Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/i3DwN6lJy8EPnTNtTaSWnpQMZXY.roa
File: i3DwN6lJy8EPnTNtTaSWnpQMZXY.roa (raw, json)
Hash identifier: ySuXNuaplT8iRj4swZT+lEoDRhD6P1DW5EJ5EiRiXn8=
Subject key identifier: 8B:70:F0:37:A9:49:CB:C1:0F:9D:33:6D:4D:A4:96:9E:94:0C:65:76
Certificate issuer: /CN=5fe58e732a0f71f4f01302d62167173bd9b17cc1
Certificate serial: 018CC5DD0C6505EFDADE9C59ADF74B9855AC
Authority key identifier: 5F:E5:8E:73:2A:0F:71:F4:F0:13:02:D6:21:67:17:3B:D9:B1:7C:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X-WOcyoPcfTwEwLWIWcXO9mxfME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/i3DwN6lJy8EPnTNtTaSWnpQMZXY.roa
Signing time: Mon 01 Jan 2024 16:30:47 +0000
ROA not before: Mon 01 Jan 2024 16:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6085
IP address blocks: 57.55.0.0/16 maxlen: 16
57.50.0.0/16 maxlen: 16
57.226.0.0/16 maxlen: 16
57.18.0.0/16 maxlen: 16
57.2.0.0/16 maxlen: 16
57.13.0.0/16 maxlen: 16
57.61.0.0/16 maxlen: 16
57.192.0.0/16 maxlen: 16
57.0.0.0/16 maxlen: 16
57.16.0.0/16 maxlen: 16
57.27.0.0/16 maxlen: 16
57.54.0.0/16 maxlen: 16
57.33.0.0/16 maxlen: 16
57.49.0.0/16 maxlen: 16
57.17.0.0/16 maxlen: 16
57.52.0.0/16 maxlen: 16
57.63.0.0/16 maxlen: 16
57.19.0.0/16 maxlen: 16
57.3.0.0/16 maxlen: 16
57.62.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/X-WOcyoPcfTwEwLWIWcXO9mxfME.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/X-WOcyoPcfTwEwLWIWcXO9mxfME.mft
rsync://rpki.ripe.net/repository/DEFAULT/X-WOcyoPcfTwEwLWIWcXO9mxfME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:0c:65:05:ef:da:de:9c:59:ad:f7:4b:98:55:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fe58e732a0f71f4f01302d62167173bd9b17cc1
Validity
Not Before: Jan 1 16:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b70f037a949cbc10f9d336d4da4969e940c6576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bb:6d:e3:eb:e2:9e:fe:5a:aa:16:15:bb:3d:
cf:81:14:db:8c:f8:3e:14:4b:21:4b:61:94:b0:f2:
2c:99:d5:3d:f6:5f:24:1a:c7:6b:1b:7f:e4:58:20:
5d:dc:d5:2e:1a:59:ed:23:4d:22:e3:ea:e9:40:2e:
bd:b2:27:1f:33:8a:9e:c3:78:e6:af:ea:70:f8:b3:
b9:6d:48:9a:81:eb:e3:46:cd:7c:57:71:b6:60:12:
27:65:58:12:37:cd:e4:37:38:e3:5d:f2:49:7a:04:
62:a1:72:84:f0:16:93:b8:40:d4:1c:81:88:6c:77:
d5:2b:84:19:cc:eb:4b:32:8f:26:17:f2:81:a4:04:
e7:ff:7c:3c:fe:aa:41:31:e0:14:13:5f:2a:48:55:
80:03:9e:0a:c6:2f:7a:67:28:3d:e9:bd:19:9a:16:
1c:dd:ad:d0:e8:d6:6d:5d:03:f5:7f:0c:1f:6f:1e:
7f:c7:1d:e6:8b:96:34:7f:4f:fc:10:43:73:95:9c:
d1:66:59:fe:c9:0d:67:a9:96:1e:6a:eb:60:82:c6:
19:30:46:17:f2:91:e3:f8:ab:5e:3f:47:46:63:a3:
c3:34:6f:9e:93:2d:74:8b:60:62:54:0e:21:2b:d9:
dd:a9:d7:a9:4d:97:f8:85:70:dd:ef:70:8e:cd:a4:
57:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:70:F0:37:A9:49:CB:C1:0F:9D:33:6D:4D:A4:96:9E:94:0C:65:76
X509v3 Authority Key Identifier:
keyid:5F:E5:8E:73:2A:0F:71:F4:F0:13:02:D6:21:67:17:3B:D9:B1:7C:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X-WOcyoPcfTwEwLWIWcXO9mxfME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/i3DwN6lJy8EPnTNtTaSWnpQMZXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0d840c-952d-4702-aba3-b6e58f9c82e1/1/X-WOcyoPcfTwEwLWIWcXO9mxfME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.0.0.0/16
