Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/7sndv6OuITDmrfIo4kiSW9yPx9w.roa
File: 7sndv6OuITDmrfIo4kiSW9yPx9w.roa (raw, json)
Hash identifier: hZBCzLtlk5DWWoGw0kEmyFnUbnU6aDbcx5CoHbqYGFQ=
Subject key identifier: EE:C9:DD:BF:A3:AE:21:30:E6:AD:F2:28:E2:48:92:5B:DC:8F:C7:DC
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01900DA4FC10A0FE997CAD4C13BD89782F79
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/7sndv6OuITDmrfIo4kiSW9yPx9w.roa
Signing time: Wed 12 Jun 2024 18:10:34 +0000
ROA not before: Wed 12 Jun 2024 18:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.124.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.199.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0d:a4:fc:10:a0:fe:99:7c:ad:4c:13:bd:89:78:2f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 12 18:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eec9ddbfa3ae2130e6adf228e248925bdc8fc7dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:94:e3:06:4f:37:02:4f:6f:3a:dc:0d:a4:2e:
90:30:33:91:26:22:07:f1:05:c0:36:91:1a:9b:a4:
1e:e1:a6:17:d4:e0:6c:8a:b6:e5:5f:42:48:12:b8:
1a:dd:ad:14:7d:d4:e0:0b:e8:d2:a8:1a:ae:b0:52:
e5:9a:af:a8:6f:68:66:17:2b:87:9c:8c:de:e5:7b:
04:e1:6c:3e:22:3d:14:f4:46:d8:90:2a:44:26:31:
d2:27:84:ac:35:24:eb:f5:3d:58:2a:f9:16:6a:8c:
84:3c:f0:65:96:b0:09:6c:50:f5:78:0b:2a:d7:4c:
96:c9:18:f4:b6:24:a1:86:17:05:e7:a9:4b:4b:30:
eb:a8:8d:0e:80:50:65:1c:86:bf:7c:9c:8f:b7:65:
4d:4a:0a:a2:fb:55:56:77:24:ed:98:cf:48:e1:c5:
72:f4:66:1e:01:4a:fe:5a:44:14:70:3f:f0:83:15:
7d:90:29:e9:a9:e2:d1:83:57:d6:dd:29:3b:5c:0e:
2c:80:04:21:10:5c:73:47:60:d4:1e:34:da:7d:42:
34:b2:b5:8b:b0:0a:f9:89:02:0b:51:f0:96:ec:6c:
0b:48:c2:29:a3:c6:14:50:2d:3d:5d:9e:12:15:41:
ad:1b:30:f0:9f:7a:96:0e:21:f2:e3:f5:20:81:9f:
6e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C9:DD:BF:A3:AE:21:30:E6:AD:F2:28:E2:48:92:5B:DC:8F:C7:DC
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/7sndv6OuITDmrfIo4kiSW9yPx9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.53.0/24
163.5.71.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.124.0-163.5.126.255
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.173.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.199.0-163.5.201.255
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
19:f4:96:ad:c2:c8:b3:db:b6:49:be:37:77:6f:fa:44:46:82:
05:9d:ef:01:5f:3e:dc:3a:c6:56:58:f3:06:32:65:f8:b0:97:
fb:02:24:32:03:bc:26:98:df:4e:92:ab:66:67:9d:0c:fd:9c:
af:8d:71:cb:7b:a9:6f:3d:f7:31:90:9e:37:8d:ca:a6:0e:8a:
0c:a5:f7:be:d2:aa:53:3b:cf:23:e9:b3:f4:da:50:71:1f:64:
ab:f4:b0:ff:66:42:8a:b9:f9:45:8d:3d:a0:ae:4b:be:f7:78:
36:c9:36:86:da:2a:ac:25:a1:38:ed:6b:bb:3e:53:91:b2:e6:
fa:b7:bc:bc:72:c8:1a:97:58:43:5a:2f:3f:ac:15:3b:9c:86:
fa:d1:4f:16:54:ac:7c:45:24:fa:d6:77:4d:ac:0f:5f:0b:45:
63:d2:a3:72:2d:03:9f:1f:71:d4:5f:b1:57:1f:9d:dd:73:23:
9c:33:55:82:35:c3:d7:c6:7a:7f:6d:ee:a5:3f:f9:7a:f9:43:
89:8c:b8:89:76:0d:60:18:c0:97:e9:2f:18:3d:f8:9a:df:d3:
64:e0:b3:5a:3a:82:30:44:c4:df:17:99:39:f1:47:eb:69:7e:
6a:0a:ee:ac:0d:1d:b2:80:b5:e1:75:a6:9a:1c:17:ab:90:90:
b8:a1:f4:b9
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZANpPwQoP6ZfK1ME72JeC95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNjEyMTgxMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWM5ZGRiZmEzYWUyMTMwZTZhZGYyMjhlMjQ4OTI1YmRjOGZjN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJTjBk83Ak9vOtwNpC6QMDORJiIH
8QXANpEam6Qe4aYX1OBsirblX0JIErga3a0UfdTgC+jSqBqusFLlmq+ob2hmFyuH
nIze5XsE4Ww+Ij0U9EbYkCpEJjHSJ4SsNSTr9T1YKvkWaoyEPPBllrAJbFD1eAsq
10yWyRj0tiShhhcF56lLSzDrqI0OgFBlHIa/fJyPt2VNSgqi+1VWdyTtmM9I4cVy
9GYeAUr+WkQUcD/wgxV9kCnpqeLRg1fW3Sk7XA4sgAQhEFxzR2DUHjTafUI0srWL
sAr5iQILUfCW7GwLSMIpo8YUUC09XZ4SFUGtGzDwn3qWDiHy4/UggZ9u8QIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFO7J3b+jriEw5q3yKOJIklvcj8fcMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvN3NuZHY2T3VJVERtcmZJbzRraVNXOXlQeDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBACj
BR4DBACjBTUDBACjBUcDBACjBVkwDAMEAaMFbgMEAaMFcAMEAKMFeTAMAwQCowV8
AwQAowV+AwQBowWAAwQBowWKAwQAowWPAwQAowWSAwQAowWXAwQAowWgAwQAowWn
AwQAowWtAwQAowWyAwQAowW2AwQBowW8AwQAowW/MAwDBACjBccDBAGjBcgwDAME
AKMFywMEAKMFzgMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF8QMEAKMF+gMEAKMF/TAN
BgkqhkiG9w0BAQsFAAOCAQEAGfSWrcLIs9u2Sb43d2/6REaCBZ3vAV8+3DrGVljz
BjJl+LCX+wIkMgO8JpjfTpKrZmedDP2cr41xy3upbz33MZCeN43Kpg6KDKX3vtKq
UzvPI+mz9NpQcR9kq/Sw/2ZCirn5RY09oK5Lvvd4Nsk2htoqrCWhOO1ruz5TkbLm
+re8vHLIGpdYQ1ovP6wVO5yG+tFPFlSsfEUk+tZ3TawPXwtFY9Kjci0Dnx9x1F+x
Vx+d3XMjnDNVgjXD18Z6f23upT/5evlDiYy4iXYNYBjAl+kvGD34mt/TZOCzWjqC
METE3xeZOfFH62l+agrurA0dsoC14XWmmhwXq5CQuKH0uQ==
-----END CERTIFICATE-----
Generated at Mon Jun 17 16:17:10 2024 by rpki-client on console-fra.rpki-client.org