Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/fXtxj-xTmTzEcNiHXYZinkl6Kvk.roa
File: fXtxj-xTmTzEcNiHXYZinkl6Kvk.roa (raw, json)
Hash identifier: 6le+Q6CPEfBwE3CNaVvUQkq9aYEZEhR1xFlDoBT/nJ8=
Subject key identifier: 7D:7B:71:8F:EC:53:99:3C:C4:70:D8:87:5D:86:62:9E:49:7A:2A:F9
Certificate issuer: /CN=574537d54f36f142231bc817038872cb607b21e7
Certificate serial: 018CC26D708EEA014D08BE61CEDE105F1CD7
Authority key identifier: 57:45:37:D5:4F:36:F1:42:23:1B:C8:17:03:88:72:CB:60:7B:21:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V0U31U828UIjG8gXA4hyy2B7Iec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/fXtxj-xTmTzEcNiHXYZinkl6Kvk.roa
Signing time: Mon 01 Jan 2024 00:30:01 +0000
ROA not before: Mon 01 Jan 2024 00:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15600
IP address blocks: 213.221.192.0/18 maxlen: 24
139.178.0.0/18 maxlen: 24
185.74.108.0/22 maxlen: 22
212.60.32.0/19 maxlen: 24
109.106.44.0/22 maxlen: 22
109.106.48.0/20 maxlen: 20
37.35.120.0/21 maxlen: 21
31.193.208.0/21 maxlen: 24
5.44.112.0/20 maxlen: 20
89.236.128.0/18 maxlen: 24
77.111.228.0/22 maxlen: 22
65.18.128.0/18 maxlen: 18
145.40.224.0/19 maxlen: 19
80.208.128.0/18 maxlen: 24
95.174.224.0/19 maxlen: 24
62.204.96.0/19 maxlen: 24
138.248.48.0/20 maxlen: 20
2001:1a88::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/V0U31U828UIjG8gXA4hyy2B7Iec.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/V0U31U828UIjG8gXA4hyy2B7Iec.mft
rsync://rpki.ripe.net/repository/DEFAULT/V0U31U828UIjG8gXA4hyy2B7Iec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:70:8e:ea:01:4d:08:be:61:ce:de:10:5f:1c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=574537d54f36f142231bc817038872cb607b21e7
Validity
Not Before: Jan 1 00:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d7b718fec53993cc470d8875d86629e497a2af9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:61:49:c8:c0:51:f4:3d:e6:ce:21:62:30:37:
e8:19:0a:30:84:3f:9a:2c:59:6d:12:80:b9:d0:10:
90:12:28:21:fd:98:8b:b6:56:aa:90:05:e3:5d:68:
e4:cd:ea:bc:63:56:51:e7:fd:66:c8:15:8a:78:cc:
17:13:5e:55:6c:77:18:c8:09:5f:81:41:0d:4e:3b:
89:4a:45:ad:4a:28:c8:69:bd:6c:84:22:3e:21:65:
72:51:2e:3d:1d:a9:94:7c:44:7c:ea:52:d8:d8:7c:
a6:6c:f3:56:59:57:bf:c8:1e:54:ef:75:64:9b:d3:
a6:06:b1:99:ba:bf:04:81:fe:85:82:8d:57:4c:35:
54:8e:73:ca:89:68:e5:d7:5b:d3:b9:fb:a3:18:43:
95:fa:65:5e:b0:18:bd:5d:4d:6a:42:16:9e:31:35:
6c:89:34:4c:93:9e:7e:57:7d:57:ed:49:1f:31:4c:
21:87:7b:ff:0b:72:87:17:ce:9e:0c:bc:48:06:f3:
43:2a:9d:29:6d:ca:c5:e7:b7:61:92:39:62:f3:ee:
e8:6e:59:1f:fa:d6:a1:2d:09:14:fc:71:b7:d0:8a:
b2:68:36:b1:57:6f:b7:fe:dc:b1:da:cc:7c:0a:1f:
1f:ad:24:f5:9a:ed:44:ea:a4:2b:76:4d:4e:6b:4b:
eb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7B:71:8F:EC:53:99:3C:C4:70:D8:87:5D:86:62:9E:49:7A:2A:F9
X509v3 Authority Key Identifier:
keyid:57:45:37:D5:4F:36:F1:42:23:1B:C8:17:03:88:72:CB:60:7B:21:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V0U31U828UIjG8gXA4hyy2B7Iec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/fXtxj-xTmTzEcNiHXYZinkl6Kvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fdd25d-c034-49f3-890d-4b89d377808e/1/V0U31U828UIjG8gXA4hyy2B7Iec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.112.0/20
