Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/xJUmd6mvV4bDtpVNWuuFNHzR07Y.roa
File: xJUmd6mvV4bDtpVNWuuFNHzR07Y.roa (raw, json)
Hash identifier: 1dkOgR2PHb2WS5N0ufQq/K8ieSB8OJyMCh5GHeBA15Y=
Subject key identifier: C4:95:26:77:A9:AF:57:86:C3:B6:95:4D:5A:EB:85:34:7C:D1:D3:B6
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 018CC5DCB3F54FDED4183197281DDB6BB181
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/xJUmd6mvV4bDtpVNWuuFNHzR07Y.roa
Signing time: Mon 01 Jan 2024 16:30:24 +0000
ROA not before: Mon 01 Jan 2024 16:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200845
IP address blocks: 5.40.191.0/24 maxlen: 24
89.140.40.0/23 maxlen: 24
62.82.238.0/24 maxlen: 24
5.40.128.0/24 maxlen: 24
89.140.197.0/24 maxlen: 24
62.175.202.0/24 maxlen: 24
62.82.84.0/24 maxlen: 24
89.140.112.0/24 maxlen: 24
84.124.116.0/24 maxlen: 24
89.140.122.0/24 maxlen: 24
89.140.120.0/24 maxlen: 24
5.40.86.0/24 maxlen: 24
5.40.33.0/24 maxlen: 24
5.40.32.0/24 maxlen: 24
5.40.252.0/24 maxlen: 24
5.40.32.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 01:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b3:f5:4f:de:d4:18:31:97:28:1d:db:6b:b1:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 16:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c4952677a9af5786c3b6954d5aeb85347cd1d3b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d7:de:46:69:82:16:54:18:39:74:08:3f:88:
ee:86:71:1c:af:76:c4:b9:4d:42:45:27:44:80:eb:
cc:8d:b1:96:44:5d:5f:5d:b4:1c:8f:9a:1c:df:2a:
e9:43:c1:f4:27:0d:28:de:4a:4c:5a:87:9d:31:60:
43:31:8d:e2:05:4f:4a:e3:85:c9:d3:69:8c:3b:cd:
12:be:d2:2f:48:54:8f:54:d2:f9:ab:45:53:2f:68:
a9:37:4b:cd:a6:8a:35:f7:22:eb:3b:f7:d5:ca:c9:
e1:48:60:29:c9:75:47:f8:9b:13:74:16:9e:98:70:
7a:2e:ad:fd:20:42:5e:2f:29:15:bd:e5:fe:8b:de:
4c:f4:ec:35:39:b4:52:2d:fd:7f:de:da:76:01:31:
df:c9:9e:17:6f:06:19:62:0c:2b:cb:88:4b:de:56:
fa:4f:b7:3f:12:76:36:31:48:93:d2:92:6c:84:11:
45:3c:b9:f0:76:80:c7:35:55:59:18:62:cf:0e:f6:
52:e0:2d:f4:36:6e:18:e6:ae:78:da:81:72:f4:da:
bb:e4:d2:a9:5d:fc:ae:ea:ac:0a:9a:83:aa:7c:f6:
6a:e3:aa:fa:9a:19:1a:a3:1c:e8:41:b9:66:55:9d:
79:b6:17:36:ff:f8:a0:7b:84:03:df:18:20:9e:b9:
74:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:95:26:77:A9:AF:57:86:C3:B6:95:4D:5A:EB:85:34:7C:D1:D3:B6
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/xJUmd6mvV4bDtpVNWuuFNHzR07Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.32.0/23
5.40.86.0/24
5.40.128.0/24
5.40.191.0/24
