Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/aa9M7URASlJ8JEXVWbEAYSRFIro.roa
File: aa9M7URASlJ8JEXVWbEAYSRFIro.roa (raw, json)
Hash identifier: fQCtrzVXJUPHIiYjhiY4JKp5i6erQnpv2KZNff2K7tE=
Subject key identifier: 69:AF:4C:ED:44:40:4A:52:7C:24:45:D5:59:B1:00:61:24:45:22:BA
Certificate issuer: /CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Certificate serial: 018CC793694B9A903EA82EF3C4B48B5A8757
Authority key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/aa9M7URASlJ8JEXVWbEAYSRFIro.roa
Signing time: Tue 02 Jan 2024 00:29:35 +0000
ROA not before: Tue 02 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198770
IP address blocks: 141.101.228.0/24 maxlen: 24
141.101.231.0/24 maxlen: 24
85.92.116.0/24 maxlen: 24
85.92.117.0/24 maxlen: 24
85.92.118.0/24 maxlen: 24
37.230.152.0/24 maxlen: 24
37.230.153.0/24 maxlen: 24
37.230.154.0/24 maxlen: 24
37.230.155.0/24 maxlen: 24
37.18.74.0/24 maxlen: 24
37.18.75.0/24 maxlen: 24
37.18.76.0/24 maxlen: 24
37.18.77.0/24 maxlen: 24
37.230.248.0/24 maxlen: 24
128.0.66.0/24 maxlen: 24
128.0.67.0/24 maxlen: 24
62.113.62.0/24 maxlen: 24
62.113.63.0/24 maxlen: 24
62.113.60.0/24 maxlen: 24
141.101.204.0/24 maxlen: 24
178.170.225.0/24 maxlen: 24
2a0d:b1c0:abc0::/44 maxlen: 44
2a0d:b1c0:c0::/44 maxlen: 44
2a0d:b1c0:500::/44 maxlen: 48
2a0d:b1c0:ffff::/48 maxlen: 48
2a0d:b1c0:d0::/44 maxlen: 44
2a0d:b1c0:aaaa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:69:4b:9a:90:3e:a8:2e:f3:c4:b4:8b:5a:87:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Validity
Not Before: Jan 2 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69af4ced44404a527c2445d559b10061244522ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:17:53:d7:20:ea:5a:4d:fe:85:55:90:81:bb:
92:6c:2f:39:94:ca:05:12:84:48:6e:31:d0:42:63:
68:19:54:92:f8:d8:f5:41:cc:c5:1e:46:21:82:e7:
ca:89:ef:0f:3b:1a:9e:46:30:f7:24:f4:96:d9:87:
44:1c:b6:bc:4f:9a:62:c7:50:c2:a2:73:24:71:16:
d3:10:96:31:36:98:92:a1:23:c2:dc:b1:c8:65:8b:
34:15:cd:cf:69:1e:69:19:0b:8f:78:d3:e8:15:0e:
3c:f3:ce:63:1e:ca:49:07:98:f9:4b:d0:a6:54:ab:
d3:be:88:d0:07:d8:ec:d3:e5:81:9a:50:0b:88:46:
bc:93:f2:41:fd:4a:80:0d:f9:cf:9f:7e:a7:dd:4b:
2e:f2:f4:a1:b4:f3:ed:62:f9:4f:04:67:21:2d:e3:
af:2d:9c:42:6f:03:35:a9:9f:dd:a4:fd:73:ad:ce:
4f:bd:59:46:5a:3d:b4:f2:fb:17:b5:e8:d4:2f:52:
c2:dc:c6:01:c1:6c:49:25:f9:ac:6b:c6:fc:5e:c9:
af:9f:f6:2e:22:25:13:4a:e3:fe:9d:88:b9:2d:96:
3d:3b:83:6f:40:c1:07:ff:7b:d0:dc:dd:79:bb:a2:
81:41:15:3f:3d:3e:ee:02:48:33:b8:17:72:da:b4:
48:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AF:4C:ED:44:40:4A:52:7C:24:45:D5:59:B1:00:61:24:45:22:BA
X509v3 Authority Key Identifier:
keyid:20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/aa9M7URASlJ8JEXVWbEAYSRFIro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.74.0-37.18.77.255
37.230.152.0/22
37.230.248.0/24
