Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/kcbMP36K9zR3OAqVvtstfD6Qc1E.roa
File: kcbMP36K9zR3OAqVvtstfD6Qc1E.roa (raw, json)
Hash identifier: kKzo7D93m1wQVJ52FPItkIqrFxN6fMh/dyqt/5KaXWw=
Subject key identifier: 91:C6:CC:3F:7E:8A:F7:34:77:38:0A:95:BE:DB:2D:7C:3E:90:73:51
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 0194236915C9870534EA165651363A0F8DAB
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/kcbMP36K9zR3OAqVvtstfD6Qc1E.roa
Signing time: Wed 01 Jan 2025 19:47:56 +0000
ROA not before: Wed 01 Jan 2025 19:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46805
IP address blocks: 23.92.112.0/24 maxlen: 24
23.92.113.0/24 maxlen: 24
23.92.114.0/24 maxlen: 24
104.160.0.0/24 maxlen: 24
104.160.5.0/24 maxlen: 24
104.160.8.0/24 maxlen: 24
104.160.22.0/24 maxlen: 24
104.160.23.0/24 maxlen: 24
104.160.24.0/24 maxlen: 24
104.160.25.0/24 maxlen: 24
104.160.26.0/24 maxlen: 24
104.160.27.0/24 maxlen: 24
107.150.80.0/24 maxlen: 24
107.150.92.0/24 maxlen: 24
192.40.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:15:c9:87:05:34:ea:16:56:51:36:3a:0f:8d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Jan 1 19:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91c6cc3f7e8af73477380a95bedb2d7c3e907351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:44:95:c4:3a:53:19:d3:57:1f:c9:a9:cc:a3:
55:ae:6a:89:97:3c:2c:44:cb:4a:f0:29:3c:37:6c:
e4:cc:04:0c:e5:80:e7:e1:4d:04:cd:a2:db:41:a3:
c2:d3:8c:e0:2c:8e:07:5b:36:06:7b:27:db:78:e5:
c0:31:51:7b:4b:35:74:a8:99:9e:f4:17:d2:a0:04:
3d:62:de:00:97:18:0a:64:bf:7f:c9:6f:02:07:ec:
6c:57:81:7c:1f:28:78:59:58:ef:8d:55:e9:63:2f:
15:0c:c0:1d:63:24:97:92:da:c3:2b:93:1b:54:42:
5b:70:74:44:33:79:32:e7:17:df:f5:3e:4c:f8:43:
cd:94:97:36:4a:34:7a:81:c8:c0:63:66:24:16:d2:
3a:b0:ff:1a:be:c8:a4:0a:10:ea:ec:47:41:81:12:
66:3e:ed:d5:6d:72:a3:fd:4b:1a:96:50:9a:52:b9:
16:9b:27:dd:0f:17:5f:3e:c1:f0:29:ba:f4:23:be:
eb:ed:7f:d8:13:c4:44:c9:f8:24:b9:9b:2f:2e:8e:
1e:91:58:b7:07:ea:5e:7a:bd:b9:54:54:04:17:be:
5b:0c:99:46:1c:e1:09:d7:8b:78:27:85:3d:39:e0:
70:f8:5f:d9:96:b4:99:a2:84:9a:cf:a7:5a:90:cf:
48:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C6:CC:3F:7E:8A:F7:34:77:38:0A:95:BE:DB:2D:7C:3E:90:73:51
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/kcbMP36K9zR3OAqVvtstfD6Qc1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.92.112.0-23.92.114.255
