Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/vmqIWTEcidpseBSjQ3LcKCizPb4.roa
File: vmqIWTEcidpseBSjQ3LcKCizPb4.roa (raw, json)
Hash identifier: jnn2O2g6v4o0DTbMbpR1eD3lx6kBrw+VhQJXGvN7/x0=
Subject key identifier: BE:6A:88:59:31:1C:89:DA:6C:78:14:A3:43:72:DC:28:28:B3:3D:BE
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E5FC7ADBC935C39EA29A8698E5B41B409
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/vmqIWTEcidpseBSjQ3LcKCizPb4.roa
Signing time: Thu 21 Mar 2024 06:51:45 +0000
ROA not before: Thu 21 Mar 2024 06:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8439
IP address blocks: 5.28.16.0/20 maxlen: 20
31.28.32.0/19 maxlen: 19
37.9.144.0/20 maxlen: 20
62.106.96.0/20 maxlen: 20
62.106.112.0/21 maxlen: 21
62.106.120.0/21 maxlen: 21
81.28.160.0/19 maxlen: 19
85.114.160.0/19 maxlen: 19
92.240.128.0/20 maxlen: 20
95.128.160.0/22 maxlen: 22
95.128.164.0/22 maxlen: 22
109.226.64.0/18 maxlen: 18
185.10.180.0/22 maxlen: 22
185.50.8.0/22 maxlen: 22
188.122.224.0/19 maxlen: 19
193.106.240.0/22 maxlen: 22
213.178.32.0/21 maxlen: 21
213.178.40.0/21 maxlen: 21
213.178.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5f:c7:ad:bc:93:5c:39:ea:29:a8:69:8e:5b:41:b4:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 21 06:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be6a8859311c89da6c7814a34372dc2828b33dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:44:3f:f4:b3:93:0f:ff:e8:18:6e:55:2a:0f:
5f:8c:4d:06:d8:55:de:ec:d5:5f:78:ee:80:51:85:
dc:4f:fd:2d:19:b2:42:69:c8:18:7c:62:64:e1:66:
a7:ef:8b:89:4b:c1:b3:19:ca:20:6f:af:50:53:cb:
e4:d6:92:90:63:d3:9c:ef:75:1d:d4:e7:ec:9b:1b:
1c:97:eb:12:31:de:fa:c2:78:0b:a8:05:7d:19:01:
c0:f0:a0:5a:40:44:dd:84:8a:69:08:a7:71:9b:17:
b6:86:48:ff:06:06:f0:e9:0c:2f:af:79:8a:f1:c4:
a6:c6:e7:97:ea:7b:49:c7:7f:3e:0e:86:f3:a5:a4:
5b:f6:13:14:77:f3:f4:02:2f:64:11:ed:29:bc:d5:
d8:d6:77:7d:10:69:07:97:20:ee:f1:39:38:c1:81:
78:37:32:92:90:4e:9c:e6:5c:f5:f7:78:f3:fb:52:
ca:b9:46:5e:8e:a4:61:ce:af:cf:df:49:09:8b:1f:
b4:d6:ba:de:6f:26:a0:e1:b7:91:9b:9f:9f:f7:52:
21:5e:76:24:35:b8:cb:ad:6f:7d:90:eb:6e:2b:94:
c0:0e:d6:6e:31:f8:5f:43:9d:d3:53:71:6e:87:57:
c4:9d:88:05:e2:25:fb:07:83:24:a3:b7:96:a6:6f:
2a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:6A:88:59:31:1C:89:DA:6C:78:14:A3:43:72:DC:28:28:B3:3D:BE
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/vmqIWTEcidpseBSjQ3LcKCizPb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.16.0/20
31.28.32.0/19
37.9.144.0/20
