Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/xl8SWKLJPy2SIiOudBw6HhOnpAE.roa
File: xl8SWKLJPy2SIiOudBw6HhOnpAE.roa (raw, json)
Hash identifier: e+PlLjmserIJkByAQPPopBB3qpUHryAFoxi4Yp38U2k=
Subject key identifier: C6:5F:12:58:A2:C9:3F:2D:92:22:23:AE:74:1C:3A:1E:13:A7:A4:01
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018F3AA44BBDE0C54F91A00EA31044DAE3EC
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/xl8SWKLJPy2SIiOudBw6HhOnpAE.roa
Signing time: Thu 02 May 2024 18:49:56 +0000
ROA not before: Thu 02 May 2024 18:49:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64200
IP address blocks: 5.182.186.0/24 maxlen: 24
5.182.193.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
45.67.147.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.136.0/24 maxlen: 24
63.246.139.0/24 maxlen: 24
63.246.142.0/24 maxlen: 24
63.246.145.0/24 maxlen: 24
63.246.146.0/23 maxlen: 23
63.246.148.0/24 maxlen: 24
63.246.149.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.158.0/23 maxlen: 23
63.246.159.0/24 maxlen: 24
185.171.124.0/24 maxlen: 24
185.171.125.0/24 maxlen: 24
185.171.127.0/24 maxlen: 24
185.198.88.0/24 maxlen: 24
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
192.145.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 13:21:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3a:a4:4b:bd:e0:c5:4f:91:a0:0e:a3:10:44:da:e3:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: May 2 18:49:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c65f1258a2c93f2d922223ae741c3a1e13a7a401
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:b4:a3:eb:16:b2:f8:12:37:4e:9f:41:28:
96:a1:6f:18:f8:be:9f:e0:c4:00:38:34:12:52:49:
a4:ed:d9:fb:d0:d0:ff:2a:9e:1d:2d:42:8e:fe:27:
02:ec:0d:15:a0:f3:16:42:a4:66:a7:af:4b:3c:18:
69:83:90:b3:37:de:99:5d:7a:1b:69:fd:c6:85:a8:
2f:6e:17:00:34:f8:c1:df:9f:f3:ff:2d:db:b9:b1:
7b:ab:9c:2b:4e:a5:ae:3b:ca:9c:41:83:a8:ce:6e:
bd:e8:ca:f2:72:43:6f:01:a2:13:44:ae:a7:85:8f:
c8:8b:05:d5:64:06:55:a0:62:9b:f1:90:f7:43:a0:
b7:58:24:61:db:49:dd:03:ae:09:dd:0d:39:53:8f:
9f:a8:ba:c9:db:42:af:29:60:bf:a2:05:38:ce:76:
1a:cc:a1:8c:d9:c4:70:b6:ab:6a:e1:8b:f8:ff:df:
d6:a7:05:b2:60:13:bf:5e:d2:73:fb:53:fa:97:59:
8b:f1:5a:09:21:72:ca:55:c3:83:fb:b9:54:11:5d:
6e:59:32:86:34:04:f2:99:ec:21:fe:12:df:56:63:
ac:d3:46:09:80:83:61:a8:b0:66:a3:f0:46:9e:1f:
f7:fd:3b:af:d4:fa:00:9d:a9:01:cd:18:6c:78:e1:
9b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:5F:12:58:A2:C9:3F:2D:92:22:23:AE:74:1C:3A:1E:13:A7:A4:01
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/xl8SWKLJPy2SIiOudBw6HhOnpAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/24
