Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/nLDizck_NF2npHyTXamdbdJMkF4.roa
File: nLDizck_NF2npHyTXamdbdJMkF4.roa (raw, json)
Hash identifier: gopOyGXSXhOh1Ad2yflbHTLV43qHeaeuN5X4u96Pi6c=
Subject key identifier: 9C:B0:E2:CD:C9:3F:34:5D:A7:A4:7C:93:5D:A9:9D:6D:D2:4C:90:5E
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018F1F3D11BEDEBF7916D0D0B9AFDA261E14
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/nLDizck_NF2npHyTXamdbdJMkF4.roa
Signing time: Sat 27 Apr 2024 11:07:26 +0000
ROA not before: Sat 27 Apr 2024 11:07:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 5.182.117.0/24 maxlen: 24
31.222.230.0/24 maxlen: 24
37.72.128.0/24 maxlen: 24
45.129.197.0/24 maxlen: 24
62.204.52.0/24 maxlen: 24
77.83.193.0/24 maxlen: 24
78.142.238.0/24 maxlen: 24
91.212.103.0/24 maxlen: 24
130.255.172.0/24 maxlen: 24
130.255.175.0/24 maxlen: 24
146.19.129.0/24 maxlen: 24
185.253.4.0/24 maxlen: 24
193.17.88.0/24 maxlen: 24
193.201.10.0/24 maxlen: 24
194.69.164.0/24 maxlen: 24
195.64.127.0/24 maxlen: 24
195.96.159.0/24 maxlen: 24
212.107.26.0/24 maxlen: 24
213.109.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1f:3d:11:be:de:bf:79:16:d0:d0:b9:af:da:26:1e:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 27 11:07:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9cb0e2cdc93f345da7a47c935da99d6dd24c905e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:94:10:33:e0:aa:e6:f6:ab:b1:f9:3b:cc:a6:
2c:6b:c0:6d:f8:92:be:e0:9d:2a:23:46:33:16:40:
8c:81:63:be:fe:80:d0:75:c4:5e:60:3d:69:98:e8:
42:50:1e:7d:d0:2b:5d:1e:07:0e:e1:06:7c:52:a4:
1c:57:44:22:04:cf:c8:97:fe:1f:66:e8:91:9b:3d:
da:fb:6f:1a:05:45:bd:ac:53:df:73:00:ef:8a:33:
b2:b0:a3:f9:df:21:5c:04:04:cb:17:06:83:1a:17:
f1:85:ca:93:f0:76:51:f2:39:7b:7e:6d:69:ba:fa:
fc:58:d8:66:0d:74:18:b7:81:1c:46:d8:d9:e2:de:
3a:cb:25:2c:0f:61:27:91:43:34:cf:b6:b4:7c:e8:
ba:a9:3a:e5:61:c0:05:ff:86:db:30:fe:79:2d:8d:
33:7e:61:73:c5:4a:95:d9:a6:ef:80:12:02:4f:ab:
ee:c0:f7:ac:ea:1e:92:b9:c8:74:52:f1:58:c6:61:
72:7f:09:d3:e5:74:95:1b:dc:77:e7:52:94:20:96:
9b:84:2e:42:66:1b:83:cc:ec:98:9b:c1:7a:d1:75:
8c:b5:16:32:58:86:c3:4d:21:de:a2:a1:64:8b:ca:
ed:6d:da:29:fb:4d:4f:32:27:30:ba:82:de:40:16:
a1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:B0:E2:CD:C9:3F:34:5D:A7:A4:7C:93:5D:A9:9D:6D:D2:4C:90:5E
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/nLDizck_NF2npHyTXamdbdJMkF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.117.0/24
31.222.230.0/24
37.72.128.0/24
45.129.197.0/24
62.204.52.0/24
77.83.193.0/24
78.142.238.0/24