62.106.96.0/19
81.28.160.0/19
85.114.160.0/19
92.240.128.0/20
95.128.160.0/21
109.226.64.0/18
185.10.180.0/22
185.50.8.0/22
188.122.224.0/19
193.106.240.0/22
213.178.32.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:ae:2c:97:d6:54:71:ee:65:b9:b8:e9:db:16:c2:5a:b3:5d:
f2:39:5c:9d:60:9a:0d:d2:68:c5:34:6e:4f:16:22:aa:54:fe:
fb:5a:e9:86:d0:c7:67:e0:22:9b:9b:18:bf:80:fa:81:ff:d9:
f0:cc:7c:73:18:d6:d9:2b:8d:20:9e:92:a3:95:97:4c:ca:8f:
4a:a6:8a:97:52:00:3d:a2:24:35:0a:dd:03:9a:10:0c:17:1e:
03:2b:b5:c1:74:3c:20:66:2b:90:82:7c:1a:89:19:3d:9e:62:
24:5c:13:cd:4a:8b:a5:ee:ba:d2:8e:72:69:b7:e2:d8:de:f1:
af:2b:72:2c:db:21:4e:7e:e1:c5:74:49:e2:f3:80:da:dd:27:
3d:ba:a2:a4:dd:24:e9:1e:76:00:10:e3:79:0e:1e:3c:8f:ca:
01:d5:30:0d:78:64:9f:55:a2:32:a9:7c:1f:c1:3b:c5:a7:14:
b3:ff:4b:fe:af:0d:a5:5a:70:83:5e:55:db:40:88:d7:67:fd:
02:85:1f:5c:c9:fe:ef:c2:8b:1b:02:54:ab:ed:a3:f5:db:ff:
75:a3:04:b9:fa:ce:60:fd:92:5e:ea:3d:50:47:76:c6:41:3b:
db:48:b3:1d:53:d1:2d:02:55:8e:70:65:31:35:c7:70:48:e8:
0b:3c:92:f3
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY5fx628k1w56imoaY5bQbQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzIxMDY1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTZhODg1OTMxMWM4OWRhNmM3ODE0YTM0MzcyZGMyODI4YjMzZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEQ/9LOTD//oGG5VKg9fjE0G2FXe
7NVfeO6AUYXcT/0tGbJCacgYfGJk4Wan74uJS8GzGcogb69QU8vk1pKQY9Oc73Ud
1Ofsmxscl+sSMd76wngLqAV9GQHA8KBaQETdhIppCKdxmxe2hkj/Bgbw6Qwvr3mK
8cSmxueX6ntJx38+DobzpaRb9hMUd/P0Ai9kEe0pvNXY1nd9EGkHlyDu8Tk4wYF4
NzKSkE6c5lz193jz+1LKuUZejqRhzq/P30kJix+01rrebyag4beRm5+f91IhXnYk
NbjLrW99kOtuK5TADtZuMfhfQ53TU3Fuh1fEnYgF4iX7B4Mko7eWpm8qowIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFL5qiFkxHInabHgUo0Ny3Cgosz2+MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdm1xSVdURWNpZHBzZUJTalEzTGNLQ2l6UGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQEBRwQAwQF
HxwgAwQEJQmQAwQFPmpgAwQFURygAwQFVXKgAwQEXPCAAwQDX4CgAwQGbeJAAwQC
uQq0AwQCuTIIAwQFvHrgAwQCwWrwAwQF1bIgMA0GCSqGSIb3DQEBCwUAA4IBAQAK
riyX1lRx7mW5uOnbFsJas13yOVydYJoN0mjFNG5PFiKqVP77WumG0Mdn4CKbmxi/
gPqB/9nwzHxzGNbZK40gnpKjlZdMyo9KpoqXUgA9oiQ1Ct0DmhAMFx4DK7XBdDwg
ZiuQgnwaiRk9nmIkXBPNSoul7rrSjnJpt+LY3vGvK3Is2yFOfuHFdEni84Da3Sc9
uqKk3STpHnYAEON5Dh48j8oB1TANeGSfVaIyqXwfwTvFpxSz/0v+rw2lWnCDXlXb
QIjXZ/0ChR9cyf7vwosbAlSr7aP12/91owS5+s5g/ZJe6j1QR3bGQTvbSLMdU9Et
AlWOcGUxNcdwSOgLPJLz
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:56:01 2024 by rpki-client on console-fra.rpki-client.org