5.40.252.0/24
62.82.84.0/24
62.82.238.0/24
62.175.202.0/24
84.124.116.0/24
89.140.40.0/23
89.140.112.0/24
89.140.120.0/24
89.140.122.0/24
89.140.197.0/24
Signature Algorithm: sha256WithRSAEncryption
71:5d:cd:68:b3:68:bc:dc:a0:93:90:5e:05:45:c9:e5:3a:ac:
c8:ea:99:23:00:3f:e8:b0:1b:3e:72:ca:a3:2f:9e:c5:82:5e:
f2:b1:b3:09:b7:26:1d:d0:46:4a:ed:7c:37:71:27:c0:0c:c0:
11:28:73:56:1c:d4:a7:23:00:14:be:28:0e:ba:32:51:07:33:
b8:e2:4f:c5:a9:79:54:13:d7:61:7f:19:09:d9:07:17:31:f9:
b2:59:bc:c1:ff:29:e0:a4:5f:ea:46:34:4f:72:33:e9:ca:3c:
51:ce:28:9b:b4:58:42:93:c9:78:79:c1:d9:28:43:24:78:cd:
49:dd:de:5b:7b:86:7a:69:5f:09:50:8c:f8:d2:a7:05:26:d9:
39:03:4b:3c:77:95:1c:62:75:b6:6d:49:11:fa:16:01:cc:e8:
0a:45:c5:86:6c:9f:da:c8:ca:47:e4:95:a2:c3:bf:77:99:76:
fa:09:ab:b1:ff:75:83:db:10:cd:dd:a6:34:4f:26:0e:31:27:
1d:b6:a9:19:9f:55:68:9a:a6:5c:d6:cb:31:7b:c8:a0:8a:44:
a2:d1:28:78:9f:ff:e2:e1:5b:16:02:0b:4b:67:52:a4:06:2d:
db:1f:fe:2c:1c:f4:b4:1b:6d:b7:95:18:59:59:80:64:bc:c8:
b8:fd:51:d2
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzF3LP1T97UGDGXKB3ba7GBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjQwMTAxMTYzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk1MjY3N2E5YWY1Nzg2YzNiNjk1NGQ1YWViODUzNDdjZDFkM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNfeRmmCFlQYOXQIP4juhnEcr3bE
uU1CRSdEgOvMjbGWRF1fXbQcj5oc3yrpQ8H0Jw0o3kpMWoedMWBDMY3iBU9K44XJ
02mMO80SvtIvSFSPVNL5q0VTL2ipN0vNpoo19yLrO/fVysnhSGApyXVH+JsTdBae
mHB6Lq39IEJeLykVveX+i95M9Ow1ObRSLf1/3tp2ATHfyZ4XbwYZYgwry4hL3lb6
T7c/EnY2MUiT0pJshBFFPLnwdoDHNVVZGGLPDvZS4C30Nm4Y5q542oFy9Nq75NKp
Xfyu6qwKmoOqfPZq46r6mhkaoxzoQblmVZ15thc2//ige4QD3xggnrl0/wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFMSVJnepr1eGw7aVTVrrhTR80dO2MB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEveEpVbWQ2bXZWNGJEdHBWTld1dUZOSHpSMDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBBSggAwQA
BShWAwQABSiAAwQABSi/AwQABSj8AwQAPlJUAwQAPlLuAwQAPq/KAwQAVHx0AwQB
WYwoAwQAWYxwAwQAWYx4AwQAWYx6AwQAWYzFMA0GCSqGSIb3DQEBCwUAA4IBAQBx
Xc1os2i83KCTkF4FRcnlOqzI6pkjAD/osBs+csqjL57Fgl7ysbMJtyYd0EZK7Xw3
cSfADMARKHNWHNSnIwAUvigOujJRBzO44k/FqXlUE9dhfxkJ2QcXMfmyWbzB/yng
pF/qRjRPcjPpyjxRziibtFhCk8l4ecHZKEMkeM1J3d5be4Z6aV8JUIz40qcFJtk5
A0s8d5UcYnW2bUkR+hYBzOgKRcWGbJ/ayMpH5JWiw793mXb6Caux/3WD2xDN3aY0
TyYOMScdtqkZn1VomqZc1ssxe8igikSi0Sh4n//i4VsWAgtLZ1KkBi3bH/4sHPS0
G223lRhZWYBkvMi4/VHS
-----END CERTIFICATE-----
Generated at Sun May 19 07:21:24 2024 by rpki-client on console-ams.rpki-client.org