Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/XVhVpnOdEZVRV5hEuq2WDRehEoQ.roa
File: XVhVpnOdEZVRV5hEuq2WDRehEoQ.roa (raw, json)
Hash identifier: hSbpcF93U+q6ixuPIJOr1Xrm0ZkUuY2iDECQtM72mXQ=
Subject key identifier: 5D:58:55:A6:73:9D:11:95:51:57:98:44:BA:AD:96:0D:17:A1:12:84
Certificate issuer: /CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Certificate serial: 018CCA2A9EDFA86BD6BB628C9962F9CC69BC
Authority key identifier: E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/XVhVpnOdEZVRV5hEuq2WDRehEoQ.roa
Signing time: Tue 02 Jan 2024 12:33:59 +0000
ROA not before: Tue 02 Jan 2024 12:33:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 151.186.190.0/24 maxlen: 24
151.186.189.0/24 maxlen: 24
151.186.188.0/24 maxlen: 24
151.186.192.0/24 maxlen: 24
151.186.191.0/24 maxlen: 24
151.186.187.0/24 maxlen: 24
151.186.192.0/20 maxlen: 24
151.186.194.0/24 maxlen: 24
151.186.193.0/24 maxlen: 24
151.186.197.0/24 maxlen: 24
151.186.196.0/24 maxlen: 24
151.186.195.0/24 maxlen: 24
151.186.199.0/24 maxlen: 24
151.186.198.0/24 maxlen: 24
151.186.204.0/24 maxlen: 24
151.186.203.0/24 maxlen: 24
151.186.202.0/24 maxlen: 24
151.186.206.0/24 maxlen: 24
151.186.205.0/24 maxlen: 24
151.186.201.0/24 maxlen: 24
151.186.200.0/24 maxlen: 24
151.186.207.0/24 maxlen: 24
151.186.172.0/22 maxlen: 24
151.186.172.0/24 maxlen: 24
151.186.176.0/24 maxlen: 24
151.186.175.0/24 maxlen: 24
151.186.174.0/24 maxlen: 24
151.186.179.0/24 maxlen: 24
151.186.178.0/24 maxlen: 24
151.186.177.0/24 maxlen: 24
151.186.173.0/24 maxlen: 24
151.186.176.0/20 maxlen: 24
151.186.180.0/24 maxlen: 24
151.186.183.0/24 maxlen: 24
151.186.182.0/24 maxlen: 24
151.186.181.0/24 maxlen: 24
151.186.186.0/24 maxlen: 24
151.186.185.0/24 maxlen: 24
151.186.184.0/24 maxlen: 24
2a04:e4c4:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:9e:df:a8:6b:d6:bb:62:8c:99:62:f9:cc:69:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7133dcaf2b1ebf5dade5a33aa1b2fb99d2689ba
Validity
Not Before: Jan 2 12:33:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d5855a6739d119551579844baad960d17a11284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:03:4a:33:0c:1b:02:d7:82:83:3b:db:bd:92:
57:a9:03:8f:fb:b8:87:d5:40:46:2d:e2:41:91:76:
0d:0c:24:2a:ca:82:5a:a3:a3:4d:32:b7:ef:ea:c9:
b2:68:cd:82:0b:81:4b:a6:9e:13:56:08:6b:64:cf:
aa:7d:55:84:a0:59:d9:f2:b6:a3:f0:23:6d:05:31:
85:89:3e:02:7d:20:7f:d5:23:aa:e5:78:3e:82:fa:
07:57:31:92:46:80:56:b7:69:d8:7b:f8:b6:36:ae:
9b:59:9c:50:57:0c:b6:34:b6:d7:d1:7c:a1:ac:cf:
29:f5:61:70:7b:1a:e6:4b:9a:e7:46:64:32:5d:22:
25:e1:ea:57:f1:d3:63:3c:fb:f6:f7:76:bb:ce:bc:
63:a9:8f:e9:e2:41:ec:78:e2:a5:50:59:56:63:f2:
62:87:1a:22:b1:b3:3c:8a:32:de:4f:a4:55:f2:b6:
64:01:3d:0c:01:e3:35:f2:85:67:19:d5:fd:f9:03:
8d:68:e9:ac:38:9a:69:7f:be:87:98:55:7c:aa:f5:
f6:ea:68:90:b8:4d:b2:9b:6b:9d:5d:b0:74:f3:e3:
03:7f:45:93:17:67:b5:e2:45:42:c4:51:b5:58:b9:
49:73:74:38:dc:bb:65:fb:fc:1e:67:95:5a:99:b3:
5b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:58:55:A6:73:9D:11:95:51:57:98:44:BA:AD:96:0D:17:A1:12:84
