Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/X3cBm-bUicyfFJqgonvv5YPR0as.roa
File: X3cBm-bUicyfFJqgonvv5YPR0as.roa (raw, json)
Hash identifier: rTFNiYNaR2kyVCJnNKtV2FC0xebNHSVdMCo68CKPbSc=
Subject key identifier: 5F:77:01:9B:E6:D4:89:CC:9F:14:9A:A0:A2:7B:EF:E5:83:D1:D1:AB
Certificate issuer: /CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Certificate serial: 018CC64B500493A1EB32B3818514D6BAEA51
Authority key identifier: DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/X3cBm-bUicyfFJqgonvv5YPR0as.roa
Signing time: Mon 01 Jan 2024 18:31:13 +0000
ROA not before: Mon 01 Jan 2024 18:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39402
IP address blocks: 109.75.64.0/24 maxlen: 24
109.75.71.0/24 maxlen: 24
109.75.69.0/24 maxlen: 24
109.75.70.0/24 maxlen: 24
109.75.68.0/24 maxlen: 24
109.75.66.0/24 maxlen: 24
109.75.67.0/24 maxlen: 24
109.75.65.0/24 maxlen: 24
109.75.73.0/24 maxlen: 24
109.75.74.0/24 maxlen: 24
109.75.72.0/24 maxlen: 24
109.75.78.0/24 maxlen: 24
109.75.76.0/24 maxlen: 24
109.75.77.0/24 maxlen: 24
109.75.75.0/24 maxlen: 24
109.75.79.0/24 maxlen: 24
185.204.51.0/24 maxlen: 24
185.204.50.0/24 maxlen: 24
185.204.48.0/24 maxlen: 24
185.204.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 10:03:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:50:04:93:a1:eb:32:b3:81:85:14:d6:ba:ea:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd5f2e7cc2c687f58c0d1f6132bb2dcfdf38cb64
Validity
Not Before: Jan 1 18:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f77019be6d489cc9f149aa0a27befe583d1d1ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8a:f2:d1:ac:e9:39:c4:00:f0:15:47:a7:00:
bc:1a:8d:01:9a:c1:5b:c1:0b:df:59:fa:8e:4a:cc:
ec:76:6d:0b:f6:43:d7:5e:dd:c1:7a:c1:e9:7e:ab:
79:8c:a6:de:27:0b:25:b4:f9:9f:33:0a:46:f1:69:
ef:7f:11:17:fc:a7:38:59:da:4b:ba:54:29:a6:f2:
cd:ca:b4:4d:2d:ae:b3:99:7e:db:c3:2f:35:30:41:
84:12:fe:87:23:96:9e:a7:ac:d3:5b:07:8c:23:5f:
67:8a:c4:d4:81:c9:dc:a5:c0:03:f9:92:91:12:76:
77:16:8a:2a:8d:a6:99:48:e0:7a:c4:91:97:d9:8c:
6e:78:21:b3:49:28:97:d9:33:5f:92:7e:c2:87:17:
0a:2d:9e:88:d5:10:43:9c:97:1d:f7:d9:0a:bc:2f:
3f:1a:36:20:b5:1d:2a:3f:53:3a:d7:d6:2c:b0:c5:
99:36:1b:04:04:48:59:63:41:40:65:b6:67:94:ab:
ed:eb:59:7f:04:77:9b:6e:9d:be:95:44:21:87:80:
0c:42:2c:31:62:ca:e4:d2:22:2d:15:11:c3:d2:2f:
e7:a2:d0:db:a1:a5:38:7f:a7:af:93:46:5d:dc:49:
89:b6:62:5a:f2:18:cd:37:7e:9b:64:7f:7f:ed:f3:
8c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:77:01:9B:E6:D4:89:CC:9F:14:9A:A0:A2:7B:EF:E5:83:D1:D1:AB
X509v3 Authority Key Identifier:
keyid:DD:5F:2E:7C:C2:C6:87:F5:8C:0D:1F:61:32:BB:2D:CF:DF:38:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3V8ufMLGh_WMDR9hMrstz984y2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/X3cBm-bUicyfFJqgonvv5YPR0as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/bc0a25-933a-4f5a-a5f3-9dcfd2ef3023/1/3V8ufMLGh_WMDR9hMrstz984y2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.64.0/20
185.204.48.0/22
Signature Algorithm: sha256WithRSAEncryption
32:82:b4:c6:72:7b:a4:2d:aa:42:39:b4:26:d7:aa:f4:ae:50:
a1:07:99:a1:07:f6:fb:15:ab:3f:36:31:88:39:b0:77:db:b6:
cf:9d:71:4f:ed:38:9d:bd:56:37:45:86:c4:0d:07:34:50:e9:
69:2c:13:fe:60:65:16:59:fc:f9:36:ac:6e:7f:7b:2b:68:e4:
16:9c:65:0d:9c:f6:ba:3c:be:a8:54:1f:f4:5a:43:4a:85:03:
50:4a:eb:da:51:92:e9:ae:c4:ef:93:96:3f:09:e4:dc:22:c5:
28:71:a9:b9:6f:28:be:df:6a:87:25:8e:7c:6a:c2:1d:cf:6a:
64:86:1f:96:26:bc:77:e1:a3:aa:17:a6:8c:de:2d:c5:f7:0a:
65:b1:97:68:01:d3:5e:d4:c8:08:74:bc:f0:b1:1d:e9:ec:d5:
19:eb:6a:54:c3:46:c8:26:5c:e2:19:f9:39:25:90:10:93:56:
cb:85:ee:cf:77:3d:16:52:fb:4e:76:aa:2d:a3:ff:85:c1:98:
56:42:12:50:eb:cb:9e:79:7b:ad:f9:0b:f7:6d:3b:46:d8:6b:
41:f3:af:04:6c:ae:25:e1:3a:2c:74:8a:eb:8f:dc:43:e3:04:
a8:d3:8c:62:19:74:bc:70:dc:15:65:9d:dd:8f:2d:de:c3:46:
74:d0:1f:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS1AEk6HrMrOBhRTWuupRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNWYyZTdjYzJjNjg3ZjU4YzBkMWY2MTMyYmIyZGNmZGYz
OGNiNjQwHhcNMjQwMTAxMTgzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc3MDE5YmU2ZDQ4OWNjOWYxNDlhYTBhMjdiZWZlNTgzZDFkMWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIry0azpOcQA8BVHpwC8Go0BmsFb
wQvfWfqOSszsdm0L9kPXXt3BesHpfqt5jKbeJwsltPmfMwpG8WnvfxEX/Kc4WdpL
ulQppvLNyrRNLa6zmX7bwy81MEGEEv6HI5aep6zTWweMI19nisTUgcncpcAD+ZKR
EnZ3FooqjaaZSOB6xJGX2YxueCGzSSiX2TNfkn7ChxcKLZ6I1RBDnJcd99kKvC8/
GjYgtR0qP1M619YssMWZNhsEBEhZY0FAZbZnlKvt61l/BHebbp2+lUQhh4AMQiwx
Ysrk0iItFRHD0i/notDboaU4f6evk0Zd3EmJtmJa8hjNN36bZH9/7fOMNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF93AZvm1InMnxSaoKJ77+WD0dGrMB8GA1UdIwQY
MBaAFN1fLnzCxof1jA0fYTK7Lc/fOMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMt
OWRjZmQyZWYzMDIzLzEvWDNjQm0tYlVpY3lmRkpxZ29udnY1WVBSMGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iYzBhMjUtOTMzYS00ZjVhLWE1ZjMtOWRjZmQyZWYzMDIz
LzEvM1Y4dWZNTEdoX1dNRFI5aE1yc3R6OTg0eTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEbUtAAwQC
ucwwMA0GCSqGSIb3DQEBCwUAA4IBAQAygrTGcnukLapCObQm16r0rlChB5mhB/b7
Fas/NjGIObB327bPnXFP7TidvVY3RYbEDQc0UOlpLBP+YGUWWfz5Nqxuf3sraOQW
nGUNnPa6PL6oVB/0WkNKhQNQSuvaUZLprsTvk5Y/CeTcIsUocam5byi+32qHJY58
asIdz2pkhh+WJrx34aOqF6aM3i3F9wplsZdoAdNe1MgIdLzwsR3p7NUZ62pUw0bI
JlziGfk5JZAQk1bLhe7Pdz0WUvtOdqoto/+FwZhWQhJQ68ueeXut+Qv3bTtG2GtB
868EbK4l4TosdIrrj9xD4wSo04xiGXS8cNwVZZ3djy3ew0Z00B+U
-----END CERTIFICATE-----
Generated at Sun Jun 2 15:34:32 2024 by rpki-client on console-ams.rpki-client.org