Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/YSasuzkGTJIYisCAUe-2ivt9Iy0.roa
File: YSasuzkGTJIYisCAUe-2ivt9Iy0.roa (raw, json)
Hash identifier: 0H8t/YpwUQ7lQfzE70W+AIhCwvjauhaTUntpsMmS7Rs=
Subject key identifier: 61:26:AC:BB:39:06:4C:92:18:8A:C0:80:51:EF:B6:8A:FB:7D:23:2D
Certificate issuer: /CN=1ab634dc74f6037ba47311d127420e76f296be54
Certificate serial: 018EC68FBD1E8B61B12958B02E5787BC4A57
Authority key identifier: 1A:B6:34:DC:74:F6:03:7B:A4:73:11:D1:27:42:0E:76:F2:96:BE:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/YSasuzkGTJIYisCAUe-2ivt9Iy0.roa
Signing time: Wed 10 Apr 2024 05:51:32 +0000
ROA not before: Wed 10 Apr 2024 05:51:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31042
IP address blocks: 5.22.160.0/19 maxlen: 24
5.22.190.0/24 maxlen: 24
24.135.0.0/16 maxlen: 17
46.17.144.0/21 maxlen: 21
46.240.128.0/17 maxlen: 17
80.93.224.0/19 maxlen: 19
82.117.192.0/19 maxlen: 24
82.117.195.0/24 maxlen: 24
87.116.128.0/18 maxlen: 24
87.116.128.0/19 maxlen: 19
87.116.140.0/24 maxlen: 24
87.116.141.0/24 maxlen: 24
87.116.160.0/19 maxlen: 19
89.216.0.0/16 maxlen: 24
91.143.208.0/20 maxlen: 20
94.127.0.0/21 maxlen: 24
94.189.128.0/17 maxlen: 18
94.230.176.0/20 maxlen: 20
95.180.0.0/17 maxlen: 17
176.109.136.0/21 maxlen: 21
178.148.0.0/15 maxlen: 16
185.13.8.0/22 maxlen: 22
185.18.12.0/22 maxlen: 22
188.2.0.0/16 maxlen: 17
188.246.32.0/19 maxlen: 19
213.244.208.0/20 maxlen: 24
217.26.208.0/21 maxlen: 24
2a00:1dd8::/29 maxlen: 29
2a00:1dd8::/32 maxlen: 32
2a03:87c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 19:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c6:8f:bd:1e:8b:61:b1:29:58:b0:2e:57:87:bc:4a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ab634dc74f6037ba47311d127420e76f296be54
Validity
Not Before: Apr 10 05:51:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6126acbb39064c92188ac08051efb68afb7d232d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d3:c0:f9:e8:07:ec:cb:54:43:a8:6a:9e:a5:
45:c2:a8:b6:07:cd:94:9f:ff:96:2f:87:01:17:f8:
f4:79:e0:28:03:f4:74:7c:5d:62:a1:e3:f9:55:9f:
59:8b:bc:2b:6f:c5:f3:27:df:f1:3b:67:3b:8e:bd:
ed:bb:b6:cc:47:2e:e5:97:09:51:2b:da:7c:ee:eb:
26:8f:bb:06:c6:e2:a1:38:72:cb:8d:41:c7:9a:5f:
31:f0:65:ab:5d:f3:ff:6d:3b:92:0d:f2:c7:d1:d9:
2b:ec:f7:8b:2b:83:cc:76:ec:7c:72:f1:72:3b:af:
c2:5d:7b:ac:be:86:2d:0c:38:d7:be:5e:43:06:4b:
d1:74:41:19:30:7a:0a:2b:18:67:37:08:22:f9:72:
7f:b0:8a:1d:da:ba:41:97:e7:38:cb:5d:17:a8:90:
c1:d4:fe:5d:85:9e:93:d9:80:81:7a:48:95:7a:be:
9a:ba:ae:33:75:e9:62:46:40:d2:f0:0b:3a:90:e3:
2c:59:05:be:dd:81:54:05:4c:95:b4:8e:61:7a:c7:
96:d4:31:0f:77:e9:ae:4f:71:81:ef:eb:fb:a3:93:
4b:d2:5d:3e:4b:d7:a5:c7:07:b1:f4:b5:1b:aa:8e:
f0:49:41:44:66:8c:07:5e:27:e1:ca:2a:ff:f4:28:
e1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:26:AC:BB:39:06:4C:92:18:8A:C0:80:51:EF:B6:8A:FB:7D:23:2D
X509v3 Authority Key Identifier:
keyid:1A:B6:34:DC:74:F6:03:7B:A4:73:11:D1:27:42:0E:76:F2:96:BE:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/YSasuzkGTJIYisCAUe-2ivt9Iy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/7a26e6-f7ae-4df0-9ecb-d879f7e709d6/1/GrY03HT2A3ukcxHRJ0IOdvKWvlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.160.0/19