91.212.103.0/24
130.255.172.0/24
130.255.175.0/24
146.19.129.0/24
185.253.4.0/24
193.17.88.0/24
193.201.10.0/24
194.69.164.0/24
195.64.127.0/24
195.96.159.0/24
212.107.26.0/24
213.109.153.0/24
Signature Algorithm: sha256WithRSAEncryption
59:1e:88:7f:08:76:2f:17:8d:61:2d:11:51:df:fe:31:20:d8:
83:f3:fa:dc:15:b9:01:8f:f3:a0:13:62:2e:19:da:fc:16:ea:
70:e8:f5:1c:40:70:ac:b9:56:19:15:d5:73:f0:8e:b2:cd:3e:
8b:f0:50:03:0c:2c:90:55:ee:e4:96:cc:e3:6d:d2:c3:18:8c:
22:7f:45:17:f1:62:2f:65:b0:13:71:ac:ad:c5:05:53:5d:5b:
ae:4e:0f:1b:72:cc:c3:14:6a:d6:92:dc:43:cd:e2:b0:f1:52:
e4:5d:a2:ae:4e:90:3b:6a:a5:c6:17:48:93:2c:f8:e6:3d:6c:
39:02:3f:0d:02:53:7c:fe:2f:a7:d8:dc:80:22:c3:bf:2f:49:
47:d3:fa:e7:ec:8b:b5:7c:53:3c:52:ee:ce:7d:03:7c:ac:ae:
0b:c4:ca:93:71:2e:00:da:87:e3:32:fd:5d:24:28:a6:9c:58:
98:35:66:ba:c0:00:57:9c:8e:b9:39:ff:c5:06:0b:a9:6d:24:
71:42:36:5d:c5:ba:18:f4:e1:64:ac:95:70:e8:5a:45:3a:b7:
24:04:0b:4c:5a:c8:8d:44:89:e0:1c:6f:fc:b0:f0:25:1e:31:
b2:bd:5f:0f:41:6e:3c:5b:7a:e6:cb:72:12:b5:1f:d8:5d:a9:
6d:26:e3:d3
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY8fPRG+3r95FtDQua/aJh4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDI3MTEwNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2IwZTJjZGM5M2YzNDVkYTdhNDdjOTM1ZGE5OWQ2ZGQyNGM5MDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJQQM+Cq5varsfk7zKYsa8Bt+JK+
4J0qI0YzFkCMgWO+/oDQdcReYD1pmOhCUB590CtdHgcO4QZ8UqQcV0QiBM/Il/4f
ZuiRmz3a+28aBUW9rFPfcwDvijOysKP53yFcBATLFwaDGhfxhcqT8HZR8jl7fm1p
uvr8WNhmDXQYt4EcRtjZ4t46yyUsD2EnkUM0z7a0fOi6qTrlYcAF/4bbMP55LY0z
fmFzxUqV2abvgBICT6vuwPes6h6Such0UvFYxmFyfwnT5XSVG9x351KUIJabhC5C
ZhuDzOyYm8F60XWMtRYyWIbDTSHeoqFki8rtbdop+01PMicwuoLeQBahiwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJyw4s3JPzRdp6R8k12pnW3STJBeMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvbkxEaXpja19ORjJucEh5VFhhbWRiZEpNa0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAAW2dQME
AB/e5gMEACVIgAMEAC2BxQMEAD7MNAMEAE1TwQMEAE6O7gMEAFvUZwMEAIL/rAME
AIL/rwMEAJITgQMEALn9BAMEAMERWAMEAMHJCgMEAMJFpAMEAMNAfwMEAMNgnwME
ANRrGgMEANVtmTANBgkqhkiG9w0BAQsFAAOCAQEAWR6Ifwh2LxeNYS0RUd/+MSDY
g/P63BW5AY/zoBNiLhna/BbqcOj1HEBwrLlWGRXVc/COss0+i/BQAwwskFXu5JbM
423SwxiMIn9FF/FiL2WwE3GsrcUFU11brk4PG3LMwxRq1pLcQ83isPFS5F2irk6Q
O2qlxhdIkyz45j1sOQI/DQJTfP4vp9jcgCLDvy9JR9P65+yLtXxTPFLuzn0DfKyu
C8TKk3EuANqH4zL9XSQoppxYmDVmusAAV5yOuTn/xQYLqW0kcUI2XcW6GPThZKyV
cOhaRTq3JAQLTFrIjUSJ4Bxv/LDwJR4xsr1fD0FuPFt65styErUf2F2pbSbj0w==
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:25:57 2024 by rpki-client on console-fra.rpki-client.org