Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/CwqBrRz-50amkrfRz4hWAo630tw.roa
File: CwqBrRz-50amkrfRz4hWAo630tw.roa (raw, json)
Hash identifier: eBGprO0thuWZly2K4h3SRyNtLFQSc/g3o29mSUBUkMg=
Subject key identifier: 0B:0A:81:AD:1C:FE:E7:46:A6:92:B7:D1:CF:88:56:02:8E:B7:D2:DC
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018EED8CB758592755D698CF20F9F508BE5E
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/CwqBrRz-50amkrfRz4hWAo630tw.roa
Signing time: Wed 17 Apr 2024 19:33:25 +0000
ROA not before: Wed 17 Apr 2024 19:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 5.182.184.0/24 maxlen: 24
45.67.146.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
79.98.182.0/24 maxlen: 24
162.218.88.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
162.218.91.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.52.137.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.171.126.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.201.40.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ed:8c:b7:58:59:27:55:d6:98:cf:20:f9:f5:08:be:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Apr 17 19:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b0a81ad1cfee746a692b7d1cf8856028eb7d2dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:91:6f:82:65:a4:19:6f:a2:82:8a:ac:23:ab:
7f:42:d4:00:6e:63:b0:06:7c:a3:26:b7:f6:f8:32:
e6:b6:bf:b4:78:da:25:51:17:d2:87:14:6c:23:a6:
ae:ea:e1:38:2b:da:5b:83:71:18:48:53:d5:78:f0:
b6:46:c8:76:b8:af:74:33:9d:67:cb:97:3c:aa:85:
2c:9f:50:8f:a4:11:6c:05:2c:ed:a6:cf:59:a3:81:
9d:d7:fd:38:61:05:91:99:54:d0:d7:87:ad:96:ca:
ef:52:95:a2:3b:12:d0:4c:b5:5b:a8:00:68:a3:3e:
5d:02:6a:5e:d7:2c:d1:16:04:80:17:e3:8d:0f:df:
40:ba:3e:19:f4:c8:a6:31:95:b7:61:63:e0:11:35:
35:7a:b5:8d:99:32:23:d7:ce:a9:06:23:44:01:0e:
96:ad:da:b6:bd:85:a9:ad:d6:f3:11:88:a2:78:d9:
fd:b7:42:90:01:dd:b3:e7:b4:25:a2:9d:8a:79:47:
62:12:66:d6:24:87:1b:e2:f4:04:b6:51:56:6b:d2:
11:74:35:6a:e0:9f:cf:3b:9b:a9:d5:39:9f:d0:22:
58:ad:1c:fb:13:0f:48:8c:35:23:8c:34:42:e5:6a:
4b:bb:07:dc:d1:fd:c8:69:6a:f4:13:b3:50:4f:94:
50:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0A:81:AD:1C:FE:E7:46:A6:92:B7:D1:CF:88:56:02:8E:B7:D2:DC
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/CwqBrRz-50amkrfRz4hWAo630tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
45.67.146.0/24
78.31.206.0/24
79.98.182.0/24
162.218.88.0/23
162.218.91.0/24
162.218.93.0/24
185.52.136.0/23
185.52.139.0/24
185.161.191.0/24
185.171.126.0/24
185.187.214.0/23
185.201.40.0/24
185.205.206.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
Signature Algorithm: sha256WithRSAEncryption
48:c2:f8:4e:08:41:8d:53:ce:1b:14:92:7a:8f:0b:6b:75:3e:
3c:aa:78:02:10:ce:6d:f5:97:ba:e3:39:de:a9:d7:26:fd:f8:
5b:e6:bd:73:af:20:06:9a:a2:2f:85:18:c6:b5:20:e5:12:1a:
6c:33:c9:cf:72:ef:4c:97:a0:84:44:2b:a1:6c:9b:ef:01:35:
46:54:3d:44:9b:fb:e3:c4:4e:c6:77:30:8d:ec:bc:a0:ee:f7:
0e:39:83:8b:e2:5a:1a:2f:8c:c0:60:53:af:00:b2:15:76:9d:
39:b6:29:e3:2a:8f:b9:04:62:98:e5:c1:12:16:4c:c3:59:78:
3b:fd:86:97:8c:07:cb:a9:3f:4b:ad:4c:e9:e7:ec:02:0e:3c:
2b:30:1d:fc:cb:4f:85:3f:ff:cc:d5:33:8b:10:3d:c1:4d:f0:
fd:7c:e6:f6:21:62:af:24:d3:16:df:c6:9a:58:f2:ed:04:d3:
16:9b:98:cd:b0:72:76:72:e1:05:f4:03:72:1a:0e:70:a7:7a:
a7:af:4b:a2:56:49:f7:be:ce:d2:c8:d6:4b:1e:71:35:18:78:
ab:d3:87:73:a6:cc:db:dd:78:51:ea:9e:2d:1d:7e:c2:f3:5b:
8e:b1:f0:6d:d4:c9:cb:fb:60:f2:b0:7f:1d:ff:c5:8b:1d:cd:
ca:53:d3:bb
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAY7tjLdYWSdV1pjPIPn1CL5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNDE3MTkzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjBhODFhZDFjZmVlNzQ2YTY5MmI3ZDFjZjg4NTYwMjhlYjdkMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpFvgmWkGW+igoqsI6t/QtQAbmOw
BnyjJrf2+DLmtr+0eNolURfShxRsI6au6uE4K9pbg3EYSFPVePC2Rsh2uK90M51n
y5c8qoUsn1CPpBFsBSztps9Zo4Gd1/04YQWRmVTQ14etlsrvUpWiOxLQTLVbqABo
oz5dAmpe1yzRFgSAF+OND99Auj4Z9MimMZW3YWPgETU1erWNmTIj186pBiNEAQ6W
rdq2vYWprdbzEYiieNn9t0KQAd2z57Qlop2KeUdiEmbWJIcb4vQEtlFWa9IRdDVq
4J/PO5up1Tmf0CJYrRz7Ew9IjDUjjDRC5WpLuwfc0f3IaWr0E7NQT5RQdwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFAsKga0c/udGppK30c+IVgKOt9LcMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvQ3dxQnJSei01MGFta3JmUno0aFdBbzYzMHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAAW2uAME
AC1DkgMEAE4fzgMEAE9itgMEAaLaWAMEAKLaWwMEAKLaXQMEAbk0iAMEALk0iwME
ALmhvwMEALmrfgMEAbm71gMEALnJKAMEALnNzjAMAwQDudCYAwQAudCaAwQAueZ5
MA0GCSqGSIb3DQEBCwUAA4IBAQBIwvhOCEGNU84bFJJ6jwtrdT48qngCEM5t9Ze6
4zneqdcm/fhb5r1zryAGmqIvhRjGtSDlEhpsM8nPcu9Ml6CERCuhbJvvATVGVD1E
m/vjxE7GdzCN7Lyg7vcOOYOL4loaL4zAYFOvALIVdp05tinjKo+5BGKY5cESFkzD
WXg7/YaXjAfLqT9LrUzp5+wCDjwrMB38y0+FP//M1TOLED3BTfD9fOb2IWKvJNMW
38aaWPLtBNMWm5jNsHJ2cuEF9ANyGg5wp3qnr0uiVkn3vs7SyNZLHnE1GHir04dz
pszb3XhR6p4tHX7C81uOsfBt1MnL+2DysH8d/8WLHc3KU9O7
-----END CERTIFICATE-----
Generated at Sun May 19 22:15:30 2024 by rpki-client on console-fra.rpki-client.org