Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/J9JFcTug4aDbEAaCh_WNoXIc_mk.roa
File: J9JFcTug4aDbEAaCh_WNoXIc_mk.roa (raw, json)
Hash identifier: VXNdRLCMnNLcYGgo+Bmet9LQMcm6lKgrD8I4GWqkDwQ=
Subject key identifier: 27:D2:45:71:3B:A0:E1:A0:DB:10:06:82:87:F5:8D:A1:72:1C:FE:69
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018EA773C254FAB2C7F00A7E95680746C234
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/J9JFcTug4aDbEAaCh_WNoXIc_mk.roa
Signing time: Thu 04 Apr 2024 04:52:45 +0000
ROA not before: Thu 04 Apr 2024 04:52:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.187.0/24 maxlen: 24
5.182.198.0/24 maxlen: 24
31.132.54.0/23 maxlen: 23
63.246.130.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
63.246.144.0/24 maxlen: 24
63.246.150.0/24 maxlen: 24
63.246.151.0/24 maxlen: 24
63.246.158.0/24 maxlen: 24
78.31.204.0/24 maxlen: 24
94.154.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:73:c2:54:fa:b2:c7:f0:0a:7e:95:68:07:46:c2:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Apr 4 04:52:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27d245713ba0e1a0db10068287f58da1721cfe69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7a:97:b2:4a:21:26:ec:50:bb:f7:41:1a:a7:
0a:13:9f:bb:01:0d:db:aa:f6:90:b1:c3:77:56:50:
a7:a5:7d:7d:c0:e8:fd:ee:6c:35:69:d7:41:93:39:
46:da:ab:a6:f9:82:f5:c1:16:fc:e5:93:84:b5:aa:
d6:ac:1a:b4:b4:9c:21:58:8e:07:41:f3:55:89:62:
84:73:4a:6c:65:6c:58:78:1c:63:f8:bf:42:b5:12:
8e:66:7d:ed:31:55:cf:e7:7a:9b:e3:64:28:44:2b:
ea:96:84:62:0d:99:9f:06:01:d4:46:36:75:b8:fd:
92:3b:61:8e:e0:1c:f1:a4:29:71:e9:f1:f4:99:8a:
fb:d1:17:8b:4d:5a:76:7d:a7:f8:b8:9d:1f:ec:af:
b7:73:c2:40:b3:73:4a:e8:14:de:6d:1c:bc:ca:41:
2a:81:63:98:d2:2b:b7:e5:87:d2:48:b0:63:44:07:
fa:96:9f:5d:c5:81:19:3f:cb:e5:87:0d:46:e3:08:
67:8e:da:45:5d:47:ec:05:fa:93:84:15:98:55:62:
53:db:44:45:5d:d5:7f:c9:3b:40:d6:aa:37:80:23:
c3:a0:67:36:78:db:02:bc:87:21:81:ff:7b:92:bd:
4b:48:1f:1d:7d:de:50:64:9e:53:01:1e:96:37:43:
0e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D2:45:71:3B:A0:E1:A0:DB:10:06:82:87:F5:8D:A1:72:1C:FE:69
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/J9JFcTug4aDbEAaCh_WNoXIc_mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.187.0/24
5.182.198.0/24
31.132.54.0/23
63.246.130.0-63.246.133.255
63.246.137.0/24
63.246.144.0/24
63.246.150.0/23
63.246.158.0/24
78.31.204.0/24
94.154.170.0/24
Signature Algorithm: sha256WithRSAEncryption
83:04:72:ce:e2:91:b7:58:93:6d:db:d6:a1:09:8c:ff:8f:dc:
c7:a1:eb:6c:d8:6e:1f:6c:f6:58:01:bf:65:6d:32:bf:bd:ce:
99:89:2b:f3:f3:be:6f:ff:c4:05:73:01:bb:0b:3d:82:f1:bd:
1d:e6:6d:45:19:f9:3a:4a:68:a1:8f:ca:cd:f4:53:7c:27:4f:
38:fa:28:a4:21:a4:a0:c7:ad:83:98:d5:2d:ae:08:a2:1f:69:
e4:cc:21:f2:79:11:9e:38:6f:1e:f2:63:f3:1c:46:95:5c:21:
a6:ce:d5:5d:da:b0:c8:41:d3:6d:25:48:cf:af:4f:a8:90:87:
05:32:1f:1f:8c:4d:f1:35:c3:68:1f:44:e1:73:0c:ef:fa:7a:
fd:11:a6:b4:da:b8:64:9c:fd:3a:5c:a6:51:33:71:74:45:0e:
e8:27:87:d8:33:e7:0c:78:21:c7:be:30:43:b4:6e:15:99:aa:
e7:2c:56:bd:99:ca:13:1c:87:38:1a:92:d3:22:3e:2c:15:2e:
aa:61:35:2e:09:32:29:f9:31:77:2e:99:19:57:9b:0e:65:fe:
c0:2d:bd:4a:0f:66:98:4d:1d:c6:b2:d9:40:3b:32:2c:67:b9:
33:05:cb:21:3f:35:5f:bf:cf:59:5e:32:da:a0:67:c5:b9:66:
91:7d:3f:09
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY6nc8JU+rLH8Ap+lWgHRsI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNDA0MDQ1MjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2QyNDU3MTNiYTBlMWEwZGIxMDA2ODI4N2Y1OGRhMTcyMWNmZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnqXskohJuxQu/dBGqcKE5+7AQ3b
qvaQscN3VlCnpX19wOj97mw1addBkzlG2qum+YL1wRb85ZOEtarWrBq0tJwhWI4H
QfNViWKEc0psZWxYeBxj+L9CtRKOZn3tMVXP53qb42QoRCvqloRiDZmfBgHURjZ1
uP2SO2GO4BzxpClx6fH0mYr70ReLTVp2faf4uJ0f7K+3c8JAs3NK6BTebRy8ykEq
gWOY0iu35YfSSLBjRAf6lp9dxYEZP8vlhw1G4whnjtpFXUfsBfqThBWYVWJT20RF
XdV/yTtA1qo3gCPDoGc2eNsCvIchgf97kr1LSB8dfd5QZJ5TAR6WN0MOgQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCfSRXE7oOGg2xAGgof1jaFyHP5pMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvSjlKRmNUdWc0YURiRUFhQ2hfV05vWEljX21rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQABba7AwQA
BbbGAwQBH4Q2MAwDBAE/9oIDBAE/9oQDBAA/9okDBAA/9pADBAE/9pYDBAA/9p4D
BABOH8wDBABemqowDQYJKoZIhvcNAQELBQADggEBAIMEcs7ikbdYk23b1qEJjP+P
3Meh62zYbh9s9lgBv2VtMr+9zpmJK/Pzvm//xAVzAbsLPYLxvR3mbUUZ+TpKaKGP
ys30U3wnTzj6KKQhpKDHrYOY1S2uCKIfaeTMIfJ5EZ44bx7yY/McRpVcIabO1V3a
sMhB020lSM+vT6iQhwUyHx+MTfE1w2gfROFzDO/6ev0RprTauGSc/TpcplEzcXRF
Dugnh9gz5wx4Ice+MEO0bhWZqucsVr2ZyhMchzgaktMiPiwVLqphNS4JMin5MXcu
mRlXmw5l/sAtvUoPZphNHcay2UA7MixnuTMFyyE/NV+/z1leMtqgZ8W5ZpF9Pwk=
-----END CERTIFICATE-----
Generated at Sat May 4 09:51:36 2024 by rpki-client on console-ams.rpki-client.org