Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/oE7ABMfyqctm1VJm5yJYbyxjbkI.roa
File: oE7ABMfyqctm1VJm5yJYbyxjbkI.roa (raw, json)
Hash identifier: hg6CZsmOceHllG+6pkzseaEDuwLWfKo4DSHlY7oK+Kk=
Subject key identifier: A0:4E:C0:04:C7:F2:A9:CB:66:D5:52:66:E7:22:58:6F:2C:63:6E:42
Certificate issuer: /CN=59919584033c3911a009bdde3183f6c60b2afcca
Certificate serial: 018CC64B451C2FD965DCB40B66FE4664F07A
Authority key identifier: 59:91:95:84:03:3C:39:11:A0:09:BD:DE:31:83:F6:C6:0B:2A:FC:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/oE7ABMfyqctm1VJm5yJYbyxjbkI.roa
Signing time: Mon 01 Jan 2024 18:31:10 +0000
ROA not before: Mon 01 Jan 2024 18:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31115
IP address blocks: 213.225.234.0/23 maxlen: 24
62.97.32.0/19 maxlen: 24
194.150.162.0/23 maxlen: 24
94.126.56.0/21 maxlen: 24
195.134.176.0/21 maxlen: 24
91.187.192.0/19 maxlen: 24
185.11.192.0/22 maxlen: 24
130.255.144.0/21 maxlen: 24
5.172.64.0/19 maxlen: 24
31.171.136.0/21 maxlen: 24
178.19.144.0/20 maxlen: 24
2a01:9840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.mft
rsync://rpki.ripe.net/repository/DEFAULT/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:45:1c:2f:d9:65:dc:b4:0b:66:fe:46:64:f0:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59919584033c3911a009bdde3183f6c60b2afcca
Validity
Not Before: Jan 1 18:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a04ec004c7f2a9cb66d55266e722586f2c636e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a4:a1:e2:71:55:83:8c:88:0c:c0:84:8d:be:
92:07:12:87:f0:00:10:3c:15:c2:0c:de:a2:31:e1:
d6:22:ab:b1:52:fa:96:9c:e3:09:88:78:de:3b:3a:
92:30:cc:8d:b9:27:6d:11:03:af:72:a7:48:4c:f7:
c1:1b:1e:58:5b:1a:57:ac:b6:af:5c:d5:41:ac:92:
68:60:e0:59:fc:7d:5f:8a:d8:5e:05:cb:be:d0:8e:
a1:77:f8:a3:a7:24:83:a4:d8:d5:77:b4:df:5f:1a:
f6:31:b6:c4:b4:e3:ac:ca:ad:6f:45:6c:18:11:a8:
07:04:64:7e:df:c3:39:3f:1b:fe:2e:7a:78:15:08:
fe:1b:cb:77:d3:59:23:b9:c0:53:00:53:aa:a9:b3:
09:31:1d:70:e0:af:80:2c:9c:17:89:84:76:20:73:
bd:a9:f1:51:ac:43:32:96:dd:56:1d:47:49:93:0b:
21:b2:cc:92:61:0c:9f:34:fe:e7:86:f9:67:6e:f9:
cd:5b:30:f0:8d:ae:59:92:e9:15:f4:54:1f:ce:e4:
68:ce:8d:ec:14:17:95:f1:fb:c9:d0:94:36:0f:e1:
22:72:e1:a7:c7:41:c3:76:0b:bb:ae:99:14:4f:31:
cf:21:e0:2e:e1:53:fd:72:75:e7:d9:db:5a:89:8a:
53:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4E:C0:04:C7:F2:A9:CB:66:D5:52:66:E7:22:58:6F:2C:63:6E:42
X509v3 Authority Key Identifier:
keyid:59:91:95:84:03:3C:39:11:A0:09:BD:DE:31:83:F6:C6:0B:2A:FC:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/oE7ABMfyqctm1VJm5yJYbyxjbkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2fea18-fb62-4b95-9feb-9cf811e9fa7a/1/WZGVhAM8ORGgCb3eMYP2xgsq_Mo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.64.0/19
31.171.136.0/21
62.97.32.0/19
91.187.192.0/19