104.160.0.0/24
104.160.5.0/24
104.160.8.0/24
104.160.22.0-104.160.27.255
107.150.80.0/24
107.150.92.0/24
192.40.95.0/24
Signature Algorithm: sha256WithRSAEncryption
53:5f:cd:89:52:45:96:99:6e:77:f7:72:69:ed:c0:fa:f4:d1:
b8:26:39:29:a9:d2:14:ac:0e:01:fc:80:bb:61:0c:53:52:bc:
0f:18:df:25:dd:49:bf:e3:6f:86:d9:6b:4f:d0:50:81:a5:b5:
3e:1e:24:2c:3c:46:a2:74:da:90:07:6a:f9:32:fd:31:74:53:
32:7e:d6:07:1b:40:f9:c0:38:04:46:a6:23:70:7a:fe:87:2b:
91:81:51:08:29:e5:0d:f3:b5:d0:de:c1:8f:5d:56:c5:d5:30:
e3:8f:8a:bd:1d:e9:cf:bf:3b:a6:f5:79:ca:bb:e6:a0:81:ac:
69:a8:22:63:0f:c5:13:25:2a:5f:46:db:ee:f4:6f:3f:30:27:
7d:60:b0:7a:ca:37:19:ba:92:34:82:18:1f:bc:8d:34:15:8a:
4a:18:51:de:ee:c6:20:19:ce:a4:c7:60:ed:01:65:68:aa:f6:
3f:84:dd:6e:0d:b4:bb:a6:a3:b0:ec:5c:6e:39:8e:53:40:5b:
4d:83:c1:f6:7c:31:ce:cd:1c:d5:a4:df:8f:78:59:39:3d:d7:
a8:6a:62:c9:f2:ff:e2:92:87:52:3e:10:ae:4c:01:76:18:a3:
ca:a0:56:b5:68:af:f4:5a:c3:00:7a:ac:3e:95:6b:2e:85:1d:
b4:52:6d:2c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQjaRXJhwU06hZWUTY6D42rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwMTAxMTk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWM2Y2MzZjdlOGFmNzM0NzczODBhOTViZWRiMmQ3YzNlOTA3MzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkSVxDpTGdNXH8mpzKNVrmqJlzws
RMtK8Ck8N2zkzAQM5YDn4U0EzaLbQaPC04zgLI4HWzYGeyfbeOXAMVF7SzV0qJme
9BfSoAQ9Yt4AlxgKZL9/yW8CB+xsV4F8Hyh4WVjvjVXpYy8VDMAdYySXktrDK5Mb
VEJbcHREM3ky5xff9T5M+EPNlJc2SjR6gcjAY2YkFtI6sP8avsikChDq7EdBgRJm
Pu3VbXKj/UsallCaUrkWmyfdDxdfPsHwKbr0I77r7X/YE8REyfgkuZsvLo4ekVi3
B+peer25VFQEF75bDJlGHOEJ14t4J4U9OeBw+F/ZlrSZooSaz6dakM9IOwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJHGzD9+ivc0dzgKlb7bLXw+kHNRMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEva2NiTVAzNks5elIzT0FxVnZ0c3RmRDZRYzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAQXXHAD
BAAXXHIDBABooAADBABooAUDBABooAgwDAMEAWigFgMEAmigGAMEAGuWUAMEAGuW
XAMEAMAoXzANBgkqhkiG9w0BAQsFAAOCAQEAU1/NiVJFlplud/dyae3A+vTRuCY5
KanSFKwOAfyAu2EMU1K8DxjfJd1Jv+NvhtlrT9BQgaW1Ph4kLDxGonTakAdq+TL9
MXRTMn7WBxtA+cA4BEamI3B6/ocrkYFRCCnlDfO10N7Bj11WxdUw44+KvR3pz787
pvV5yrvmoIGsaagiYw/FEyUqX0bb7vRvPzAnfWCweso3GbqSNIIYH7yNNBWKShhR
3u7GIBnOpMdg7QFlaKr2P4Tdbg20u6ajsOxcbjmOU0BbTYPB9nwxzs0c1aTfj3hZ
OT3XqGpiyfL/4pKHUj4QrkwBdhijyqBWtWiv9FrDAHqsPpVrLoUdtFJtLA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:18 2025 by rpki-client