Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/SfCIaWanrzt5W5MTWKMfTqMk7ec.roa
File: SfCIaWanrzt5W5MTWKMfTqMk7ec.roa (raw, json)
Hash identifier: 6R0Z2hINP0K3Rhmmkw8gjMu7BLJHUsWJWIElSHJ4WZI=
Subject key identifier: 49:F0:88:69:66:A7:AF:3B:79:5B:93:13:58:A3:1F:4E:A3:24:ED:E7
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 019108668FFED8FEBF4FEFE1869F04A2219B
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/SfCIaWanrzt5W5MTWKMfTqMk7ec.roa
Signing time: Wed 31 Jul 2024 10:47:04 +0000
ROA not before: Wed 31 Jul 2024 10:47:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58065
IP address blocks: 5.157.6.0/24 maxlen: 24
5.157.11.0/24 maxlen: 24
5.157.19.0/24 maxlen: 24
5.157.21.0/24 maxlen: 24
5.157.23.0/24 maxlen: 24
5.157.24.0/24 maxlen: 24
5.157.26.0/24 maxlen: 24
5.157.29.0/24 maxlen: 24
5.157.32.0/24 maxlen: 24
5.157.33.0/24 maxlen: 24
5.157.34.0/24 maxlen: 24
5.157.37.0/24 maxlen: 24
5.157.43.0/24 maxlen: 24
5.157.51.0/24 maxlen: 24
5.157.53.0/24 maxlen: 24
5.157.55.0/24 maxlen: 24
23.92.115.0/24 maxlen: 24
23.92.116.0/24 maxlen: 24
23.92.126.0/24 maxlen: 24
37.72.186.0/24 maxlen: 24
104.160.16.0/24 maxlen: 24
104.160.17.0/24 maxlen: 24
107.150.64.0/24 maxlen: 24
107.150.65.0/24 maxlen: 24
107.150.67.0/24 maxlen: 24
107.150.69.0/24 maxlen: 24
107.150.70.0/24 maxlen: 24
107.150.71.0/24 maxlen: 24
107.150.88.0/24 maxlen: 24
107.150.89.0/24 maxlen: 24
107.150.90.0/24 maxlen: 24
107.150.91.0/24 maxlen: 24
130.185.153.0/24 maxlen: 24
151.237.188.0/24 maxlen: 24
162.212.168.0/24 maxlen: 24
162.212.169.0/24 maxlen: 24
162.212.170.0/24 maxlen: 24
162.212.171.0/24 maxlen: 24
162.212.172.0/24 maxlen: 24
162.212.173.0/24 maxlen: 24
162.212.174.0/24 maxlen: 24
162.212.175.0/24 maxlen: 24
2a02:5740:4::/48 maxlen: 48
2a02:5740:9::/48 maxlen: 48
2a02:5740:14::/48 maxlen: 48
2a02:5740:24::/48 maxlen: 48
2a02:5740:26::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:08:66:8f:fe:d8:fe:bf:4f:ef:e1:86:9f:04:a2:21:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Jul 31 10:47:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49f0886966a7af3b795b931358a31f4ea324ede7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4d:7b:77:ef:82:13:29:fe:04:7d:6f:c3:c3:
be:69:a7:f1:bf:b8:84:5d:00:86:92:89:96:7b:32:
b9:d5:5d:ad:7c:73:3b:22:4e:bb:4f:77:b3:23:19:
45:17:e3:b7:93:89:00:28:66:e9:07:21:98:1f:6d:
b2:a9:eb:56:4e:a1:2f:41:23:79:1e:00:33:25:a8:
81:a2:c8:dc:54:b1:97:5f:53:2d:90:8f:61:0a:bf:
95:e7:d7:ac:98:96:64:a1:88:97:e3:3f:57:45:e0:
0c:a3:ba:3c:4c:f2:0b:21:6d:fd:07:01:82:7a:5e:
ca:ba:94:db:4c:0d:ae:11:37:2a:0e:51:9b:c3:a4:
cb:d5:89:92:99:e5:1f:72:ca:09:70:94:04:1f:ea:
9b:28:88:b4:30:df:63:46:67:60:55:1d:49:0e:df:
bd:90:96:ba:b7:aa:16:bc:78:6a:6e:df:1d:98:84:
be:28:9e:eb:dc:ae:b6:09:45:e2:ce:f2:f9:67:e0:
4e:8d:72:e2:7a:25:6c:36:9b:51:22:e0:54:0c:18:
f2:bf:98:10:83:ae:88:7b:34:21:53:f5:32:c7:98:
c6:33:5a:3b:90:19:4c:ad:8d:f6:d6:72:b5:ca:bb:
23:f6:73:7c:ef:84:5a:ba:15:ce:75:74:be:07:6f:
10:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F0:88:69:66:A7:AF:3B:79:5B:93:13:58:A3:1F:4E:A3:24:ED:E7
