Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/IlOupAicPvz_BS3Eg-K3I2WgTAU.roa
File: IlOupAicPvz_BS3Eg-K3I2WgTAU.roa (raw, json)
Hash identifier: j+nXnD5baYtDKS+Kk0Vz/5DMVBuMDkJ2IfrE/S+yY9o=
Subject key identifier: 22:53:AE:A4:08:9C:3E:FC:FF:05:2D:C4:83:E2:B7:23:65:A0:4C:05
Certificate issuer: /CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Certificate serial: 019282596ED2AE7EBCB050EDAC1BF812910B
Authority key identifier: 92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/IlOupAicPvz_BS3Eg-K3I2WgTAU.roa
Signing time: Sat 12 Oct 2024 20:09:11 +0000
ROA not before: Sat 12 Oct 2024 20:09:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29208
IP address blocks: 46.227.8.0/21 maxlen: 21
62.4.96.0/21 maxlen: 21
62.4.104.0/22 maxlen: 22
62.44.0.0/19 maxlen: 19
62.177.64.0/18 maxlen: 18
82.100.0.0/18 maxlen: 18
82.113.32.0/19 maxlen: 19
82.119.240.0/20 maxlen: 20
82.119.250.0/24 maxlen: 24
83.148.0.0/18 maxlen: 18
85.93.96.0/19 maxlen: 19
88.146.0.0/17 maxlen: 17
88.208.64.0/18 maxlen: 18
89.235.0.0/18 maxlen: 18
95.80.192.0/18 maxlen: 18
109.235.176.0/22 maxlen: 22
151.237.224.0/21 maxlen: 21
185.24.236.0/22 maxlen: 22
194.213.224.0/19 maxlen: 19
195.122.192.0/19 maxlen: 19
195.128.192.0/19 maxlen: 19
195.250.128.0/19 maxlen: 19
195.250.154.0/24 maxlen: 24
212.20.96.0/19 maxlen: 19
212.24.128.0/19 maxlen: 19
212.27.192.0/19 maxlen: 19
212.80.64.0/19 maxlen: 19
213.151.64.0/19 maxlen: 19
213.175.32.0/19 maxlen: 19
213.191.96.0/19 maxlen: 19
2001:1508::/32 maxlen: 48
2001:4de8::/32 maxlen: 48
2a00:c40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:82:59:6e:d2:ae:7e:bc:b0:50:ed:ac:1b:f8:12:91:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Validity
Not Before: Oct 12 20:09:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2253aea4089c3efcff052dc483e2b72365a04c05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e1:47:73:79:40:52:92:ae:b3:66:91:a0:0a:
83:52:76:dd:47:47:d9:ea:71:ec:f2:e8:57:02:79:
ac:cc:b2:d9:47:72:88:23:62:dc:2b:c4:d5:f5:a9:
3d:a3:fb:cf:3f:46:73:46:20:e3:4a:1c:d5:4c:5a:
89:23:f7:9a:b7:86:47:9d:9d:68:a0:19:44:cc:18:
26:0e:9c:8a:ef:cd:32:96:2b:62:fd:59:cf:55:96:
f0:b2:03:b4:06:d0:8c:0b:8b:77:6b:61:8e:2e:84:
7e:f2:15:45:3a:69:a4:cb:34:f4:24:c2:35:e8:db:
36:a4:1c:14:e1:99:fa:ca:06:b4:a4:bf:0c:f5:2d:
d2:0f:e5:b1:b9:83:09:84:3c:30:1c:1c:18:58:bb:
d2:cf:dd:8c:77:70:f2:c8:b7:7d:af:fb:fa:0d:e4:
87:a6:45:9a:7f:dc:dd:de:da:7d:91:e9:8e:15:4b:
98:ef:03:d3:50:67:09:6e:79:b1:aa:2f:0d:7e:64:
18:84:8f:18:ce:75:9f:9a:4b:b7:96:9a:d9:75:7e:
21:90:34:6a:ed:98:fa:68:a9:0d:bc:db:d7:4d:6f:
60:35:ed:2f:6f:1e:16:24:1c:35:09:65:4c:b5:81:
36:2a:5d:a6:de:57:44:8f:50:d4:34:13:a7:21:5a:
00:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:53:AE:A4:08:9C:3E:FC:FF:05:2D:C4:83:E2:B7:23:65:A0:4C:05
X509v3 Authority Key Identifier:
keyid:92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/IlOupAicPvz_BS3Eg-K3I2WgTAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.8.0/21
62.4.96.0-62.4.107.255
62.44.0.0/19
62.177.64.0/18
82.100.0.0/18
82.113.32.0/19
