Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/XfxxmkbuReYrJgsmqz-gcyD5nRs.roa
File: XfxxmkbuReYrJgsmqz-gcyD5nRs.roa (raw, json)
Hash identifier: QkP+cipVROTKmggAUodmV6SseyzIeA3uYFvSuhIheAc=
Subject key identifier: 5D:FC:71:9A:46:EE:45:E6:2B:26:0B:26:AB:3F:A0:73:20:F9:9D:1B
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 018CC3B741ABB58BCA55A8986EC01E9F84D7
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/XfxxmkbuReYrJgsmqz-gcyD5nRs.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7393
IP address blocks: 178.22.29.0/24 maxlen: 24
62.106.80.0/24 maxlen: 24
62.3.51.0/24 maxlen: 24
212.18.107.0/24 maxlen: 24
91.246.57.0/24 maxlen: 24
77.72.82.0/24 maxlen: 24
84.246.83.0/24 maxlen: 24
193.163.95.0/24 maxlen: 24
46.253.136.0/24 maxlen: 24
146.19.229.0/24 maxlen: 24
46.31.66.0/24 maxlen: 24
5.57.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:41:ab:b5:8b:ca:55:a8:98:6e:c0:1e:9f:84:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5dfc719a46ee45e62b260b26ab3fa07320f99d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:f8:df:72:5e:ea:3e:00:f6:89:16:59:1b:
f3:c5:6f:3d:37:d6:15:a6:e3:bf:42:80:02:f2:2d:
70:8a:86:fa:f7:f0:ef:bb:99:91:0b:2c:3e:90:b2:
ac:b8:60:04:b4:05:e4:c5:fd:a8:80:15:f3:b0:0c:
2d:12:b8:04:0d:c5:01:60:28:d7:62:05:c1:49:4e:
8e:b3:b4:1c:65:64:14:56:40:33:52:15:42:38:32:
c6:92:6e:26:cf:13:fa:41:7a:cc:f4:30:d5:e9:7b:
8a:28:03:fd:af:a9:43:66:c3:6c:57:99:70:cd:c7:
e6:01:e6:38:97:72:9a:8b:34:ff:e3:85:15:56:33:
75:e7:d4:94:d0:21:a1:7f:74:20:25:10:1d:ba:f0:
16:45:74:d3:41:cf:d7:32:f2:41:ed:c9:17:12:1c:
e1:bc:35:f5:fc:bb:9f:f7:f9:b5:63:a4:33:16:ae:
02:f1:88:58:5b:d5:4b:69:f0:75:a6:c3:73:37:43:
71:a7:0c:f5:10:60:09:f8:04:7e:52:e8:df:fb:5a:
fe:35:1f:65:a1:87:ed:cd:4d:c9:d4:3b:9d:73:f4:
65:53:8a:4a:ad:d5:b5:b6:4a:ab:4e:f5:33:9c:a7:
36:ef:b9:4e:d1:36:4e:1d:ad:5e:b1:17:4f:89:e1:
01:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FC:71:9A:46:EE:45:E6:2B:26:0B:26:AB:3F:A0:73:20:F9:9D:1B
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/XfxxmkbuReYrJgsmqz-gcyD5nRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.213.0/24
46.31.66.0/24
46.253.136.0/24
62.3.51.0/24
62.106.80.0/24
77.72.82.0/24
84.246.83.0/24
91.246.57.0/24
146.19.229.0/24
178.22.29.0/24
193.163.95.0/24
212.18.107.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7d:56:15:5b:82:cc:b3:e3:a4:c0:4c:d5:f6:e7:40:bf:b3:
73:30:62:6c:f5:b6:e3:af:72:20:94:d3:ef:9d:be:9a:7a:b6:
a4:ab:80:c9:17:36:c9:b5:e3:6b:43:0b:1b:cd:ab:f7:71:91:
69:fc:30:0a:5c:5e:e1:aa:7d:17:23:45:32:97:14:38:84:ed:
04:e1:5b:13:07:1a:bb:d3:f5:fa:93:12:c8:7c:00:3c:7b:a7:
fa:68:44:f9:b6:5e:21:ca:67:aa:ce:90:24:c4:3c:eb:0a:5c:
db:40:f8:67:f3:0d:63:14:1e:85:32:58:c7:9a:e6:12:cb:2c:
e4:bc:e0:bf:a6:a7:af:20:10:23:01:f7:2c:8a:3a:46:5a:1f:
f1:13:9e:a9:65:81:3f:37:8c:e1:a4:2a:d1:36:7d:66:14:93:
40:94:90:92:51:75:f7:48:cb:1b:b5:3b:9d:aa:eb:e6:ef:0b:
1a:bd:7d:9c:43:ab:24:a1:1b:53:a8:b5:df:2c:e3:67:c1:52:
92:73:fc:b6:53:b7:5a:ac:d4:21:bf:88:d7:00:10:79:9c:f6:
ef:87:8d:45:2d:79:df:1f:2c:c3:ec:dc:b5:52:38:f9:6c:04:
5e:69:75:fb:10:e8:6b:3a:bd:a5:35:13:11:5b:66:92:9b:2c:
61:e2:85:75
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzDt0GrtYvKVaiYbsAen4TXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGZjNzE5YTQ2ZWU0NWU2MmIyNjBiMjZhYjNmYTA3MzIwZjk5ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrH433Je6j4A9okWWRvzxW89N9YV
puO/QoAC8i1wiob69/Dvu5mRCyw+kLKsuGAEtAXkxf2ogBXzsAwtErgEDcUBYCjX
YgXBSU6Os7QcZWQUVkAzUhVCODLGkm4mzxP6QXrM9DDV6XuKKAP9r6lDZsNsV5lw
zcfmAeY4l3KaizT/44UVVjN159SU0CGhf3QgJRAduvAWRXTTQc/XMvJB7ckXEhzh
vDX1/Luf9/m1Y6QzFq4C8YhYW9VLafB1psNzN0Nxpwz1EGAJ+AR+Uujf+1r+NR9l
oYftzU3J1Dudc/RlU4pKrdW1tkqrTvUznKc277lO0TZOHa1esRdPieEBXQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFF38cZpG7kXmKyYLJqs/oHMg+Z0bMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvWGZ4eG1rYnVSZVlySmdzbXF6LWdjeUQ1blJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQABTnVAwQA
Lh9CAwQALv2IAwQAPgMzAwQAPmpQAwQATUhSAwQAVPZTAwQAW/Y5AwQAkhPlAwQA
shYdAwQAwaNfAwQA1BJrMA0GCSqGSIb3DQEBCwUAA4IBAQB5fVYVW4LMs+OkwEzV
9udAv7NzMGJs9bbjr3IglNPvnb6aerakq4DJFzbJteNrQwsbzav3cZFp/DAKXF7h
qn0XI0UylxQ4hO0E4VsTBxq70/X6kxLIfAA8e6f6aET5tl4hymeqzpAkxDzrClzb
QPhn8w1jFB6FMljHmuYSyyzkvOC/pqevIBAjAfcsijpGWh/xE56pZYE/N4zhpCrR
Nn1mFJNAlJCSUXX3SMsbtTudquvm7wsavX2cQ6skoRtTqLXfLONnwVKSc/y2U7da
rNQhv4jXABB5nPbvh41FLXnfHyzD7Ny1Ujj5bAReaXX7EOhrOr2lNRMRW2aSmyxh
4oV1
-----END CERTIFICATE-----
Generated at Fri May 17 23:35:13 2024 by rpki-client on console-fra.rpki-client.org