Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/qO5KjIkyCcddkH8wp8l4_Dw6tU4.roa
File: qO5KjIkyCcddkH8wp8l4_Dw6tU4.roa (raw, json)
Hash identifier: 5Neu6hchiyACKfVfpQOFuOM5HMU+d/Ql0Ln013yRrUA=
Subject key identifier: A8:EE:4A:8C:89:32:09:C7:5D:90:7F:30:A7:C9:78:FC:3C:3A:B5:4E
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01922223901651C2C51ED2D7109A426F7CA4
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/qO5KjIkyCcddkH8wp8l4_Dw6tU4.roa
Signing time: Tue 24 Sep 2024 03:46:48 +0000
ROA not before: Tue 24 Sep 2024 03:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33934
IP address blocks: 83.239.128.0/18 maxlen: 18
83.239.128.0/22 maxlen: 22
83.239.132.0/24 maxlen: 24
83.239.138.0/23 maxlen: 23
83.239.142.0/23 maxlen: 23
83.239.144.0/24 maxlen: 24
83.239.151.0/24 maxlen: 24
83.239.152.0/22 maxlen: 22
83.239.156.0/23 maxlen: 23
83.239.158.0/24 maxlen: 24
83.239.161.0/24 maxlen: 24
83.239.162.0/23 maxlen: 23
83.239.164.0/24 maxlen: 24
83.239.167.0/24 maxlen: 24
83.239.168.0/23 maxlen: 23
83.239.172.0/22 maxlen: 22
83.239.176.0/24 maxlen: 24
83.239.179.0/24 maxlen: 24
83.239.180.0/22 maxlen: 22
83.239.184.0/22 maxlen: 22
83.239.188.0/23 maxlen: 23
83.239.191.0/24 maxlen: 24
85.172.112.0/20 maxlen: 20
85.172.120.0/23 maxlen: 23
85.172.122.0/24 maxlen: 24
85.172.126.0/23 maxlen: 23
85.172.168.0/22 maxlen: 22
85.172.170.0/24 maxlen: 24
85.173.64.0/19 maxlen: 19
85.173.80.0/22 maxlen: 22
85.173.84.0/23 maxlen: 23
85.173.192.0/19 maxlen: 19
85.173.208.0/23 maxlen: 23
85.174.0.0/17 maxlen: 17
85.174.63.0/24 maxlen: 24
85.174.69.0/24 maxlen: 24
85.174.70.0/23 maxlen: 23
85.174.80.0/22 maxlen: 22
85.174.84.0/24 maxlen: 24
85.174.100.0/24 maxlen: 24
94.233.0.0/17 maxlen: 17
94.233.20.0/24 maxlen: 24
94.233.23.0/24 maxlen: 24
94.233.24.0/22 maxlen: 22
94.233.28.0/24 maxlen: 24
94.233.30.0/23 maxlen: 23
94.233.32.0/21 maxlen: 21
94.233.44.0/23 maxlen: 23
94.233.47.0/24 maxlen: 24
94.233.48.0/21 maxlen: 21
94.233.66.0/23 maxlen: 23
94.233.70.0/24 maxlen: 24
94.233.74.0/23 maxlen: 23
94.233.76.0/23 maxlen: 23
94.233.78.0/24 maxlen: 24
94.233.85.0/24 maxlen: 24
94.233.87.0/24 maxlen: 24
94.233.106.0/24 maxlen: 24
94.233.107.0/24 maxlen: 24
94.233.126.0/23 maxlen: 23
178.34.64.0/22 maxlen: 22
178.35.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:22:23:90:16:51:c2:c5:1e:d2:d7:10:9a:42:6f:7c:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Sep 24 03:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8ee4a8c893209c75d907f30a7c978fc3c3ab54e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ce:56:03:6e:f6:bb:10:37:4b:4f:66:b8:87:
7f:29:e0:87:67:eb:e4:fd:47:c7:61:49:27:6d:d2:
79:43:41:1a:db:37:1d:e1:61:c0:73:31:fb:07:38:
bd:3c:1e:86:8c:2f:b0:fd:a8:f8:5f:6d:59:56:17:
45:d3:fc:f3:53:39:bc:1d:80:5c:f4:36:3b:af:48:
ff:4e:48:67:77:f1:6d:1b:2c:05:6a:b2:8c:dc:94:
70:9e:21:fa:6e:d5:7c:b2:7d:fe:ae:26:0a:21:b9:
36:e3:ad:ea:46:f7:8c:7f:e2:02:fb:92:52:0b:a7:
22:1d:37:c5:95:5e:17:08:94:d5:86:be:f0:89:cc:
a7:bb:40:36:25:52:9f:7c:59:b1:f7:27:a3:59:59:
01:9c:f6:b1:47:fd:8f:ab:5e:73:f9:54:16:77:9c:
b0:65:4b:fc:17:49:5c:e3:17:88:34:a6:37:16:85:
6a:39:93:3b:1f:a7:0f:38:fa:04:81:41:bc:0a:24:
6c:58:88:f2:a6:3f:1c:91:34:0e:c6:19:4d:60:a1:
9e:45:94:f9:19:7a:b6:7f:2c:7f:42:9e:02:64:19:
12:b4:b2:8e:58:f0:2e:00:4c:5c:19:bc:60:ce:67:
58:b4:4c:80:5c:13:8f:bd:a3:af:09:05:48:b7:a2:
9f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EE:4A:8C:89:32:09:C7:5D:90:7F:30:A7:C9:78:FC:3C:3A:B5:4E
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/qO5KjIkyCcddkH8wp8l4_Dw6tU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.128.0/18
85.172.112.0/20
85.172.168.0/22
85.173.64.0/19
85.173.192.0/19
85.174.0.0/17
94.233.0.0/17
178.34.64.0/22
178.35.128.0/18
Signature Algorithm: sha256WithRSAEncryption
20:f9:19:51:47:d6:f1:23:e9:ea:32:22:ed:a5:c2:0a:aa:35:
49:2a:f8:6c:b9:2c:50:23:1f:20:76:93:59:fc:3e:13:28:f4:
c0:24:b5:c8:84:d4:4c:36:88:63:b3:61:cd:41:60:1c:c7:d6:
64:39:84:7c:c0:da:79:bb:8d:22:38:2f:7e:af:ce:f5:28:7d:
bc:93:97:77:bc:57:57:0f:f7:69:2f:6c:32:58:13:57:7b:56:
cb:7b:44:95:67:98:d3:3c:59:d2:d3:77:b0:d1:3a:43:ee:2b:
03:6d:ab:0b:f6:92:aa:a5:6c:95:4f:17:16:22:af:97:f1:5d:
0a:8e:b7:85:94:0e:46:06:16:68:d2:13:c6:dc:ce:16:ba:52:
d1:00:20:bb:1d:2a:88:64:14:b9:e9:7c:52:f7:e5:b7:a8:d1:
8f:25:d4:a2:d9:80:e9:aa:1c:53:53:ad:20:32:ad:4b:b0:b5:
b4:0e:70:1a:03:ef:92:e5:bf:9a:6b:e5:a2:76:93:59:80:df:
f9:74:00:78:d1:e6:fb:60:3c:a5:1a:08:bc:6a:23:f9:0f:a2:
1f:8a:85:d2:76:60:1e:48:68:00:4b:04:6f:be:4e:76:5d:36:
a2:53:f3:77:3e:0c:2c:7d:8f:18:35:93:3d:f1:aa:f2:19:e2:
95:97:17:b0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZIiI5AWUcLFHtLXEJpCb3ykMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwOTI0MDM0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGVlNGE4Yzg5MzIwOWM3NWQ5MDdmMzBhN2M5NzhmYzNjM2FiNTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3c5WA272uxA3S09muId/KeCHZ+vk
/UfHYUknbdJ5Q0Ea2zcd4WHAczH7Bzi9PB6GjC+w/aj4X21ZVhdF0/zzUzm8HYBc
9DY7r0j/Tkhnd/FtGywFarKM3JRwniH6btV8sn3+riYKIbk2463qRveMf+IC+5JS
C6ciHTfFlV4XCJTVhr7wicynu0A2JVKffFmx9yejWVkBnPaxR/2Pq15z+VQWd5yw
ZUv8F0lc4xeINKY3FoVqOZM7H6cPOPoEgUG8CiRsWIjypj8ckTQOxhlNYKGeRZT5
GXq2fyx/Qp4CZBkStLKOWPAuAExcGbxgzmdYtEyAXBOPvaOvCQVIt6KfIwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKjuSoyJMgnHXZB/MKfJePw8OrVOMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvcU81S2pJa3lDY2Rka0g4d3A4bDRfRHc2dFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQGU++AAwQE
VaxwAwQCVayoAwQFVa1AAwQFVa3AAwQHVa4AAwQHXukAAwQCsiJAAwQGsiOAMA0G
CSqGSIb3DQEBCwUAA4IBAQAg+RlRR9bxI+nqMiLtpcIKqjVJKvhsuSxQIx8gdpNZ
/D4TKPTAJLXIhNRMNohjs2HNQWAcx9ZkOYR8wNp5u40iOC9+r871KH28k5d3vFdX
D/dpL2wyWBNXe1bLe0SVZ5jTPFnS03ew0TpD7isDbasL9pKqpWyVTxcWIq+X8V0K
jreFlA5GBhZo0hPG3M4WulLRACC7HSqIZBS56XxS9+W3qNGPJdSi2YDpqhxTU60g
Mq1LsLW0DnAaA++S5b+aa+WidpNZgN/5dAB40eb7YDylGgi8aiP5D6IfioXSdmAe
SGgASwRvvk52XTaiU/N3PgwsfY8YNZM98aryGeKVlxew
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:50:40 2024 by rpki-client on console-ams.rpki-client.org