Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5f8d8b-4d3e-4e0d-8e2c-1bfbe10d4849/1/c4knZnTPFGYo7aPccEwzUIv2Mow.roa
File: c4knZnTPFGYo7aPccEwzUIv2Mow.roa (raw, json)
Hash identifier: llY9rDTGAc0EOC3NL4/BbseMxuPhDGMWVzCgbFBDdG4=
Subject key identifier: 73:89:27:66:74:CF:14:66:28:ED:A3:DC:70:4C:33:50:8B:F6:32:8C
Certificate issuer: /CN=78da3f739ca082ffe887f70306e7fc7484606ce2
Certificate serial: 01922D4C011EFB3D08EF39E06CDD31C33DB1
Authority key identifier: 78:DA:3F:73:9C:A0:82:FF:E8:87:F7:03:06:E7:FC:74:84:60:6C:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNo_c5yggv_oh_cDBuf8dIRgbOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5f8d8b-4d3e-4e0d-8e2c-1bfbe10d4849/1/c4knZnTPFGYo7aPccEwzUIv2Mow.roa
Signing time: Thu 26 Sep 2024 07:46:48 +0000
ROA not before: Thu 26 Sep 2024 07:46:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15879
IP address blocks: 5.226.40.0/21 maxlen: 24
46.255.104.0/21 maxlen: 24
77.245.80.0/20 maxlen: 24
80.246.176.0/20 maxlen: 24
81.24.48.0/20 maxlen: 24
82.201.0.0/17 maxlen: 24
83.219.64.0/19 maxlen: 24
87.250.128.0/19 maxlen: 24
93.188.248.0/21 maxlen: 24
94.247.192.0/21 maxlen: 24
185.28.148.0/22 maxlen: 24
185.55.128.0/22 maxlen: 24
193.91.48.0/20 maxlen: 24
193.189.134.0/24 maxlen: 24
194.105.138.0/23 maxlen: 24
212.204.192.0/18 maxlen: 24
213.130.160.0/19 maxlen: 24
213.133.32.0/19 maxlen: 24
213.197.192.0/18 maxlen: 24
213.206.64.0/18 maxlen: 24
217.115.192.0/20 maxlen: 24
217.148.80.0/20 maxlen: 24
217.149.64.0/20 maxlen: 24
217.194.96.0/19 maxlen: 24
2001:67c:1a4::/48 maxlen: 48
2001:898::/29 maxlen: 48
2001:9a0::/32 maxlen: 48
2001:14a0::/32 maxlen: 48
2001:40e0::/32 maxlen: 48
2a02:f18::/32 maxlen: 48
2a02:f30::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/5f8d8b-4d3e-4e0d-8e2c-1bfbe10d4849/1/eNo_c5yggv_oh_cDBuf8dIRgbOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/5f8d8b-4d3e-4e0d-8e2c-1bfbe10d4849/1/eNo_c5yggv_oh_cDBuf8dIRgbOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/eNo_c5yggv_oh_cDBuf8dIRgbOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:4c:01:1e:fb:3d:08:ef:39:e0:6c:dd:31:c3:3d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78da3f739ca082ffe887f70306e7fc7484606ce2
Validity
Not Before: Sep 26 07:46:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7389276674cf146628eda3dc704c33508bf6328c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7b:74:07:07:3a:a7:80:df:87:11:bb:3b:ca:
