Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GPrGsnQ99rF8P3_gV4Qe6zbADks.roa
File: GPrGsnQ99rF8P3_gV4Qe6zbADks.roa (raw, json)
Hash identifier: Q7W6q65wjP5nLT9WD4ye7j48rWC3HfWOZgkrV7aIsLM=
Subject key identifier: 18:FA:C6:B2:74:3D:F6:B1:7C:3F:7F:E0:57:84:1E:EB:36:C0:0E:4B
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018EF56CB50914974F0E7028106DB83821A0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GPrGsnQ99rF8P3_gV4Qe6zbADks.roa
Signing time: Fri 19 Apr 2024 08:15:25 +0000
ROA not before: Fri 19 Apr 2024 08:15:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.140.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.171.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f5:6c:b5:09:14:97:4f:0e:70:28:10:6d:b8:38:21:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 19 08:15:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=18fac6b2743df6b17c3f7fe057841eeb36c00e4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cd:76:0f:00:6c:d0:b9:d4:fd:9f:85:d4:f7:
19:28:a4:5f:bd:ce:1e:a0:cd:d9:a4:49:80:0e:a9:
92:91:2f:a8:cd:e1:8c:1b:22:3f:28:a7:7a:34:0e:
0d:52:d9:61:55:8a:6f:af:ea:c2:ea:59:0f:e4:ad:
90:c1:95:68:fa:fe:bd:02:34:71:d3:1c:00:38:6b:
56:8f:67:3a:27:ac:1e:cd:a6:64:b5:cf:6d:4f:49:
4b:6f:6d:32:22:26:08:72:9b:d0:10:d6:1a:ab:c0:
0b:50:ec:59:c6:46:22:0d:9f:a5:11:ae:6b:9e:5c:
52:5a:83:80:34:12:47:6b:6b:2c:f6:24:5c:86:87:
21:cd:cf:7a:79:76:8f:69:56:64:ee:54:e9:1a:f1:
b4:91:17:cc:c0:4b:87:d5:5a:c2:65:31:ee:5f:06:
78:d1:3a:e9:1d:1f:2b:9c:95:e4:56:ff:b3:42:8a:
fb:d5:da:5e:b6:57:f5:b8:55:c5:6d:92:16:62:52:
bb:bf:a4:65:5f:d9:7d:25:df:d3:58:d7:dd:50:85:
d3:30:cb:68:47:6f:a8:18:78:b2:8e:35:c3:ab:ff:
b2:d8:fa:98:e5:66:b9:1b:ae:1e:58:45:9c:24:b0:
f8:9c:98:c6:3d:38:ca:c2:ce:f2:f9:0c:14:c4:28:
f3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:FA:C6:B2:74:3D:F6:B1:7C:3F:7F:E0:57:84:1E:EB:36:C0:0E:4B
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GPrGsnQ99rF8P3_gV4Qe6zbADks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0/24
163.5.126.0/24
163.5.128.0/23
163.5.134.0/24
163.5.136.0/24
163.5.139.0-163.5.140.255
163.5.143.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/23
163.5.167.0/24
163.5.171.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
90:b5:94:3a:95:d9:59:a6:ba:1a:86:41:52:f9:2e:a7:ef:9c:
81:75:cd:7c:6e:45:55:b4:8c:b5:31:6b:83:d0:c6:03:3a:50:
7e:76:ad:34:49:06:9e:79:b7:8f:70:36:84:d9:bf:27:49:a6:
9d:63:03:86:d9:29:0f:a0:fe:ab:7e:bd:9b:b3:0a:f1:95:52:
76:b0:58:ec:e1:3c:08:cc:2b:c6:e4:3e:f6:ef:8b:8d:e9:56:
2a:47:49:2c:de:e6:f2:19:a7:fa:a0:e2:b4:24:7d:ed:2c:78:
09:1b:2c:9f:82:3c:ba:5c:49:c6:a5:18:4b:21:54:16:c6:21:
e0:40:4f:29:e9:fe:8b:c0:70:a4:cb:dd:3e:b9:93:4f:60:38:
47:b0:74:d0:6f:1a:c7:fe:2b:bc:6d:db:67:6e:20:68:aa:fa:
8a:54:08:b6:22:8b:f2:92:4a:4c:65:e1:16:cd:30:b4:27:c1:
c2:92:25:be:87:fb:c4:94:1c:07:20:24:16:78:4b:a2:88:14:
40:f8:46:05:71:03:60:20:41:35:73:d9:15:f4:5f:b9:da:83:
4a:4a:26:dc:f4:a0:77:27:5c:4a:14:37:38:34:cb:0b:5e:14:
99:ed:65:0d:56:91:47:99:26:f4:c4:9e:63:f2:a3:97:8a:92:
f8:03:a8:98
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAY71bLUJFJdPDnAoEG24OCGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDE5MDgxNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGZhYzZiMjc0M2RmNmIxN2MzZjdmZTA1Nzg0MWVlYjM2YzAwZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx812DwBs0LnU/Z+F1PcZKKRfvc4e
oM3ZpEmADqmSkS+ozeGMGyI/KKd6NA4NUtlhVYpvr+rC6lkP5K2QwZVo+v69AjRx
0xwAOGtWj2c6J6wezaZktc9tT0lLb20yIiYIcpvQENYaq8ALUOxZxkYiDZ+lEa5r
nlxSWoOANBJHa2ss9iRchochzc96eXaPaVZk7lTpGvG0kRfMwEuH1VrCZTHuXwZ4
0TrpHR8rnJXkVv+zQor71dpetlf1uFXFbZIWYlK7v6RlX9l9Jd/TWNfdUIXTMMto
R2+oGHiyjjXDq/+y2PqY5Wa5G64eWEWcJLD4nJjGPTjKws7y+QwUxCjz+wIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFBj6xrJ0PfaxfD9/4FeEHus2wA5LMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR1ByR3NuUTk5ckY4UDNfZ1Y0UWU2emJBRGtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBACj
BR4DBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeQMEAKMFfAMEAKMFfgMEAaMFgAME
AKMFhgMEAKMFiDAMAwQAowWLAwQAowWMMAwDBACjBY8DBACjBZADBACjBZIDBACj
BZcDBACjBaADBAGjBaIDBACjBacDBACjBasDBACjBbIDBACjBbYDBAGjBbwDBACj
Bb8DBACjBckwDAMEAKMFywMEAaMFzAMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF8QME
AKMF+gMEAKMF/TANBgkqhkiG9w0BAQsFAAOCAQEAkLWUOpXZWaa6GoZBUvkup++c
gXXNfG5FVbSMtTFrg9DGAzpQfnatNEkGnnm3j3A2hNm/J0mmnWMDhtkpD6D+q369
m7MK8ZVSdrBY7OE8CMwrxuQ+9u+LjelWKkdJLN7m8hmn+qDitCR97Sx4CRssn4I8
ulxJxqUYSyFUFsYh4EBPKen+i8BwpMvdPrmTT2A4R7B00G8ax/4rvG3bZ24gaKr6
ilQItiKL8pJKTGXhFs0wtCfBwpIlvof7xJQcByAkFnhLoogUQPhGBXEDYCBBNXPZ
FfRfudqDSkom3PSgdydcShQ3ODTLC14Ume1lDVaRR5km9MSeY/Kjl4qS+AOomA==
-----END CERTIFICATE-----
Generated at Thu Apr 25 18:39:48 2024 by rpki-client on console-fra.rpki-client.org