Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/zIPpHzcEX6aLElkpG3bukogxPRk.roa
File: zIPpHzcEX6aLElkpG3bukogxPRk.roa (raw, json)
Hash identifier: IoLxLBlIYESQiLp4d0nB7BX1oDltA66oqiBV/YcuNwc=
Subject key identifier: CC:83:E9:1F:37:04:5F:A6:8B:12:59:29:1B:76:EE:92:88:31:3D:19
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 0191073959CDE4AA5E76456DAEFCF5BDB052
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/zIPpHzcEX6aLElkpG3bukogxPRk.roa
Signing time: Wed 31 Jul 2024 05:18:04 +0000
ROA not before: Wed 31 Jul 2024 05:18:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60485
IP address blocks: 5.157.38.0/24 maxlen: 24
5.157.57.0/24 maxlen: 24
37.72.187.0/24 maxlen: 24
37.203.209.0/24 maxlen: 24
91.108.183.0/24 maxlen: 24
176.61.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 16:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:07:39:59:cd:e4:aa:5e:76:45:6d:ae:fc:f5:bd:b0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Jul 31 05:18:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc83e91f37045fa68b1259291b76ee9288313d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bb:75:87:20:46:31:ca:66:71:fc:01:55:45:
55:95:87:bb:72:d7:9e:37:ee:0e:d6:b8:af:8a:b7:
b3:b9:1a:09:3f:48:31:23:13:3b:01:a3:8e:83:b9:
15:82:7e:39:a9:ec:3c:b5:6f:9f:8a:b2:3b:ca:00:
4c:5e:6d:34:3e:53:bb:99:31:b4:1d:17:ee:db:a9:
13:94:ed:9a:36:5f:9f:09:5e:39:32:ac:21:d2:42:
15:82:53:d2:15:02:be:d9:e0:1b:7c:fe:c2:bc:44:
ba:8d:06:af:9b:74:ec:54:06:cc:11:ac:ef:2e:73:
0f:16:13:f8:94:cb:f0:4e:69:3b:1c:18:1a:d1:6a:
9a:24:12:6e:bc:0f:87:2e:72:c9:c5:f9:45:d5:b8:
d7:f8:36:8c:a6:0d:0d:0c:1a:a5:b6:10:c0:f9:21:
30:14:53:31:94:65:c4:93:d6:25:4e:9e:13:24:63:
17:f7:05:59:0c:34:47:5b:43:78:2a:71:26:81:75:
c5:02:0f:15:43:be:85:77:ad:d8:b2:86:1f:60:6d:
be:e8:77:ef:fe:f9:eb:75:3c:08:f4:ac:70:32:82:
7f:44:38:0c:d1:3b:fb:f9:80:4d:a5:f0:b0:57:49:
af:f0:b7:3f:e7:2c:ff:1d:ad:b4:07:5c:ab:d2:e7:
52:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:83:E9:1F:37:04:5F:A6:8B:12:59:29:1B:76:EE:92:88:31:3D:19
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/zIPpHzcEX6aLElkpG3bukogxPRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.38.0/24
5.157.57.0/24
37.72.187.0/24
37.203.209.0/24
91.108.183.0/24
176.61.141.0/24
Signature Algorithm: sha256WithRSAEncryption
68:1e:06:cd:2a:f3:20:4c:38:bb:49:3f:8e:c3:d7:ce:64:97:
10:c6:15:09:26:d4:53:38:b6:21:c5:a1:79:73:23:95:3b:7b:
7a:ab:16:a9:5d:8a:ab:b0:9c:f0:56:54:f6:34:8b:b2:4a:cc:
e9:34:ed:5b:5e:4d:09:f0:ba:e9:fe:73:2a:ab:06:39:a9:1c:
6e:ff:e8:c9:26:65:de:67:39:91:c1:aa:cf:e0:7f:86:41:a4:
0f:7a:82:0b:3e:d0:08:4d:0b:db:d7:96:0a:57:a9:55:ac:a0:
9f:49:ee:3c:b9:ab:46:6b:7f:06:6d:ce:7a:10:f2:b3:0f:e3:
7e:ee:6b:1b:40:7f:7d:ea:5e:77:fb:f6:0a:00:40:23:b6:c4:
7a:9c:1d:28:0d:97:25:b5:7c:4e:05:84:04:28:9a:dc:77:ee:
bf:41:cc:0c:64:9a:e0:a3:e7:78:b9:e4:2f:c9:bc:37:28:d1:
14:cb:bf:17:ab:af:bf:68:b3:6d:25:27:14:0b:c0:38:b9:3e:
7d:3f:de:e0:be:46:08:15:c7:3f:e0:c2:f5:b5:59:46:bb:62:
4b:ed:8f:4c:11:4d:23:e2:50:05:d2:d6:91:5b:12:df:77:97:
f5:6c:17:e4:77:67:7c:14:c0:31:64:d5:cb:a9:fb:35:4a:f9:
77:5a:52:20
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZEHOVnN5KpedkVtrvz1vbBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjQwNzMxMDUxODA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzgzZTkxZjM3MDQ1ZmE2OGIxMjU5MjkxYjc2ZWU5Mjg4MzEzZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7t1hyBGMcpmcfwBVUVVlYe7ctee
N+4O1rivirezuRoJP0gxIxM7AaOOg7kVgn45qew8tW+firI7ygBMXm00PlO7mTG0
HRfu26kTlO2aNl+fCV45Mqwh0kIVglPSFQK+2eAbfP7CvES6jQavm3TsVAbMEazv
LnMPFhP4lMvwTmk7HBga0WqaJBJuvA+HLnLJxflF1bjX+DaMpg0NDBqlthDA+SEw
FFMxlGXEk9YlTp4TJGMX9wVZDDRHW0N4KnEmgXXFAg8VQ76Fd63YsoYfYG2+6Hfv
/vnrdTwI9KxwMoJ/RDgM0Tv7+YBNpfCwV0mv8Lc/5yz/Ha20B1yr0udS3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMyD6R83BF+mixJZKRt27pKIMT0ZMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEveklQcEh6Y0VYNmFMRWxrcEczYnVrb2d4UFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABZ0mAwQA
BZ05AwQAJUi7AwQAJcvRAwQAW2y3AwQAsD2NMA0GCSqGSIb3DQEBCwUAA4IBAQBo
HgbNKvMgTDi7ST+Ow9fOZJcQxhUJJtRTOLYhxaF5cyOVO3t6qxapXYqrsJzwVlT2
NIuySszpNO1bXk0J8Lrp/nMqqwY5qRxu/+jJJmXeZzmRwarP4H+GQaQPeoILPtAI
TQvb15YKV6lVrKCfSe48uatGa38Gbc56EPKzD+N+7msbQH996l53+/YKAEAjtsR6
nB0oDZcltXxOBYQEKJrcd+6/QcwMZJrgo+d4ueQvybw3KNEUy78Xq6+/aLNtJScU
C8A4uT59P97gvkYIFcc/4ML1tVlGu2JL7Y9MEU0j4lAF0taRWxLfd5f1bBfkd2d8
FMAxZNXLqfs1Svl3WlIg
-----END CERTIFICATE-----
Generated at Fri Nov 15 18:49:51 2024 by rpki-client on console-ams.rpki-client.org