X509v3 Authority Key Identifier:
keyid:E7:13:3D:CA:F2:B1:EB:F5:DA:DE:5A:33:AA:1B:2F:B9:9D:26:89:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xM9yvKx6_Xa3lozqhsvuZ0mibo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/XVhVpnOdEZVRV5hEuq2WDRehEoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/5e4df8-ae8c-44a7-bd6e-19ce46a42fa4/1/5xM9yvKx6_Xa3lozqhsvuZ0mibo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.186.172.0-151.186.207.255
IPv6:
2a04:e4c4:5::/48
Signature Algorithm: sha256WithRSAEncryption
71:18:48:bd:dc:f9:6c:18:03:89:00:7c:e0:26:6d:d4:14:c4:
0f:28:6b:59:6a:11:d7:f9:68:65:aa:cd:4d:ec:04:e3:1c:74:
9f:54:a4:61:d7:39:3c:8f:4b:9a:fd:5e:19:61:3e:59:ca:3e:
4d:41:8b:0a:81:fb:aa:33:19:e3:a9:56:ab:22:3a:5f:5e:ec:
2b:5c:ba:d4:e2:7c:b9:07:a5:ab:6e:74:40:07:20:ce:4d:b5:
8f:b4:c0:c1:a2:19:41:52:78:ad:2d:ac:c4:68:4b:82:55:a2:
71:16:cf:8a:f9:2f:d0:e2:9c:ec:7b:a1:85:95:ed:06:93:28:
06:ed:75:f5:58:2e:4e:98:57:bd:b5:5c:35:90:6b:37:f0:a8:
33:2d:4c:59:f7:20:e7:ff:a1:0b:de:71:7b:9d:74:0d:c0:3f:
53:d8:dc:fb:3e:52:67:aa:ac:3c:82:eb:b6:75:7b:02:6e:ce:
d5:31:3b:d1:68:db:92:8f:a1:f3:48:ce:3c:03:21:98:15:f0:
df:43:a2:07:f7:3a:47:49:07:22:40:99:00:48:e1:91:10:a4:
da:11:8b:11:1a:0a:d7:9d:70:a4:76:94:f3:7b:2a:73:ac:6d:
b7:79:9b:81:8e:0b:d2:a7:3d:05:22:91:4c:32:38:f0:e2:a8:
e3:53:a2:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzKKp7fqGvWu2KMmWL5zGm8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTMzZGNhZjJiMWViZjVkYWRlNWEzM2FhMWIyZmI5OWQy
Njg5YmEwHhcNMjQwMTAyMTIzMzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU4NTVhNjczOWQxMTk1NTE1Nzk4NDRiYWFkOTYwZDE3YTExMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ANKMwwbAteCgzvbvZJXqQOP+7iH
1UBGLeJBkXYNDCQqyoJao6NNMrfv6smyaM2CC4FLpp4TVghrZM+qfVWEoFnZ8raj
8CNtBTGFiT4CfSB/1SOq5Xg+gvoHVzGSRoBWt2nYe/i2Nq6bWZxQVwy2NLbX0Xyh
rM8p9WFwexrmS5rnRmQyXSIl4epX8dNjPPv293a7zrxjqY/p4kHseOKlUFlWY/Ji
hxoisbM8ijLeT6RV8rZkAT0MAeM18oVnGdX9+QONaOmsOJppf76HmFV8qvX26miQ
uE2ym2udXbB08+MDf0WTF2e14kVCxFG1WLlJc3Q43Ltl+/weZ5VambNb/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1YVaZznRGVUVeYRLqtlg0XoRKEMB8GA1UdIwQY
MBaAFOcTPcrysev12t5aM6obL7mdJom6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUt
MTljZTQ2YTQyZmE0LzEvWFZoVnBuT2RFWlZSVjVoRXVxMldEUmVoRW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi81ZTRkZjgtYWU4Yy00NGE3LWJkNmUtMTljZTQ2YTQyZmE0
LzEvNXhNOXl2S3g2X1hhM2xvenFoc3Z1WjBtaWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAKXuqwD
BASXusAwDwQCAAIwCQMHACoE5MQABTANBgkqhkiG9w0BAQsFAAOCAQEAcRhIvdz5
bBgDiQB84CZt1BTEDyhrWWoR1/loZarNTewE4xx0n1SkYdc5PI9Lmv1eGWE+Wco+
TUGLCoH7qjMZ46lWqyI6X17sK1y61OJ8uQelq250QAcgzk21j7TAwaIZQVJ4rS2s
xGhLglWicRbPivkv0OKc7HuhhZXtBpMoBu119VguTphXvbVcNZBrN/CoMy1MWfcg
5/+hC95xe510DcA/U9jc+z5SZ6qsPILrtnV7Am7O1TE70Wjbko+h80jOPAMhmBXw
30OiB/c6R0kHIkCZAEjhkRCk2hGLERoK151wpHaU83sqc6xtt3mbgY4L0qc9BSKR
TDI48OKo41OiYg==
-----END CERTIFICATE-----
Generated at Thu May 2 20:33:44 2024 by rpki-client on console-ams.rpki-client.org