Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/CMz9uszGcnRXXfL_zNz4y4878Eg.roa
File: CMz9uszGcnRXXfL_zNz4y4878Eg.roa (raw, json)
Hash identifier: MMq2WsjpyKfulbUULcyXvX/KsSL6kTKO31dV3NqsS3M=
Subject key identifier: 08:CC:FD:BA:CC:C6:72:74:57:5D:F2:FF:CC:DC:F8:CB:8F:3B:F0:48
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 018CC87045DEFBCA5B6B766D0D76158F6CC2
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/CMz9uszGcnRXXfL_zNz4y4878Eg.roa
Signing time: Tue 02 Jan 2024 04:30:50 +0000
ROA not before: Tue 02 Jan 2024 04:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 157.167.226.0/24 maxlen: 24
157.167.225.0/24 maxlen: 24
157.167.224.0/24 maxlen: 24
157.167.228.0/24 maxlen: 24
157.167.227.0/24 maxlen: 24
157.167.232.0/24 maxlen: 24
157.167.231.0/24 maxlen: 24
157.167.230.0/24 maxlen: 24
157.167.229.0/24 maxlen: 24
157.167.233.0/24 maxlen: 24
157.167.240.0/24 maxlen: 24
157.167.235.0/24 maxlen: 24
157.167.234.0/24 maxlen: 24
157.167.239.0/24 maxlen: 24
157.167.238.0/24 maxlen: 24
157.167.237.0/24 maxlen: 24
157.167.236.0/24 maxlen: 24
157.167.152.0/24 maxlen: 24
157.167.156.0/24 maxlen: 24
157.167.155.0/24 maxlen: 24
157.167.153.0/24 maxlen: 24
157.167.184.0/21 maxlen: 21
157.167.136.0/21 maxlen: 21
157.167.134.0/24 maxlen: 24
157.167.135.0/24 maxlen: 24
157.167.144.0/21 maxlen: 21
85.115.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:03:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:45:de:fb:ca:5b:6b:76:6d:0d:76:15:8f:6c:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Jan 2 04:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08ccfdbaccc67274575df2ffccdcf8cb8f3bf048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:34:aa:14:ee:45:8e:65:fa:92:32:b0:a2:65:
5f:f0:ba:67:cb:a4:f8:29:d2:b2:4b:86:f5:bf:2e:
7f:f8:4d:06:f8:71:65:3e:7b:fe:6b:4d:46:60:70:
2d:87:40:e2:dc:d3:bd:84:70:9a:98:79:e9:17:64:
c8:3c:f7:15:b8:36:ce:7c:b2:b5:10:89:4c:2b:8f:
88:90:be:dc:77:ac:21:c6:8d:cc:a2:c9:13:28:ac:
2d:26:b1:37:23:fe:36:79:83:c9:6c:0e:16:13:83:
9d:3a:9e:71:ef:8f:0c:19:95:1b:19:4f:36:a1:9f:
82:c0:94:fd:3f:6c:d8:cf:5c:e7:4d:0c:8f:8f:40:
58:1a:7f:2b:4d:c6:52:9f:7f:7e:f1:eb:bf:b8:ab:
48:a0:11:30:f6:b1:c2:0a:3b:e8:4a:cf:c5:96:ef:
7c:a1:5a:cd:d8:5b:cf:f1:0a:b8:24:d1:04:4c:2f:
9f:9e:47:60:2c:8d:9b:08:6f:b9:61:af:5a:d3:94:
43:71:ed:37:3d:7a:88:8c:9c:2d:5f:15:e2:cf:e8:
a9:b7:18:39:de:05:9a:3b:6c:0a:45:b8:45:10:85:
57:a9:db:c0:b1:70:8d:ca:e8:9c:a4:d3:32:5d:38:
bd:c3:c1:19:2f:94:bc:1f:58:b2:ce:00:fd:ed:3d:
c3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CC:FD:BA:CC:C6:72:74:57:5D:F2:FF:CC:DC:F8:CB:8F:3B:F0:48
