Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/cOX3Ux6W3nUP963rR1NL5kceTYQ.roa
File: cOX3Ux6W3nUP963rR1NL5kceTYQ.roa (raw, json)
Hash identifier: L93xV0Jj0L31PvkEVeRvkjB14znckTj/2G/cWRjT/9Y=
Subject key identifier: 70:E5:F7:53:1E:96:DE:75:0F:F7:AD:EB:47:53:4B:E6:47:1E:4D:84
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 018F4C5AEA0F434AEDC2A70A64BC2AFB13F9
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/cOX3Ux6W3nUP963rR1NL5kceTYQ.roa
Signing time: Mon 06 May 2024 05:22:57 +0000
ROA not before: Mon 06 May 2024 05:22:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58065
IP address blocks: 5.157.6.0/24 maxlen: 24
5.157.11.0/24 maxlen: 24
5.157.19.0/24 maxlen: 24
5.157.21.0/24 maxlen: 24
5.157.23.0/24 maxlen: 24
5.157.24.0/24 maxlen: 24
5.157.26.0/24 maxlen: 24
5.157.29.0/24 maxlen: 24
5.157.32.0/24 maxlen: 24
5.157.33.0/24 maxlen: 24
5.157.34.0/24 maxlen: 24
5.157.37.0/24 maxlen: 24
5.157.43.0/24 maxlen: 24
5.157.51.0/24 maxlen: 24
5.157.53.0/24 maxlen: 24
5.157.55.0/24 maxlen: 24
23.92.115.0/24 maxlen: 24
23.92.126.0/24 maxlen: 24
37.72.186.0/24 maxlen: 24
104.160.16.0/24 maxlen: 24
104.160.17.0/24 maxlen: 24
107.150.64.0/24 maxlen: 24
107.150.65.0/24 maxlen: 24
107.150.67.0/24 maxlen: 24
107.150.69.0/24 maxlen: 24
107.150.70.0/24 maxlen: 24
107.150.71.0/24 maxlen: 24
107.150.88.0/24 maxlen: 24
107.150.89.0/24 maxlen: 24
107.150.90.0/24 maxlen: 24
107.150.91.0/24 maxlen: 24
130.185.153.0/24 maxlen: 24
151.237.188.0/24 maxlen: 24
162.212.168.0/24 maxlen: 24
162.212.169.0/24 maxlen: 24
162.212.170.0/24 maxlen: 24
162.212.171.0/24 maxlen: 24
162.212.172.0/24 maxlen: 24
162.212.173.0/24 maxlen: 24
162.212.174.0/24 maxlen: 24
162.212.175.0/24 maxlen: 24
2a02:5740:4::/48 maxlen: 48
2a02:5740:9::/48 maxlen: 48
2a02:5740:14::/48 maxlen: 48
2a02:5740:24::/48 maxlen: 48
2a02:5740:26::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 22:03:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4c:5a:ea:0f:43:4a:ed:c2:a7:0a:64:bc:2a:fb:13:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: May 6 05:22:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70e5f7531e96de750ff7adeb47534be6471e4d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:54:0a:02:78:6f:ca:83:18:92:de:eb:25:a7:
10:06:9e:67:91:15:cd:5d:c8:ef:a1:dd:7f:6b:22:
6e:24:0e:fa:ab:2b:30:e2:17:5e:15:7b:0f:b5:d7:
87:e5:31:18:60:59:ef:a3:ca:34:13:ab:c4:98:78:
04:fd:21:61:b8:4c:1f:36:78:3b:33:ac:47:9b:76:
f6:43:d8:49:ea:51:8d:00:58:12:91:a8:94:fd:20:
1f:bf:e6:29:f8:e0:12:ec:fa:24:9d:af:9a:8a:08:
ec:4a:37:31:4b:3e:e9:92:65:b0:28:a1:43:f0:61:
ba:0d:39:6e:67:94:bf:7d:bf:20:77:22:c0:6a:3d:
cb:ad:2b:56:39:22:21:0d:51:89:26:69:ff:fd:6e:
f5:b4:fe:dc:c1:cf:34:99:0d:93:1f:ce:3c:66:e6:
db:06:e1:dc:19:52:8b:12:74:4c:48:ab:c4:b9:81:
c7:f6:df:24:aa:69:c0:2f:18:a5:cd:d0:ad:ca:8b:
76:54:0e:35:42:e4:71:89:e6:50:d1:9e:d7:ca:3d:
7e:c8:63:67:1b:b5:ab:9a:27:1d:61:9d:a8:30:7f:
e1:c4:dd:ac:33:25:09:b4:a0:15:ac:b5:4d:05:4b:
9d:a9:f3:4c:99:2b:d4:41:97:ea:35:0e:6c:5c:80:
d8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E5:F7:53:1E:96:DE:75:0F:F7:AD:EB:47:53:4B:E6:47:1E:4D:84
