Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/RGHJjDVUd-VW4EDGaeHlIvA1zFc.roa
File: RGHJjDVUd-VW4EDGaeHlIvA1zFc.roa (raw, json)
Hash identifier: AbiPNa3vwMZF1gg2UvarP5nb8VVTlzNY/A9OtFl38Js=
Subject key identifier: 44:61:C9:8C:35:54:77:E5:56:E0:40:C6:69:E1:E5:22:F0:35:CC:57
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 018EBC34B338D3D3792942255AFB4EBB9F44
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/RGHJjDVUd-VW4EDGaeHlIvA1zFc.roa
Signing time: Mon 08 Apr 2024 05:35:54 +0000
ROA not before: Mon 08 Apr 2024 05:35:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
31.132.0.0/21 maxlen: 21
37.9.56.0/21 maxlen: 21
77.74.192.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
78.110.160.0/21 maxlen: 21
78.110.168.0/23 maxlen: 23
78.110.170.0/24 maxlen: 24
78.110.172.0/22 maxlen: 22
78.157.192.0/21 maxlen: 21
78.157.200.0/22 maxlen: 22
78.157.204.0/24 maxlen: 24
78.157.206.0/23 maxlen: 23
78.157.208.0/20 maxlen: 20
94.229.64.0/20 maxlen: 20
178.159.0.0/20 maxlen: 20
185.17.24.0/24 maxlen: 24
185.17.26.0/24 maxlen: 24
185.17.27.0/24 maxlen: 24
185.103.96.0/22 maxlen: 22
2a01:a500::/32 maxlen: 32
2a01:a500:1::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:2566::/48 maxlen: 48
2a01:a507::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bc:34:b3:38:d3:d3:79:29:42:25:5a:fb:4e:bb:9f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Apr 8 05:35:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4461c98c355477e556e040c669e1e522f035cc57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:15:52:58:ee:bb:15:b2:d4:60:0e:ca:a6:65:
a3:5d:e9:30:e5:a5:64:cc:49:21:d0:22:d8:f0:95:
81:b9:cc:c9:43:c2:0b:6d:57:f4:58:53:68:ca:97:
28:51:a2:17:42:38:ae:4d:ba:2c:5e:ee:91:ba:f7:
4c:10:7f:e1:3b:93:b8:60:6c:d3:45:62:6a:92:b6:
d0:b3:54:db:2a:6d:f1:c7:25:c5:40:48:dd:2a:32:
90:48:aa:34:bc:dc:f4:57:11:5c:fc:8a:17:46:85:
e0:0c:43:fd:82:92:0f:c0:5e:c8:f0:7c:c2:76:5d:
3c:40:91:5a:8a:91:b8:42:83:2a:3f:0a:9c:44:5e:
9f:d2:3f:f3:78:82:d3:53:45:65:72:f8:32:18:04:
ab:50:54:26:56:4b:27:50:0f:6b:12:28:0b:5c:e6:
b8:1e:d0:d9:a8:f9:c7:e9:b2:a0:c7:d5:ab:fc:55:
27:89:15:a8:8d:6b:cd:ce:e6:64:a4:4c:55:e3:5d:
e6:08:bd:d4:ea:5e:b5:5e:b8:08:d6:6e:7b:16:6a:
46:92:8d:65:7b:12:5a:25:fa:13:d0:a4:30:38:1e:
9e:c7:bd:2e:29:17:68:0f:ce:4a:1c:0e:2d:ae:e9:
c9:2e:29:74:13:18:59:8b:36:44:9d:82:54:99:d3:
12:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:61:C9:8C:35:54:77:E5:56:E0:40:C6:69:E1:E5:22:F0:35:CC:57
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/RGHJjDVUd-VW4EDGaeHlIvA1zFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
