Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/C97RilosveZLjGPmk-475NaEdJ8.roa
File: C97RilosveZLjGPmk-475NaEdJ8.roa (raw, json)
Hash identifier: EAJhB2HCiyQDXy7X7yT7jHworU7CUOmH8DLyFXW5QTw=
Subject key identifier: 0B:DE:D1:8A:5A:2C:BD:E6:4B:8C:63:E6:93:EE:3B:E4:D6:84:74:9F
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018F8AFF66873808451BD3CB57E2CAA88279
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/C97RilosveZLjGPmk-475NaEdJ8.roa
Signing time: Sat 18 May 2024 09:19:04 +0000
ROA not before: Sat 18 May 2024 09:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1239
IP address blocks: 5.182.192.0/24 maxlen: 24
31.132.52.0/24 maxlen: 24
45.67.140.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
94.154.177.0/24 maxlen: 24
94.154.180.0/23 maxlen: 23
94.154.182.0/24 maxlen: 24
147.78.205.0/24 maxlen: 24
147.78.206.0/24 maxlen: 24
162.218.90.0/24 maxlen: 24
162.218.95.0/24 maxlen: 24
185.187.212.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
185.230.122.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
212.60.15.0/24 maxlen: 24
217.197.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 11:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:8a:ff:66:87:38:08:45:1b:d3:cb:57:e2:ca:a8:82:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: May 18 09:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bded18a5a2cbde64b8c63e693ee3be4d684749f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:74:43:38:d9:e6:2a:c4:b8:1e:93:ed:ce:7c:
67:17:91:c9:24:95:bc:00:a6:3f:af:03:51:7f:15:
5c:d7:08:af:93:b7:ea:38:a6:6c:3e:34:1a:cf:e1:
be:83:fc:c4:41:d2:53:5c:28:b2:06:f3:60:4c:70:
ac:4e:20:6a:23:32:80:a1:f5:2d:15:0a:7e:9b:60:
42:d2:f1:67:a8:d5:17:1d:19:7e:87:ac:2f:5b:d2:
c2:fb:e5:28:32:06:88:bc:78:66:e4:30:ea:d5:c7:
ea:5d:16:26:c5:e4:ea:22:90:7c:58:09:e2:2b:2a:
66:28:9b:20:d4:15:d0:fc:74:c2:e0:51:aa:30:fe:
ba:09:77:10:2d:f7:46:72:e0:cb:d2:24:24:c2:d5:
75:52:14:00:90:96:cb:95:9a:e6:9d:d1:72:fe:48:
60:95:e4:08:7a:44:44:e3:91:da:2c:ed:61:d1:cf:
8e:b7:bc:b9:36:db:d8:56:ac:41:69:8a:1a:f4:18:
fa:74:37:95:a8:bc:c0:29:09:62:33:61:59:b9:ad:
51:d2:46:d7:15:eb:3d:4a:ab:d6:e1:5a:66:46:76:
d4:0c:36:7b:d4:2e:54:20:3b:13:99:08:ff:ba:46:
bf:71:62:29:23:36:a0:f0:a4:27:95:77:0c:b2:2a:
3b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DE:D1:8A:5A:2C:BD:E6:4B:8C:63:E6:93:EE:3B:E4:D6:84:74:9F
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/C97RilosveZLjGPmk-475NaEdJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.192.0/24
31.132.52.0/24
45.67.140.0/24
92.249.31.0/24
