Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/DKXRycaQqxmTYLYosKUhYoCkKrU.roa
File: DKXRycaQqxmTYLYosKUhYoCkKrU.roa (raw, json)
Hash identifier: gsUp+jGy8yrXoS6oadJEsBj7DThgP7XPaGgf64qSnfY=
Subject key identifier: 0C:A5:D1:C9:C6:90:AB:19:93:60:B6:28:B0:A5:21:62:80:A4:2A:B5
Certificate issuer: /CN=5a61102ed4d66dcd952de01304e0afe1384d00bf
Certificate serial: 0190DAB1B9A5488D1605C85F3E8AB9362DEE
Authority key identifier: 5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/DKXRycaQqxmTYLYosKUhYoCkKrU.roa
Signing time: Mon 22 Jul 2024 13:46:38 +0000
ROA not before: Mon 22 Jul 2024 13:46:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12886
IP address blocks: 62.204.160.0/19 maxlen: 19
94.101.120.0/22 maxlen: 24
103.21.236.0/22 maxlen: 22
103.51.228.0/22 maxlen: 22
103.76.96.0/22 maxlen: 22
103.192.160.0/22 maxlen: 22
103.234.232.0/22 maxlen: 22
128.65.144.0/21 maxlen: 21
170.81.52.0/22 maxlen: 22
170.84.228.0/22 maxlen: 22
185.88.92.0/22 maxlen: 22
193.23.64.0/19 maxlen: 19
212.118.192.0/19 maxlen: 19
2a02:f90::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/WmEQLtTWbc2VLeATBOCv4ThNAL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/WmEQLtTWbc2VLeATBOCv4ThNAL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:b1:b9:a5:48:8d:16:05:c8:5f:3e:8a:b9:36:2d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a61102ed4d66dcd952de01304e0afe1384d00bf
Validity
Not Before: Jul 22 13:46:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ca5d1c9c690ab199360b628b0a5216280a42ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:88:3f:bb:f0:6a:ca:ca:69:04:c5:cc:8e:82:
ac:47:88:c8:6e:54:19:1d:f6:78:18:da:9b:0b:a6:
3b:0a:c2:80:68:67:f3:de:99:9b:1b:18:11:6e:82:
f8:39:cb:bc:74:37:40:65:5e:48:a4:dd:e9:bf:24:
c4:f4:7c:12:4c:3b:4a:57:c4:65:3b:3d:d0:41:76:
5c:a9:97:c1:db:25:f6:4c:e8:70:5e:46:c8:60:a5:
dc:dd:c6:03:21:4e:b0:8d:ed:61:67:bc:3a:ba:95:
35:60:87:2c:70:74:c9:57:9a:de:fe:a2:b7:8c:75:
9c:75:f9:fc:31:46:3f:f2:83:bb:21:34:df:59:53:
92:3a:9a:52:38:50:be:e3:65:8d:f7:cf:21:3f:b9:
12:99:c7:6f:f9:43:2b:5f:8e:dc:e7:e5:7b:f1:b7:
5c:f9:64:bd:3e:78:9a:6e:b5:7b:16:78:f9:df:81:
29:68:e0:db:e8:28:c8:d7:4a:7a:3b:ae:0e:a2:f3:
b1:8e:76:39:08:bc:21:fb:f4:db:74:ea:af:7a:6a:
b6:79:6d:9a:ba:f0:2d:62:12:5d:6a:69:3e:54:21:
64:2e:b1:5f:01:67:31:a8:01:84:c1:85:e9:6b:bf:
09:59:35:ae:59:10:87:ca:e8:86:a7:84:de:0d:3f:
18:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A5:D1:C9:C6:90:AB:19:93:60:B6:28:B0:A5:21:62:80:A4:2A:B5
X509v3 Authority Key Identifier:
keyid:5A:61:10:2E:D4:D6:6D:CD:95:2D:E0:13:04:E0:AF:E1:38:4D:00:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmEQLtTWbc2VLeATBOCv4ThNAL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/DKXRycaQqxmTYLYosKUhYoCkKrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/95e78a-57e7-4a58-9316-288bd6b9e092/1/WmEQLtTWbc2VLeATBOCv4ThNAL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.160.0/19
