Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/BVjdjTuYkg6Ywy_MZyyb1zq2pDY.roa
File: BVjdjTuYkg6Ywy_MZyyb1zq2pDY.roa (raw, json)
Hash identifier: ObCZBNI57ExrgMWs/SKUwsIiy/XalsnbTX+XnowTMi0=
Subject key identifier: 05:58:DD:8D:3B:98:92:0E:98:C3:2F:CC:67:2C:9B:D7:3A:B6:A4:36
Certificate issuer: /CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Certificate serial: 018CC726FB6A84526BE453B13B95D889A4CA
Authority key identifier: 70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/BVjdjTuYkg6Ywy_MZyyb1zq2pDY.roa
Signing time: Mon 01 Jan 2024 22:31:09 +0000
ROA not before: Mon 01 Jan 2024 22:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31721
IP address blocks: 5.191.104.0/24 maxlen: 24
5.191.105.0/24 maxlen: 24
5.191.102.0/24 maxlen: 24
5.191.103.0/24 maxlen: 24
5.191.101.0/24 maxlen: 24
5.191.100.0/24 maxlen: 24
5.191.109.0/24 maxlen: 24
5.191.110.0/24 maxlen: 24
5.191.108.0/24 maxlen: 24
5.191.106.0/24 maxlen: 24
5.191.107.0/24 maxlen: 24
5.191.111.0/24 maxlen: 24
5.191.112.0/24 maxlen: 24
5.191.118.0/24 maxlen: 24
5.191.116.0/24 maxlen: 24
5.191.117.0/24 maxlen: 24
5.191.115.0/24 maxlen: 24
5.191.113.0/24 maxlen: 24
5.191.114.0/24 maxlen: 24
5.191.125.0/24 maxlen: 24
5.191.123.0/24 maxlen: 24
5.191.124.0/24 maxlen: 24
5.191.122.0/24 maxlen: 24
5.191.120.0/24 maxlen: 24
5.191.121.0/24 maxlen: 24
5.191.119.0/24 maxlen: 24
5.191.132.0/24 maxlen: 24
5.191.130.0/24 maxlen: 24
5.191.131.0/24 maxlen: 24
5.191.129.0/24 maxlen: 24
5.191.127.0/24 maxlen: 24
5.191.128.0/24 maxlen: 24
5.191.126.0/24 maxlen: 24
5.191.137.0/24 maxlen: 24
5.191.138.0/24 maxlen: 24
5.191.136.0/24 maxlen: 24
5.191.134.0/24 maxlen: 24
5.191.135.0/24 maxlen: 24
5.191.133.0/24 maxlen: 24
5.191.139.0/24 maxlen: 24
5.191.142.0/24 maxlen: 24
5.191.141.0/24 maxlen: 24
5.191.140.0/24 maxlen: 24
5.191.44.0/24 maxlen: 24
5.191.50.0/24 maxlen: 24
5.191.51.0/24 maxlen: 24
5.191.49.0/24 maxlen: 24
5.191.47.0/24 maxlen: 24
5.191.48.0/24 maxlen: 24
5.191.45.0/24 maxlen: 24
5.191.46.0/24 maxlen: 24
5.191.54.0/24 maxlen: 24
5.191.55.0/24 maxlen: 24
5.191.52.0/24 maxlen: 24
5.191.53.0/24 maxlen: 24
5.191.57.0/24 maxlen: 24
5.191.58.0/24 maxlen: 24
5.191.56.0/24 maxlen: 24
5.191.64.0/24 maxlen: 24
5.191.62.0/24 maxlen: 24
5.191.63.0/24 maxlen: 24
5.191.61.0/24 maxlen: 24
5.191.59.0/24 maxlen: 24
5.191.60.0/24 maxlen: 24
