Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Lx5Eerd3rTAl8Kgd1PrYbRyVP0M.roa
File: Lx5Eerd3rTAl8Kgd1PrYbRyVP0M.roa (raw, json)
Hash identifier: +q/EP9QIIfHrUzMuA3NGXB6EgRqYfOi5H/j22TLdwys=
Subject key identifier: 2F:1E:44:7A:B7:77:AD:30:25:F0:A8:1D:D4:FA:D8:6D:1C:95:3F:43
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01919E05C19C5D8C404F75738662562A6AE4
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Lx5Eerd3rTAl8Kgd1PrYbRyVP0M.roa
Signing time: Thu 29 Aug 2024 12:04:22 +0000
ROA not before: Thu 29 Aug 2024 12:04:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8439
IP address blocks: 5.28.16.0/20 maxlen: 20
31.28.32.0/19 maxlen: 19
37.9.144.0/20 maxlen: 20
62.106.96.0/19 maxlen: 19
62.106.96.0/20 maxlen: 20
62.106.112.0/21 maxlen: 21
62.106.120.0/21 maxlen: 21
81.28.160.0/19 maxlen: 19
85.114.160.0/19 maxlen: 19
92.240.128.0/20 maxlen: 20
95.128.160.0/21 maxlen: 21
95.128.160.0/22 maxlen: 22
95.128.164.0/22 maxlen: 22
109.226.64.0/18 maxlen: 18
185.10.180.0/22 maxlen: 22
185.50.8.0/22 maxlen: 22
188.122.224.0/19 maxlen: 19
193.106.240.0/22 maxlen: 22
213.178.32.0/19 maxlen: 19
213.178.32.0/21 maxlen: 21
213.178.40.0/21 maxlen: 21
213.178.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:05:c1:9c:5d:8c:40:4f:75:73:86:62:56:2a:6a:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 29 12:04:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f1e447ab777ad3025f0a81dd4fad86d1c953f43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:59:97:2d:1a:97:11:70:02:a7:6a:9a:de:1c:
5a:8d:e4:1a:b6:74:fb:26:02:39:d3:1f:19:c3:13:
22:d9:fd:fb:c1:17:9b:20:e7:35:86:cc:1d:19:03:
3a:7e:bd:01:a5:c8:e9:d1:ad:9c:b5:03:47:2e:5d:
8d:7c:ff:f1:9b:d8:a2:f0:90:e0:3c:c5:96:99:59:
c6:94:5e:f1:ff:ac:ae:e9:6e:3a:1d:25:a3:64:a2:
fa:03:9d:a9:e4:52:93:92:a0:cc:ef:93:21:ce:8d:
c4:2a:63:74:89:8f:ae:33:be:db:7b:6a:de:13:0e:
91:2d:00:75:59:96:01:12:31:29:57:ce:f1:f2:46:
e1:bf:45:59:ed:cf:93:b1:af:ab:3a:88:bd:59:dd:
97:14:41:a5:5b:90:86:e1:54:05:e8:72:8f:59:92:
4b:d6:1e:a7:95:05:d0:ce:69:f0:82:60:2d:ed:66:
12:69:f5:87:92:cb:15:ca:25:15:d7:63:f6:0a:24:
dd:75:b6:3b:96:f3:c4:a2:03:c0:e3:9a:d9:f1:f8:
36:55:11:0b:82:61:fe:39:e6:46:0e:0b:f3:4f:a0:
e7:e0:09:ca:0e:13:6d:8b:77:37:a2:1d:15:33:48:
3f:22:bf:81:d7:70:ea:4b:7c:ab:95:18:31:57:bc:
18:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1E:44:7A:B7:77:AD:30:25:F0:A8:1D:D4:FA:D8:6D:1C:95:3F:43
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Lx5Eerd3rTAl8Kgd1PrYbRyVP0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.16.0/20
