Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zDCr3UquMRAaRDPUOT9qSuMh6m8.roa
File: zDCr3UquMRAaRDPUOT9qSuMh6m8.roa (raw, json)
Hash identifier: VeXA+qHX1/M80iVeUjvR+OrEfjxqcr7QXSxpHK2wQpI=
Subject key identifier: CC:30:AB:DD:4A:AE:31:10:1A:44:33:D4:39:3F:6A:4A:E3:21:EA:6F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01936208E41AEE45130779D8DD313D7CE578
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zDCr3UquMRAaRDPUOT9qSuMh6m8.roa
Signing time: Mon 25 Nov 2024 06:36:10 +0000
ROA not before: Mon 25 Nov 2024 06:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.7.0/24 maxlen: 24
163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.12.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.17.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.188.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:62:08:e4:1a:ee:45:13:07:79:d8:dd:31:3d:7c:e5:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 25 06:36:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc30abdd4aae31101a4433d4393f6a4ae321ea6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:77:da:15:52:bb:d5:6e:99:c8:aa:51:fe:1b:
e0:f7:2b:f4:17:96:eb:a2:c4:1d:5f:dc:4d:7c:4e:
a0:48:14:07:9f:25:10:b1:35:09:e5:d0:00:60:6f:
b1:dc:d5:c2:2e:65:a6:4e:d0:ea:a5:20:9d:78:69:
af:5f:c5:59:ab:6d:09:fd:40:70:5e:e8:be:79:65:
67:88:dd:5f:4f:91:dc:df:57:4b:03:da:43:f3:ce:
47:d3:ed:d1:e7:45:ce:2b:f1:c2:b1:e1:d4:94:99:
e1:50:b0:96:30:b9:b8:f5:4c:21:cc:a9:c1:96:0c:
86:90:08:54:9b:70:64:30:03:00:56:46:cc:ce:ef:
47:1f:7b:6d:a2:aa:b2:15:21:ca:5d:86:35:03:b5:
85:7e:5a:b7:98:58:fc:d4:31:8f:1b:f0:06:42:1e:
ae:0f:80:5b:e4:1c:0e:0c:0e:3a:49:0b:9d:2a:09:
4e:7c:be:55:96:ab:5a:66:4c:0a:30:86:4e:bc:5e:
c3:19:35:65:c2:6a:c7:4d:4b:b7:32:70:d8:d5:cf:
f8:03:3a:a6:15:0c:12:78:3e:ff:27:1a:00:96:1f:
ea:39:ba:14:a1:ae:d4:6c:55:ff:e9:38:e6:48:65:
8a:d4:b2:e7:56:72:79:53:70:9b:a9:eb:69:47:47:
52:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:30:AB:DD:4A:AE:31:10:1A:44:33:D4:39:3F:6A:4A:E3:21:EA:6F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zDCr3UquMRAaRDPUOT9qSuMh6m8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.7.0-163.5.9.255
163.5.12.0/23
163.5.17.0/24
163.5.30.0/24
163.5.59.0/24
163.5.73.0/24
163.5.89.0/24
163.5.92.0/24
163.5.110.0-163.5.113.255
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.157.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.188.0/23
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
32:69:d4:38:ee:11:87:f0:64:c3:b9:c2:5a:5e:29:1d:73:85:
bf:1f:4d:c2:8b:b2:f1:b1:47:6d:c7:98:8c:e8:e9:24:65:17:
df:cb:e3:2d:da:a4:40:bb:16:cf:93:ba:a3:74:73:4a:d3:d3:
2b:2e:03:a1:ab:b6:38:b8:d3:55:df:95:02:a8:2e:81:19:42:
c7:50:3d:c8:d5:1b:fb:0d:67:14:7d:41:79:ce:b3:5a:cd:ec:
ce:b3:d8:03:16:5e:d2:48:85:3e:f8:c2:b7:29:fd:2e:0f:dd:
b5:3a:a6:ba:fa:cc:11:5f:c4:4b:a6:04:f5:cc:d5:8b:5b:1e:
60:24:1d:e2:69:4b:98:af:6e:bc:de:48:ce:1a:c3:7e:df:fd:
de:a5:8d:ff:2a:20:31:59:ab:ff:08:c8:4f:f7:e7:3c:a8:44:
66:33:9e:24:dd:dd:80:66:87:5c:4d:1f:c0:b8:91:d5:b6:3b:
bc:e2:2c:7c:41:f5:4d:17:e5:de:d4:e2:83:87:3c:65:1c:93:
0a:67:fa:21:97:14:b2:38:ba:ae:d5:74:eb:db:d7:60:6f:3b:
e0:2e:63:40:ce:88:f7:c1:e7:2d:99:e1:7b:ff:d4:ef:8b:b5:
00:50:c1:80:5e:d1:8f:d5:ff:75:9a:eb:cb:c1:14:9a:9f:be:
09:7f:9d:4c
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZNiCOQa7kUTB3nY3TE9fOV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTI1MDYzNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzMwYWJkZDRhYWUzMTEwMWE0NDMzZDQzOTNmNmE0YWUzMjFlYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3faFVK71W6ZyKpR/hvg9yv0F5br
osQdX9xNfE6gSBQHnyUQsTUJ5dAAYG+x3NXCLmWmTtDqpSCdeGmvX8VZq20J/UBw
Xui+eWVniN1fT5Hc31dLA9pD885H0+3R50XOK/HCseHUlJnhULCWMLm49UwhzKnB
lgyGkAhUm3BkMAMAVkbMzu9HH3ttoqqyFSHKXYY1A7WFflq3mFj81DGPG/AGQh6u
D4Bb5BwODA46SQudKglOfL5VlqtaZkwKMIZOvF7DGTVlwmrHTUu3MnDY1c/4Azqm
FQwSeD7/JxoAlh/qOboUoa7UbFX/6TjmSGWK1LLnVnJ5U3CbqetpR0dSkQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFMwwq91KrjEQGkQz1Dk/akrjIepvMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvekRDcjNVcXVNUkFhUkRQVU9UOXFTdU1oNm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIwDAME
AKMFBwMEAaMFCAMEAaMFDAMEAKMFEQMEAKMFHgMEAKMFOwMEAKMFSQMEAKMFWQME
AKMFXDAMAwQBowVuAwQBowVwAwQAowV5AwQAowV+AwQBowWAAwQBowWKAwQAowWP
AwQAowWSAwQAowWXAwQAowWdAwQAowWgAwQAowWnAwQAowWyAwQAowW2AwQBowW8
AwQAowW/AwQBowXIMAwDBACjBcsDBACjBc4DBACjBdoDBACjBeADBACjBeQDBACj
BfEDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBADJp1DjuEYfwZMO5wlpe
KR1zhb8fTcKLsvGxR23HmIzo6SRlF9/L4y3apEC7Fs+TuqN0c0rT0ysuA6Grtji4
01XflQKoLoEZQsdQPcjVG/sNZxR9QXnOs1rN7M6z2AMWXtJIhT74wrcp/S4P3bU6
prr6zBFfxEumBPXM1YtbHmAkHeJpS5ivbrzeSM4aw37f/d6ljf8qIDFZq/8IyE/3
5zyoRGYzniTd3YBmh1xNH8C4kdW2O7ziLHxB9U0X5d7U4oOHPGUckwpn+iGXFLI4
uq7VdOvb12BvO+AuY0DOiPfB5y2Z4Xv/1O+LtQBQwYBe0Y/V/3Wa68vBFJqfvgl/
nUw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:23:57 2024 by rpki-client on console-ams.rpki-client.org