Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/1Ic42bNLVeyxtGi_hhgf6n32ANg.roa
File: 1Ic42bNLVeyxtGi_hhgf6n32ANg.roa (raw, json)
Hash identifier: bwUl9TIR6Zz/IKEsvgfN2BlC2iOIFbcT2AIkh9MbqYw=
Subject key identifier: D4:87:38:D9:B3:4B:55:EC:B1:B4:68:BF:86:18:1F:EA:7D:F6:00:D8
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 018F4C5AE817111323B729C7D1248AAC1822
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/1Ic42bNLVeyxtGi_hhgf6n32ANg.roa
Signing time: Mon 06 May 2024 05:22:56 +0000
ROA not before: Mon 06 May 2024 05:22:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46805
IP address blocks: 23.92.112.0/24 maxlen: 24
23.92.113.0/24 maxlen: 24
23.92.114.0/24 maxlen: 24
104.160.0.0/24 maxlen: 24
104.160.5.0/24 maxlen: 24
104.160.8.0/24 maxlen: 24
104.160.22.0/24 maxlen: 24
104.160.23.0/24 maxlen: 24
104.160.24.0/24 maxlen: 24
104.160.25.0/24 maxlen: 24
104.160.26.0/24 maxlen: 24
104.160.27.0/24 maxlen: 24
107.150.80.0/24 maxlen: 24
107.150.92.0/24 maxlen: 24
192.40.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 22:03:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:5a:e8:17:11:13:23:b7:29:c7:d1:24:8a:ac:18:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: May 6 05:22:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d48738d9b34b55ecb1b468bf86181fea7df600d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ad:35:0e:ee:bb:26:8c:74:37:86:79:5b:d0:
8c:b7:17:53:6a:34:e3:e7:8f:8c:a0:09:b3:33:76:
69:06:42:3f:68:c5:ff:40:88:34:82:9f:28:34:d5:
5d:9c:84:0e:fe:a9:7b:87:1f:14:d1:84:ed:05:33:
b9:56:87:ca:5d:e0:f9:aa:1b:25:8b:5a:1b:5c:ab:
38:a1:03:97:db:e9:7b:bd:5b:7a:ca:da:31:e6:7b:
ee:25:b8:dd:8e:57:ba:7d:69:eb:15:65:f5:9f:f2:
b7:16:25:b0:ed:8c:eb:ba:2b:22:cf:f7:ee:c5:1e:
d6:6e:51:8a:8e:28:0d:1b:88:a8:b9:7b:7d:8a:48:
7c:1d:a7:e5:a0:8e:1f:b3:69:84:b9:4c:91:80:dc:
9f:1a:35:88:3a:6a:3e:55:32:cf:86:0d:f2:1b:21:
34:72:b3:e7:fa:a8:11:5c:e8:ed:60:24:16:03:d0:
59:bd:08:b6:0d:c3:57:c1:71:0b:48:a8:75:0b:37:
bb:66:f6:53:cb:0f:7a:56:bf:b9:00:83:86:06:f1:
84:2a:11:7b:f1:aa:05:74:9d:d3:67:e1:44:8a:ff:
8e:96:70:33:12:be:22:da:5d:42:50:f0:62:46:a2:
ec:cf:36:ac:ef:77:46:23:1e:46:fe:66:d4:e9:cd:
55:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:87:38:D9:B3:4B:55:EC:B1:B4:68:BF:86:18:1F:EA:7D:F6:00:D8
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/1Ic42bNLVeyxtGi_hhgf6n32ANg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.92.112.0-23.92.114.255
