Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/73ha6NORbwwkUWqE1ms0BoGNIm8.roa
File: 73ha6NORbwwkUWqE1ms0BoGNIm8.roa (raw, json)
Hash identifier: xgQGrzsV2ZIiXO0MOjoNvAX7bZl4IvNcOvYGsaojyQ8=
Subject key identifier: EF:78:5A:E8:D3:91:6F:0C:24:51:6A:84:D6:6B:34:06:81:8D:22:6F
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01928E831097A8F48D09131EAD070336AC9C
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/73ha6NORbwwkUWqE1ms0BoGNIm8.roa
Signing time: Tue 15 Oct 2024 04:50:06 +0000
ROA not before: Tue 15 Oct 2024 04:50:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15468
IP address blocks: 5.143.176.0/20 maxlen: 21
5.143.184.0/21 maxlen: 21
31.172.192.0/19 maxlen: 19
31.172.192.0/20 maxlen: 20
31.172.192.0/21 maxlen: 21
31.172.200.0/21 maxlen: 21
31.172.208.0/20 maxlen: 20
31.172.208.0/21 maxlen: 21
31.172.216.0/21 maxlen: 21
62.148.128.0/19 maxlen: 19
62.148.128.0/20 maxlen: 20
62.148.144.0/20 maxlen: 20
94.242.128.0/18 maxlen: 18
94.242.128.0/19 maxlen: 19
94.242.128.0/20 maxlen: 20
94.242.144.0/20 maxlen: 20
94.242.144.0/24 maxlen: 24
94.242.145.0/24 maxlen: 24
94.242.146.0/24 maxlen: 24
94.242.147.0/24 maxlen: 24
94.242.148.0/24 maxlen: 24
94.242.149.0/24 maxlen: 24
94.242.150.0/24 maxlen: 24
94.242.151.0/24 maxlen: 24
94.242.160.0/19 maxlen: 19
94.242.160.0/20 maxlen: 20
94.242.176.0/20 maxlen: 20
95.107.16.0/20 maxlen: 20
95.107.16.0/21 maxlen: 21
95.107.24.0/21 maxlen: 21
95.107.112.0/20 maxlen: 20
95.107.112.0/21 maxlen: 21
95.107.120.0/21 maxlen: 21
109.225.0.0/18 maxlen: 18
109.225.0.0/19 maxlen: 19
109.225.0.0/20 maxlen: 20
109.225.16.0/20 maxlen: 20
109.225.32.0/19 maxlen: 20
109.225.40.0/22 maxlen: 22
212.106.32.0/19 maxlen: 19
212.106.32.0/20 maxlen: 20
212.106.32.0/21 maxlen: 21
212.106.40.0/21 maxlen: 21
212.106.48.0/20 maxlen: 20
212.106.48.0/21 maxlen: 21
212.106.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8e:83:10:97:a8:f4:8d:09:13:1e:ad:07:03:36:ac:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Oct 15 04:50:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef785ae8d3916f0c24516a84d66b3406818d226f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3c:c7:21:82:75:2a:5f:e5:d8:91:e7:43:fd:
8d:b6:7f:8c:d3:f5:a5:a1:65:2e:eb:34:b7:52:fd:
f3:97:fa:30:04:43:69:a1:37:c3:54:72:5a:35:1e:
a3:1b:31:f8:18:26:3b:a4:87:c0:44:f5:44:5c:aa:
f5:d1:12:27:b8:fa:a8:67:e1:9d:6e:4b:3d:e1:e1:
39:56:92:0f:a1:bd:71:e2:8a:c4:f0:40:20:68:29:
e9:2a:6d:e4:29:ad:00:52:5f:42:11:95:fc:ba:dd:
bd:8d:88:59:e4:e7:7d:7f:f3:77:41:3d:31:95:22:
ff:f7:1d:c2:d5:c0:58:bc:72:a3:21:ad:ef:55:c6:
6f:de:9f:23:b0:81:58:c2:99:0d:25:16:a3:37:a9:
0d:0a:3f:1b:be:23:5e:fb:ef:f0:25:d3:73:a6:61:
e4:95:d3:cd:d4:8c:4f:35:54:f0:be:5b:6f:f7:31:
c5:bd:e3:f2:fd:a2:c1:8c:4c:de:96:32:b2:a4:f9:
9b:a3:af:53:3d:0a:b8:21:bf:49:67:20:1d:f8:de:
2d:60:92:32:14:4b:90:3f:56:da:ff:f9:bd:53:b7:
37:4b:dc:10:27:e5:47:e1:62:1a:be:e9:7b:a4:e7:
0c:1a:03:c0:25:c0:35:99:10:8f:68:4d:33:d3:69:
cb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:78:5A:E8:D3:91:6F:0C:24:51:6A:84:D6:6B:34:06:81:8D:22:6F
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/73ha6NORbwwkUWqE1ms0BoGNIm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.176.0/20
31.172.192.0/19
62.148.128.0/19
94.242.128.0/18
95.107.16.0/20
95.107.112.0/20
109.225.0.0/18
212.106.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:9d:6a:ab:26:a5:1c:6b:66:cc:39:f2:ea:3e:1a:4e:d5:7c:
25:cb:62:34:b0:8d:2b:8e:dc:df:0d:23:7d:92:67:0e:39:4c:
00:f0:a1:08:39:72:93:3f:fb:6e:5f:91:06:ad:10:45:c2:6e:
24:88:d6:81:dc:66:23:e3:58:5d:72:54:a5:79:04:6f:40:48:
c0:73:d5:8b:71:ee:78:79:04:ba:b2:6c:d8:67:29:36:1a:20:
16:87:dc:8e:92:49:cf:18:d9:9c:94:f6:e4:e7:1d:a0:e7:89:
ec:62:c2:bc:dd:46:dd:4d:43:7b:15:38:43:bb:eb:66:a7:ed:
01:f3:1b:18:01:ec:a8:6e:b7:4f:29:ec:86:e9:e3:35:f4:a2:
5a:86:81:b6:4a:f5:da:ab:54:31:8f:c8:1b:cd:e1:f0:d7:7c:
7e:fd:28:93:24:90:e0:ec:ba:3e:0a:1c:35:d6:b5:5b:5b:cf:
b1:c7:5d:8b:06:3b:cc:ec:1e:e0:bb:55:ed:e8:0d:e9:40:8e:
8e:e4:c7:97:e9:58:3c:e3:09:8a:3c:39:2c:7a:5e:1a:01:fa:
62:6f:c9:11:e7:86:4d:76:84:8f:18:13:84:1f:d4:30:6d:38:
18:84:7c:89:08:c7:52:ba:b7:00:1f:0c:93:8e:2e:83:10:29:
b0:56:c3:c3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZKOgxCXqPSNCRMerQcDNqycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMDE1MDQ1MDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjc4NWFlOGQzOTE2ZjBjMjQ1MTZhODRkNjZiMzQwNjgxOGQyMjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTzHIYJ1Kl/l2JHnQ/2Ntn+M0/Wl
oWUu6zS3Uv3zl/owBENpoTfDVHJaNR6jGzH4GCY7pIfARPVEXKr10RInuPqoZ+Gd
bks94eE5VpIPob1x4orE8EAgaCnpKm3kKa0AUl9CEZX8ut29jYhZ5Od9f/N3QT0x
lSL/9x3C1cBYvHKjIa3vVcZv3p8jsIFYwpkNJRajN6kNCj8bviNe++/wJdNzpmHk
ldPN1IxPNVTwvltv9zHFvePy/aLBjEzeljKypPmbo69TPQq4Ib9JZyAd+N4tYJIy
FEuQP1ba//m9U7c3S9wQJ+VH4WIavul7pOcMGgPAJcA1mRCPaE0z02nLKQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFO94WujTkW8MJFFqhNZrNAaBjSJvMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvNzNoYTZOT1Jid3drVVdxRTFtczBCb0dOSW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQEBY+wAwQF
H6zAAwQFPpSAAwQGXvKAAwQEX2sQAwQEX2twAwQGbeEAAwQF1GogMA0GCSqGSIb3
DQEBCwUAA4IBAQAKnWqrJqUca2bMOfLqPhpO1Xwly2I0sI0rjtzfDSN9kmcOOUwA
8KEIOXKTP/tuX5EGrRBFwm4kiNaB3GYj41hdclSleQRvQEjAc9WLce54eQS6smzY
Zyk2GiAWh9yOkknPGNmclPbk5x2g54nsYsK83UbdTUN7FThDu+tmp+0B8xsYAeyo
brdPKeyG6eM19KJahoG2SvXaq1Qxj8gbzeHw13x+/SiTJJDg7Lo+Chw11rVbW8+x
x12LBjvM7B7gu1Xt6A3pQI6O5MeX6Vg84wmKPDksel4aAfpib8kR54ZNdoSPGBOE
H9QwbTgYhHyJCMdSurcAHwyTji6DECmwVsPD
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:56 2024 by rpki-client on console-ams.rpki-client.org