5.191.69.0/24 maxlen: 24
5.191.68.0/24 maxlen: 24
5.191.66.0/24 maxlen: 24
5.191.67.0/24 maxlen: 24
5.191.65.0/24 maxlen: 24
5.191.90.0/24 maxlen: 24
5.191.3.0/24 maxlen: 24
5.191.17.0/24 maxlen: 24
5.191.16.0/24 maxlen: 24
5.191.15.0/24 maxlen: 24
5.191.24.0/24 maxlen: 24
5.191.22.0/24 maxlen: 24
5.191.19.0/24 maxlen: 24
5.191.18.0/24 maxlen: 24
5.191.26.0/24 maxlen: 24
5.191.27.0/24 maxlen: 24
5.191.25.0/24 maxlen: 24
5.191.31.0/24 maxlen: 24
5.191.29.0/24 maxlen: 24
5.191.30.0/24 maxlen: 24
5.191.28.0/24 maxlen: 24
5.191.33.0/24 maxlen: 24
5.191.34.0/24 maxlen: 24
5.191.32.0/24 maxlen: 24
217.168.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 07:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:fb:6a:84:52:6b:e4:53:b1:3b:95:d8:89:a4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Validity
Not Before: Jan 1 22:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0558dd8d3b98920e98c32fcc672c9bd73ab6a436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:28:f4:62:48:7c:39:06:a5:5e:2b:f9:43:92:
a5:54:6b:de:89:5d:70:ba:6f:ca:a3:44:51:bf:93:
5e:f5:5d:7f:81:38:17:df:f9:af:25:74:8d:29:7a:
ff:1d:07:68:ed:88:29:45:ab:ec:35:87:b7:99:67:
61:49:d2:34:3e:71:aa:8a:a6:6d:1e:eb:8e:82:35:
3b:67:84:cd:cb:ae:88:04:c5:4e:d7:01:8a:f7:fc:
69:ff:66:54:40:f3:0f:61:6e:97:d9:6b:2e:ba:fe:
e2:75:34:9a:f2:63:70:80:97:b3:ab:9c:c5:43:a7:
e8:44:92:9f:ae:a1:97:2e:24:e9:dc:bc:4d:13:63:
09:0b:03:0c:89:da:e1:ca:25:72:4e:67:08:b0:b9:
b7:59:9d:77:95:93:63:47:ef:fd:8b:5a:8d:d6:70:
9d:37:d6:1e:40:2c:12:e2:91:a3:9c:af:fd:e9:99:
03:f7:02:5d:c3:b3:e6:52:de:e1:cf:3c:c7:fb:39:
90:c1:5b:41:e5:d0:69:09:d2:fb:bd:0c:e8:e7:ce:
86:1a:cb:d8:91:47:e0:bc:5d:12:c9:f9:13:8a:2d:
04:3f:48:4c:9e:1c:32:5e:47:20:15:f7:6f:87:1c:
91:f7:c4:3a:bb:55:88:de:24:89:ba:1d:86:72:76:
42:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:58:DD:8D:3B:98:92:0E:98:C3:2F:CC:67:2C:9B:D7:3A:B6:A4:36
X509v3 Authority Key Identifier:
keyid:70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/BVjdjTuYkg6Ywy_MZyyb1zq2pDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.191.3.0/24
5.191.15.0-5.191.19.255
5.191.22.0/24
5.191.24.0-5.191.34.255
5.191.44.0-5.191.69.255
5.191.90.0/24
5.191.100.0-5.191.142.255
217.168.176.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:b4:9c:e3:89:af:cc:a0:10:5e:40:d4:62:8e:8e:b6:ae:50:
e1:22:dc:81:fb:9b:d6:cd:cb:c6:3a:4e:e1:a7:f6:86:25:e3:
4d:a7:d1:8b:72:8e:e1:a6:c7:1b:3d:e0:93:bd:ba:0a:8c:8c:
3b:cf:0c:a4:64:61:f1:9d:1d:7d:15:31:87:c7:fa:fd:4b:5a:
dd:84:05:a6:8f:08:da:b7:f3:56:9d:25:fd:53:80:52:f7:4a:
e5:22:5a:00:b5:83:a8:09:a8:65:e5:e8:53:a3:15:d1:9b:98:
33:9d:7b:fe:43:b2:7c:1a:8e:ba:cd:28:50:8d:23:75:49:ef:
18:8d:14:9b:c3:f4:00:94:3d:77:fe:23:33:71:d8:f7:f9:f4:
bd:5f:f3:17:e3:14:52:f4:b4:a9:47:09:bf:33:cf:77:b1:15:
b2:15:78:9c:b5:f6:45:ae:0c:5c:86:99:9a:b4:02:b4:d1:d0:
5d:d6:cc:87:7d:0d:31:aa:df:fe:50:99:d9:be:e5:0b:59:f8:
28:ec:a2:20:24:1b:a6:81:68:36:7c:95:45:52:b0:09:ad:26:
9e:69:b5:5b:43:00:e2:f3:e8:d0:e4:eb:95:a1:00:66:91:45:
81:a7:17:6e:e7:fd:97:f9:24:80:f9:4a:70:0f:90:5d:70:c9:
c6:74:02:a1
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYzHJvtqhFJr5FOxO5XYiaTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjhlYzljY2Q2ZDg2MWY1ZjFhZmRhZDAwNDZmMzNjOTEw
M2JhMDYwHhcNMjQwMTAxMjIzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTU4ZGQ4ZDNiOTg5MjBlOThjMzJmY2M2NzJjOWJkNzNhYjZhNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlij0Ykh8OQalXiv5Q5KlVGveiV1w
um/Ko0RRv5Ne9V1/gTgX3/mvJXSNKXr/HQdo7YgpRavsNYe3mWdhSdI0PnGqiqZt
HuuOgjU7Z4TNy66IBMVO1wGK9/xp/2ZUQPMPYW6X2Wsuuv7idTSa8mNwgJezq5zF
Q6foRJKfrqGXLiTp3LxNE2MJCwMMidrhyiVyTmcIsLm3WZ13lZNjR+/9i1qN1nCd
N9YeQCwS4pGjnK/96ZkD9wJdw7PmUt7hzzzH+zmQwVtB5dBpCdL7vQzo586GGsvY
kUfgvF0SyfkTii0EP0hMnhwyXkcgFfdvhxyR98Q6u1WI3iSJuh2GcnZCxwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFAVY3Y07mJIOmMMvzGcsm9c6tqQ2MB8GA1UdIwQY
MBaAFHAo7JzNbYYfXxr9rQBG8zyRA7oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAt
Y2NkZDA2NTYzYTVmLzEvQlZqZGpUdVlrZzZZd3lfTVp5eWIxenEycERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAtY2NkZDA2NTYzYTVm
LzEvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABb8DMAwD
BAAFvw8DBAIFvxADBAAFvxYwDAMEAwW/GAMEAAW/IjAMAwQCBb8sAwQBBb9EAwQA
Bb9aMAwDBAIFv2QDBAAFv44DBATZqLAwDQYJKoZIhvcNAQELBQADggEBAD20nOOJ
r8ygEF5A1GKOjrauUOEi3IH7m9bNy8Y6TuGn9oYl402n0YtyjuGmxxs94JO9ugqM
jDvPDKRkYfGdHX0VMYfH+v1LWt2EBaaPCNq381adJf1TgFL3SuUiWgC1g6gJqGXl
6FOjFdGbmDOde/5DsnwajrrNKFCNI3VJ7xiNFJvD9ACUPXf+IzNx2Pf59L1f8xfj
FFL0tKlHCb8zz3exFbIVeJy19kWuDFyGmZq0ArTR0F3WzId9DTGq3/5Qmdm+5QtZ
+CjsoiAkG6aBaDZ8lUVSsAmtJp5ptVtDAOLz6NDk65WhAGaRRYGnF27n/Zf5JID5
SnAPkF1wycZ0AqE=
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:00:55 2024 by rpki-client on console-ams.rpki-client.org