Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/UqzqAlUXSYAcrXuagtcsIbe7HUw.roa
File: UqzqAlUXSYAcrXuagtcsIbe7HUw.roa (raw, json)
Hash identifier: ASkF4GXFVPbUuO8CJzUbELliS6loqDShkXuEYDgyOp0=
Subject key identifier: 52:AC:EA:02:55:17:49:80:1C:AD:7B:9A:82:D7:2C:21:B7:BB:1D:4C
Certificate issuer: /CN=ae72e47d56692499a726bf800ea8380362deb6be
Certificate serial: 018CC349011E2FA49765AC583BD54541E9A1
Authority key identifier: AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/UqzqAlUXSYAcrXuagtcsIbe7HUw.roa
Signing time: Mon 01 Jan 2024 04:29:50 +0000
ROA not before: Mon 01 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21309
IP address blocks: 83.216.160.0/21 maxlen: 21
83.216.160.0/20 maxlen: 20
83.216.160.0/19 maxlen: 19
86.110.136.0/21 maxlen: 21
86.110.144.0/20 maxlen: 20
86.110.144.0/21 maxlen: 21
83.216.168.0/21 maxlen: 21
86.110.152.0/21 maxlen: 21
83.216.176.0/21 maxlen: 21
83.216.176.0/20 maxlen: 20
213.209.240.0/20 maxlen: 20
83.216.184.0/21 maxlen: 21
213.174.160.0/19 maxlen: 19
213.174.160.0/21 maxlen: 21
213.174.160.0/20 maxlen: 20
213.174.168.0/21 maxlen: 21
213.174.176.0/20 maxlen: 20
213.174.176.0/21 maxlen: 21
5.63.136.0/21 maxlen: 21
213.174.184.0/21 maxlen: 21
213.209.192.0/19 maxlen: 19
213.209.192.0/20 maxlen: 20
213.209.192.0/18 maxlen: 18
213.209.208.0/20 maxlen: 20
213.209.224.0/20 maxlen: 20
213.209.224.0/19 maxlen: 19
86.110.128.0/21 maxlen: 21
86.110.128.0/20 maxlen: 20
86.110.128.0/19 maxlen: 19
77.89.16.0/20 maxlen: 20
77.89.32.0/19 maxlen: 19
77.89.32.0/20 maxlen: 20
77.89.48.0/20 maxlen: 20
77.89.0.0/20 maxlen: 20
77.89.0.0/18 maxlen: 18
77.89.0.0/19 maxlen: 19
185.123.9.0/24 maxlen: 24
185.123.8.0/24 maxlen: 24
185.123.8.0/22 maxlen: 22
2a03:c380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:01:1e:2f:a4:97:65:ac:58:3b:d5:45:41:e9:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae72e47d56692499a726bf800ea8380362deb6be
Validity
Not Before: Jan 1 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=52acea02551749801cad7b9a82d72c21b7bb1d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:20:f8:48:f8:c7:25:49:78:a9:bb:6d:16:e3:
1c:ec:3f:8e:3d:d1:90:ed:a2:f7:8c:46:29:87:00:
49:44:25:9f:65:f7:86:4e:4c:6e:5a:da:ec:5f:2d:
1e:b7:e8:9a:41:eb:85:77:45:b0:29:b0:c7:6e:ba:
15:48:2c:3b:46:a4:66:3e:45:93:7b:06:a3:82:f8:
fb:10:1f:80:2b:07:e9:16:87:5f:25:46:32:51:b0:
87:c7:4c:cb:89:e3:ce:7e:58:c6:52:c8:0e:98:a9:
0d:6f:ee:66:20:db:88:23:7c:d6:09:51:36:9d:10:
28:5b:ce:cc:13:9f:bd:bc:36:52:85:ac:13:d7:9b:
ae:6b:d2:d0:68:10:b7:78:c6:3a:91:27:f7:7c:77:
70:e2:50:e1:44:60:ed:52:56:10:70:0c:c5:e4:ba:
35:8d:53:b4:36:eb:67:16:74:8a:2e:72:85:54:c6:
2d:2e:08:99:77:28:99:2f:9f:ea:41:d5:0b:32:8d:
12:5f:16:6a:2f:0c:0d:38:6a:dc:0d:36:84:4d:fa:
4d:02:55:f9:cd:a4:f6:ec:c7:c8:4e:be:e3:5e:d0:
46:60:88:5e:1e:28:40:dd:bf:e0:e8:77:aa:f6:15:
9e:70:4b:29:ac:14:fa:47:1c:05:f6:dc:0b:08:5b:
45:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AC:EA:02:55:17:49:80:1C:AD:7B:9A:82:D7:2C:21:B7:BB:1D:4C
X509v3 Authority Key Identifier:
keyid:AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/UqzqAlUXSYAcrXuagtcsIbe7HUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.136.0/21
77.89.0.0/18
83.216.160.0/19
86.110.128.0/19
185.123.8.0/22
213.174.160.0/19
213.209.192.0/18
IPv6:
2a03:c380::/32
Signature Algorithm: sha256WithRSAEncryption
be:59:bb:33:5e:e6:da:7a:6d:18:ee:b9:4c:be:73:0e:e4:6a:
a5:06:4d:95:ee:4b:75:b9:32:02:e4:d9:30:0e:58:48:91:c4:
ae:33:9f:30:00:8c:b1:9d:97:e6:f6:da:36:2d:17:b4:59:43:
cc:ea:80:de:92:da:29:00:bc:10:4a:ee:80:c3:ae:29:d4:3e:
ba:9a:f2:ba:19:1e:3f:7b:b5:e2:60:5d:12:7b:53:84:03:fb:
e3:11:44:c2:65:05:12:e5:db:4f:83:30:d9:cc:5c:75:a2:78:
fe:b5:09:01:c8:ee:8b:cf:5f:73:60:00:c2:d5:85:61:76:ea:
79:d0:06:f5:34:a6:a4:80:6a:c6:58:9c:83:62:10:c4:ec:7b:
dd:29:fa:cc:ec:b8:42:c3:e0:d5:a3:db:8f:05:c8:17:00:ff:
1c:6f:aa:39:a9:65:04:75:89:ee:b6:c0:38:a2:0c:57:0d:df:
81:96:4e:31:5d:0e:7c:5f:5e:4c:25:b0:f4:54:19:cd:94:90:
af:1d:17:73:62:a2:ce:36:59:c5:34:4e:4a:a9:77:e1:d2:da:
96:d7:ce:4d:75:2f:65:52:98:14:48:4f:c3:90:2d:b2:5b:0d:
9f:21:1e:e4:ea:fb:51:3e:76:2f:fd:30:86:48:e9:76:9f:44:
aa:38:e5:ab
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzDSQEeL6SXZaxYO9VFQemhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzJlNDdkNTY2OTI0OTlhNzI2YmY4MDBlYTgzODAzNjJk
ZWI2YmUwHhcNMjQwMTAxMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFjZWEwMjU1MTc0OTgwMWNhZDdiOWE4MmQ3MmMyMWI3YmIxZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSD4SPjHJUl4qbttFuMc7D+OPdGQ
7aL3jEYphwBJRCWfZfeGTkxuWtrsXy0et+iaQeuFd0WwKbDHbroVSCw7RqRmPkWT
ewajgvj7EB+AKwfpFodfJUYyUbCHx0zLiePOfljGUsgOmKkNb+5mINuII3zWCVE2
nRAoW87ME5+9vDZShawT15uua9LQaBC3eMY6kSf3fHdw4lDhRGDtUlYQcAzF5Lo1
jVO0NutnFnSKLnKFVMYtLgiZdyiZL5/qQdULMo0SXxZqLwwNOGrcDTaETfpNAlX5
zaT27MfITr7jXtBGYIheHihA3b/g6Heq9hWecEsprBT6RxwF9twLCFtFbQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFKs6gJVF0mAHK17moLXLCG3ux1MMB8GA1UdIwQY
MBaAFK5y5H1WaSSZpya/gA6oOANi3ra+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMt
ZmUxMmM3NWJmNGFiLzEvVXF6cUFsVVhTWUFjclh1YWd0Y3NJYmU3SFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMtZmUxMmM3NWJmNGFi
LzEvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBT+IAwQG
TVkAAwQFU9igAwQFVm6AAwQCuXsIAwQF1a6gAwQG1dHAMA0EAgACMAcDBQAqA8OA
MA0GCSqGSIb3DQEBCwUAA4IBAQC+WbszXubaem0Y7rlMvnMO5GqlBk2V7kt1uTIC
5NkwDlhIkcSuM58wAIyxnZfm9to2LRe0WUPM6oDektopALwQSu6Aw64p1D66mvK6
GR4/e7XiYF0Se1OEA/vjEUTCZQUS5dtPgzDZzFx1onj+tQkByO6Lz19zYADC1YVh
dup50Ab1NKakgGrGWJyDYhDE7HvdKfrM7LhCw+DVo9uPBcgXAP8cb6o5qWUEdYnu
tsA4ogxXDd+Blk4xXQ58X15MJbD0VBnNlJCvHRdzYqLONlnFNE5KqXfh0tqW185N
dS9lUpgUSE/DkC2yWw2fIR7k6vtRPnYv/TCGSOl2n0SqOOWr
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:28:14 2024 by rpki-client on console-fra.rpki-client.org