24.135.0.0/16
46.17.144.0/21
46.240.128.0/17
80.93.224.0/19
82.117.192.0/19
87.116.128.0/18
89.216.0.0/16
91.143.208.0/20
94.127.0.0/21
94.189.128.0/17
94.230.176.0/20
95.180.0.0/17
176.109.136.0/21
178.148.0.0/15
185.13.8.0/22
185.18.12.0/22
188.2.0.0/16
188.246.32.0/19
213.244.208.0/20
217.26.208.0/21
IPv6:
2a00:1dd8::/29
2a03:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:dc:58:14:fa:89:42:ed:48:23:e9:84:5e:28:73:6c:b7:6b:
76:da:69:df:80:88:9b:ff:92:39:66:53:ff:4c:1d:41:f8:92:
81:3e:e5:67:bf:be:16:57:1d:49:a0:f6:eb:6b:32:cc:ea:48:
1c:5f:fa:d2:77:73:b7:e0:03:2b:2c:28:40:1b:b9:3c:1c:73:
d8:69:fd:71:6b:c2:11:d6:82:d7:83:2c:d3:a8:22:ad:09:75:
15:7e:28:bf:c4:05:34:ff:00:ed:fc:72:fb:1e:c5:03:12:b2:
10:2e:b7:4e:e4:6f:76:03:9f:3a:82:df:ed:82:9b:f3:6a:8a:
0f:96:8a:96:4d:c5:48:ea:c8:de:69:2a:6d:01:ed:d7:96:05:
8f:85:c0:a0:77:51:e4:de:a8:10:2d:f6:0a:9c:78:1e:82:dc:
3f:d7:6b:6c:dd:f7:77:a9:77:54:b3:a2:c9:36:ea:77:44:ed:
64:d8:5d:53:d9:7b:13:e8:69:e0:dd:f3:bd:d9:1e:bf:26:e8:
46:00:9e:40:f9:71:5a:7c:60:86:f0:2a:31:1a:96:e9:fe:3b:
ca:01:23:61:a4:aa:21:c2:8b:f0:ce:3a:7c:ce:40:38:1f:0d:
ed:14:b2:82:90:35:7e:18:ac:d0:73:c3:c9:de:02:43:eb:91:
40:9b:4e:53
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAY7Gj70ei2GxKViwLleHvEpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhYjYzNGRjNzRmNjAzN2JhNDczMTFkMTI3NDIwZTc2ZjI5
NmJlNTQwHhcNMjQwNDEwMDU1MTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTI2YWNiYjM5MDY0YzkyMTg4YWMwODA1MWVmYjY4YWZiN2QyMzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdPA+egH7MtUQ6hqnqVFwqi2B82U
n/+WL4cBF/j0eeAoA/R0fF1ioeP5VZ9Zi7wrb8XzJ9/xO2c7jr3tu7bMRy7llwlR
K9p87usmj7sGxuKhOHLLjUHHml8x8GWrXfP/bTuSDfLH0dkr7PeLK4PMdux8cvFy
O6/CXXusvoYtDDjXvl5DBkvRdEEZMHoKKxhnNwgi+XJ/sIod2rpBl+c4y10XqJDB
1P5dhZ6T2YCBekiVer6auq4zdeliRkDS8As6kOMsWQW+3YFUBUyVtI5heseW1DEP
d+muT3GB7+v7o5NL0l0+S9elxwex9LUbqo7wSUFEZowHXifhyir/9Cjh0wIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFGEmrLs5BkySGIrAgFHvtor7fSMtMB8GA1UdIwQY
MBaAFBq2NNx09gN7pHMR0SdCDnbylr5UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3JZMDNIVDJBM3VrY3hIUkowSU9kdktXdmxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83YTI2ZTYtZjdhZS00ZGYwLTllY2It
ZDg3OWY3ZTcwOWQ2LzEvWVNhc3V6a0dUSklZaXNDQVVlLTJpdnQ5SXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83YTI2ZTYtZjdhZS00ZGYwLTllY2ItZDg3OWY3ZTcwOWQ2
LzEvR3JZMDNIVDJBM3VrY3hIUkowSU9kdktXdmxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwegMEBQUW
oAMDABiHAwQDLhGQAwQHLvCAAwQFUF3gAwQFUnXAAwQGV3SAAwMAWdgDBARbj9AD
BANefwADBAdevYADBARe5rADBAdftAADBAOwbYgDAwGylAMEArkNCAMEArkSDAMD
ALwCAwQFvPYgAwQE1fTQAwQD2RrQMBQEAgACMA4DBQMqAB3YAwUDKgOHwDANBgkq
hkiG9w0BAQsFAAOCAQEAt9xYFPqJQu1II+mEXihzbLdrdtpp34CIm/+SOWZT/0wd
QfiSgT7lZ7++FlcdSaD262syzOpIHF/60ndzt+ADKywoQBu5PBxz2Gn9cWvCEdaC
14Ms06girQl1FX4ov8QFNP8A7fxy+x7FAxKyEC63TuRvdgOfOoLf7YKb82qKD5aK
lk3FSOrI3mkqbQHt15YFj4XAoHdR5N6oEC32Cpx4HoLcP9drbN33d6l3VLOiyTbq
d0TtZNhdU9l7E+hp4N3zvdkevyboRgCeQPlxWnxghvAqMRqW6f47ygEjYaSqIcKL
8M46fM5AOB8N7RSygpA1fhis0HPDyd4CQ+uRQJtOUw==
-----END CERTIFICATE-----
Generated at Thu May 16 23:49:56 2024 by rpki-client on console-fra.rpki-client.org