195.66.210.0/24 maxlen: 24
2a09:2dc0::/29 maxlen: 29
2a09:2dc1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ab:22:e8:be:0a:48:ca:72:9e:7a:d0:6b:86:28:9c:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: May 24 15:05:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f42f26e852da9c50682a40283aff4728d88c7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:33:c0:da:89:ae:47:69:d5:58:26:28:ba:9f:
11:dc:a1:98:97:8b:33:0b:e0:a3:30:5e:97:ae:cc:
05:7a:fd:11:bd:31:cf:67:e6:a9:c1:8e:08:45:45:
58:cf:05:39:1b:01:0f:63:19:b4:2b:42:ff:8b:1e:
51:e6:9f:d3:82:5e:f6:65:50:c1:ce:c5:f3:b4:a2:
11:a0:49:70:01:d7:33:b2:76:51:9a:63:4c:17:a0:
cd:98:fb:61:30:ed:70:4a:9c:4a:0d:4c:12:c3:e4:
a8:4d:d1:c8:9a:91:6f:4a:80:ef:25:21:31:ee:d4:
2e:58:35:09:56:f2:91:58:01:f0:c9:97:69:ad:0e:
5b:7c:c4:fc:28:eb:97:46:b6:8e:f9:51:af:ee:e8:
1b:2d:fb:bf:39:75:7e:34:39:ab:91:db:3d:ca:51:
79:3f:82:c7:f0:39:9d:b7:15:f4:39:95:77:fa:40:
ed:17:91:3a:b6:00:53:1d:8a:79:a8:ad:62:75:98:
b6:f6:16:5f:ce:e7:4e:48:5e:9f:32:49:d2:8c:d7:
2e:72:16:79:c6:7b:6b:7c:cc:be:67:ac:11:d5:39:
57:a5:a1:03:4f:cd:d4:aa:4d:8a:0c:73:29:3a:c2:
2d:2a:bd:23:85:de:6f:08:bb:95:08:1c:ec:56:a3:
10:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:42:F2:6E:85:2D:A9:C5:06:82:A4:02:83:AF:F4:72:8D:88:C7:AF
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/D0LyboUtqcUGgqQCg6_0co2Ix68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.184.0/22
45.11.56.0/22
45.12.0.0/22
45.134.172.0/22
62.182.80.0/21
91.208.115.0/24
95.214.232.0/22
152.89.60.0/22
176.97.112.0/20
176.119.24.0/21
185.66.88.0/22
185.254.196.0/22
193.23.181.0/24
194.42.204.0/22
195.66.210.0/24
IPv6:
2a09:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8b:8f:6c:cc:0c:83:0e:cb:cb:4d:85:7a:55:6f:58:6c:4d:7e:
5d:13:0e:b5:d2:b8:1d:ce:f8:27:bc:1d:32:73:2e:ea:e2:3b:
95:3c:1b:cb:13:3d:67:32:ef:17:0a:8a:2b:3f:1e:3f:60:f1:
31:56:ed:ad:e3:5e:3f:5a:2a:ac:4d:c1:5e:1e:d6:2c:57:80:
37:71:68:a4:6c:58:48:9e:7f:4b:e9:d5:0f:ed:72:07:53:5c:
1a:45:d3:5c:05:2a:4c:f0:b2:dc:70:fc:09:b3:71:e8:77:83:
f6:f1:82:0c:7f:2a:06:fe:42:72:43:bd:58:1c:32:57:9b:94:
f1:9a:c0:da:17:4c:ef:a0:1f:3d:2e:f1:5b:79:38:cb:8e:22:
ba:7e:34:9e:38:60:b0:44:dc:3b:61:37:0b:8b:89:2f:70:86:
f7:56:57:87:2b:90:12:10:1b:7f:fe:fc:30:b5:12:61:8c:d1:
d4:ab:68:69:b6:70:6c:b5:ec:6b:39:18:2a:6b:74:41:f9:8b:
17:7f:bb:89:8a:0a:69:e3:a6:d2:99:9f:31:f9:c6:c6:9d:e9:
96:2e:09:7f:92:93:8a:41:09:13:bf:0e:2d:11:16:8c:bc:73:
1f:b0:a6:e0:ba:a1:a1:5d:08:bf:b1:17:a7:fb:0e:3a:b6:5a:
26:5d:63:86
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAY+rIui+CkjKcp560GuGKJwcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjQwNTI0MTUwNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjQyZjI2ZTg1MmRhOWM1MDY4MmE0MDI4M2FmZjQ3MjhkODhjN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTPA2omuR2nVWCYoup8R3KGYl4sz
C+CjMF6XrswFev0RvTHPZ+apwY4IRUVYzwU5GwEPYxm0K0L/ix5R5p/Tgl72ZVDB
zsXztKIRoElwAdczsnZRmmNMF6DNmPthMO1wSpxKDUwSw+SoTdHImpFvSoDvJSEx
7tQuWDUJVvKRWAHwyZdprQ5bfMT8KOuXRraO+VGv7ugbLfu/OXV+NDmrkds9ylF5
P4LH8DmdtxX0OZV3+kDtF5E6tgBTHYp5qK1idZi29hZfzudOSF6fMknSjNcuchZ5
xntrfMy+Z6wR1TlXpaEDT83Uqk2KDHMpOsItKr0jhd5vCLuVCBzsVqMQTwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFA9C8m6FLanFBoKkAoOv9HKNiMevMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvRDBMeWJvVXRxY1VHZ3FRQ2c2XzBjbzJJeDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAh8quAME
Ai0LOAMEAi0MAAMEAi2GrAMEAz62UAMEAFvQcwMEAl/W6AMEAphZPAMEBLBhcAME
A7B3GAMEArlCWAMEArn+xAMEAMEXtQMEAsIqzAMEAMNC0jANBAIAAjAHAwUDKgkt
wDANBgkqhkiG9w0BAQsFAAOCAQEAi49szAyDDsvLTYV6VW9YbE1+XRMOtdK4Hc74
J7wdMnMu6uI7lTwbyxM9ZzLvFwqKKz8eP2DxMVbtreNeP1oqrE3BXh7WLFeAN3Fo
pGxYSJ5/S+nVD+1yB1NcGkXTXAUqTPCy3HD8CbNx6HeD9vGCDH8qBv5CckO9WBwy
V5uU8ZrA2hdM76AfPS7xW3k4y44iun40njhgsETcO2E3C4uJL3CG91ZXhyuQEhAb
f/78MLUSYYzR1KtoabZwbLXsazkYKmt0QfmLF3+7iYoKaeOm0pmfMfnGxp3pli4J
f5KTikEJE78OLREWjLxzH7Cm4LqhoV0Iv7EXp/sOOrZaJl1jhg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:13:20 2024 by rpki-client on console-ams.rpki-client.org