Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/1-Y5ubFW4nCnV-fXk9IkkZYij_CE.roa
File: 1-Y5ubFW4nCnV-fXk9IkkZYij_CE.roa (raw, json)
Hash identifier: 0sGus1PDmxb60lznROSOCCXKMq9NSnxlFIHm2/pZgrA=
Subject key identifier: F9:8E:6E:6C:55:B8:9C:29:D5:F9:F5:E4:F4:89:24:65:88:A3:FC:21
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 018F4C5AE711EE2E870FEA59F9B7E1EB9A5D
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/1-Y5ubFW4nCnV-fXk9IkkZYij_CE.roa
Signing time: Mon 06 May 2024 05:22:56 +0000
ROA not before: Mon 06 May 2024 05:22:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41564
IP address blocks: 5.153.236.0/24 maxlen: 24
5.153.239.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
5.157.13.0/24 maxlen: 24
5.157.14.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.22.0/24 maxlen: 24
5.157.27.0/24 maxlen: 24
5.157.41.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
23.92.127.0/24 maxlen: 24
104.160.2.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
151.237.186.0/24 maxlen: 24
2a02:5740::/48 maxlen: 48
2a02:5740:1::/48 maxlen: 48
2a02:5740:11::/48 maxlen: 48
2a02:5740:18::/48 maxlen: 48
2a02:5740:21::/48 maxlen: 48
2a02:5740:22::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 22:03:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:5a:e7:11:ee:2e:87:0f:ea:59:f9:b7:e1:eb:9a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: May 6 05:22:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f98e6e6c55b89c29d5f9f5e4f489246588a3fc21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e4:08:9d:71:65:d9:cb:c9:2c:01:57:c9:89:
b3:59:cc:1f:d2:e0:a2:db:f1:f9:d0:af:13:a6:3b:
f7:bc:9d:c4:40:c7:45:89:42:cc:13:da:92:2f:c4:
b6:a4:04:39:6f:b7:32:66:8c:80:4f:38:63:5d:c5:
63:8a:81:fe:97:e6:9a:1c:fa:bb:b4:31:b6:12:b7:
12:84:c8:b3:1c:d8:1d:ba:13:5a:a8:80:4e:0e:c5:
91:8c:33:1f:44:87:be:10:27:55:79:eb:dd:10:19:
5d:36:36:da:b8:f8:f1:2b:58:3c:21:69:7b:88:d8:
da:d9:eb:43:e9:f1:4c:31:22:23:57:b3:3c:52:70:
5b:9f:d3:f8:fe:b9:73:cc:57:0d:cb:21:c8:de:9d:
4f:4a:60:9d:18:d2:64:6d:3a:89:b1:0e:f3:ae:fb:
ed:19:11:26:c2:db:3c:2b:93:43:36:9f:f0:df:4d:
23:71:5f:65:2f:90:e2:a5:63:7c:19:bd:b4:0a:86:
75:37:04:89:62:92:bb:95:83:4d:b7:e4:93:ef:bc:
57:40:5b:81:53:c4:f4:87:3e:65:c3:68:e9:07:c0:
8a:33:44:e3:03:0a:d9:63:bf:63:27:cb:fd:68:79:
5c:21:c4:f9:88:b3:af:bb:a2:f0:ec:09:c2:79:6d:
91:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8E:6E:6C:55:B8:9C:29:D5:F9:F5:E4:F4:89:24:65:88:A3:FC:21
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/1-Y5ubFW4nCnV-fXk9IkkZYij_CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.236.0/24
5.153.239.0/24
5.157.8.0/24
5.157.13.0-5.157.14.255
5.157.17.0/24
5.157.22.0/24
5.157.27.0/24
5.157.41.0-5.157.42.255
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