94.126.56.0/21
130.255.144.0/21
178.19.144.0/20
185.11.192.0/22
194.150.162.0/23
195.134.176.0/21
213.225.234.0/23
IPv6:
2a01:9840::/32
Signature Algorithm: sha256WithRSAEncryption
82:74:21:4e:65:aa:0b:7b:d1:66:3b:47:81:a2:58:75:39:08:
33:86:d5:8e:ab:69:96:50:f6:66:83:37:da:0b:31:8e:d6:62:
08:b7:bd:d1:b1:3c:2b:7d:e6:c8:01:c5:12:47:2d:49:98:28:
16:e1:c0:19:80:06:3e:48:5e:9d:39:4e:ee:a3:01:1d:bf:91:
d1:34:e7:4f:6a:2e:79:6c:93:82:97:fa:3a:fb:86:7e:64:c2:
75:cd:d6:e4:3e:ef:bd:5f:3b:ad:8e:04:05:18:7d:37:71:b0:
91:d2:e0:1c:1c:3f:51:72:c1:d3:b3:c6:43:91:72:c4:8c:74:
8f:00:ce:32:4d:22:2e:6b:97:57:a2:2d:b2:f3:79:fe:8d:a1:
a6:bb:94:02:9c:dd:25:bd:02:f5:0f:b1:4d:f5:b0:e1:38:6f:
a7:00:0a:62:52:e8:68:be:ed:f3:e9:ab:2a:dc:de:e9:2f:f3:
a9:fe:15:ce:b1:ef:08:d4:ae:81:83:4c:3c:71:7a:32:f3:88:
00:c9:6d:9e:99:a6:3a:df:79:45:3b:d5:8f:f5:25:ca:dd:85:
ac:e2:5c:6c:b0:c2:1c:7e:ae:54:ce:ae:51:64:27:d0:4a:4c:
f2:2b:3f:8a:46:c1:df:c5:55:55:65:c0:41:a8:b4:d2:97:56:
fd:e5:a0:05
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzGS0UcL9ll3LQLZv5GZPB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5OTE5NTg0MDMzYzM5MTFhMDA5YmRkZTMxODNmNmM2MGIy
YWZjY2EwHhcNMjQwMTAxMTgzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDRlYzAwNGM3ZjJhOWNiNjZkNTUyNjZlNzIyNTg2ZjJjNjM2ZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaSh4nFVg4yIDMCEjb6SBxKH8AAQ
PBXCDN6iMeHWIquxUvqWnOMJiHjeOzqSMMyNuSdtEQOvcqdITPfBGx5YWxpXrLav
XNVBrJJoYOBZ/H1fitheBcu+0I6hd/ijpySDpNjVd7TfXxr2MbbEtOOsyq1vRWwY
EagHBGR+38M5Pxv+Lnp4FQj+G8t301kjucBTAFOqqbMJMR1w4K+ALJwXiYR2IHO9
qfFRrEMylt1WHUdJkwshssySYQyfNP7nhvlnbvnNWzDwja5ZkukV9FQfzuRozo3s
FBeV8fvJ0JQ2D+EicuGnx0HDdgu7rpkUTzHPIeAu4VP9cnXn2dtaiYpT0wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFKBOwATH8qnLZtVSZuciWG8sY25CMB8GA1UdIwQY
MBaAFFmRlYQDPDkRoAm93jGD9sYLKvzKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1pHVmhBTThPUkdnQ2IzZU1ZUDJ4Z3NxX01vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yZmVhMTgtZmI2Mi00Yjk1LTlmZWIt
OWNmODExZTlmYTdhLzEvb0U3QUJNZnlxY3RtMVZKbTV5SllieXhqYmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yZmVhMTgtZmI2Mi00Yjk1LTlmZWItOWNmODExZTlmYTdh
LzEvV1pHVmhBTThPUkdnQ2IzZU1ZUDJ4Z3NxX01vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQFBaxAAwQD
H6uIAwQFPmEgAwQFW7vAAwQDXn44AwQDgv+QAwQEshOQAwQCuQvAAwQBwpaiAwQD
w4awAwQB1eHqMA0EAgACMAcDBQAqAZhAMA0GCSqGSIb3DQEBCwUAA4IBAQCCdCFO
ZaoLe9FmO0eBolh1OQgzhtWOq2mWUPZmgzfaCzGO1mIIt73RsTwrfebIAcUSRy1J
mCgW4cAZgAY+SF6dOU7uowEdv5HRNOdPai55bJOCl/o6+4Z+ZMJ1zdbkPu+9Xzut
jgQFGH03cbCR0uAcHD9RcsHTs8ZDkXLEjHSPAM4yTSIua5dXoi2y83n+jaGmu5QC
nN0lvQL1D7FN9bDhOG+nAApiUuhovu3z6asq3N7pL/Op/hXOse8I1K6Bg0w8cXoy
84gAyW2emaY633lFO9WP9SXK3YWs4lxssMIcfq5Uzq5RZCfQSkzyKz+KRsHfxVVV
ZcBBqLTSl1b95aAF
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:21:43 2024 by rpki-client on console-ams.rpki-client.org