Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/Kg5gAKst3lA3kQXHyayGjsBCNvo.roa
File: Kg5gAKst3lA3kQXHyayGjsBCNvo.roa (raw, json)
Hash identifier: i8AVKGYxcnmFc9cNf22CdEFyvJjuI6bQyVzxPUY6SVM=
Subject key identifier: 2A:0E:60:00:AB:2D:DE:50:37:91:05:C7:C9:AC:86:8E:C0:42:36:FA
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018CCA29CF5C33FCD5CA1D5F904074FCCE44
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/Kg5gAKst3lA3kQXHyayGjsBCNvo.roa
Signing time: Tue 02 Jan 2024 12:33:06 +0000
ROA not before: Tue 02 Jan 2024 12:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 185.95.102.0/23 maxlen: 24
185.95.101.0/24 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/24 maxlen: 24
185.81.187.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
185.97.1.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
185.68.184.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.181.168.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
83.171.226.0/24 maxlen: 24
83.171.224.0/24 maxlen: 24
83.171.227.0/24 maxlen: 24
185.96.38.0/24 maxlen: 24
185.89.104.0/23 maxlen: 24
185.89.108.0/22 maxlen: 24
141.98.87.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
185.88.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 02:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:cf:5c:33:fc:d5:ca:1d:5f:90:40:74:fc:ce:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 2 12:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a0e6000ab2dde50379105c7c9ac868ec04236fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6c:ec:af:17:ca:29:65:b8:8f:24:b2:8f:87:
32:c8:ab:ae:07:b4:2c:bc:52:bb:6c:90:6c:d4:32:
98:3c:e6:b1:f2:ef:96:45:8d:62:60:86:58:37:74:
7a:5f:06:a0:ac:6c:62:14:2b:0c:d4:8c:cd:f7:78:
b9:ed:47:0f:8b:d7:bb:cc:bc:a3:f9:9e:79:2f:3a:
7a:c9:7f:90:88:24:09:34:8c:7b:c7:53:ed:23:97:
70:ca:d5:c9:19:a5:e9:be:58:41:ba:56:95:2c:6a:
bc:c9:3d:39:7c:a3:ad:51:e0:0c:88:d0:84:6e:a7:
55:e0:22:6b:26:c5:18:83:ec:00:cd:0e:06:ff:01:
ea:2e:b2:80:9e:3a:ee:1b:55:a9:6e:3e:6b:ee:93:
7a:34:ac:73:2b:30:59:30:c6:a1:cf:4a:ea:e3:a0:
ca:e0:9c:95:3e:47:8f:86:7d:37:82:e6:a1:9b:83:
36:38:2b:fb:84:ca:dd:53:30:76:e8:fc:05:36:b9:
3e:5f:b3:82:6f:9f:43:ce:a6:9a:17:87:a6:76:45:
a4:b9:fe:38:a5:d9:14:0d:6c:ca:c7:51:28:3e:dd:
72:b6:ce:73:e5:74:0c:fa:a8:82:91:9b:7c:63:c1:
d1:89:f5:8f:8a:46:46:67:44:2b:de:e8:a8:3b:7d:
0b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:0E:60:00:AB:2D:DE:50:37:91:05:C7:C9:AC:86:8E:C0:42:36:FA
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/Kg5gAKst3lA3kQXHyayGjsBCNvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
83.171.224.0/24
83.171.226.0/23
