Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/SXiy2k6puSinXEh0377cBqpup18.roa
File: SXiy2k6puSinXEh0377cBqpup18.roa (raw, json)
Hash identifier: zaI3yHbXWRKQeAAOKXGw4SQg2hJ8SBUTGFNLq2n4tV8=
Subject key identifier: 49:78:B2:DA:4E:A9:B9:28:A7:5C:48:74:DF:BE:DC:06:AA:6E:A7:5F
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018DECE72755E2E98074B16174D82DE0E1FA
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/SXiy2k6puSinXEh0377cBqpup18.roa
Signing time: Tue 27 Feb 2024 23:29:48 +0000
ROA not before: Tue 27 Feb 2024 23:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 5.182.184.0/24 maxlen: 24
78.31.207.0/24 maxlen: 24
104.232.37.0/24 maxlen: 24
162.218.92.0/24 maxlen: 24
162.218.94.0/24 maxlen: 24
185.187.213.0/24 maxlen: 24
185.205.207.0/24 maxlen: 24
185.230.120.0/24 maxlen: 24
185.230.123.0/24 maxlen: 24
2a0a:8f40:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ec:e7:27:55:e2:e9:80:74:b1:61:74:d8:2d:e0:e1:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Feb 27 23:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4978b2da4ea9b928a75c4874dfbedc06aa6ea75f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:71:27:1d:e4:52:b6:2c:87:21:31:d7:ad:a2:
90:b3:c9:da:bc:2a:71:38:d5:4f:63:9e:00:1d:f9:
6d:cd:a9:d0:72:0e:f5:0f:89:26:ce:dd:fa:4e:5a:
cf:32:51:ec:08:43:25:39:29:0a:10:68:4a:84:27:
b2:28:46:7b:0d:39:15:82:7b:5b:5a:6b:c2:a0:3c:
98:4d:b3:b6:90:c9:66:a3:6f:73:35:d7:a9:5f:ff:
3d:4e:77:e2:9e:19:96:c5:65:2b:f0:aa:c0:b5:df:
73:2f:2d:cc:08:d2:05:b9:1f:92:f5:0a:55:f9:5f:
3f:98:41:1c:e8:b9:31:ae:75:26:88:52:87:d3:3a:
af:86:06:25:8f:e0:c0:dc:a7:0d:37:85:12:49:e5:
b6:97:fc:72:97:f2:fb:27:8d:0c:34:9e:48:c5:ee:
2d:d6:56:ac:8b:67:b8:a3:88:6e:5b:1c:d9:89:ea:
00:8a:04:8c:00:9e:6a:9f:52:c1:5f:93:9b:46:c9:
5b:39:e2:c6:e9:84:5f:a2:82:5a:8b:be:6e:73:ca:
dc:bf:3f:85:ff:1e:17:30:02:2d:0c:38:29:ed:87:
88:51:9f:4c:20:d2:8d:02:f0:0f:d1:b8:d1:f9:90:
c2:0b:9c:80:6b:40:d4:e2:ca:7d:25:55:e6:a2:24:
b2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:78:B2:DA:4E:A9:B9:28:A7:5C:48:74:DF:BE:DC:06:AA:6E:A7:5F
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/SXiy2k6puSinXEh0377cBqpup18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
78.31.207.0/24
104.232.37.0/24
162.218.92.0/24
162.218.94.0/24
185.187.213.0/24
185.205.207.0/24
185.230.120.0/24
185.230.123.0/24