94.101.120.0/22
103.21.236.0/22
103.51.228.0/22
103.76.96.0/22
103.192.160.0/22
103.234.232.0/22
128.65.144.0/21
170.81.52.0/22
170.84.228.0/22
185.88.92.0/22
193.23.64.0/19
212.118.192.0/19
IPv6:
2a02:f90::/32
Signature Algorithm: sha256WithRSAEncryption
9e:52:64:31:04:87:13:d9:42:22:6c:68:f7:9a:12:4b:a2:c0:
79:e6:9d:6d:79:02:e4:7a:93:44:ab:5b:6d:8c:61:85:e7:0f:
46:c7:39:8b:a8:83:cd:49:9e:ad:f6:5e:41:65:f6:c1:de:d7:
eb:0a:e5:ac:d9:f5:7c:e5:59:7e:8c:8c:71:63:bb:52:dc:fb:
e9:bd:03:2f:9d:9f:46:3f:85:a7:4b:17:a3:78:c9:66:ae:e5:
dd:ea:1f:da:b1:2e:32:ad:83:8b:c9:98:84:15:1e:e4:49:7b:
49:74:f4:1a:c8:20:2c:e1:c3:99:d9:ed:ef:56:10:68:19:65:
19:8b:bf:a8:1b:bc:eb:ea:a1:7e:8f:f4:02:eb:b3:20:a5:bd:
39:6d:4e:15:d4:6a:08:01:5f:6f:f7:7e:92:8d:94:c7:ae:47:
8c:98:e6:28:bb:c9:f5:9b:51:8a:b4:72:89:00:4b:3c:c5:9d:
93:3d:be:c5:1d:47:d3:90:b9:9e:f6:e5:96:fa:02:01:30:4d:
39:04:5d:a2:2a:66:66:f9:68:f3:74:a2:89:e7:aa:86:13:0e:
12:fd:bf:cc:26:ca:87:41:83:b8:fb:84:bb:4d:ef:ba:4c:93:
04:da:6e:e6:56:fe:74:89:c2:df:cb:79:85:71:3b:17:a5:c0:
d5:02:c7:f6
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZDasbmlSI0WBchfPoq5Ni3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNjExMDJlZDRkNjZkY2Q5NTJkZTAxMzA0ZTBhZmUxMzg0
ZDAwYmYwHhcNMjQwNzIyMTM0NjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2E1ZDFjOWM2OTBhYjE5OTM2MGI2MjhiMGE1MjE2MjgwYTQyYWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64g/u/BqysppBMXMjoKsR4jIblQZ
HfZ4GNqbC6Y7CsKAaGfz3pmbGxgRboL4Ocu8dDdAZV5IpN3pvyTE9HwSTDtKV8Rl
Oz3QQXZcqZfB2yX2TOhwXkbIYKXc3cYDIU6wje1hZ7w6upU1YIcscHTJV5re/qK3
jHWcdfn8MUY/8oO7ITTfWVOSOppSOFC+42WN988hP7kSmcdv+UMrX47c5+V78bdc
+WS9PniabrV7Fnj534EpaODb6CjI10p6O64OovOxjnY5CLwh+/TbdOqvemq2eW2a
uvAtYhJdamk+VCFkLrFfAWcxqAGEwYXpa78JWTWuWRCHyuiGp4TeDT8YiwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFAyl0cnGkKsZk2C2KLClIWKApCq1MB8GA1UdIwQY
MBaAFFphEC7U1m3NlS3gEwTgr+E4TQC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV21FUUx0VFdiYzJWTGVBVEJPQ3Y0VGhOQUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi85NWU3OGEtNTdlNy00YTU4LTkzMTYt
Mjg4YmQ2YjllMDkyLzEvREtYUnljYVFxeG1UWUxZb3NLVWhZb0NrS3JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi85NWU3OGEtNTdlNy00YTU4LTkzMTYtMjg4YmQ2YjllMDky
LzEvV21FUUx0VFdiYzJWTGVBVEJPQ3Y0VGhOQUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQFPsygAwQC
XmV4AwQCZxXsAwQCZzPkAwQCZ0xgAwQCZ8CgAwQCZ+roAwQDgEGQAwQCqlE0AwQC
qlTkAwQCuVhcAwQFwRdAAwQF1HbAMA0EAgACMAcDBQAqAg+QMA0GCSqGSIb3DQEB
CwUAA4IBAQCeUmQxBIcT2UIibGj3mhJLosB55p1teQLkepNEq1ttjGGF5w9GxzmL
qIPNSZ6t9l5BZfbB3tfrCuWs2fV85Vl+jIxxY7tS3PvpvQMvnZ9GP4WnSxejeMlm
ruXd6h/asS4yrYOLyZiEFR7kSXtJdPQayCAs4cOZ2e3vVhBoGWUZi7+oG7zr6qF+
j/QC67Mgpb05bU4V1GoIAV9v936SjZTHrkeMmOYou8n1m1GKtHKJAEs8xZ2TPb7F
HUfTkLme9uWW+gIBME05BF2iKmZm+WjzdKKJ56qGEw4S/b/MJsqHQYO4+4S7Te+6
TJME2m7mVv50icLfy3mFcTsXpcDVAsf2
-----END CERTIFICATE-----
Generated at Tue Nov 26 08:35:39 2024 by rpki-client on console-ams.rpki-client.org