Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8vbmSolIKNGKlLWOzUJUOdy-blI.roa
File: 8vbmSolIKNGKlLWOzUJUOdy-blI.roa (raw, json)
Hash identifier: I8KKUx6VJX8/F/gM69ctbNeutw/QYUx8iQ9WGm90OTk=
Subject key identifier: F2:F6:E6:4A:89:48:28:D1:8A:94:B5:8E:CD:42:54:39:DC:BE:6E:52
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019221E8F910EFBD321BE9A8F2086B9CA996
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8vbmSolIKNGKlLWOzUJUOdy-blI.roa
Signing time: Tue 24 Sep 2024 02:42:48 +0000
ROA not before: Tue 24 Sep 2024 02:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42610
IP address blocks: 5.228.0.0/16 maxlen: 16
5.228.80.0/23 maxlen: 23
5.228.82.0/23 maxlen: 23
5.228.112.0/23 maxlen: 23
5.228.114.0/23 maxlen: 23
5.228.116.0/23 maxlen: 23
5.228.118.0/23 maxlen: 23
37.110.0.0/17 maxlen: 17
37.110.128.0/19 maxlen: 19
37.204.0.0/16 maxlen: 16
46.242.0.0/17 maxlen: 17
46.242.8.0/22 maxlen: 22
46.242.12.0/22 maxlen: 22
77.37.128.0/17 maxlen: 17
83.166.227.0/24 maxlen: 24
84.253.64.0/18 maxlen: 18
85.30.192.0/18 maxlen: 18
85.172.171.0/24 maxlen: 24
90.154.64.0/18 maxlen: 18
90.154.70.0/23 maxlen: 23
90.154.72.0/23 maxlen: 23
90.156.172.0/22 maxlen: 22
95.84.128.0/18 maxlen: 18
95.84.192.0/18 maxlen: 18
109.173.0.0/17 maxlen: 17
178.140.0.0/16 maxlen: 16
185.19.20.0/22 maxlen: 22
188.32.0.0/16 maxlen: 16
188.255.0.0/17 maxlen: 17
217.12.41.0/24 maxlen: 24
2a02:2168::/29 maxlen: 29
2a02:2168::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:21:e8:f9:10:ef:bd:32:1b:e9:a8:f2:08:6b:9c:a9:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Sep 24 02:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2f6e64a894828d18a94b58ecd425439dcbe6e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4b:ae:d2:73:db:2b:a5:a9:e7:21:64:37:d8:
96:35:cb:48:64:db:64:e3:25:8f:37:97:1c:7b:c5:
97:29:ba:4e:06:f5:ac:70:b5:84:f9:1f:ad:4c:e6:
3b:65:40:99:f0:bd:e2:f6:2f:ef:3b:18:af:41:b9:
1c:b8:c7:1c:0d:37:50:7a:e1:4b:8a:ee:f4:fa:d0:
07:f2:8d:46:1d:a0:ce:27:b1:d3:92:b7:a8:d7:79:
50:b7:33:ed:e4:01:41:b8:24:04:91:6a:3d:1e:9e:
b7:d8:1c:ff:be:87:25:db:80:64:e7:e3:2b:1d:8b:
a1:67:e8:59:47:35:29:02:34:00:71:d5:b4:29:6e:
b8:98:61:50:0a:77:1e:33:4c:62:02:04:09:ad:fc:
e3:a2:26:6c:c8:4f:7a:e5:f3:fc:99:35:35:26:92:
8e:76:94:76:6e:3e:57:bf:05:cc:d0:84:6a:f6:90:
4d:a7:01:06:6b:66:ae:9b:32:c4:9c:f1:35:34:c2:
27:cb:3c:1a:06:98:7f:4c:59:be:82:13:d2:ac:c0:
af:03:29:cd:2b:8a:cb:1e:94:31:ea:83:6d:8f:ff:
af:0c:23:d7:59:48:30:ae:9f:5f:04:51:69:b9:a9:
f0:e1:8e:ec:9f:40:4a:67:16:02:ba:43:93:6c:5a:
28:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:F6:E6:4A:89:48:28:D1:8A:94:B5:8E:CD:42:54:39:DC:BE:6E:52
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/8vbmSolIKNGKlLWOzUJUOdy-blI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.228.0.0/16