31.28.32.0/19
37.9.144.0/20
62.106.96.0/19
81.28.160.0/19
85.114.160.0/19
92.240.128.0/20
95.128.160.0/21
109.226.64.0/18
185.10.180.0/22
185.50.8.0/22
188.122.224.0/19
193.106.240.0/22
213.178.32.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:10:3a:cb:1a:41:e9:d3:a6:82:ec:1a:bc:c1:40:8e:c1:71:
ac:f9:ac:73:0b:c6:1a:66:36:a6:fd:f4:d7:4c:b7:df:af:9f:
b0:e7:5d:83:41:3d:ee:2a:d0:53:98:58:a6:8f:24:0e:c2:1c:
93:88:a6:bf:1e:08:28:a5:3d:b5:d5:ae:a5:42:25:87:ec:ae:
c8:3c:5c:e1:be:a5:f7:72:01:df:a8:2b:0e:93:f7:b8:03:d8:
f9:fe:9a:e9:46:10:06:d1:1f:d0:bb:83:14:03:f4:a0:39:87:
bd:d4:e7:f3:81:69:3b:b0:f9:c7:0f:8f:2e:fc:25:07:95:27:
de:b6:3c:d9:ac:96:75:f2:68:a2:9d:bb:3e:bc:ad:c1:63:23:
4f:c9:f2:6d:75:c2:ce:9d:e1:52:ba:fd:42:76:e1:d1:3d:d1:
b1:7a:b7:9e:3c:b1:10:f9:2b:3b:aa:69:cf:e8:db:5e:86:5b:
43:37:fa:2b:f4:54:b7:4f:27:32:70:96:0e:ab:8c:26:ef:f4:
b2:ac:04:48:f4:92:51:54:3f:69:11:84:a2:a4:4b:15:b1:1b:
52:c6:64:3d:3e:ef:e7:59:19:02:73:70:21:53:65:7a:3a:23:
e2:10:57:b5:26:7b:2c:b7:9e:fe:eb:d2:55:73:33:37:ce:cf:
f8:cf:63:9e
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZGeBcGcXYxAT3VzhmJWKmrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI5MTIwNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjFlNDQ3YWI3NzdhZDMwMjVmMGE4MWRkNGZhZDg2ZDFjOTUzZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlmXLRqXEXACp2qa3hxajeQatnT7
JgI50x8ZwxMi2f37wRebIOc1hswdGQM6fr0Bpcjp0a2ctQNHLl2NfP/xm9ii8JDg
PMWWmVnGlF7x/6yu6W46HSWjZKL6A52p5FKTkqDM75Mhzo3EKmN0iY+uM77be2re
Ew6RLQB1WZYBEjEpV87x8kbhv0VZ7c+Tsa+rOoi9Wd2XFEGlW5CG4VQF6HKPWZJL
1h6nlQXQzmnwgmAt7WYSafWHkssVyiUV12P2CiTddbY7lvPEogPA45rZ8fg2VREL
gmH+OeZGDgvzT6Dn4AnKDhNti3c3oh0VM0g/Ir+B13DqS3yrlRgxV7wY6QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFC8eRHq3d60wJfCoHdT62G0clT9DMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvTHg1RWVyZDNyVEFsOEtnZDFQclliUnlWUDBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQEBRwQAwQF
HxwgAwQEJQmQAwQFPmpgAwQFURygAwQFVXKgAwQEXPCAAwQDX4CgAwQGbeJAAwQC
uQq0AwQCuTIIAwQFvHrgAwQCwWrwAwQF1bIgMA0GCSqGSIb3DQEBCwUAA4IBAQB7
EDrLGkHp06aC7Bq8wUCOwXGs+axzC8YaZjam/fTXTLffr5+w512DQT3uKtBTmFim
jyQOwhyTiKa/HggopT211a6lQiWH7K7IPFzhvqX3cgHfqCsOk/e4A9j5/prpRhAG
0R/Qu4MUA/SgOYe91OfzgWk7sPnHD48u/CUHlSfetjzZrJZ18miinbs+vK3BYyNP
yfJtdcLOneFSuv1CduHRPdGxereePLEQ+Ss7qmnP6NtehltDN/or9FS3TycycJYO
q4wm7/SyrARI9JJRVD9pEYSipEsVsRtSxmQ9Pu/nWRkCc3AhU2V6OiPiEFe1Jnss
t57+69JVczM3zs/4z2Oe
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:50:40 2024 by rpki-client on console-ams.rpki-client.org