Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/jUdz4ds5dh-afbPh94hmvIUEjKM.roa
File: jUdz4ds5dh-afbPh94hmvIUEjKM.roa (raw, json)
Hash identifier: MmPms8dgGzpJEt8bEB6R6hXW8UAZdSb1hUp8YWbAU/g=
Subject key identifier: 8D:47:73:E1:DB:39:76:1F:9A:7D:B3:E1:F7:88:66:BC:85:04:8C:A3
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01932E49375A5D33A572EC8552D98DC28788
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/jUdz4ds5dh-afbPh94hmvIUEjKM.roa
Signing time: Fri 15 Nov 2024 05:26:10 +0000
ROA not before: Fri 15 Nov 2024 05:26:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25490
IP address blocks: 62.183.0.0/17 maxlen: 17
62.183.0.0/19 maxlen: 19
62.183.32.0/20 maxlen: 20
62.183.48.0/23 maxlen: 23
62.183.50.0/24 maxlen: 24
62.183.52.0/22 maxlen: 22
62.183.56.0/22 maxlen: 22
62.183.60.0/22 maxlen: 22
62.183.64.0/21 maxlen: 21
62.183.64.0/24 maxlen: 24
62.183.72.0/22 maxlen: 22
62.183.88.0/22 maxlen: 22
62.183.96.0/22 maxlen: 22
83.239.0.0/18 maxlen: 18
83.239.0.0/20 maxlen: 20
83.239.16.0/20 maxlen: 20
83.239.32.0/19 maxlen: 19
83.239.32.0/21 maxlen: 21
83.239.40.0/22 maxlen: 22
83.239.48.0/20 maxlen: 20
83.239.64.0/19 maxlen: 19
83.239.96.0/20 maxlen: 20
83.239.200.0/21 maxlen: 24
83.239.224.0/20 maxlen: 20
83.239.240.0/22 maxlen: 22
83.239.244.0/22 maxlen: 22
85.172.0.0/19 maxlen: 19
85.172.32.0/19 maxlen: 19
85.172.64.0/21 maxlen: 21
85.172.72.0/22 maxlen: 22
85.172.79.0/24 maxlen: 24
85.172.82.0/23 maxlen: 23
85.172.84.0/22 maxlen: 22
85.172.96.0/20 maxlen: 20
85.172.96.0/21 maxlen: 21
85.172.104.0/22 maxlen: 22
85.172.108.0/23 maxlen: 23
85.172.160.0/21 maxlen: 21
85.173.4.0/22 maxlen: 22
85.173.144.0/20 maxlen: 20
85.174.128.0/18 maxlen: 18
85.174.143.0/24 maxlen: 24
85.174.224.0/20 maxlen: 20
85.174.240.0/20 maxlen: 20
85.175.0.0/16 maxlen: 23
85.175.0.0/19 maxlen: 19
85.175.32.0/21 maxlen: 21
85.175.46.0/24 maxlen: 24
85.175.62.0/23 maxlen: 23
85.175.65.0/24 maxlen: 24
85.175.66.0/23 maxlen: 23
85.175.71.0/24 maxlen: 24
85.175.72.0/22 maxlen: 22
85.175.82.0/23 maxlen: 23
85.175.91.0/24 maxlen: 24
85.175.96.0/22 maxlen: 22
85.175.100.0/23 maxlen: 23
85.175.152.0/23 maxlen: 23
85.175.170.0/23 maxlen: 23
85.175.192.0/20 maxlen: 20
85.175.216.0/22 maxlen: 22
85.175.226.0/23 maxlen: 23
85.175.236.0/24 maxlen: 24
94.233.144.0/21 maxlen: 21
94.233.160.0/20 maxlen: 20
109.172.72.0/24 maxlen: 24
178.34.0.0/17 maxlen: 17
2a02:8040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2e:49:37:5a:5d:33:a5:72:ec:85:52:d9:8d:c2:87:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Nov 15 05:26:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d4773e1db39761f9a7db3e1f78866bc85048ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cf:12:52:48:45:0e:de:9f:0b:2e:b8:ba:ce:
3b:31:17:0e:8d:2c:f5:b2:0e:16:2a:cd:f0:bf:f4:
93:77:3e:aa:50:d0:24:eb:cb:e3:8d:56:21:2c:3d:
8f:6f:03:42:6b:68:eb:ba:07:26:bb:a3:8c:f0:45:
53:0e:c0:db:37:e0:99:15:79:cf:6c:c1:6f:f0:71:
66:13:d3:fe:89:66:a3:67:02:71:af:a8:6d:8a:e1:
ac:c7:dd:8d:6a:56:d5:3d:a9:a6:7f:2e:da:38:c5:
b8:6e:7e:6b:b2:f9:41:a7:b6:ee:83:ef:32:19:70:
94:44:8a:2b:d5:2f:00:ea:5a:8e:d4:a6:e2:7e:1c:
5c:1c:1a:e6:4d:99:f6:ac:2e:54:38:05:cc:b8:57:
0d:21:1b:43:71:88:33:04:04:fb:1c:42:37:6e:b7:
5e:aa:b4:69:b1:8f:ca:b1:11:ad:dd:56:c7:09:89:
43:63:c7:06:74:e0:80:3d:a6:a1:c6:41:ba:1c:b2:
c4:dd:9a:89:b4:01:d6:6f:39:3d:88:78:61:53:da:
0b:7c:87:56:8b:3b:be:ed:7f:63:ef:50:92:6d:9a:
70:7f:18:ac:72:65:cf:d6:e6:dd:b9:62:73:cb:76:
13:d7:a9:3a:d4:a7:49:61:30:2f:aa:34:1f:09:67:
9f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:47:73:E1:DB:39:76:1F:9A:7D:B3:E1:F7:88:66:BC:85:04:8C:A3
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/jUdz4ds5dh-afbPh94hmvIUEjKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.183.0.0/17
83.239.0.0-83.239.111.255
83.239.200.0/21
83.239.224.0-83.239.247.255
85.172.0.0-85.172.75.255
85.172.79.0/24
85.172.82.0-85.172.87.255
85.172.96.0/20
85.172.160.0/21
85.173.4.0/22
85.173.144.0/20
85.174.128.0/18
85.174.224.0-85.175.255.255
94.233.144.0/21
94.233.160.0/20
109.172.72.0/24
178.34.0.0/17
IPv6:
2a02:8040::/32
Signature Algorithm: sha256WithRSAEncryption
76:76:f3:24:2a:76:12:e0:00:25:9d:f5:9a:b9:1b:f6:21:d5:
0d:58:1b:7a:79:74:42:09:7b:87:5c:4d:e6:7e:f5:56:79:7b:
d5:73:3d:8e:d3:bd:9e:22:85:1d:59:1f:a1:8c:e7:67:8d:06:
1c:d3:bf:46:d8:83:4d:93:34:c1:eb:3a:c0:14:55:61:e7:64:
e7:2f:b7:fe:86:6f:77:25:34:c5:7f:fb:a1:f8:ac:b3:5f:44:
11:4d:9d:a7:1c:02:a9:78:8c:85:71:fe:3d:31:e1:bc:0d:bc:
28:dd:25:44:ba:df:9a:69:f5:28:6b:38:d1:68:c0:b6:16:ad:
b9:d3:08:e7:02:dd:95:34:2b:28:63:4f:a1:dc:89:7a:58:77:
bd:b2:20:8f:da:b7:5a:53:1f:a1:b4:14:a2:a2:2b:ed:a1:12:
47:8a:7b:3c:be:9d:3c:4e:39:6e:e5:7c:e3:28:6d:74:f5:23:
b0:71:cc:17:7f:e6:48:3e:a0:6c:b5:ed:23:2f:bb:86:b4:b4:
51:9a:9c:39:c5:6f:e7:12:08:10:6b:a4:9e:b7:45:a3:ab:53:
93:b9:74:c8:92:27:15:49:61:32:d7:17:9c:22:1b:87:2a:dd:
85:70:dc:9e:52:40:58:ec:4e:3e:b6:bb:73:d1:3e:c4:95:73:
61:b9:3f:f4
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZMuSTdaXTOlcuyFUtmNwoeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMTE1MDUyNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDQ3NzNlMWRiMzk3NjFmOWE3ZGIzZTFmNzg4NjZiYzg1MDQ4Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc8SUkhFDt6fCy64us47MRcOjSz1
sg4WKs3wv/STdz6qUNAk68vjjVYhLD2PbwNCa2jrugcmu6OM8EVTDsDbN+CZFXnP
bMFv8HFmE9P+iWajZwJxr6htiuGsx92NalbVPammfy7aOMW4bn5rsvlBp7bug+8y
GXCURIor1S8A6lqO1KbifhxcHBrmTZn2rC5UOAXMuFcNIRtDcYgzBAT7HEI3brde
qrRpsY/KsRGt3VbHCYlDY8cGdOCAPaahxkG6HLLE3ZqJtAHWbzk9iHhhU9oLfIdW
izu+7X9j71CSbZpwfxiscmXP1ubduWJzy3YT16k61KdJYTAvqjQfCWefcQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFI1Hc+HbOXYfmn2z4feIZryFBIyjMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvalVkejRkczVkaC1hZmJQaDk0aG12SVVFaktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBkgQCAAEwgYsDBAc+
twAwCwMDAFPvAwQEU+9gAwQDU+/IMAwDBAVT7+ADBANT7/AwCwMDAlWsAwQCVaxI
AwQAVaxPMAwDBAFVrFIDBANVrFADBARVrGADBANVrKADBAJVrQQDBARVrZADBAZV
roAwCwMEBVWu4AMDBFWgAwQDXumQAwQEXumgAwQAbaxIAwQHsiIAMA0EAgACMAcD
BQAqAoBAMA0GCSqGSIb3DQEBCwUAA4IBAQB2dvMkKnYS4AAlnfWauRv2IdUNWBt6
eXRCCXuHXE3mfvVWeXvVcz2O072eIoUdWR+hjOdnjQYc079G2INNkzTB6zrAFFVh
52TnL7f+hm93JTTFf/uh+KyzX0QRTZ2nHAKpeIyFcf49MeG8Dbwo3SVEut+aafUo
azjRaMC2Fq250wjnAt2VNCsoY0+h3Il6WHe9siCP2rdaUx+htBSioivtoRJHins8
vp08Tjlu5XzjKG109SOwccwXf+ZIPqBste0jL7uGtLRRmpw5xW/nEggQa6Set0Wj
q1OTuXTIkicVSWEy1xecIhuHKt2FcNyeUkBY7E4+trtz0T7ElXNhuT/0
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:57 2024 by rpki-client on console-ams.rpki-client.org