62.113.60.0/24
62.113.62.0/23
85.92.116.0-85.92.118.255
128.0.66.0/23
141.101.204.0/24
141.101.228.0/24
141.101.231.0/24
178.170.225.0/24
IPv6:
2a0d:b1c0:c0::/43
2a0d:b1c0:500::/44
2a0d:b1c0:aaaa::/48
2a0d:b1c0:abc0::/44
2a0d:b1c0:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
0a:89:56:c9:f4:89:6e:5b:2c:de:25:4f:4d:35:62:be:b5:ee:
c8:64:5e:d8:39:c8:d1:ca:e9:3d:39:36:e7:61:da:08:c1:d0:
4a:32:b5:dd:13:5a:d6:d3:3e:2f:dc:4d:d2:d2:54:8d:ef:85:
c5:91:26:43:51:9d:4f:49:ad:9f:81:8c:bc:2b:3f:fa:be:f5:
7f:56:0f:fa:ac:f5:c3:6f:a6:22:29:dd:e9:ff:21:e0:dd:14:
36:a8:69:69:38:96:5a:fe:98:df:7a:6a:bf:ab:f1:8c:48:cc:
d9:bc:ab:73:0f:76:20:53:29:83:65:82:22:aa:64:d3:c7:fb:
a4:74:92:79:38:34:be:09:09:0d:e1:ca:b2:18:a1:68:32:c1:
33:ec:64:80:88:2e:7e:2a:78:92:10:8a:ec:e3:a3:f9:4f:98:
e2:7a:97:a0:da:8f:7c:05:6b:09:8d:72:d6:d7:96:18:64:ab:
a8:78:7d:8e:d0:ff:5b:37:b0:48:25:8d:30:38:78:c7:53:07:
fe:9b:dd:54:28:94:0b:55:b2:97:b1:bd:2d:88:a0:b8:91:49:
a1:23:3e:78:3e:b3:5b:11:32:55:1d:7c:f8:3f:77:4e:75:6c:
9c:8b:a7:49:d6:6d:48:3e:56:2f:40:24:d3:12:4e:bd:f0:30:
bb:a3:9b:94
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAYzHk2lLmpA+qC7zxLSLWodXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2EyZDRjYjNlNTZiNWQyOTk3MGE5N2ZjNjQ1ZWIyZmQ2
ODc2YTEwHhcNMjQwMTAyMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFmNGNlZDQ0NDA0YTUyN2MyNDQ1ZDU1OWIxMDA2MTI0NDUyMmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBdT1yDqWk3+hVWQgbuSbC85lMoF
EoRIbjHQQmNoGVSS+Nj1QczFHkYhgufKie8POxqeRjD3JPSW2YdEHLa8T5pix1DC
onMkcRbTEJYxNpiSoSPC3LHIZYs0Fc3PaR5pGQuPeNPoFQ48885jHspJB5j5S9Cm
VKvTvojQB9js0+WBmlALiEa8k/JB/UqADfnPn36n3Usu8vShtPPtYvlPBGchLeOv
LZxCbwM1qZ/dpP1zrc5PvVlGWj208vsXtejUL1LC3MYBwWxJJfmsa8b8Xsmvn/Yu
IiUTSuP+nYi5LZY9O4NvQMEH/3vQ3N15u6KBQRU/PT7uAkgzuBdy2rRIawIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFGmvTO1EQEpSfCRF1VmxAGEkRSK6MB8GA1UdIwQY
MBaAFCDKLUyz5WtdKZcKl/xkXrL9aHahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQt
ZWVjNDg4NWM0ZjhkLzEvYWE5TTdVUkFTbEo4SkVYVldiRUFZU1JGSXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQtZWVjNDg4NWM0Zjhk
LzEvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzBYBAIAATBSMAwDBAEl
EkoDBAElEkwDBAIl5pgDBAAl5vgDBAA+cTwDBAE+cT4wDAMEAlVcdAMEAFVcdgME
AYAAQgMEAI1lzAMEAI1l5AMEAI1l5wMEALKq4TAzBAIAAjAtAwcFKg2xwADAAwcE
Kg2xwAUAAwcAKg2xwKqqAwcEKg2xwKvAAwcAKg2xwP//MA0GCSqGSIb3DQEBCwUA
A4IBAQAKiVbJ9IluWyzeJU9NNWK+te7IZF7YOcjRyuk9OTbnYdoIwdBKMrXdE1rW
0z4v3E3S0lSN74XFkSZDUZ1PSa2fgYy8Kz/6vvV/Vg/6rPXDb6YiKd3p/yHg3RQ2
qGlpOJZa/pjfemq/q/GMSMzZvKtzD3YgUymDZYIiqmTTx/ukdJJ5ODS+CQkN4cqy
GKFoMsEz7GSAiC5+KniSEIrs46P5T5jiepeg2o98BWsJjXLW15YYZKuoeH2O0P9b
N7BIJY0wOHjHUwf+m91UKJQLVbKXsb0tiKC4kUmhIz54PrNbETJVHXz4P3dOdWyc
i6dJ1m1IPlYvQCTTEk698DC7o5uU
-----END CERTIFICATE-----
Generated at Tue May 21 14:49:15 2024 by rpki-client on console-ams.rpki-client.org