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/cOX3Ux6W3nUP963rR1NL5kceTYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.6.0/24
5.157.11.0/24
5.157.19.0/24
5.157.21.0/24
5.157.23.0-5.157.24.255
5.157.26.0/24
5.157.29.0/24
5.157.32.0-5.157.34.255
5.157.37.0/24
5.157.43.0/24
5.157.51.0/24
5.157.53.0/24
5.157.55.0/24
23.92.115.0/24
23.92.126.0/24
37.72.186.0/24
104.160.16.0/23
107.150.64.0/23
107.150.67.0/24
107.150.69.0-107.150.71.255
107.150.88.0/22
130.185.153.0/24
151.237.188.0/24
162.212.168.0/21
IPv6:
2a02:5740:4::/48
2a02:5740:9::/48
2a02:5740:14::/48
2a02:5740:24::/48
2a02:5740:26::/48
Signature Algorithm: sha256WithRSAEncryption
1f:4d:27:2b:fc:d2:7a:c5:6d:25:cb:34:c6:38:0b:fc:c0:1e:
62:09:96:f3:46:7e:1f:98:a7:27:c2:0c:25:70:92:06:f5:33:
5f:32:cb:f4:ce:15:46:86:d4:31:e7:93:47:5c:f0:fb:24:b6:
20:6c:90:c5:e3:bb:c3:4d:78:28:00:2d:f9:2e:6d:08:a9:c6:
d4:c2:01:b2:1d:0a:4e:b8:eb:1b:6c:cd:e1:53:73:ed:86:f6:
01:0e:13:ae:56:2c:8c:4b:6b:76:4b:c9:af:f7:f1:d1:4b:32:
4f:fa:8e:28:bd:a8:a5:96:6d:4c:46:21:b5:0b:2e:46:98:c3:
5a:08:97:d7:f6:e4:2d:85:2b:fc:74:a9:ce:3f:aa:34:b2:15:
52:df:97:f3:b0:02:5a:f2:5e:38:e7:a3:26:66:3a:86:f4:e7:
77:23:7e:f6:08:be:fc:c7:3e:10:4f:3a:a7:08:12:de:e6:ff:
cb:3e:ce:24:ea:3e:27:95:eb:e1:66:ab:6d:36:4d:88:8a:d9:
69:1f:78:16:cd:d7:de:b3:d3:16:c7:e8:0c:cf:e5:28:a1:fa:
e6:b7:aa:f9:b1:99:ae:41:b9:63:53:05:c3:76:ff:6b:88:79:
7a:c6:a1:1b:13:61:50:91:f7:98:14:b4:76:70:19:4d:df:05:
7a:62:32:3b
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgISAY9MWuoPQ0rtwqcKZLwq+xP5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjQwNTA2MDUyMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGU1Zjc1MzFlOTZkZTc1MGZmN2FkZWI0NzUzNGJlNjQ3MWU0ZDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVQKAnhvyoMYkt7rJacQBp5nkRXN
Xcjvod1/ayJuJA76qysw4hdeFXsPtdeH5TEYYFnvo8o0E6vEmHgE/SFhuEwfNng7
M6xHm3b2Q9hJ6lGNAFgSkaiU/SAfv+Yp+OAS7Pokna+aigjsSjcxSz7pkmWwKKFD
8GG6DTluZ5S/fb8gdyLAaj3LrStWOSIhDVGJJmn//W71tP7cwc80mQ2TH848Zubb
BuHcGVKLEnRMSKvEuYHH9t8kqmnALxilzdCtyot2VA41QuRxieZQ0Z7Xyj1+yGNn
G7WrmicdYZ2oMH/hxN2sMyUJtKAVrLVNBUudqfNMmSvUQZfqNQ5sXIDY5QIDAQAB
o4IC5TCCAuEwHQYDVR0OBBYEFHDl91Melt51D/et60dTS+ZHHk2EMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvY09YM1V4NlczblVQOTYzclIxTkw1a2NlVFlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH6BggrBgEFBQcBBwEB/wSB6jCB5zCBrwQCAAEwgagDBAAF
nQYDBAAFnQsDBAAFnRMDBAAFnRUwDAMEAAWdFwMEAAWdGAMEAAWdGgMEAAWdHTAM
AwQFBZ0gAwQABZ0iAwQABZ0lAwQABZ0rAwQABZ0zAwQABZ01AwQABZ03AwQAF1xz
AwQAF1x+AwQAJUi6AwQBaKAQAwQBa5ZAAwQAa5ZDMAwDBABrlkUDBANrlkADBAJr
llgDBACCuZkDBACX7bwDBAOi1KgwMwQCAAIwLQMHACoCV0AABAMHACoCV0AACQMH
ACoCV0AAFAMHACoCV0AAJAMHACoCV0AAJjANBgkqhkiG9w0BAQsFAAOCAQEAH00n
K/zSesVtJcs0xjgL/MAeYgmW80Z+H5inJ8IMJXCSBvUzXzLL9M4VRobUMeeTR1zw
+yS2IGyQxeO7w014KAAt+S5tCKnG1MIBsh0KTrjrG2zN4VNz7Yb2AQ4TrlYsjEtr
dkvJr/fx0UsyT/qOKL2opZZtTEYhtQsuRpjDWgiX1/bkLYUr/HSpzj+qNLIVUt+X
87ACWvJeOOejJmY6hvTndyN+9gi+/Mc+EE86pwgS3ub/yz7OJOo+J5Xr4WarbTZN
iIrZaR94Fs3X3rPTFsfoDM/lKKH65req+bGZrkG5Y1MFw3b/a4h5esahGxNhUJH3
mBS0dnAZTd8FemIyOw==
-----END CERTIFICATE-----
Generated at Mon Jul 1 07:27:57 2024 by rpki-client on console-fra.rpki-client.org