94.154.177.0/24
94.154.180.0-94.154.182.255
147.78.205.0-147.78.206.255
162.218.90.0/24
162.218.95.0/24
185.187.212.0/24
185.205.205.0/24
185.230.122.0/24
185.253.122.0/24
192.145.71.0/24
212.60.15.0/24
217.197.169.0/24
Signature Algorithm: sha256WithRSAEncryption
39:68:e8:4c:25:2e:c5:5d:e8:e8:91:e8:e3:d0:05:56:40:b2:
e3:aa:8d:2e:23:7a:32:ba:9d:8a:4a:03:f5:3a:f6:d2:21:fb:
a7:04:ae:4c:f9:ec:b7:a7:20:f4:ee:15:68:ac:5b:c0:08:fd:
d6:7c:59:83:88:ee:e8:2a:cd:8d:a1:15:13:8c:67:e4:89:a2:
60:16:80:33:15:6b:af:8a:ac:1b:4b:e0:26:52:07:e8:d7:70:
0d:87:9f:2e:5e:bd:16:5a:dc:2c:c8:27:b5:57:cb:85:3f:27:
55:37:0e:50:ec:a0:ba:fd:ef:5f:37:5b:16:d3:69:f5:c6:69:
1a:5e:61:10:fa:e8:23:68:f1:5b:5f:69:cc:49:a0:91:4e:96:
0b:f0:76:c6:5f:24:6f:bd:0f:98:b5:6a:d9:66:63:c1:72:a0:
8a:f8:5a:d0:dc:33:e1:07:8e:98:ae:ea:e9:61:61:6a:7c:fb:
27:5c:fb:25:42:e7:20:cf:01:ed:d4:fb:de:80:5d:82:0e:44:
87:ae:44:37:10:23:4b:d3:11:72:0d:cb:5d:a7:07:56:41:38:
6b:15:37:6c:a0:6c:e4:10:5d:97:13:f8:59:58:6f:fb:12:3e:
cf:be:5e:b6:0f:04:34:df:8a:6f:2b:af:43:cb:27:72:f5:84:
52:c6:29:ed
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAY+K/2aHOAhFG9PLV+LKqIJ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNTE4MDkxOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmRlZDE4YTVhMmNiZGU2NGI4YzYzZTY5M2VlM2JlNGQ2ODQ3NDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnRDONnmKsS4HpPtznxnF5HJJJW8
AKY/rwNRfxVc1wivk7fqOKZsPjQaz+G+g/zEQdJTXCiyBvNgTHCsTiBqIzKAofUt
FQp+m2BC0vFnqNUXHRl+h6wvW9LC++UoMgaIvHhm5DDq1cfqXRYmxeTqIpB8WAni
KypmKJsg1BXQ/HTC4FGqMP66CXcQLfdGcuDL0iQkwtV1UhQAkJbLlZrmndFy/khg
leQIekRE45HaLO1h0c+Ot7y5NtvYVqxBaYoa9Bj6dDeVqLzAKQliM2FZua1R0kbX
Fes9SqvW4VpmRnbUDDZ71C5UIDsTmQj/uka/cWIpIzag8KQnlXcMsio7/wIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFAve0YpaLL3mS4xj5pPuO+TWhHSfMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvQzk3Umlsb3N2ZVpMakdQbWstNDc1TmFFZEo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAAW2wAME
AB+ENAMEAC1DjAMEAFz5HwMEAF6asTAMAwQCXpq0AwQAXpq2MAwDBACTTs0DBACT
Ts4DBACi2loDBACi2l8DBAC5u9QDBAC5zc0DBAC55noDBAC5/XoDBADAkUcDBADU
PA8DBADZxakwDQYJKoZIhvcNAQELBQADggEBADlo6EwlLsVd6OiR6OPQBVZAsuOq
jS4jejK6nYpKA/U69tIh+6cErkz57LenIPTuFWisW8AI/dZ8WYOI7ugqzY2hFROM
Z+SJomAWgDMVa6+KrBtL4CZSB+jXcA2Hny5evRZa3CzIJ7VXy4U/J1U3DlDsoLr9
7183WxbTafXGaRpeYRD66CNo8VtfacxJoJFOlgvwdsZfJG+9D5i1atlmY8FyoIr4
WtDcM+EHjpiu6ulhYWp8+ydc+yVC5yDPAe3U+96AXYIORIeuRDcQI0vTEXINy12n
B1ZBOGsVN2ygbOQQXZcT+FlYb/sSPs++XrYPBDTfim8rr0PLJ3L1hFLGKe0=
-----END CERTIFICATE-----
Generated at Tue Oct 22 18:57:41 2024 by rpki-client on console-fra.rpki-client.org