Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XlNKfL16XJLPa_aGq5XyGVCB66U.roa
File: XlNKfL16XJLPa_aGq5XyGVCB66U.roa (raw, json)
Hash identifier: qisC7CG7W1z1XIcYgakJYJ8pS61h2tca3avFBdT1zWY=
Subject key identifier: 5E:53:4A:7C:BD:7A:5C:92:CF:6B:F6:86:AB:95:F2:19:50:81:EB:A5
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0192DCD0B0BABBC1BD5CF26BDB48CD530105
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XlNKfL16XJLPa_aGq5XyGVCB66U.roa
Signing time: Wed 30 Oct 2024 09:45:17 +0000
ROA not before: Wed 30 Oct 2024 09:45:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 5.202.0.0/20 maxlen: 20
5.202.10.0/24 maxlen: 24
5.202.11.0/24 maxlen: 24
85.9.96.0/20 maxlen: 20
85.9.96.0/21 maxlen: 21
85.9.96.0/22 maxlen: 22
85.9.100.0/22 maxlen: 22
85.9.104.0/21 maxlen: 21
85.9.105.0/24 maxlen: 24
85.9.106.0/24 maxlen: 24
85.9.107.0/24 maxlen: 24
85.9.108.0/24 maxlen: 24
85.9.109.0/24 maxlen: 24
85.9.110.0/24 maxlen: 24
85.9.111.0/24 maxlen: 24
85.9.112.0/22 maxlen: 22
85.9.112.0/24 maxlen: 24
85.9.113.0/24 maxlen: 24
85.9.114.0/24 maxlen: 24
85.9.115.0/24 maxlen: 24
85.9.120.0/21 maxlen: 21
85.9.120.0/22 maxlen: 22
85.9.124.0/22 maxlen: 22
185.126.0.0/20 maxlen: 20
185.126.0.0/21 maxlen: 21
185.126.0.0/22 maxlen: 22
185.126.0.0/24 maxlen: 24
185.126.1.0/24 maxlen: 24
185.126.2.0/24 maxlen: 24
185.126.3.0/24 maxlen: 24
185.126.4.0/24 maxlen: 24
185.126.5.0/24 maxlen: 24
185.126.6.0/24 maxlen: 24
185.126.7.0/24 maxlen: 24
185.126.8.0/21 maxlen: 21
185.126.8.0/24 maxlen: 24
185.126.9.0/24 maxlen: 24
185.126.10.0/24 maxlen: 24
185.126.11.0/24 maxlen: 24
185.126.12.0/24 maxlen: 24
185.126.13.0/24 maxlen: 24
185.126.14.0/24 maxlen: 24
185.126.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft
rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:d0:b0:ba:bb:c1:bd:5c:f2:6b:db:48:cd:53:01:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 30 09:45:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e534a7cbd7a5c92cf6bf686ab95f2195081eba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:90:35:35:98:e7:ad:66:41:40:eb:90:60:9e:
38:4b:73:d4:48:26:f8:67:09:32:97:c7:df:d0:93:
18:59:e1:c4:48:eb:63:a2:2b:b5:c9:aa:6f:58:d7:
8f:e3:ba:b5:82:aa:ee:11:35:5f:5e:24:fd:08:c9:
99:6c:2c:1f:24:58:ec:44:d1:15:e8:27:4a:e9:85:
07:d0:0d:6c:a6:c9:58:0f:4f:49:b5:d6:a1:05:8b:
3f:9b:0c:59:e2:d5:85:c7:2d:97:91:56:11:2f:39:
cd:01:72:ac:69:00:91:7d:a8:bf:03:a0:97:09:2a:
ee:f4:c5:f8:43:91:cd:f2:ba:59:e8:16:c1:d7:a1:
0d:53:bb:c7:2d:c8:26:85:96:61:ad:ec:49:1b:4d:
1c:ad:f4:fc:3e:d1:ad:b0:59:97:2f:80:08:49:f0:
db:76:91:b4:4c:92:d1:5e:13:eb:c3:f5:a1:ad:69:
7f:33:db:31:b3:6e:09:79:24:24:ed:2f:aa:d0:cc:
e0:19:ee:c3:d7:23:04:65:c3:63:37:59:66:01:00:
a0:b4:c9:98:66:fd:34:ff:66:85:5e:64:be:aa:87:
17:5c:d7:86:13:a7:e7:8c:e6:85:b2:20:ff:8b:a2:
67:c1:91:43:2b:8c:5e:28:f4:e6:cd:84:c7:92:7f:
f6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:53:4A:7C:BD:7A:5C:92:CF:6B:F6:86:AB:95:F2:19:50:81:EB:A5
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XlNKfL16XJLPa_aGq5XyGVCB66U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/20
85.9.96.0-85.9.115.255
85.9.120.0/21
185.126.0.0/20
Signature Algorithm: sha256WithRSAEncryption
ac:ad:a7:10:22:da:63:a2:42:40:db:9c:56:b1:37:fe:a5:03:
eb:d1:d0:f7:95:04:07:46:26:e5:37:51:e0:8d:4e:5d:39:11:
21:03:7f:ac:d2:6c:06:ad:a7:3b:15:22:d1:c3:01:2d:d5:41:
2e:09:ee:bd:db:cb:13:ac:3f:12:9f:6a:e8:56:3d:41:6c:da:
63:28:de:71:b4:05:ef:2f:a6:a1:13:89:26:27:05:40:90:8e:
ca:6f:1f:bf:f2:a9:78:4e:52:95:b5:42:3e:67:6f:c4:cb:c5:
ab:58:44:6d:42:26:47:fb:f8:55:d5:4c:75:0a:56:62:41:d9:
70:1e:c4:40:ff:0b:1c:79:6a:27:8b:90:7c:07:ae:d4:47:63:
78:c0:23:94:81:35:d2:12:a8:41:f2:33:43:68:e8:38:51:e5:
7a:c3:d1:0c:ec:6b:fc:97:af:0a:eb:7d:ca:36:f7:b0:02:a0:
13:bc:60:69:e6:e3:0c:39:b6:12:83:af:9a:53:8e:94:f6:55:
6a:f7:b2:ed:f0:69:41:ed:27:87:1a:53:2c:ac:5b:6e:df:65:
50:07:ba:9e:c9:5c:1a:58:00:70:b0:aa:97:b7:0b:19:96:6f:
65:11:64:1a:b3:18:26:33:67:30:77:f7:88:27:c0:71:04:4e:
34:a8:18:cf
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZLc0LC6u8G9XPJr20jNUwEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQxMDMwMDk0NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTUzNGE3Y2JkN2E1YzkyY2Y2YmY2ODZhYjk1ZjIxOTUwODFlYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZA1NZjnrWZBQOuQYJ44S3PUSCb4
Zwkyl8ff0JMYWeHESOtjoiu1yapvWNeP47q1gqruETVfXiT9CMmZbCwfJFjsRNEV
6CdK6YUH0A1spslYD09JtdahBYs/mwxZ4tWFxy2XkVYRLznNAXKsaQCRfai/A6CX
CSru9MX4Q5HN8rpZ6BbB16ENU7vHLcgmhZZhrexJG00crfT8PtGtsFmXL4AISfDb
dpG0TJLRXhPrw/WhrWl/M9sxs24JeSQk7S+q0MzgGe7D1yMEZcNjN1lmAQCgtMmY
Zv00/2aFXmS+qocXXNeGE6fnjOaFsiD/i6JnwZFDK4xeKPTmzYTHkn/2UQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF5TSny9elySz2v2hquV8hlQgeulMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvWGxOS2ZMMTZYSkxQYV9hR3E1WHlHVkNCNjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEBcoAMAwD
BAVVCWADBAJVCXADBANVCXgDBAS5fgAwDQYJKoZIhvcNAQELBQADggEBAKytpxAi
2mOiQkDbnFaxN/6lA+vR0PeVBAdGJuU3UeCNTl05ESEDf6zSbAatpzsVItHDAS3V
QS4J7r3byxOsPxKfauhWPUFs2mMo3nG0Be8vpqETiSYnBUCQjspvH7/yqXhOUpW1
Qj5nb8TLxatYRG1CJkf7+FXVTHUKVmJB2XAexED/Cxx5aieLkHwHrtRHY3jAI5SB
NdISqEHyM0No6DhR5XrD0Qzsa/yXrwrrfco297ACoBO8YGnm4ww5thKDr5pTjpT2
VWr3su3waUHtJ4caUyysW27fZVAHup7JXBpYAHCwqpe3CxmWb2URZBqzGCYzZzB3
94gnwHEETjSoGM8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:28:01 2024 by rpki-client on console-ams.rpki-client.org