Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/LeSG7RX3GJWKcxtFQnB-P2s6XOA.roa
File: LeSG7RX3GJWKcxtFQnB-P2s6XOA.roa (raw, json)
Hash identifier: Rr0Qk/mNve5tzORFXG1NKZoTGNn0yZmVZM/9ly3i5U8=
Subject key identifier: 2D:E4:86:ED:15:F7:18:95:8A:73:1B:45:42:70:7E:3F:6B:3A:5C:E0
Certificate issuer: /CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Certificate serial: 0190157CBBCB4659B0DD2AECF37898068F56
Authority key identifier: 58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/LeSG7RX3GJWKcxtFQnB-P2s6XOA.roa
Signing time: Fri 14 Jun 2024 06:43:34 +0000
ROA not before: Fri 14 Jun 2024 06:43:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49352
IP address blocks: 62.113.93.0/24 maxlen: 24
176.99.4.0/24 maxlen: 24
176.99.5.0/24 maxlen: 24
176.99.5.190/32 maxlen: 32
176.99.6.0/24 maxlen: 24
176.99.7.0/24 maxlen: 24
176.99.8.0/24 maxlen: 24
176.99.9.0/24 maxlen: 24
178.21.9.0/24 maxlen: 24
178.21.12.0/22 maxlen: 22
178.21.12.0/24 maxlen: 24
178.21.13.0/24 maxlen: 24
178.21.14.0/23 maxlen: 23
185.38.16.0/24 maxlen: 24
185.38.17.0/24 maxlen: 24
185.38.18.0/24 maxlen: 24
185.38.19.0/24 maxlen: 24
188.93.208.0/23 maxlen: 23
188.93.208.172/32 maxlen: 32
188.93.209.127/32 maxlen: 32
188.93.213.0/24 maxlen: 24
188.93.214.0/24 maxlen: 24
188.93.215.0/24 maxlen: 24
194.67.64.0/24 maxlen: 24
194.67.75.0/24 maxlen: 24
194.67.76.0/23 maxlen: 23
194.67.76.0/24 maxlen: 24
194.67.77.0/24 maxlen: 24
194.67.106.0/24 maxlen: 24
213.189.193.0/24 maxlen: 24
213.189.194.0/24 maxlen: 24
213.189.195.0/24 maxlen: 24
213.189.199.0/24 maxlen: 24
2a02:f20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.mft
rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:15:7c:bb:cb:46:59:b0:dd:2a:ec:f3:78:98:06:8f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Validity
Not Before: Jun 14 06:43:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2de486ed15f718958a731b4542707e3f6b3a5ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1d:92:89:24:29:dd:ef:c6:72:d9:76:de:60:
90:b0:a9:86:6d:ab:02:bf:97:0d:de:eb:f1:e7:49:
e3:6a:c3:1f:f3:59:1c:ba:7e:7c:7d:b3:84:f0:0d:
e5:cb:44:45:f1:9a:17:37:1f:9e:4e:a9:b0:3b:d3:
70:84:3b:0c:c0:f0:a5:5d:e2:fb:35:db:e2:5a:bc:
9e:dd:be:da:60:8d:bc:09:2b:9a:17:3b:1a:db:01:
dc:7d:09:d4:b1:ad:7d:b9:1f:08:49:88:d5:37:8f:
8f:e3:1a:e4:d1:15:9d:e2:98:7a:e9:d8:5c:76:66:
79:25:fc:1b:cc:b8:cd:66:42:85:3a:fd:57:ab:88:
20:78:56:90:7f:44:24:23:86:65:60:95:c8:0e:c0:
c8:da:2d:58:bb:a4:11:50:b4:db:99:b7:2b:7c:44:
90:64:d9:ab:77:50:a2:60:27:85:a4:64:b7:31:a2:
6e:5a:7d:cc:e2:d6:a5:d8:6c:cb:b0:1a:4f:35:6f:
a9:36:af:5e:96:2d:32:7c:6f:e1:6c:31:14:23:94:
42:7a:c8:e0:c2:2a:a2:fb:ee:26:91:f2:60:93:0b:
43:5b:e2:e4:e3:4f:ae:86:99:c9:8c:ff:b6:15:5f:
50:b2:e3:eb:3e:b5:7f:73:07:75:c7:68:0a:cf:37:
be:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E4:86:ED:15:F7:18:95:8A:73:1B:45:42:70:7E:3F:6B:3A:5C:E0
X509v3 Authority Key Identifier:
keyid:58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/LeSG7RX3GJWKcxtFQnB-P2s6XOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.93.0/24
176.99.4.0-176.99.9.255
178.21.9.0/24
178.21.12.0/22
185.38.16.0/22
188.93.208.0/23
188.93.213.0-188.93.215.255
194.67.64.0/24
194.67.75.0-194.67.77.255
194.67.106.0/24
213.189.193.0-213.189.195.255
213.189.199.0/24
IPv6:
2a02:f20::/32
Signature Algorithm: sha256WithRSAEncryption
7e:9d:a3:84:c1:1d:ff:76:00:d4:f5:d0:60:50:ec:be:88:41:
e1:12:9a:03:d2:79:41:d6:a1:58:9d:f2:4e:2c:af:6e:58:f2:
5e:eb:b8:f2:29:3c:04:9f:6c:b5:c9:43:36:33:71:24:2d:4b:
f4:f2:73:56:9a:eb:09:12:24:ec:52:d5:87:f7:06:c5:89:ff:
38:5e:14:0f:29:67:77:e1:72:b6:88:7d:1d:f2:1f:8e:37:3e:
16:28:9b:0a:63:d3:8e:d8:d1:70:dd:4d:58:9c:75:57:db:31:
82:ce:d8:f8:ad:b1:f4:6c:09:3d:c7:16:c6:a7:9b:dc:0c:6e:
d1:f3:9e:28:e1:b9:89:2c:0d:67:2f:a9:4d:32:26:6b:f1:85:
81:23:c0:fc:ce:1b:4a:b7:2b:33:0a:73:a1:4a:4b:a3:c7:25:
35:93:dc:73:5c:09:05:ed:55:dc:b4:1b:c6:4b:e1:d8:95:05:
27:76:c9:d1:e0:11:50:55:b6:67:ec:02:0b:74:75:60:6b:df:
fd:42:20:41:3f:9f:d8:25:88:c7:1b:be:1d:5e:66:ee:02:70:
09:5b:e2:0d:6f:f3:f7:e3:c5:f4:a5:08:28:31:7b:83:f0:d8:
2f:0d:d9:34:7a:bd:93:ed:df:3f:ce:e9:61:76:69:63:86:aa:
2f:d3:bc:06
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZAVfLvLRlmw3Srs83iYBo9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MzMyOTRhMWNkYzEzNThhZmM0MzljMGE3MjczM2IwNjVh
ODZmOGIwHhcNMjQwNjE0MDY0MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU0ODZlZDE1ZjcxODk1OGE3MzFiNDU0MjcwN2UzZjZiM2E1Y2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR2SiSQp3e/Gctl23mCQsKmGbasC
v5cN3uvx50njasMf81kcun58fbOE8A3ly0RF8ZoXNx+eTqmwO9NwhDsMwPClXeL7
NdviWrye3b7aYI28CSuaFzsa2wHcfQnUsa19uR8ISYjVN4+P4xrk0RWd4ph66dhc
dmZ5JfwbzLjNZkKFOv1Xq4ggeFaQf0QkI4ZlYJXIDsDI2i1Yu6QRULTbmbcrfESQ
ZNmrd1CiYCeFpGS3MaJuWn3M4tal2GzLsBpPNW+pNq9eli0yfG/hbDEUI5RCesjg
wiqi++4mkfJgkwtDW+Lk40+uhpnJjP+2FV9QsuPrPrV/cwd1x2gKzze+nQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFC3khu0V9xiVinMbRUJwfj9rOlzgMB8GA1UdIwQY
MBaAFFgzKUoc3BNYr8Q5wKcnM7BlqG+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDct
YmI0YjY1YjZhMGQxLzEvTGVTRzdSWDNHSldLY3h0RlFuQi1QMnM2WE9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDctYmI0YjY1YjZhMGQx
LzEvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAA+cV0w
DAMEArBjBAMEAbBjCAMEALIVCQMEArIVDAMEArkmEAMEAbxd0DAMAwQAvF3VAwQD
vF3QAwQAwkNAMAwDBADCQ0sDBAHCQ0wDBADCQ2owDAMEANW9wQMEAtW9wAMEANW9
xzANBAIAAjAHAwUAKgIPIDANBgkqhkiG9w0BAQsFAAOCAQEAfp2jhMEd/3YA1PXQ
YFDsvohB4RKaA9J5QdahWJ3yTiyvbljyXuu48ik8BJ9stclDNjNxJC1L9PJzVprr
CRIk7FLVh/cGxYn/OF4UDylnd+Fytoh9HfIfjjc+FiibCmPTjtjRcN1NWJx1V9sx
gs7Y+K2x9GwJPccWxqeb3Axu0fOeKOG5iSwNZy+pTTIma/GFgSPA/M4bSrcrMwpz
oUpLo8clNZPcc1wJBe1V3LQbxkvh2JUFJ3bJ0eARUFW2Z+wCC3R1YGvf/UIgQT+f
2CWIxxu+HV5m7gJwCVviDW/z9+PF9KUIKDF7g/DYLw3ZNHq9k+3fP87pYXZpY4aq
L9O8Bg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:32 2024 by rpki-client on console-ams.rpki-client.org