5.182.193.0-5.182.195.255
45.67.147.0/24
63.246.129.0/24
63.246.136.0/24
63.246.139.0/24
63.246.142.0/24
63.246.145.0-63.246.149.255
63.246.152.0/24
63.246.158.0/23
185.171.124.0/23
185.171.127.0/24
185.198.88.0/24
185.201.41.0/24
185.201.43.0/24
185.205.206.0/24
192.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
50:80:9a:6b:35:60:ef:91:25:55:78:4b:f5:f2:ff:c8:f7:55:
b8:98:10:5f:ad:88:94:7e:fa:10:ab:b8:15:75:c7:15:2b:6a:
03:d7:fb:01:68:f5:6f:7c:45:55:b2:38:51:0b:f3:80:e2:7e:
71:b6:7f:a2:95:1b:cd:3e:b4:b7:4d:44:3e:88:a6:8f:dc:13:
72:cd:4f:fa:d4:ca:bb:52:75:57:5b:8a:67:15:fc:e7:2b:d1:
0c:48:12:43:fa:92:6e:1d:ec:fd:7f:91:ee:c1:23:01:50:86:
8c:80:14:5a:ee:59:62:1d:50:e4:be:a4:96:fa:38:eb:68:1c:
3f:c7:ef:fc:09:d3:0d:f5:80:2d:8c:25:b5:88:b7:ad:a4:8c:
d4:e0:f8:e2:ba:9b:2e:dd:e4:37:7b:44:8f:37:6e:c1:ed:1a:
9c:f2:1b:a1:4a:b1:98:6b:9d:2d:27:dd:c2:10:93:53:c3:99:
88:cc:26:1f:be:66:2e:66:7e:a3:57:57:f5:fb:23:d6:c9:2c:
3f:2c:52:bc:3f:71:4e:33:38:17:d4:a9:6d:79:d9:22:a8:d1:
97:57:61:29:a8:d8:59:a5:cc:12:bb:8a:15:1b:63:98:d6:0c:
92:65:aa:14:88:83:b1:dc:de:eb:6d:1b:ea:5b:7f:6d:fa:95:
44:25:38:02
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAY86pEu94MVPkaAOoxBE2uPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwNTAyMTg0OTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjVmMTI1OGEyYzkzZjJkOTIyMjIzYWU3NDFjM2ExZTEzYTdhNDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCS0o+sWsvgSN06fQSiWoW8Y+L6f
4MQAODQSUkmk7dn70ND/Kp4dLUKO/icC7A0VoPMWQqRmp69LPBhpg5CzN96ZXXob
af3GhagvbhcANPjB35/z/y3bubF7q5wrTqWuO8qcQYOozm696MryckNvAaITRK6n
hY/IiwXVZAZVoGKb8ZD3Q6C3WCRh20ndA64J3Q05U4+fqLrJ20KvKWC/ogU4znYa
zKGM2cRwtqtq4Yv4/9/WpwWyYBO/XtJz+1P6l1mL8VoJIXLKVcOD+7lUEV1uWTKG
NATymewh/hLfVmOs00YJgINhqLBmo/BGnh/3/Tuv1PoAnakBzRhseOGbYQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFMZfEliiyT8tkiIjrnQcOh4Tp6QBMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEveGw4U1dLTEpQeTJTSWlPdWRCdzZIaE9ucEFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAFtrow
DAMEAAW2wQMEAgW2wAMEAC1DkwMEAD/2gQMEAD/2iAMEAD/2iwMEAD/2jjAMAwQA
P/aRAwQBP/aUAwQAP/aYAwQBP/aeAwQBuat8AwQAuat/AwQAucZYAwQAuckpAwQA
uckrAwQAuc3OAwQAwJFEMA0GCSqGSIb3DQEBCwUAA4IBAQBQgJprNWDvkSVVeEv1
8v/I91W4mBBfrYiUfvoQq7gVdccVK2oD1/sBaPVvfEVVsjhRC/OA4n5xtn+ilRvN
PrS3TUQ+iKaP3BNyzU/61Mq7UnVXW4pnFfznK9EMSBJD+pJuHez9f5HuwSMBUIaM
gBRa7lliHVDkvqSW+jjraBw/x+/8CdMN9YAtjCW1iLetpIzU4Pjiupsu3eQ3e0SP
N27B7Rqc8huhSrGYa50tJ93CEJNTw5mIzCYfvmYuZn6jV1f1+yPWySw/LFK8P3FO
MzgX1KltedkiqNGXV2EpqNhZpcwSu4oVG2OY1gySZaoUiIOx3N7rbRvqW39t+pVE
JTgC
-----END CERTIFICATE-----
Generated at Thu May 30 19:31:43 2024 by rpki-client on console-fra.rpki-client.org