31.193.208.0/21
37.35.120.0/21
62.204.96.0/19
65.18.128.0/18
77.111.228.0/22
80.208.128.0/18
89.236.128.0/18
95.174.224.0/19
109.106.44.0-109.106.63.255
138.248.48.0/20
139.178.0.0/18
145.40.224.0/19
185.74.108.0/22
212.60.32.0/19
213.221.192.0/18
IPv6:
2001:1a88::/29
Signature Algorithm: sha256WithRSAEncryption
89:ca:6e:3b:83:cd:7d:bd:d7:f2:42:a1:eb:88:d2:14:78:14:
24:3c:df:11:ed:e1:dd:56:61:46:e1:09:0e:f6:74:a9:aa:09:
a1:42:08:b3:22:ea:47:9d:b6:2b:6c:1c:b0:1f:c8:41:9c:23:
20:85:fb:b6:97:8e:3b:45:e9:79:c9:ac:3d:f4:a0:d8:37:17:
44:ba:a1:ec:39:ec:70:93:b1:48:27:37:f6:fc:b5:26:39:65:
42:0b:df:8e:71:4c:b5:62:dc:dd:49:cd:38:a1:7a:98:63:d5:
a0:64:ad:64:a0:be:d7:30:d2:be:2d:79:2d:90:fd:75:0c:59:
f9:62:27:ca:4f:b7:4e:ae:5b:18:8e:81:d1:22:10:09:2d:a5:
df:26:26:db:13:fe:1b:16:8f:1f:68:32:67:b3:9f:7c:b4:8b:
15:d8:f6:2c:3f:c7:f6:58:a3:ad:ce:82:01:0e:ed:f6:75:eb:
9e:1a:3d:b4:dc:be:44:9f:88:6f:dd:ea:a5:39:4d:b1:a1:2f:
8a:02:92:48:80:fd:7d:55:35:fd:bd:cc:82:a3:48:fd:2a:70:
fa:cb:4b:06:71:d6:23:55:fc:ae:5e:1e:48:9d:41:cb:5b:d3:
55:c0:da:89:55:d3:28:55:0e:5b:76:e3:5a:35:bf:eb:44:ed:
d3:fa:a1:73
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYzCbXCO6gFNCL5hzt4QXxzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NDUzN2Q1NGYzNmYxNDIyMzFiYzgxNzAzODg3MmNiNjA3
YjIxZTcwHhcNMjQwMTAxMDAzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDdiNzE4ZmVjNTM5OTNjYzQ3MGQ4ODc1ZDg2NjI5ZTQ5N2EyYWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWFJyMBR9D3mziFiMDfoGQowhD+a
LFltEoC50BCQEigh/ZiLtlaqkAXjXWjkzeq8Y1ZR5/1myBWKeMwXE15VbHcYyAlf
gUENTjuJSkWtSijIab1shCI+IWVyUS49HamUfER86lLY2HymbPNWWVe/yB5U73Vk
m9OmBrGZur8Egf6Fgo1XTDVUjnPKiWjl11vTufujGEOV+mVesBi9XU1qQhaeMTVs
iTRMk55+V31X7UkfMUwhh3v/C3KHF86eDLxIBvNDKp0pbcrF57dhkjli8+7oblkf
+tahLQkU/HG30IqyaDaxV2+3/tyx2sx8Ch8frST1mu1E6qQrdk1Oa0vrrQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFH17cY/sU5k8xHDYh12GYp5Jeir5MB8GA1UdIwQY
MBaAFFdFN9VPNvFCIxvIFwOIcstgeyHnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjBVMzFVODI4VUlqRzhnWEE0aHl5MkI3SWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mZGQyNWQtYzAzNC00OWYzLTg5MGQt
NGI4OWQzNzc4MDhlLzEvZlh0eGoteFRtVHpFY05pSFhZWmlua2w2S3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mZGQyNWQtYzAzNC00OWYzLTg5MGQtNGI4OWQzNzc4MDhl
LzEvVjBVMzFVODI4VUlqRzhnWEE0aHl5MkI3SWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAQFLHAD
BAMfwdADBAMlI3gDBAU+zGADBAZBEoADBAJNb+QDBAZQ0IADBAZZ7IADBAVfruAw
DAMEAm1qLAMEBm1qAAMEBIr4MAMEBouyAAMEBZEo4AMEArlKbAMEBdQ8IAMEBtXd
wDANBAIAAjAHAwUDIAEaiDANBgkqhkiG9w0BAQsFAAOCAQEAicpuO4PNfb3X8kKh
64jSFHgUJDzfEe3h3VZhRuEJDvZ0qaoJoUIIsyLqR522K2wcsB/IQZwjIIX7tpeO
O0XpecmsPfSg2DcXRLqh7DnscJOxSCc39vy1JjllQgvfjnFMtWLc3UnNOKF6mGPV
oGStZKC+1zDSvi15LZD9dQxZ+WInyk+3Tq5bGI6B0SIQCS2l3yYm2xP+GxaPH2gy
Z7OffLSLFdj2LD/H9lijrc6CAQ7t9nXrnho9tNy+RJ+Ib93qpTlNsaEvigKSSID9
fVU1/b3MgqNI/Spw+stLBnHWI1X8rl4eSJ1By1vTVcDaiVXTKFUOW3bjWjW/60Tt
0/qhcw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:46 2024 by rpki-client on console-ams.rpki-client.org