104.160.0.0/24
104.160.5.0/24
104.160.8.0/24
104.160.22.0-104.160.27.255
107.150.80.0/24
107.150.92.0/24
192.40.95.0/24
Signature Algorithm: sha256WithRSAEncryption
26:b5:bb:0a:aa:51:0a:a4:28:14:16:1e:24:a3:b4:5d:9e:8e:
8d:98:8e:c3:b9:ba:40:b3:85:97:bf:28:ec:ea:45:92:cd:6c:
75:c0:a8:68:98:0d:1e:a3:eb:a9:9b:af:6a:7a:e3:36:67:16:
d5:4b:86:83:d3:6b:11:1d:4b:c4:42:06:72:69:75:83:75:d6:
f7:4b:42:09:eb:11:05:b7:89:45:98:a4:e3:a3:14:51:0f:06:
a9:3d:5c:d6:30:d4:cb:a8:eb:5a:0d:eb:6d:a2:41:c0:85:a0:
68:bf:62:1b:03:88:43:37:84:f2:dc:28:09:6d:4e:c3:43:34:
68:a6:6e:43:bd:36:5a:f6:f7:01:d1:06:66:09:30:cf:cc:21:
0d:bd:29:58:46:75:ce:3f:b2:8d:49:9b:f3:c9:3d:6b:7b:a3:
89:88:bc:a1:98:7c:6e:59:c3:3d:28:49:47:5d:94:86:80:6c:
f0:80:3c:5b:a8:52:19:41:45:6c:91:99:57:cb:75:dc:3b:cd:
63:03:e7:3e:a2:46:2a:a2:ac:e4:aa:a8:e5:d5:f6:29:1e:7d:
ee:ba:46:31:bf:14:4f:0c:85:4a:f9:c0:69:32:fa:32:00:50:
bc:22:70:de:7e:4f:c7:47:0e:99:db:58:e6:ff:50:5b:c6:0d:
83:75:90:ae
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY9MWugXERMjtynH0SSKrBgiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjQwNTA2MDUyMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg3MzhkOWIzNGI1NWVjYjFiNDY4YmY4NjE4MWZlYTdkZjYwMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp601Du67Jox0N4Z5W9CMtxdTajTj
54+MoAmzM3ZpBkI/aMX/QIg0gp8oNNVdnIQO/ql7hx8U0YTtBTO5VofKXeD5qhsl
i1obXKs4oQOX2+l7vVt6ytox5nvuJbjdjle6fWnrFWX1n/K3FiWw7Yzruisiz/fu
xR7WblGKjigNG4iouXt9ikh8HafloI4fs2mEuUyRgNyfGjWIOmo+VTLPhg3yGyE0
crPn+qgRXOjtYCQWA9BZvQi2DcNXwXELSKh1Cze7ZvZTyw96Vr+5AIOGBvGEKhF7
8aoFdJ3TZ+FEiv+OlnAzEr4i2l1CUPBiRqLszzas73dGIx5G/mbU6c1VYQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFNSHONmzS1XssbRov4YYH+p99gDYMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvMUljNDJiTkxWZXl4dEdpX2hoZ2Y2bjMyQU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAQXXHAD
BAAXXHIDBABooAADBABooAUDBABooAgwDAMEAWigFgMEAmigGAMEAGuWUAMEAGuW
XAMEAMAoXzANBgkqhkiG9w0BAQsFAAOCAQEAJrW7CqpRCqQoFBYeJKO0XZ6OjZiO
w7m6QLOFl78o7OpFks1sdcCoaJgNHqPrqZuvanrjNmcW1UuGg9NrER1LxEIGcml1
g3XW90tCCesRBbeJRZik46MUUQ8GqT1c1jDUy6jrWg3rbaJBwIWgaL9iGwOIQzeE
8twoCW1Ow0M0aKZuQ702Wvb3AdEGZgkwz8whDb0pWEZ1zj+yjUmb88k9a3ujiYi8
oZh8blnDPShJR12UhoBs8IA8W6hSGUFFbJGZV8t13DvNYwPnPqJGKqKs5Kqo5dX2
KR597rpGMb8UTwyFSvnAaTL6MgBQvCJw3n5Px0cOmdtY5v9QW8YNg3WQrg==
-----END CERTIFICATE-----
Generated at Mon Jul 1 07:27:28 2024 by rpki-client on console-ams.rpki-client.org