34:73:f5:3a:c4:6e:f0:05:6a:85:03:26:4d:cd:2a:
21:7a:ed:2f:b2:9b:32:78:bb:84:85:40:d5:bd:5a:
c5:e0:28:e8:6d:3c:8b:78:a8:56:99:a3:e8:b2:45:
ff:bf:04:c6:d9:a0:12:b8:ba:b4:8b:4a:0d:fa:57:
55:17:0c:e9:9a:11:3d:50:cf:b3:b2:9e:45:ff:9e:
ef:49:ca:46:28:8e:a8:10:25:68:68:12:87:27:55:
68:21:27:d2:8c:7a:fd:2f:36:29:83:ca:57:b7:05:
cf:e0:7d:fe:d0:be:04:bf:09:c7:ce:bb:92:11:a2:
a3:c8:b7:bc:cb:e6:b0:8d:f4:60:4b:a4:e2:53:64:
73:62:36:13:74:4e:12:d6:ee:8c:81:67:8b:b7:ce:
bf:ba:f9:ca:dc:ba:e8:8a:4e:ea:9a:f4:05:f0:9b:
3d:3a:ec:91:25:3b:d5:cc:f0:88:9a:82:10:f9:04:
77:0b:e2:6f:5b:29:45:37:8a:1f:84:1a:2f:c6:31:
0e:4f:6e:c9:df:9e:77:eb:d1:1e:a5:81:91:24:f1:
99:17:b4:a3:d2:36:d7:06:11:ad:df:4c:79:38:46:
5f:77:c5:7b:9c:1a:e1:4a:c7:9f:63:90:d4:dc:1d:
87:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:89:27:66:74:CF:14:66:28:ED:A3:DC:70:4C:33:50:8B:F6:32:8C
X509v3 Authority Key Identifier:
keyid:78:DA:3F:73:9C:A0:82:FF:E8:87:F7:03:06:E7:FC:74:84:60:6C:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNo_c5yggv_oh_cDBuf8dIRgbOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5f8d8b-4d3e-4e0d-8e2c-1bfbe10d4849/1/c4knZnTPFGYo7aPccEwzUIv2Mow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5f8d8b-4d3e-4e0d-8e2c-1bfbe10d4849/1/eNo_c5yggv_oh_cDBuf8dIRgbOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.40.0/21
46.255.104.0/21
77.245.80.0/20
80.246.176.0/20
81.24.48.0/20
82.201.0.0/17
83.219.64.0/19
87.250.128.0/19
93.188.248.0/21
94.247.192.0/21
185.28.148.0/22
185.55.128.0/22
193.91.48.0/20
193.189.134.0/24
194.105.138.0/23
212.204.192.0/18
213.130.160.0/19
213.133.32.0/19
213.197.192.0/18
213.206.64.0/18
217.115.192.0/20
217.148.80.0/20
217.149.64.0/20
217.194.96.0/19
IPv6:
2001:67c:1a4::/48
2001:898::/29
2001:9a0::/32
2001:14a0::/32
2001:40e0::/32
2a02:f18::/32
2a02:f30::/32
Signature Algorithm: sha256WithRSAEncryption
8c:4a:57:77:5c:18:b2:44:19:29:b0:ad:b7:53:e9:b5:8c:af:
4b:04:c6:8c:0a:a9:95:a4:49:57:67:64:db:64:ce:bf:31:7d:
1a:2a:be:85:d7:fb:b2:64:25:9e:8a:ac:fe:bd:ad:d2:91:b4:
8b:86:af:c2:23:f7:34:8a:c7:e4:f2:90:65:b1:e6:d4:0a:a6:
67:06:0b:fa:04:8e:63:60:0b:48:01:66:d4:fc:b0:20:26:e6:
16:70:d9:e7:53:96:e8:e7:00:3b:10:47:db:71:37:31:35:cf:
ef:9a:c9:17:d4:be:fa:7a:ad:d5:a7:a5:81:3c:4f:94:2e:9d:
9a:cf:11:2c:dd:b6:a0:6e:cf:17:3a:bd:1f:3a:f8:a7:4e:6e:
a5:83:34:16:b4:e1:01:70:1f:f9:0d:5d:5a:83:f7:9b:ea:36:
3a:6e:7b:20:13:4c:7b:b4:11:0e:18:ad:17:0f:9f:e9:bb:74:
79:91:38:82:b1:1e:02:1f:d8:5c:5b:86:7d:0e:c3:8b:27:99:
68:d7:a7:d1:12:83:d1:2c:71:cd:f0:7c:25:0c:44:42:51:74:
a5:55:fb:f9:1b:7f:f8:fb:c2:04:d6:d8:36:90:f1:a1:bf:11:
88:2d:60:f7:2c:af:ce:82:08:6a:eb:d3:4c:a4:2c:59:92:ab:
f4:8b:82:b0
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAZItTAEe+z0I7zngbN0xwz2xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZGEzZjczOWNhMDgyZmZlODg3ZjcwMzA2ZTdmYzc0ODQ2
MDZjZTIwHhcNMjQwOTI2MDc0NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg5Mjc2Njc0Y2YxNDY2MjhlZGEzZGM3MDRjMzM1MDhiZjYzMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnt0Bwc6p4DfhxG7O8o0c/U6xG7w
BWqFAyZNzSoheu0vspsyeLuEhUDVvVrF4CjobTyLeKhWmaPoskX/vwTG2aASuLq0
i0oN+ldVFwzpmhE9UM+zsp5F/57vScpGKI6oECVoaBKHJ1VoISfSjHr9LzYpg8pX
twXP4H3+0L4EvwnHzruSEaKjyLe8y+awjfRgS6TiU2RzYjYTdE4S1u6MgWeLt86/
uvnK3Lroik7qmvQF8Js9OuyRJTvVzPCImoIQ+QR3C+JvWylFN4ofhBovxjEOT27J
355369EepYGRJPGZF7Sj0jbXBhGt30x5OEZfd8V7nBrhSsefY5DU3B2HrQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFHOJJ2Z0zxRmKO2j3HBMM1CL9jKMMB8GA1UdIwQY
MBaAFHjaP3OcoIL/6If3Awbn/HSEYGziMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZU5vX2M1eWdndl9vaF9jREJ1ZjhkSVJnYk9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZjhkOGItNGQzZS00ZTBkLThlMmMt
MWJmYmUxMGQ0ODQ5LzEvYzRrblpuVFBGR1lvN2FQY2NFd3pVSXYyTW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZjhkOGItNGQzZS00ZTBkLThlMmMtMWJmYmUxMGQ0ODQ5
LzEvZU5vX2M1eWdndl9vaF9jREJ1ZjhkSVJnYk9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBlwQCAAEwgZADBAMF
4igDBAMu/2gDBARN9VADBARQ9rADBARRGDADBAdSyQADBAVT20ADBAVX+oADBANd
vPgDBANe98ADBAK5HJQDBAK5N4ADBATBWzADBADBvYYDBAHCaYoDBAbUzMADBAXV
gqADBAXVhSADBAbVxcADBAbVzkADBATZc8ADBATZlFADBATZlUADBAXZwmAwOQQC
AAIwMwMHACABBnwBpAMFAyABCJgDBQAgAQmgAwUAIAEUoAMFACABQOADBQAqAg8Y
AwUAKgIPMDANBgkqhkiG9w0BAQsFAAOCAQEAjEpXd1wYskQZKbCtt1PptYyvSwTG
jAqplaRJV2dk22TOvzF9Giq+hdf7smQlnoqs/r2t0pG0i4avwiP3NIrH5PKQZbHm
1AqmZwYL+gSOY2ALSAFm1PywICbmFnDZ51OW6OcAOxBH23E3MTXP75rJF9S++nqt
1aelgTxPlC6dms8RLN22oG7PFzq9Hzr4p05upYM0FrThAXAf+Q1dWoP3m+o2Om57
IBNMe7QRDhitFw+f6bt0eZE4grEeAh/YXFuGfQ7DiyeZaNen0RKD0SxxzfB8JQxE
QlF0pVX7+Rt/+PvCBNbYNpDxob8RiC1g9yyvzoIIauvTTKQsWZKr9IuCsA==
-----END CERTIFICATE-----
Generated at Sun Sep 29 00:14:33 2024 by rpki-client on console-fra.rpki-client.org