141.98.87.0/24
185.68.184.0/24
185.68.246.0/23
185.81.174.0/24
185.81.184.0/24
185.81.187.0/24
185.88.36.0/24
185.89.42.0/23
185.89.104.0/23
185.89.108.0/22
185.95.101.0-185.95.103.255
185.96.38.0/24
185.97.1.0/24
185.97.3.0/24
194.104.10.0/24
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
69:e7:56:63:96:de:88:a2:48:3e:94:c6:38:2f:3f:ac:92:7d:
28:67:89:2b:fe:58:10:d2:96:75:30:62:e5:d4:0c:ec:4c:01:
2a:b3:ad:db:fe:77:d5:44:84:d6:55:6c:37:dc:01:74:1d:b4:
38:16:c3:95:67:c7:25:57:ea:ac:35:c2:ad:71:d2:bf:22:dc:
8c:f8:ef:eb:7a:5f:a1:a9:c5:f5:27:06:77:54:0e:80:6f:be:
59:db:4b:86:88:24:7a:de:a9:7c:31:60:dc:56:ed:2f:bb:da:
d6:57:bb:de:c2:c9:1a:6b:f9:c8:78:56:bb:20:23:4a:3a:0f:
ed:61:4e:7b:45:bc:40:83:75:3c:ad:59:0b:cd:c4:a2:96:81:
17:65:c1:d8:2a:42:1a:7e:f5:12:20:6e:b5:55:1a:ca:30:2c:
74:24:0f:41:a6:2c:63:93:48:30:cf:13:38:65:08:75:0e:fa:
20:66:5d:4b:ea:cc:08:9b:c7:eb:2b:6b:bd:b4:65:e5:a4:28:
18:98:50:dd:1b:1c:72:54:48:4f:84:f7:35:03:eb:9b:67:f0:
3f:0a:6d:35:a8:94:ba:9b:95:e9:90:79:fb:66:51:c4:2d:7a:
6c:ed:fd:7e:b3:61:66:30:e0:f4:a9:09:05:cd:c4:5e:40:6c:
66:d2:18:ae
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYzKKc9cM/zVyh1fkEB0/M5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwMTAyMTIzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTBlNjAwMGFiMmRkZTUwMzc5MTA1YzdjOWFjODY4ZWMwNDIzNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWzsrxfKKWW4jySyj4cyyKuuB7Qs
vFK7bJBs1DKYPOax8u+WRY1iYIZYN3R6XwagrGxiFCsM1IzN93i57UcPi9e7zLyj
+Z55Lzp6yX+QiCQJNIx7x1PtI5dwytXJGaXpvlhBulaVLGq8yT05fKOtUeAMiNCE
bqdV4CJrJsUYg+wAzQ4G/wHqLrKAnjruG1Wpbj5r7pN6NKxzKzBZMMahz0rq46DK
4JyVPkePhn03guahm4M2OCv7hMrdUzB26PwFNrk+X7OCb59DzqaaF4emdkWkuf44
pdkUDWzKx1EoPt1yts5z5XQM+qiCkZt8Y8HRifWPikZGZ0Qr3uioO30LMQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFCoOYACrLd5QN5EFx8msho7AQjb6MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvS2c1Z0FLc3QzbEEza1FYSHlheUdqc0JDTnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAEF
tagDBAAFt/8DBABTq+ADBAFTq+IDBACNYlcDBAC5RLgDBAG5RPYDBAC5Ua4DBAC5
UbgDBAC5UbsDBAC5WCQDBAG5WSoDBAG5WWgDBAK5WWwwDAMEALlfZQMEA7lfYAME
ALlgJgMEALlhAQMEALlhAwMEAMJoCgMEANXoeAMEANXoejANBgkqhkiG9w0BAQsF
AAOCAQEAaedWY5beiKJIPpTGOC8/rJJ9KGeJK/5YENKWdTBi5dQM7EwBKrOt2/53
1USE1lVsN9wBdB20OBbDlWfHJVfqrDXCrXHSvyLcjPjv63pfoanF9ScGd1QOgG++
WdtLhogket6pfDFg3FbtL7va1le73sLJGmv5yHhWuyAjSjoP7WFOe0W8QIN1PK1Z
C83EopaBF2XB2CpCGn71EiButVUayjAsdCQPQaYsY5NIMM8TOGUIdQ76IGZdS+rM
CJvH6ytrvbRl5aQoGJhQ3RscclRIT4T3NQPrm2fwPwptNaiUupuV6ZB5+2ZRxC16
bO39frNhZjDg9KkJBc3EXkBsZtIYrg==
-----END CERTIFICATE-----
Generated at Sat Apr 27 11:09:56 2024 by rpki-client on console-ams.rpki-client.org