Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1uiu7F5Z-I_OaJva9QUuQD5Azxo.roa
File: 1uiu7F5Z-I_OaJva9QUuQD5Azxo.roa (raw, json)
Hash identifier: U5mpkeXueHSIJfzXHKCcXb1vrcS/SAHYG73PX8rk8Cs=
Subject key identifier: D6:E8:AE:EC:5E:59:F8:8F:CE:68:9B:DA:F5:05:2E:40:3E:40:CF:1A
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019305538CE84F65AED63F2ABEA1AFD935F6
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1uiu7F5Z-I_OaJva9QUuQD5Azxo.roa
Signing time: Thu 07 Nov 2024 06:33:01 +0000
ROA not before: Thu 07 Nov 2024 06:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24810
IP address blocks: 81.22.200.0/21 maxlen: 21
81.22.200.0/24 maxlen: 24
81.22.201.0/24 maxlen: 24
81.22.202.0/24 maxlen: 24
81.22.203.0/24 maxlen: 24
81.22.204.0/24 maxlen: 24
81.22.205.0/24 maxlen: 24
81.22.206.0/24 maxlen: 24
81.22.207.0/24 maxlen: 24
81.22.208.0/24 maxlen: 24
81.22.209.0/24 maxlen: 24
81.22.210.0/24 maxlen: 24
81.22.211.0/24 maxlen: 24
81.22.212.0/24 maxlen: 24
81.22.213.0/24 maxlen: 24
81.22.214.0/24 maxlen: 24
81.22.215.0/24 maxlen: 24
81.23.144.0/24 maxlen: 24
81.23.145.0/24 maxlen: 24
81.23.147.0/24 maxlen: 24
81.23.148.0/24 maxlen: 24
81.23.149.0/24 maxlen: 24
81.23.156.0/24 maxlen: 24
81.23.158.0/24 maxlen: 24
81.23.159.0/24 maxlen: 24
87.117.160.0/24 maxlen: 24
87.117.161.0/24 maxlen: 24
87.117.162.0/24 maxlen: 24
87.117.164.0/24 maxlen: 24
87.117.165.0/24 maxlen: 24
87.117.166.0/24 maxlen: 24
87.117.167.0/24 maxlen: 24
87.117.168.0/24 maxlen: 24
87.117.170.0/24 maxlen: 24
87.117.171.0/24 maxlen: 24
87.117.177.0/24 maxlen: 24
87.117.183.0/24 maxlen: 24
87.117.184.0/24 maxlen: 24
87.117.188.0/24 maxlen: 24
87.117.190.0/24 maxlen: 24
89.248.112.0/24 maxlen: 24
89.248.122.0/24 maxlen: 24
89.248.123.0/24 maxlen: 24
89.248.124.0/24 maxlen: 24
178.20.128.0/21 maxlen: 21
178.20.128.0/24 maxlen: 24
178.20.129.0/24 maxlen: 24
178.20.130.0/24 maxlen: 24
178.20.131.0/24 maxlen: 24
178.20.134.0/24 maxlen: 24
178.20.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:53:8c:e8:4f:65:ae:d6:3f:2a:be:a1:af:d9:35:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Nov 7 06:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6e8aeec5e59f88fce689bdaf5052e403e40cf1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c1:1f:62:e6:b5:67:fb:5e:8e:b2:16:b3:e3:
0a:94:c3:92:3a:fa:fb:aa:4e:60:13:ec:ab:21:a4:
80:b8:b9:33:90:c4:f7:ce:71:40:60:9b:f7:b8:e9:
13:5c:80:d4:ac:1b:b3:bd:63:2c:dd:c8:56:ef:cd:
29:14:fe:00:12:a3:c3:2e:8e:43:20:ec:88:0a:f6:
7b:48:5f:f3:8f:e4:fc:8c:ed:d6:82:06:ca:1d:17:
ca:ce:57:52:7a:6b:6c:d9:c0:be:6a:5e:f6:58:86:
dd:62:91:29:24:6c:41:39:8b:a2:39:13:2b:19:c5:
7d:95:1b:7d:eb:8f:dd:90:d9:11:ed:e8:e9:6c:1e:
f0:6c:4c:49:6a:9f:18:b7:37:0c:b9:b7:2e:84:b5:
05:b3:13:68:77:1c:fd:ff:8e:b4:d0:a7:53:9b:a3:
dc:f7:3f:38:d9:af:85:9c:4a:54:b3:b0:dd:80:cf:
ba:5b:92:7b:fb:9e:8d:a5:20:b2:04:17:ca:b7:a0:
28:b4:d1:e3:ca:d9:c4:01:91:26:23:ad:82:f8:5c:
dd:4a:a5:0d:64:48:dd:29:9f:25:fb:70:aa:7c:fc:
26:a7:18:7c:19:6c:92:1b:eb:5c:e2:9d:c6:5d:c1:
7b:22:1a:69:d9:a7:cc:c5:1e:e5:82:70:6a:e2:86:
90:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E8:AE:EC:5E:59:F8:8F:CE:68:9B:DA:F5:05:2E:40:3E:40:CF:1A
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/1uiu7F5Z-I_OaJva9QUuQD5Azxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.200.0-81.22.215.255
81.23.144.0/23
81.23.147.0-81.23.149.255
81.23.156.0/24
81.23.158.0/23
87.117.160.0-87.117.162.255
87.117.164.0-87.117.168.255
87.117.170.0/23
87.117.177.0/24
87.117.183.0-87.117.184.255
87.117.188.0/24
87.117.190.0/24
89.248.112.0/24
89.248.122.0-89.248.124.255
178.20.128.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:fb:0b:42:e8:a3:0f:0a:2e:aa:7b:72:89:3d:79:cd:76:66:
d9:f3:e7:58:f8:c0:5a:be:c5:25:8b:11:f5:cc:fa:c3:73:36:
e7:55:e2:32:7b:53:6a:a0:6e:21:a2:38:e4:0d:4f:19:82:26:
6d:50:e3:98:11:06:1b:64:24:d5:cd:dc:bd:cd:18:a3:44:cf:
52:1a:73:19:56:3c:64:67:57:d6:e7:1e:84:2e:bc:9f:e0:46:
b2:bf:48:cd:b9:23:02:4b:2c:39:a2:22:eb:16:52:06:1d:8f:
49:04:f2:5b:d9:fb:2a:bb:7e:28:51:8c:e2:cb:f0:33:17:99:
d2:e9:71:d9:a3:8a:c5:4f:db:e6:79:c1:f0:bb:6d:ab:c4:b1:
aa:cd:6a:1b:50:a8:90:34:eb:36:9a:b2:5c:2f:16:ee:8f:72:
91:e5:ad:c9:19:11:ec:1f:37:77:db:8f:3d:83:09:6c:b4:8a:
2d:a8:5e:7b:d2:e1:d0:e6:98:c1:4b:f5:17:e4:29:76:12:73:
72:9b:4b:0b:2a:83:af:26:c7:f5:c4:c0:68:90:dc:33:7a:e1:
88:0a:06:ff:6f:13:36:76:a1:38:3c:ac:f0:8e:5b:17:a1:16:
7d:ed:97:f5:16:21:8b:a8:3a:bc:20:95:e2:c3:ad:23:9c:87:
86:ed:16:9b
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZMFU4zoT2Wu1j8qvqGv2TX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMTA3MDYzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU4YWVlYzVlNTlmODhmY2U2ODliZGFmNTA1MmU0MDNlNDBjZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8EfYua1Z/tejrIWs+MKlMOSOvr7
qk5gE+yrIaSAuLkzkMT3znFAYJv3uOkTXIDUrBuzvWMs3chW780pFP4AEqPDLo5D
IOyICvZ7SF/zj+T8jO3WggbKHRfKzldSemts2cC+al72WIbdYpEpJGxBOYuiORMr
GcV9lRt964/dkNkR7ejpbB7wbExJap8YtzcMubcuhLUFsxNodxz9/4600KdTm6Pc
9z842a+FnEpUs7DdgM+6W5J7+56NpSCyBBfKt6AotNHjytnEAZEmI62C+FzdSqUN
ZEjdKZ8l+3CqfPwmpxh8GWySG+tc4p3GXcF7Ihpp2afMxR7lgnBq4oaQ6wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFNboruxeWfiPzmib2vUFLkA+QM8aMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMXVpdTdGNVotSV9PYUp2YTlRVXVRRDVBenhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYowDAME
A1EWyAMEA1EW0AMEAVEXkDAMAwQAUReTAwQBUReUAwQAURecAwQBUReeMAwDBAVX
daADBABXdaIwDAMEAld1pAMEAFd1qAMEAVd1qgMEAFd1sTAMAwQAV3W3AwQAV3W4
AwQAV3W8AwQAV3W+AwQAWfhwMAwDBAFZ+HoDBABZ+HwDBAOyFIAwDQYJKoZIhvcN
AQELBQADggEBAI37C0Loow8KLqp7cok9ec12Ztnz51j4wFq+xSWLEfXM+sNzNudV
4jJ7U2qgbiGiOOQNTxmCJm1Q45gRBhtkJNXN3L3NGKNEz1IacxlWPGRnV9bnHoQu
vJ/gRrK/SM25IwJLLDmiIusWUgYdj0kE8lvZ+yq7fihRjOLL8DMXmdLpcdmjisVP
2+Z5wfC7bavEsarNahtQqJA06zaaslwvFu6PcpHlrckZEewfN3fbjz2DCWy0ii2o
XnvS4dDmmMFL9RfkKXYSc3KbSwsqg68mx/XEwGiQ3DN64YgKBv9vEzZ2oTg8rPCO
WxehFn3tl/UWIYuoOrwgleLDrSOch4btFps=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:25 2024 by rpki-client on console-fra.rpki-client.org