37.110.0.0-37.110.159.255
37.204.0.0/16
46.242.0.0/17
77.37.128.0/17
83.166.227.0/24
84.253.64.0/18
85.30.192.0/18
85.172.171.0/24
90.154.64.0/18
90.156.172.0/22
95.84.128.0/17
109.173.0.0/17
178.140.0.0/16
185.19.20.0/22
188.32.0.0/16
188.255.0.0/17
217.12.41.0/24
IPv6:
2a02:2168::/29
Signature Algorithm: sha256WithRSAEncryption
03:f1:08:9d:89:9d:4d:ca:e7:44:de:7c:af:19:0d:a6:5b:7c:
ea:43:a3:7f:93:c5:eb:f9:0c:e7:a5:c9:7c:3b:4e:e1:97:95:
4f:67:ca:24:7b:dc:b7:1d:d6:cd:02:da:83:d5:a8:bb:5a:da:
08:fb:09:b8:1d:ee:46:d3:6d:09:2a:b6:b2:87:26:94:80:b4:
8e:ce:bc:7a:6f:c3:13:fb:aa:f8:38:a5:7c:10:e5:f9:52:16:
27:72:dc:2f:65:5b:47:2c:7e:00:2f:13:cf:80:23:8a:dd:a2:
d6:72:79:db:d7:b1:2d:23:05:79:15:4a:d2:e3:bf:ef:c0:30:
14:19:68:fa:a9:80:b2:9b:1a:8a:c2:f6:d5:35:db:0c:1e:2c:
b9:2e:11:81:a3:07:92:e5:75:fc:39:86:87:b6:de:e9:98:36:
e6:c1:52:9c:ab:33:c8:40:7f:b9:e6:76:f6:14:78:4a:46:e8:
8a:29:ae:b5:72:73:ae:c5:29:ad:73:48:ac:ef:98:7e:02:07:
2f:78:37:25:50:91:e3:fd:ca:c0:fe:e3:fd:b2:ad:e7:9c:90:
25:ba:41:25:e3:ba:27:0f:cb:98:8a:ad:78:98:ab:c8:2a:2b:
24:84:0a:28:7a:09:ae:8c:97:5c:7d:d3:8a:ae:11:2f:eb:f4:
7d:f2:c2:78
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZIh6PkQ770yG+mo8ghrnKmWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwOTI0MDI0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmY2ZTY0YTg5NDgyOGQxOGE5NGI1OGVjZDQyNTQzOWRjYmU2ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEuu0nPbK6Wp5yFkN9iWNctIZNtk
4yWPN5cce8WXKbpOBvWscLWE+R+tTOY7ZUCZ8L3i9i/vOxivQbkcuMccDTdQeuFL
iu70+tAH8o1GHaDOJ7HTkreo13lQtzPt5AFBuCQEkWo9Hp632Bz/vocl24Bk5+Mr
HYuhZ+hZRzUpAjQAcdW0KW64mGFQCnceM0xiAgQJrfzjoiZsyE965fP8mTU1JpKO
dpR2bj5XvwXM0IRq9pBNpwEGa2aumzLEnPE1NMInyzwaBph/TFm+ghPSrMCvAynN
K4rLHpQx6oNtj/+vDCPXWUgwrp9fBFFpuanw4Y7sn0BKZxYCukOTbFoo9QIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFPL25kqJSCjRipS1js1CVDncvm5SMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvOHZibVNvbElLTkdLbExXT3pVSlVPZHktYmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwMABeQw
CwMDASVuAwQFJW6AAwMAJcwDBAcu8gADBAdNJYADBABTpuMDBAZU/UADBAZVHsAD
BABVrKsDBAZamkADBAJanKwDBAdfVIADBAdtrQADAwCyjAMEArkTFAMDALwgAwQH
vP8AAwQA2QwpMA0EAgACMAcDBQMqAiFoMA0GCSqGSIb3DQEBCwUAA4IBAQAD8Qid
iZ1NyudE3nyvGQ2mW3zqQ6N/k8Xr+Qznpcl8O07hl5VPZ8oke9y3HdbNAtqD1ai7
WtoI+wm4He5G020JKrayhyaUgLSOzrx6b8MT+6r4OKV8EOX5UhYnctwvZVtHLH4A
LxPPgCOK3aLWcnnb17EtIwV5FUrS47/vwDAUGWj6qYCymxqKwvbVNdsMHiy5LhGB
oweS5XX8OYaHtt7pmDbmwVKcqzPIQH+55nb2FHhKRuiKKa61cnOuxSmtc0is75h+
AgcveDclUJHj/crA/uP9sq3nnJAlukEl47onD8uYiq14mKvIKiskhAooegmujJdc
fdOKrhEv6/R98sJ4
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:26 2024 by rpki-client on console-fra.rpki-client.org