Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/kTLCZepqchs8NxbELpJc1xHdWCU.roa
File: kTLCZepqchs8NxbELpJc1xHdWCU.roa (raw, json)
Hash identifier: iugym2AEBM0fPexKC1wqxiaO6NHWX6sfhmyX8+TqVfY=
Subject key identifier: 91:32:C2:65:EA:6A:72:1B:3C:37:16:C4:2E:92:5C:D7:11:DD:58:25
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 018CC794CE35268139528FE96FA870D105B4
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/kTLCZepqchs8NxbELpJc1xHdWCU.roa
Signing time: Tue 02 Jan 2024 00:31:07 +0000
ROA not before: Tue 02 Jan 2024 00:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34400
IP address blocks: 5.108.0.0/14 maxlen: 14
37.124.0.0/14 maxlen: 14
109.82.0.0/15 maxlen: 15
92.48.0.0/18 maxlen: 18
176.224.0.0/15 maxlen: 15
178.80.0.0/15 maxlen: 15
37.240.0.0/14 maxlen: 14
176.16.0.0/14 maxlen: 14
31.166.0.0/15 maxlen: 15
84.23.96.0/20 maxlen: 24
84.23.96.0/19 maxlen: 19
188.132.0.0/17 maxlen: 17
46.52.0.0/17 maxlen: 17
84.23.105.0/24 maxlen: 24
84.23.109.0/24 maxlen: 24
84.23.107.0/24 maxlen: 24
84.23.108.0/24 maxlen: 24
84.23.106.0/24 maxlen: 24
84.23.115.0/24 maxlen: 24
84.23.113.0/24 maxlen: 24
5.244.0.0/14 maxlen: 14
62.120.0.0/16 maxlen: 16
46.152.0.0/15 maxlen: 15
37.121.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ce:35:26:81:39:52:8f:e9:6f:a8:70:d1:05:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9132c265ea6a721b3c3716c42e925cd711dd5825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7d:c5:f6:d3:d9:41:8e:39:85:bf:e6:19:c0:
7a:97:14:8f:5d:25:a3:54:24:a5:24:96:e2:2b:c4:
47:c4:21:15:e0:12:c9:29:c6:65:28:8e:4c:ad:61:
37:ab:13:95:2f:5c:ae:68:f5:11:26:38:d6:ee:f9:
dc:ce:47:6b:9b:dd:d1:5e:1e:2f:09:6c:eb:2b:07:
8c:cd:64:a5:8f:94:ff:3c:78:c4:56:fb:ca:73:f7:
24:a7:4b:12:6a:6d:b1:a9:3e:aa:7d:42:6d:67:33:
d7:30:e7:2d:8e:14:ae:ee:6d:1e:25:ea:55:7d:39:
c7:80:13:30:a1:32:f7:ec:1a:e3:33:a6:27:92:31:
7c:16:84:57:33:c2:22:6a:b7:62:6c:2d:45:a4:c1:
ba:89:56:61:5e:d0:eb:79:d9:98:c9:4a:50:19:b3:
16:7a:45:73:c1:ed:ee:c5:3d:93:22:6a:f4:b9:5d:
8c:a3:cb:47:8a:51:ed:23:6c:56:26:52:ad:f4:37:
a8:62:84:89:e7:2c:11:4c:95:36:67:bb:31:a3:a5:
3c:6c:cb:28:ca:a1:0a:d1:7e:d3:e6:64:98:e7:71:
8d:c7:b1:14:9a:f1:20:21:51:c5:75:24:40:2c:3c:
e3:2a:71:05:d0:c9:d4:20:f2:f9:19:69:34:19:14:
07:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:32:C2:65:EA:6A:72:1B:3C:37:16:C4:2E:92:5C:D7:11:DD:58:25
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/kTLCZepqchs8NxbELpJc1xHdWCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.108.0.0/14
