Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/RDTGvX0IjzIDHadAXQQcDmxtYaA.roa
File: RDTGvX0IjzIDHadAXQQcDmxtYaA.roa (raw, json)
Hash identifier: CNmh2R3zz8Ztcf2UalIXYdHE/K14cMxtDHkw8Cp38RU=
Subject key identifier: 44:34:C6:BD:7D:08:8F:32:03:1D:A7:40:5D:04:1C:0E:6C:6D:61:A0
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018EED8DA198242598D94DE963971906BB83
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/RDTGvX0IjzIDHadAXQQcDmxtYaA.roa
Signing time: Wed 17 Apr 2024 19:34:25 +0000
ROA not before: Wed 17 Apr 2024 19:34:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
185.198.91.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
192.145.70.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
212.60.14.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ed:8d:a1:98:24:25:98:d9:4d:e9:63:97:19:06:bb:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Apr 17 19:34:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4434c6bd7d088f32031da7405d041c0e6c6d61a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e4:94:6d:7d:9d:4c:d3:b5:2e:fa:4a:d0:f8:
2f:94:79:2e:f8:6e:7a:bf:5b:c8:66:1a:81:e1:86:
65:60:d3:ed:8e:72:93:d7:9b:54:72:54:1b:fa:85:
eb:2b:a2:fb:9c:da:5d:ba:66:6a:60:a1:35:5e:b0:
71:a3:20:5d:85:e8:d6:f9:76:18:8b:79:57:f6:3b:
24:1b:7f:b5:b3:a5:34:82:da:63:0e:0f:8a:d3:90:
6d:dd:e6:18:33:d5:66:61:5d:d0:67:4f:19:7d:86:
a7:50:1b:9f:17:fb:a6:f7:e7:c0:18:13:a2:e0:f5:
77:83:85:8e:bd:d5:04:10:5c:40:e3:5f:81:7d:03:
c6:86:d8:88:55:aa:08:a9:54:ad:c4:82:58:a2:b5:
44:b8:f2:59:17:53:88:1c:c3:16:89:08:fb:0d:7c:
0e:d0:75:38:dc:0d:11:da:6c:4e:da:5d:d7:b9:4b:
e4:cf:f3:35:9d:ce:bd:90:7d:65:1f:4e:2c:1a:28:
fa:46:d3:1a:26:4c:58:3c:85:13:91:05:c7:c3:54:
e9:54:12:28:0b:0d:d2:11:c3:39:8d:e4:87:5a:cc:
58:5b:a1:d7:22:49:19:2f:21:98:b6:2f:b1:6e:38:
16:f5:6f:41:08:0e:95:0b:0a:7b:e7:ee:6f:60:b0:
da:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:34:C6:BD:7D:08:8F:32:03:1D:A7:40:5D:04:1C:0E:6C:6D:61:A0
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/RDTGvX0IjzIDHadAXQQcDmxtYaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
103.130.176.0/23
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.52.138.0/23
185.161.190.0/24
185.187.214.0/23
185.198.89.0-185.198.91.255
185.201.42.0/24
185.205.204.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
185.253.120.0/23
192.145.70.0/24
212.60.13.0-212.60.14.255
217.197.170.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