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/SfCIaWanrzt5W5MTWKMfTqMk7ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.6.0/24
5.157.11.0/24
5.157.19.0/24
5.157.21.0/24
5.157.23.0-5.157.24.255
5.157.26.0/24
5.157.29.0/24
5.157.32.0-5.157.34.255
5.157.37.0/24
5.157.43.0/24
5.157.51.0/24
5.157.53.0/24
5.157.55.0/24
23.92.115.0-23.92.116.255
23.92.126.0/24
37.72.186.0/24
104.160.16.0/23
107.150.64.0/23
107.150.67.0/24
107.150.69.0-107.150.71.255
107.150.88.0/22
130.185.153.0/24
151.237.188.0/24
162.212.168.0/21
IPv6:
2a02:5740:4::/48
2a02:5740:9::/48
2a02:5740:14::/48
2a02:5740:24::/48
2a02:5740:26::/48
Signature Algorithm: sha256WithRSAEncryption
07:02:f4:dc:44:af:1c:fe:aa:ec:ba:78:ac:a5:1d:32:70:07:
01:1a:9a:07:3d:b6:f1:3d:d0:02:b2:13:60:81:47:4c:2b:82:
3f:36:e8:69:bb:77:36:33:55:65:31:f4:85:97:f3:06:e0:fb:
d4:29:4b:15:3b:85:ad:5d:cd:2f:5d:50:27:05:60:69:b2:3e:
65:e5:70:65:d2:c1:e6:f9:cb:85:a1:5a:ea:bb:b5:12:7a:af:
6e:bf:19:11:fd:e8:ca:2e:cd:df:6a:50:6d:8c:e0:25:64:a3:
63:16:ba:7b:2a:d3:3c:50:04:3d:14:f6:30:84:63:bb:06:0e:
95:65:ce:76:b1:b9:be:9f:76:79:0e:57:b8:b2:6d:0d:a0:8d:
65:9e:76:2a:85:f7:c2:24:1e:d8:24:c4:04:c3:2d:6b:10:40:
63:b0:f9:52:5f:c3:5a:58:e6:ea:fb:20:6d:04:fa:c2:bb:57:
49:26:a7:f4:df:4e:ab:7b:83:55:19:fa:c6:21:95:c1:41:74:
03:1e:7b:44:d1:43:7e:6f:95:a9:7f:1d:c6:ed:b0:07:b5:25:
43:e1:83:45:26:fb:d4:cc:bc:09:29:d1:cf:38:09:2f:2a:66:
9c:08:66:71:33:67:8f:2d:41:b7:a5:0e:fc:dc:19:2d:94:f6:
fd:55:1d:69
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAZEIZo/+2P6/T+/hhp8EoiGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjQwNzMxMTA0NzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWYwODg2OTY2YTdhZjNiNzk1YjkzMTM1OGEzMWY0ZWEzMjRlZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk17d++CEyn+BH1vw8O+aafxv7iE
XQCGkomWezK51V2tfHM7Ik67T3ezIxlFF+O3k4kAKGbpByGYH22yqetWTqEvQSN5
HgAzJaiBosjcVLGXX1MtkI9hCr+V59esmJZkoYiX4z9XReAMo7o8TPILIW39BwGC
el7KupTbTA2uETcqDlGbw6TL1YmSmeUfcsoJcJQEH+qbKIi0MN9jRmdgVR1JDt+9
kJa6t6oWvHhqbt8dmIS+KJ7r3K62CUXizvL5Z+BOjXLieiVsNptRIuBUDBjyv5gQ
g66IezQhU/Uyx5jGM1o7kBlMrY321nK1yrsj9nN874RauhXOdXS+B28QJwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFEnwiGlmp687eVuTE1ijH06jJO3nMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvU2ZDSWFXYW5yenQ1VzVNVFdLTWZUcU1rN2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgbcEAgABMIGwAwQA
BZ0GAwQABZ0LAwQABZ0TAwQABZ0VMAwDBAAFnRcDBAAFnRgDBAAFnRoDBAAFnR0w
DAMEBQWdIAMEAAWdIgMEAAWdJQMEAAWdKwMEAAWdMwMEAAWdNQMEAAWdNzAMAwQA
F1xzAwQAF1x0AwQAF1x+AwQAJUi6AwQBaKAQAwQBa5ZAAwQAa5ZDMAwDBABrlkUD
BANrlkADBAJrllgDBACCuZkDBACX7bwDBAOi1KgwMwQCAAIwLQMHACoCV0AABAMH
ACoCV0AACQMHACoCV0AAFAMHACoCV0AAJAMHACoCV0AAJjANBgkqhkiG9w0BAQsF
AAOCAQEABwL03ESvHP6q7Lp4rKUdMnAHARqaBz228T3QArITYIFHTCuCPzboabt3
NjNVZTH0hZfzBuD71ClLFTuFrV3NL11QJwVgabI+ZeVwZdLB5vnLhaFa6ru1Enqv
br8ZEf3oyi7N32pQbYzgJWSjYxa6eyrTPFAEPRT2MIRjuwYOlWXOdrG5vp92eQ5X
uLJtDaCNZZ52KoX3wiQe2CTEBMMtaxBAY7D5Ul/DWljm6vsgbQT6wrtXSSan9N9O
q3uDVRn6xiGVwUF0Ax57RNFDfm+VqX8dxu2wB7UlQ+GDRSb71My8CSnRzzgJLypm
nAhmcTNnjy1Bt6UO/NwZLZT2/VUdaQ==
-----END CERTIFICATE-----
Generated at Sat Nov 16 03:07:10 2024 by rpki-client on console-fra.rpki-client.org