23.92.127.0/24
104.160.2.0/24
104.160.6.0/24
151.237.186.0/24
IPv6:
2a02:5740::/47
2a02:5740:11::/48
2a02:5740:18::/48
2a02:5740:21::-2a02:5740:22:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:8a:5b:15:3e:ea:1e:53:f7:cf:e9:4e:0a:7c:5e:95:d7:08:
54:33:d9:df:8e:23:a1:e2:b9:4e:42:4e:ef:17:9d:ff:e2:00:
c5:00:35:a4:cd:06:0c:35:c6:cd:e2:bc:9f:ce:6b:a8:8c:b5:
13:bf:6c:66:2e:e7:25:bd:3e:d8:90:fe:ae:44:72:a9:ac:b5:
60:95:9d:73:c3:58:69:c0:6a:14:e1:24:a5:e0:35:c5:3e:81:
b9:3a:a8:d9:46:db:9b:b8:68:47:36:57:ae:8f:b7:a6:2a:bb:
30:77:d9:06:de:3e:94:80:78:99:66:d1:e2:4f:d8:df:3c:c9:
20:67:32:09:c2:e6:6a:8a:28:0b:2c:b2:ed:ee:a3:52:c4:c6:
ae:2d:28:ab:cc:76:d0:12:55:20:ad:f9:29:a7:42:67:19:f5:
26:84:b0:0b:0c:c6:d1:8b:94:e3:9c:ef:96:0d:d1:da:02:19:
28:c0:3c:f7:b2:ad:3b:c7:12:0a:b3:31:ec:d5:8d:e0:4d:8a:
f9:2b:29:89:94:e6:ac:22:9c:2e:81:d6:20:5d:6e:2e:2c:98:
0d:1e:9f:b5:3c:75:64:4a:00:61:c9:cb:8f:8f:46:8e:ad:08:
ed:a1:c0:49:7d:fe:99:4f:d4:96:20:63:27:a0:20:96:7d:0a:
49:5f:1d:a8
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAY9MWucR7i6HD+pZ+bfh65pdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjQwNTA2MDUyMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOThlNmU2YzU1Yjg5YzI5ZDVmOWY1ZTRmNDg5MjQ2NTg4YTNmYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OQInXFl2cvJLAFXyYmzWcwf0uCi
2/H50K8Tpjv3vJ3EQMdFiULME9qSL8S2pAQ5b7cyZoyATzhjXcVjioH+l+aaHPq7
tDG2ErcShMizHNgduhNaqIBODsWRjDMfRIe+ECdVeevdEBldNjbauPjxK1g8IWl7
iNja2etD6fFMMSIjV7M8UnBbn9P4/rlzzFcNyyHI3p1PSmCdGNJkbTqJsQ7zrvvt
GREmwts8K5NDNp/w300jcV9lL5DipWN8Gb20CoZ1NwSJYpK7lYNNt+ST77xXQFuB
U8T0hz5lw2jpB8CKM0TjAwrZY79jJ8v9aHlcIcT5iLOvu6Lw7AnCeW2RrQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFPmObmxVuJwp1fn15PSJJGWIo/whMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvMS1ZNXViRlc0bkNuVi1mWGs5SWtrWllpal9DRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvM2I1MWI4LTEwYzYtNDM4Yi1hMTIwLTE1ZjEzZTNmN2Q4
NS8xLzJDeTBQS1BBeFhnV3p1TmdSNDBNLUlJZ2Y5SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBxAYIKwYBBQUHAQcBAf8EgbQwgbEweAQCAAEwcgMEAAWZ
7AMEAAWZ7wMEAAWdCDAMAwQABZ0NAwQABZ0OAwQABZ0RAwQABZ0WAwQABZ0bMAwD
BAAFnSkDBAAFnSoDBAAFnS0DBAAFnTgwDAMEAQWdOgMEBgWdAAMEABdcfwMEAGig
AgMEAGigBgMEAJftujA1BAIAAjAvAwcBKgJXQAAAAwcAKgJXQAARAwcAKgJXQAAY
MBIDBwAqAldAACEDBwAqAldAACIwDQYJKoZIhvcNAQELBQADggEBAAuKWxU+6h5T
98/pTgp8XpXXCFQz2d+OI6HiuU5CTu8Xnf/iAMUANaTNBgw1xs3ivJ/Oa6iMtRO/
bGYu5yW9PtiQ/q5EcqmstWCVnXPDWGnAahThJKXgNcU+gbk6qNlG25u4aEc2V66P
t6YquzB32QbePpSAeJlm0eJP2N88ySBnMgnC5mqKKAsssu3uo1LExq4tKKvMdtAS
VSCt+SmnQmcZ9SaEsAsMxtGLlOOc75YN0doCGSjAPPeyrTvHEgqzMezVjeBNivkr
KYmU5qwinC6B1iBdbi4smA0en7U8dWRKAGHJy4+PRo6tCO2hwEl9/plP1JYgYyeg
IJZ9CklfHag=
-----END CERTIFICATE-----
Generated at Mon Jul 1 07:27:28 2024 by rpki-client on console-ams.rpki-client.org