IPv6:
2a0a:8f40:31::/48
Signature Algorithm: sha256WithRSAEncryption
5a:0c:4b:f0:25:29:8d:83:60:88:a9:34:ee:39:46:18:58:fc:
9a:43:90:bc:8a:9e:ed:6e:6d:a1:30:bd:d5:8a:6f:a1:7a:f3:
0c:fb:12:f9:e8:a2:d7:b5:b3:35:3e:09:18:85:3c:ea:79:89:
9d:27:a2:4e:9a:ec:2b:43:e4:c4:16:ef:9e:b7:c8:b3:04:04:
ca:e8:c6:2d:ca:ae:9a:a6:95:1e:df:87:c9:dc:b4:34:ac:e4:
13:f8:4a:b0:41:c6:79:83:ff:4e:1c:2b:8a:da:88:db:85:74:
a0:88:c9:c0:56:24:af:9b:f4:a6:06:6c:64:67:ee:39:7c:71:
c9:40:1e:5f:7b:9a:1d:d3:02:1b:f0:3e:c1:ee:dc:b5:d5:9b:
e3:e4:51:89:63:ea:d7:dd:8f:eb:60:e4:c6:6f:7d:e9:60:36:
6c:22:ea:da:ef:0e:8e:20:fa:b0:e7:14:d0:9d:3b:1c:20:c4:
1f:a2:0e:f2:1c:63:54:43:9f:8f:bc:41:09:52:ed:6f:b0:fa:
0c:d5:1d:39:be:78:a9:b5:b5:d4:17:8a:0e:4b:4f:40:d6:6b:
8f:12:98:5f:91:42:68:1a:a9:26:6c:41:0e:bc:b8:5d:52:f5:
e8:b9:c8:9b:4c:0d:c4:47:61:a4:42:54:f4:b1:2c:5b:24:f5:
90:72:23:ac
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY3s5ydV4umAdLFhdNgt4OH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMjI3MjMyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTc4YjJkYTRlYTliOTI4YTc1YzQ4NzRkZmJlZGMwNmFhNmVhNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XEnHeRStiyHITHXraKQs8navCpx
ONVPY54AHfltzanQcg71D4kmzt36TlrPMlHsCEMlOSkKEGhKhCeyKEZ7DTkVgntb
WmvCoDyYTbO2kMlmo29zNdepX/89TnfinhmWxWUr8KrAtd9zLy3MCNIFuR+S9QpV
+V8/mEEc6LkxrnUmiFKH0zqvhgYlj+DA3KcNN4USSeW2l/xyl/L7J40MNJ5Ixe4t
1lasi2e4o4huWxzZieoAigSMAJ5qn1LBX5ObRslbOeLG6YRfooJai75uc8rcvz+F
/x4XMAItDDgp7YeIUZ9MINKNAvAP0bjR+ZDCC5yAa0DU4sp9JVXmoiSyWQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEl4stpOqbkop1xIdN++3AaqbqdfMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvU1hpeTJrNnB1U2luWEVoMDM3N2NCcXB1cDE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA8BAIAATA2AwQABba4AwQA
Th/PAwQAaOglAwQAotpcAwQAotpeAwQAubvVAwQAuc3PAwQAueZ4AwQAueZ7MA8E
AgACMAkDBwAqCo9AADEwDQYJKoZIhvcNAQELBQADggEBAFoMS/AlKY2DYIipNO45
RhhY/JpDkLyKnu1ubaEwvdWKb6F68wz7Evnoote1szU+CRiFPOp5iZ0nok6a7CtD
5MQW7563yLMEBMroxi3KrpqmlR7fh8nctDSs5BP4SrBBxnmD/04cK4raiNuFdKCI
ycBWJK+b9KYGbGRn7jl8cclAHl97mh3TAhvwPsHu3LXVm+PkUYlj6tfdj+tg5MZv
felgNmwi6trvDo4g+rDnFNCdOxwgxB+iDvIcY1RDn4+8QQlS7W+w+gzVHTm+eKm1
tdQXig5LT0DWa48SmF+RQmgaqSZsQQ68uF1S9ei5yJtMDcRHYaRCVPSxLFsk9ZBy
I6w=
-----END CERTIFICATE-----
Generated at Sun May 19 22:15:30 2024 by rpki-client on console-fra.rpki-client.org