78.110.160.0-78.110.170.255
78.110.172.0/22
78.157.192.0-78.157.204.255
78.157.206.0-78.157.223.255
94.229.64.0/20
178.159.0.0/20
185.17.24.0/24
185.17.26.0/23
185.103.96.0/22
IPv6:
2a01:a500::/32
2a01:a507::/32
Signature Algorithm: sha256WithRSAEncryption
07:b0:3f:76:7d:d3:a8:82:43:85:6d:d4:d5:33:14:07:ac:2a:
bb:7d:da:47:1b:03:3d:41:5c:01:41:73:f1:72:f0:06:a4:a8:
aa:ff:83:e2:04:6a:f3:c4:1c:b2:25:15:ec:0c:79:46:9d:07:
9a:aa:39:79:d0:f5:98:11:40:33:55:11:5f:86:ca:19:da:79:
5d:85:0c:ca:7a:87:0c:9e:2d:b8:5a:20:13:b6:b2:e0:70:ea:
a2:5c:76:5e:c9:f4:ad:18:8d:5d:f1:3e:89:95:06:74:85:90:
24:98:27:45:df:c0:f4:55:eb:a4:9e:45:cc:c3:84:a0:75:41:
7e:0a:95:1b:b7:b9:e6:aa:bd:a3:3e:35:d8:bc:ae:5d:4c:f4:
b8:ae:5c:7c:d6:3c:51:15:1d:bd:ca:82:fa:af:1a:28:27:f3:
79:80:96:6b:91:f1:c4:67:9d:ab:97:49:ac:07:14:70:42:bc:
c8:a7:d3:2e:93:44:12:93:c2:b4:89:bc:20:42:59:5a:7b:15:
a3:7c:ac:ef:96:63:72:92:43:41:7a:b2:ab:f7:61:d6:8e:b3:
68:ab:84:b1:95:1c:9e:04:5f:de:9a:e4:db:47:7e:da:88:b3:
ec:89:47:cb:8c:92:6b:1f:b7:27:ad:c5:36:99:1c:04:ba:32:
40:9a:44:17
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAY68NLM409N5KUIlWvtOu59EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjQwNDA4MDUzNTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDYxYzk4YzM1NTQ3N2U1NTZlMDQwYzY2OWUxZTUyMmYwMzVjYzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBVSWO67FbLUYA7KpmWjXekw5aVk
zEkh0CLY8JWBuczJQ8ILbVf0WFNoypcoUaIXQjiuTbosXu6RuvdMEH/hO5O4YGzT
RWJqkrbQs1TbKm3xxyXFQEjdKjKQSKo0vNz0VxFc/IoXRoXgDEP9gpIPwF7I8HzC
dl08QJFaipG4QoMqPwqcRF6f0j/zeILTU0VlcvgyGASrUFQmVksnUA9rEigLXOa4
HtDZqPnH6bKgx9Wr/FUniRWojWvNzuZkpExV413mCL3U6l61XrgI1m57FmpGko1l
exJaJfoT0KQwOB6ex70uKRdoD85KHA4trunJLil0ExhZizZEnYJUmdMSHwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFERhyYw1VHflVuBAxmnh5SLwNcxXMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvUkdISmpEVlVkLVZXNEVER2FlSGxJdkExekZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwejAMAwQD
BWWIAwQDBWWQAwQDBWWoAwQDH4QAAwQDJQk4AwQDTUrAAwQDTUt4MAwDBAVObqAD
BABObqoDBAJObqwwDAMEBk6dwAMEAE6dzDAMAwQBTp3OAwQFTp3AAwQEXuVAAwQE
sp8AAwQAuREYAwQBuREaAwQCuWdgMBQEAgACMA4DBQAqAaUAAwUAKgGlBzANBgkq
hkiG9w0BAQsFAAOCAQEAB7A/dn3TqIJDhW3U1TMUB6wqu33aRxsDPUFcAUFz8XLw
BqSoqv+D4gRq88QcsiUV7Ax5Rp0Hmqo5edD1mBFAM1URX4bKGdp5XYUMynqHDJ4t
uFogE7ay4HDqolx2Xsn0rRiNXfE+iZUGdIWQJJgnRd/A9FXrpJ5FzMOEoHVBfgqV
G7e55qq9oz412LyuXUz0uK5cfNY8URUdvcqC+q8aKCfzeYCWa5HxxGedq5dJrAcU
cEK8yKfTLpNEEpPCtIm8IEJZWnsVo3ys75ZjcpJDQXqyq/dh1o6zaKuEsZUcngRf
3prk20d+2oiz7IlHy4ySax+3J63FNpkcBLoyQJpEFw==
-----END CERTIFICATE-----
Generated at Sat May 4 16:39:06 2024 by rpki-client on console-fra.rpki-client.org