57.2.0.0/15
57.13.0.0/16
57.16.0.0/14
57.27.0.0/16
57.33.0.0/16
57.49.0.0-57.50.255.255
57.52.0.0/16
57.54.0.0/15
57.61.0.0-57.63.255.255
57.192.0.0/16
57.226.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:df:36:d5:d1:71:fa:a4:4c:e9:02:02:48:9a:73:73:4f:2c:
a7:4b:7d:b2:c9:ab:88:e5:f2:58:4f:2d:95:8f:5c:9f:38:e0:
c2:cf:33:53:ae:60:c4:0d:e6:ea:0b:80:5d:e8:0c:0e:de:a3:
32:44:f2:9d:ac:93:c4:f8:3f:dc:15:80:4b:18:ea:04:2d:8f:
d5:c1:67:eb:cb:c7:25:96:71:47:8d:22:a3:2f:14:88:3b:1d:
e9:cd:dc:3b:a5:eb:f9:99:a9:f9:bc:8b:dd:49:f2:31:9d:24:
d2:25:ae:c1:c2:93:62:e3:df:4a:cd:d0:1b:f4:d8:0b:f9:88:
42:d5:b7:29:05:9d:8d:7d:c3:54:22:8f:76:4a:ca:89:66:39:
bb:7a:a9:5e:3b:a0:3d:8d:a5:a0:b7:8b:79:57:c9:95:9f:e2:
fb:ab:35:24:e5:1c:60:33:87:d2:bc:bb:bb:fc:13:46:df:8d:
67:b0:1d:49:64:0f:b2:ba:44:aa:fc:d8:78:0b:d1:80:24:4f:
90:5d:fb:6d:f3:66:91:49:ab:d0:c4:e2:f5:ad:fb:01:ea:ff:
76:63:6e:e9:49:d8:03:45:9c:01:0a:00:c0:8b:bc:54:bd:93:
6e:54:72:80:a9:4e:13:f6:42:8a:11:33:2c:0f:67:64:ec:de:
ba:95:21:2f
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYzF3QxlBe/a3pxZrfdLmFWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZTU4ZTczMmEwZjcxZjRmMDEzMDJkNjIxNjcxNzNiZDli
MTdjYzEwHhcNMjQwMTAxMTYzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjcwZjAzN2E5NDljYmMxMGY5ZDMzNmQ0ZGE0OTY5ZTk0MGM2NTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLtt4+vinv5aqhYVuz3PgRTbjPg+
FEshS2GUsPIsmdU99l8kGsdrG3/kWCBd3NUuGlntI00i4+rpQC69sicfM4qew3jm
r+pw+LO5bUiagevjRs18V3G2YBInZVgSN83kNzjjXfJJegRioXKE8BaTuEDUHIGI
bHfVK4QZzOtLMo8mF/KBpATn/3w8/qpBMeAUE18qSFWAA54Kxi96Zyg96b0ZmhYc
3a3Q6NZtXQP1fwwfbx5/xx3mi5Y0f0/8EENzlZzRZln+yQ1nqZYeautggsYZMEYX
8pHj+KteP0dGY6PDNG+eky10i2BiVA4hK9ndqdepTZf4hXDd73COzaRXGwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFItw8DepScvBD50zbU2klp6UDGV2MB8GA1UdIwQY
MBaAFF/ljnMqD3H08BMC1iFnFzvZsXzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWC1XT2N5b1BjZlR3RXdMV0lXY1hPOW14Zk1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wZDg0MGMtOTUyZC00NzAyLWFiYTMt
YjZlNThmOWM4MmUxLzEvaTNEd042bEp5OEVQblROdFRhU1ducFFNWlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wZDg0MGMtOTUyZC00NzAyLWFiYTMtYjZlNThmOWM4MmUx
LzEvWC1XT2N5b1BjZlR3RXdMV0lXY1hPOW14Zk1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwMAOQADAwE5
AgMDADkNAwMCORADAwA5GwMDADkhMAoDAwA5MQMDADkyAwMAOTQDAwE5NjAKAwMA
OT0DAwY5AAMDADnAAwMAOeIwDQYJKoZIhvcNAQELBQADggEBAHffNtXRcfqkTOkC
Akiac3NPLKdLfbLJq4jl8lhPLZWPXJ844MLPM1OuYMQN5uoLgF3oDA7eozJE8p2s
k8T4P9wVgEsY6gQtj9XBZ+vLxyWWcUeNIqMvFIg7HenN3Dul6/mZqfm8i91J8jGd
JNIlrsHCk2Lj30rN0Bv02Av5iELVtykFnY19w1Qij3ZKyolmObt6qV47oD2NpaC3
i3lXyZWf4vurNSTlHGAzh9K8u7v8E0bfjWewHUlkD7K6RKr82HgL0YAkT5Bd+23z
ZpFJq9DE4vWt+wHq/3ZjbulJ2ANFnAEKAMCLvFS9k25UcoCpThP2QooRMywPZ2Ts
3rqVIS8=
-----END CERTIFICATE-----
Generated at Mon Jun 24 09:44:39 2024 by rpki-client on console-fra.rpki-client.org