5c:d0:36:da:66:1a:32:d1:98:93:fe:c3:50:aa:9f:a9:7d:2e:
52:81:39:9b:94:cc:aa:33:c6:3a:11:cd:44:5e:e3:05:57:13:
85:f1:40:84:d1:b8:59:55:18:d8:bd:49:72:d2:85:4d:18:f7:
91:a4:78:50:91:c2:b8:ab:c1:9d:98:1f:b2:15:06:01:81:92:
0a:92:03:e9:70:2f:ff:c8:05:97:0b:e2:34:14:63:3e:6c:6f:
86:16:ab:26:25:ef:6a:90:c9:4d:e5:35:d1:e6:18:a3:1d:f8:
8b:f5:3a:05:11:f9:d1:20:24:f4:fc:73:e7:78:87:a9:3a:e9:
ae:00:c1:0e:bd:eb:94:00:3d:f8:e5:e7:3b:fd:7c:d4:92:e6:
2b:e0:82:7e:aa:97:d9:bd:07:60:b6:fb:48:64:6c:c4:b9:79:
b5:81:72:14:e8:e2:8d:d1:5f:95:4c:a0:fc:c5:79:12:d7:25:
18:6f:ef:e3:26:4a:d0:38:95:3e:bc:bd:f8:82:ee:a1:e0:7d:
04:09:62:de:1d:0c:eb:a8:86:c0:44:1b:6b:85:3e:e2:83:db:
be:a6:48:2e:c7:85:54:88:a7:1d:35:97:d1:cc:1a:5f:5b:ba:
22:df:16:32:fb:f4:80:e8:1a:26:be:40:dc:cf:fe:3f:97:45:
90:3b:61:53
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAY7tjaGYJCWY2U3pY5cZBruDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNDE3MTkzNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM0YzZiZDdkMDg4ZjMyMDMxZGE3NDA1ZDA0MWMwZTZjNmQ2MWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+SUbX2dTNO1LvpK0PgvlHku+G56
v1vIZhqB4YZlYNPtjnKT15tUclQb+oXrK6L7nNpdumZqYKE1XrBxoyBdhejW+XYY
i3lX9jskG3+1s6U0gtpjDg+K05Bt3eYYM9VmYV3QZ08ZfYanUBufF/um9+fAGBOi
4PV3g4WOvdUEEFxA41+BfQPGhtiIVaoIqVStxIJYorVEuPJZF1OIHMMWiQj7DXwO
0HU43A0R2mxO2l3XuUvkz/M1nc69kH1lH04sGij6RtMaJkxYPIUTkQXHw1TpVBIo
Cw3SEcM5jeSHWsxYW6HXIkkZLyGYti+xbjgW9W9BCA6VCwp75+5vYLDa7wIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFEQ0xr19CI8yAx2nQF0EHA5sbWGgMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvUkRUR3ZYMElqeklESGFkQVhRUWNEbXh0WWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBqQQCAAEwgaIDBAAF
trkDBAEFtsQDBABOH80DBABPYrcDBABc+R0DBABemqsDBABemrIDBAFngrADBABo
6CQDBACTTs8DBACi2l0DBAG5NIoDBAC5ob4DBAG5u9YwDAMEALnGWQMEArnGWAME
ALnJKgMEALnNzDAMAwQDudCYAwQAudCaAwQAueZ5AwQBuf14AwQAwJFGMAwDBADU
PA0DBADUPA4DBADZxaowLAQCAAIwJgMHACoKj0AAAzASAwcAKgqPQAAHAwcAKgqP
QAAMAwcAKgqPQAAcMA0GCSqGSIb3DQEBCwUAA4IBAQBc0DbaZhoy0ZiT/sNQqp+p
fS5SgTmblMyqM8Y6Ec1EXuMFVxOF8UCE0bhZVRjYvUly0oVNGPeRpHhQkcK4q8Gd
mB+yFQYBgZIKkgPpcC//yAWXC+I0FGM+bG+GFqsmJe9qkMlN5TXR5hijHfiL9ToF
EfnRICT0/HPneIepOumuAMEOveuUAD345ec7/XzUkuYr4IJ+qpfZvQdgtvtIZGzE
uXm1gXIU6OKN0V+VTKD8xXkS1yUYb+/jJkrQOJU+vL34gu6h4H0ECWLeHQzrqIbA
RBtrhT7ig9u+pkgux4VUiKcdNZfRzBpfW7oi3xYy+/SA6BomvkDcz/4/l0WQO2FT
-----END CERTIFICATE-----
Generated at Mon May 6 19:03:25 2024 by rpki-client on console-fra.rpki-client.org