82.119.240.0/20
83.148.0.0/18
85.93.96.0/19
88.146.0.0/17
88.208.64.0/18
89.235.0.0/18
95.80.192.0/18
109.235.176.0/22
151.237.224.0/21
185.24.236.0/22
194.213.224.0/19
195.122.192.0/19
195.128.192.0/19
195.250.128.0/19
212.20.96.0/19
212.24.128.0/19
212.27.192.0/19
212.80.64.0/19
213.151.64.0/19
213.175.32.0/19
213.191.96.0/19
IPv6:
2001:1508::/32
2001:4de8::/32
2a00:c40::/32
Signature Algorithm: sha256WithRSAEncryption
b1:0f:eb:e7:18:9d:bd:33:95:79:a4:92:ed:92:5f:c1:d6:91:
2a:b3:81:34:ae:38:7f:1c:15:01:17:92:b6:d7:20:8a:d7:f8:
ec:77:f3:ac:6c:4f:54:46:b2:a7:a6:f5:7f:32:ee:8b:2c:8c:
9d:f1:55:ac:5c:d2:dc:40:ff:51:2c:a3:aa:5b:e2:4e:3e:1e:
da:a0:a3:b5:b3:43:3f:e4:40:2d:9f:7d:f5:05:90:fb:a1:be:
1a:4a:89:f5:50:30:a8:21:11:bf:48:44:fb:5c:7f:9b:70:82:
e1:0d:d3:83:6d:76:b8:05:97:42:7a:af:0e:57:bb:6a:d4:23:
ec:4e:cd:1c:3e:29:75:2d:4c:52:e7:54:96:fc:59:f9:88:29:
27:57:1f:6b:f8:2e:52:62:0e:6a:b8:07:24:6a:13:49:67:34:
5f:9c:c0:44:83:4e:0d:7e:78:8b:80:9f:7d:e5:c4:87:4d:ba:
77:71:21:a4:0e:5a:3a:60:a9:5e:cf:bf:67:9d:08:3f:06:e6:
f2:c8:16:78:c1:bb:3b:ad:85:e5:d2:73:64:3d:eb:ac:a4:b2:
dc:ab:fc:3c:87:68:98:6e:ac:02:fa:00:d7:85:ff:ff:70:01:
94:38:18:a1:26:20:7e:1a:03:53:e6:2d:4f:84:66:6e:df:26:
ef:c8:a1:10
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAZKCWW7Srn68sFDtrBv4EpELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTM1MmE4ZDJkZDcwYzkxZmZjZWM4ZTMyM2ZlNjlmMWU5
YTQxMzkwHhcNMjQxMDEyMjAwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjUzYWVhNDA4OWMzZWZjZmYwNTJkYzQ4M2UyYjcyMzY1YTA0YzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eFHc3lAUpKus2aRoAqDUnbdR0fZ
6nHs8uhXAnmszLLZR3KII2LcK8TV9ak9o/vPP0ZzRiDjShzVTFqJI/eat4ZHnZ1o
oBlEzBgmDpyK780yliti/VnPVZbwsgO0BtCMC4t3a2GOLoR+8hVFOmmkyzT0JMI1
6Ns2pBwU4Zn6yga0pL8M9S3SD+WxuYMJhDwwHBwYWLvSz92Md3DyyLd9r/v6DeSH
pkWaf9zd3tp9kemOFUuY7wPTUGcJbnmxqi8NfmQYhI8YznWfmku3lprZdX4hkDRq
7Zj6aKkNvNvXTW9gNe0vbx4WJBw1CWVMtYE2Kl2m3ldEj1DUNBOnIVoAXQIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFCJTrqQInD78/wUtxIPityNloEwFMB8GA1UdIwQY
MBaAFJKTUqjS3XDJH/zsjjI/5p8emkE5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYt
MGExYTM1ODk3ZjEwLzEvSWxPdXBBaWNQdnpfQlMzRWctSzNJMldnVEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYtMGExYTM1ODk3ZjEw
LzEva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBsQQCAAEwgaoDBAMu
4wgwDAMEBT4EYAMEAj4EaAMEBT4sAAMEBj6xQAMEBlJkAAMEBVJxIAMEBFJ38AME
BlOUAAMEBVVdYAMEB1iSAAMEBljQQAMEBlnrAAMEBl9QwAMEAm3rsAMEA5ft4AME
ArkY7AMEBcLV4AMEBcN6wAMEBcOAwAMEBcP6gAMEBdQUYAMEBdQYgAMEBdQbwAME
BdRQQAMEBdWXQAMEBdWvIAMEBdW/YDAbBAIAAjAVAwUAIAEVCAMFACABTegDBQAq
AAxAMA0GCSqGSIb3DQEBCwUAA4IBAQCxD+vnGJ29M5V5pJLtkl/B1pEqs4E0rjh/
HBUBF5K21yCK1/jsd/OsbE9URrKnpvV/Mu6LLIyd8VWsXNLcQP9RLKOqW+JOPh7a
oKO1s0M/5EAtn331BZD7ob4aSon1UDCoIRG/SET7XH+bcILhDdODbXa4BZdCeq8O
V7tq1CPsTs0cPil1LUxS51SW/Fn5iCknVx9r+C5SYg5quAckahNJZzRfnMBEg04N
fniLgJ995cSHTbp3cSGkDlo6YKlez79nnQg/BubyyBZ4wbs7rYXl0nNkPeuspLLc
q/w8h2iYbqwC+gDXhf//cAGUOBihJiB+GgNT5i1PhGZu3ybvyKEQ
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:36:31 2024 by rpki-client on console-ams.rpki-client.org