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/CMz9uszGcnRXXfL_zNz4y4878Eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.38.0/24
157.167.134.0-157.167.153.255
157.167.155.0-157.167.156.255
157.167.184.0/21
157.167.224.0-157.167.240.255
Signature Algorithm: sha256WithRSAEncryption
97:73:47:68:9f:74:eb:9e:08:05:ca:9c:8b:af:c0:70:8d:31:
79:2a:51:f2:32:52:9e:f9:4c:f5:a1:3c:5a:17:e7:93:16:15:
8e:c0:2d:4e:f2:d7:db:ae:4d:c6:11:bb:d1:86:68:4c:33:48:
82:11:32:10:f7:62:2f:25:49:e9:54:a9:9f:d1:35:31:cb:d6:
be:e9:6f:1b:85:21:c6:de:7f:9a:fe:04:ff:f5:90:dc:ef:14:
6b:3b:52:04:dc:e4:03:7f:e9:c6:77:71:9d:44:3c:4c:bd:d7:
be:96:c3:3b:78:38:fa:b7:62:f8:be:50:f8:03:3e:ac:a0:c8:
90:cc:9d:31:5a:0a:93:4f:3e:44:71:c9:3d:40:34:3e:b2:f9:
01:1c:27:36:77:82:39:4a:fc:7a:a5:78:e8:ec:8d:5c:d3:38:
dd:69:ac:9c:39:7d:24:82:68:a4:47:7d:4c:87:18:e4:05:33:
e8:6c:6b:d3:91:40:ba:03:4a:ff:61:2a:16:56:de:ab:43:b9:
37:60:70:8b:96:e1:1a:bb:37:bb:ae:73:15:c0:92:90:cc:23:
60:66:ac:de:b6:9c:9f:7b:f7:3f:74:19:3a:a5:62:82:91:0a:
43:80:64:00:54:e8:a4:5e:76:ba:b4:b1:a3:d8:9d:40:23:07:
c1:8e:ad:43
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzIcEXe+8pba3ZtDXYVj2zCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjQwMTAyMDQzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGNjZmRiYWNjYzY3Mjc0NTc1ZGYyZmZjY2RjZjhjYjhmM2JmMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTSqFO5FjmX6kjKwomVf8Lpny6T4
KdKyS4b1vy5/+E0G+HFlPnv+a01GYHAth0Di3NO9hHCamHnpF2TIPPcVuDbOfLK1
EIlMK4+IkL7cd6whxo3MoskTKKwtJrE3I/42eYPJbA4WE4OdOp5x748MGZUbGU82
oZ+CwJT9P2zYz1znTQyPj0BYGn8rTcZSn39+8eu/uKtIoBEw9rHCCjvoSs/Flu98
oVrN2FvP8Qq4JNEETC+fnkdgLI2bCG+5Ya9a05RDce03PXqIjJwtXxXiz+iptxg5
3gWaO2wKRbhFEIVXqdvAsXCNyuicpNMyXTi9w8EZL5S8H1iyzgD97T3DHwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAjM/brMxnJ0V13y/8zc+MuPO/BIMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEvQ016OXVzekdjblJYWGZMX3pOejR5NDg3OEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVXMmMAwD
BAGdp4YDBAGdp5gwDAMEAJ2nmwMEAJ2nnAMEA52nuDAMAwQFnafgAwQAnafwMA0G
CSqGSIb3DQEBCwUAA4IBAQCXc0don3TrnggFypyLr8BwjTF5KlHyMlKe+Uz1oTxa
F+eTFhWOwC1O8tfbrk3GEbvRhmhMM0iCETIQ92IvJUnpVKmf0TUxy9a+6W8bhSHG
3n+a/gT/9ZDc7xRrO1IE3OQDf+nGd3GdRDxMvde+lsM7eDj6t2L4vlD4Az6soMiQ
zJ0xWgqTTz5Ecck9QDQ+svkBHCc2d4I5Svx6pXjo7I1c0zjdaaycOX0kgmikR31M
hxjkBTPobGvTkUC6A0r/YSoWVt6rQ7k3YHCLluEauze7rnMVwJKQzCNgZqzetpyf
e/c/dBk6pWKCkQpDgGQAVOikXna6tLGj2J1AIwfBjq1D
-----END CERTIFICATE-----
Generated at Thu May 2 18:41:28 2024 by rpki-client on console-fra.rpki-client.org