5.244.0.0/14
31.166.0.0/15
37.121.0.0/16
37.124.0.0/14
37.240.0.0/14
46.52.0.0/17
46.152.0.0/15
62.120.0.0/16
84.23.96.0/19
92.48.0.0/18
109.82.0.0/15
176.16.0.0/14
176.224.0.0/15
178.80.0.0/15
188.132.0.0/17
Signature Algorithm: sha256WithRSAEncryption
0a:ed:04:7c:77:e6:ec:13:49:92:6d:69:bf:ba:56:06:c4:34:
20:28:d7:25:1e:fe:77:51:29:6d:53:b8:51:29:92:97:bb:06:
87:a3:58:a0:fe:0e:dd:12:30:86:e9:92:72:4b:1f:dd:35:04:
a1:7e:23:f4:d8:a9:b9:b7:ba:2a:63:c6:20:7e:80:97:80:6c:
6d:91:1d:06:68:b7:25:c2:18:e0:26:fc:12:1a:b2:60:21:02:
8d:05:86:80:49:65:02:5e:2a:c9:15:f5:e9:20:40:61:59:8f:
28:fd:07:34:59:e5:b3:64:51:f5:32:75:a2:7e:87:c4:b4:51:
39:98:f8:35:94:ee:55:56:4e:cc:60:e9:97:7c:cf:f2:cf:d9:
0f:71:ac:07:66:66:ae:74:b1:73:2a:75:88:c2:48:d2:ea:70:
5b:c6:a9:2c:1c:87:17:3a:40:76:96:86:c7:f8:ff:45:05:27:
3c:3d:63:56:85:9d:b1:a7:45:c9:c8:7a:e7:f5:af:0d:bf:bc:
6a:8c:b5:b9:a9:94:76:30:e2:cb:e7:ae:28:d0:83:b3:d5:73:
30:a3:81:e2:27:c6:06:f4:99:3e:7d:03:a6:d2:de:11:99:a4:
db:13:4d:b9:80:2f:02:ea:80:93:b6:9b:60:1c:b5:22:38:4b:
cb:b9:bc:48
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzHlM41JoE5Uo/pb6hw0QW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTMyYzI2NWVhNmE3MjFiM2MzNzE2YzQyZTkyNWNkNzExZGQ1ODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj33F9tPZQY45hb/mGcB6lxSPXSWj
VCSlJJbiK8RHxCEV4BLJKcZlKI5MrWE3qxOVL1yuaPURJjjW7vnczkdrm93RXh4v
CWzrKweMzWSlj5T/PHjEVvvKc/ckp0sSam2xqT6qfUJtZzPXMOctjhSu7m0eJepV
fTnHgBMwoTL37BrjM6YnkjF8FoRXM8IiardibC1FpMG6iVZhXtDredmYyUpQGbMW
ekVzwe3uxT2TImr0uV2Mo8tHilHtI2xWJlKt9DeoYoSJ5ywRTJU2Z7sxo6U8bMso
yqEK0X7T5mSY53GNx7EUmvEgIVHFdSRALDzjKnEF0MnUIPL5GWk0GRQHYwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJEywmXqanIbPDcWxC6SXNcR3VglMB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEva1RMQ1plcHFjaHM4TnhiRUxwSmMxeEhkV0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwMCBWwDAwIF
9AMDAR+mAwMAJXkDAwIlfAMDAiXwAwQHLjQAAwMBLpgDAwA+eAMEBVQXYAMEBlww
AAMDAW1SAwMCsBADAwGw4AMDAbJQAwQHvIQAMA0GCSqGSIb3DQEBCwUAA4IBAQAK
7QR8d+bsE0mSbWm/ulYGxDQgKNclHv53USltU7hRKZKXuwaHo1ig/g7dEjCG6ZJy
Sx/dNQShfiP02Km5t7oqY8YgfoCXgGxtkR0GaLclwhjgJvwSGrJgIQKNBYaASWUC
XirJFfXpIEBhWY8o/Qc0WeWzZFH1MnWifofEtFE5mPg1lO5VVk7MYOmXfM/yz9kP
cawHZmaudLFzKnWIwkjS6nBbxqksHIcXOkB2lobH+P9FBSc8PWNWhZ2xp0XJyHrn
9a8Nv7xqjLW5qZR2MOLL564o0IOz1XMwo4HiJ8YG9Jk+fQOm0t4RmaTbE025gC8C
6oCTtptgHLUiOEvLubxI
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:16:48 2024 by rpki-client on console-fra.rpki-client.org