Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/JUb4h8HQASJajVEB3JHC8Ckj2Wo.roa
File: JUb4h8HQASJajVEB3JHC8Ckj2Wo.roa (raw, json)
Hash identifier: CSYwQ0IE4L/T/ml2feFchY0PHnlFZmfLRjbVmXzfTAU=
Subject key identifier: 25:46:F8:87:C1:D0:01:22:5A:8D:51:01:DC:91:C2:F0:29:23:D9:6A
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 018E9F651314165CA598345D93AA7BCB544F
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/JUb4h8HQASJajVEB3JHC8Ckj2Wo.roa
Signing time: Tue 02 Apr 2024 15:19:45 +0000
ROA not before: Tue 02 Apr 2024 15:19:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31083
IP address blocks: 5.104.175.0/24 maxlen: 24
77.76.14.0/24 maxlen: 24
78.128.1.0/24 maxlen: 24
78.128.6.0/24 maxlen: 24
78.128.7.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.9.0/24 maxlen: 24
78.128.42.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.62.0/24 maxlen: 24
78.128.63.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.77.0/24 maxlen: 24
78.128.78.0/24 maxlen: 24
78.128.80.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.118.0/24 maxlen: 24
78.128.126.0/24 maxlen: 24
78.142.6.0/24 maxlen: 24
78.142.32.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.51.0/24 maxlen: 24
78.142.56.0/24 maxlen: 24
78.142.57.0/24 maxlen: 24
78.142.58.0/24 maxlen: 24
78.142.59.0/24 maxlen: 24
78.142.62.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.4.0/24 maxlen: 24
79.124.5.0/24 maxlen: 24
79.124.6.0/24 maxlen: 24
79.124.14.0/24 maxlen: 24
79.124.16.0/24 maxlen: 24
79.124.17.0/24 maxlen: 24
79.124.22.0/24 maxlen: 24
79.124.29.0/24 maxlen: 24
79.124.31.0/24 maxlen: 24
79.124.44.0/24 maxlen: 24
79.124.52.0/24 maxlen: 24
79.124.63.0/24 maxlen: 24
79.124.64.0/24 maxlen: 24
79.124.65.0/24 maxlen: 24
79.124.66.0/24 maxlen: 24
79.124.67.0/24 maxlen: 24
79.124.75.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.84.0/24 maxlen: 24
79.124.90.0/24 maxlen: 24
82.118.229.0/24 maxlen: 24
82.118.243.0/24 maxlen: 24
91.148.148.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
94.72.136.0/22 maxlen: 24
130.185.225.0/24 maxlen: 24
130.185.232.0/24 maxlen: 24
178.132.86.0/24 maxlen: 24
178.132.87.0/24 maxlen: 24
185.197.152.0/22 maxlen: 24
185.232.156.0/23 maxlen: 24
217.174.146.0/23 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.151.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:65:13:14:16:5c:a5:98:34:5d:93:aa:7b:cb:54:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Apr 2 15:19:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2546f887c1d001225a8d5101dc91c2f02923d96a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d8:b2:f7:76:95:22:f8:94:77:28:72:af:4a:
56:65:50:21:6c:90:e5:b5:02:aa:2f:6c:8e:1f:fc:
b0:4e:7b:e4:e7:ba:68:83:ee:2e:42:d6:0c:45:af:
e4:f8:4e:f8:8d:a3:60:4b:10:16:bd:85:89:9d:19:
bb:92:d0:52:82:da:83:74:da:30:58:3b:8a:eb:c0:
70:5c:db:8d:2a:9e:ce:32:2d:df:5c:83:cb:1e:c5:
4a:dc:ae:60:f4:93:96:d3:5b:74:a2:c6:97:93:bc:
0d:90:fc:cb:8d:73:1c:39:7d:ab:37:fc:fd:57:58:
46:4a:04:b3:75:b1:95:ae:5d:42:bb:e6:41:59:ee:
bf:39:41:28:80:72:e6:55:5d:cd:7f:f2:6d:49:18:
9a:23:c8:38:39:08:65:a5:87:5d:ca:35:72:a7:c7:
87:f9:82:58:22:59:0b:01:c8:16:a9:ad:00:c6:b2:
91:40:c8:14:cb:1a:88:21:ca:c4:5c:10:cd:9a:f3:
fb:5f:3f:84:88:12:aa:1f:2b:b4:90:03:3b:9a:99:
9d:08:52:fd:8f:ae:c1:36:88:61:c8:4f:11:c4:1c:
b8:ff:54:f7:30:7d:e7:f8:77:98:3b:dc:b9:b7:30:
0e:2d:8b:ec:5d:31:5e:de:24:b4:c6:8e:d8:e8:04:
7a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:46:F8:87:C1:D0:01:22:5A:8D:51:01:DC:91:C2:F0:29:23:D9:6A
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/JUb4h8HQASJajVEB3JHC8Ckj2Wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.175.0/24
77.76.14.0/24
78.128.1.0/24
78.128.6.0-78.128.9.255
78.128.42.0/23
78.128.60.0/24
78.128.62.0/23
78.128.76.0-78.128.78.255
78.128.80.0/23
78.128.118.0/24
78.128.126.0/24
78.142.6.0/24
78.142.32.0/24
78.142.47.0/24
78.142.51.0/24
78.142.56.0/22
78.142.62.0/23
79.124.4.0-79.124.6.255
79.124.14.0/24
79.124.16.0/23
79.124.22.0/24
79.124.29.0/24
79.124.31.0/24
79.124.44.0/24
79.124.52.0/24
79.124.63.0-79.124.67.255
79.124.75.0-79.124.76.255
79.124.84.0/24
79.124.90.0/24
82.118.229.0/24
82.118.243.0/24
91.148.148.0/24
91.148.168.0/24
94.72.136.0/22
130.185.225.0/24
130.185.232.0/24
178.132.86.0/23
185.197.152.0/22
185.232.156.0/23
217.174.146.0-217.174.149.255
217.174.151.0-217.174.153.255
217.174.155.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:63:50:91:8f:c3:2a:0f:7a:c6:c4:9e:12:39:e7:c8:7a:98:
5d:cf:cd:81:3e:b0:48:d1:c9:41:f0:58:08:cf:67:7c:2a:07:
81:f2:0d:1a:09:02:c9:5d:d4:8a:9d:31:89:64:fb:c4:29:4e:
8d:17:30:77:3f:8b:3e:b5:2e:d6:f9:63:ef:c4:fa:ad:73:87:
bd:0f:a5:18:09:da:31:a1:2a:51:eb:0d:8b:d9:f1:75:df:3d:
fe:61:6a:e1:4d:66:fb:b5:f5:26:61:f2:43:38:62:26:87:cb:
10:01:bf:00:5e:8e:37:e0:7b:8d:8f:66:1c:05:fa:b6:7d:98:
ca:9c:75:1a:e6:ef:c3:55:01:2f:ef:16:b2:af:7a:77:ed:dd:
19:9d:cb:50:77:6b:9c:fe:b6:de:00:8b:06:03:c8:75:96:30:
ef:15:b8:72:72:d5:43:53:83:91:99:f3:0a:3e:29:e3:53:34:
90:34:dd:7c:bd:de:dd:ef:9b:0d:20:ef:93:3b:7a:d5:fe:ba:
1d:ba:ef:d7:82:e9:d7:c0:3f:81:5b:2f:4a:7c:a4:f8:9d:c4:
48:1a:bc:69:de:6d:9e:26:16:39:63:20:12:57:0d:c4:53:ba:
bc:5d:cb:5f:dc:12:1b:7b:ac:d5:f3:e9:c8:ee:b5:0d:ad:7a:
45:98:6a:e6
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgISAY6fZRMUFlylmDRdk6p7y1RPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjQwNDAyMTUxOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTQ2Zjg4N2MxZDAwMTIyNWE4ZDUxMDFkYzkxYzJmMDI5MjNkOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttiy93aVIviUdyhyr0pWZVAhbJDl
tQKqL2yOH/ywTnvk57pog+4uQtYMRa/k+E74jaNgSxAWvYWJnRm7ktBSgtqDdNow
WDuK68BwXNuNKp7OMi3fXIPLHsVK3K5g9JOW01t0osaXk7wNkPzLjXMcOX2rN/z9
V1hGSgSzdbGVrl1Cu+ZBWe6/OUEogHLmVV3Nf/JtSRiaI8g4OQhlpYddyjVyp8eH
+YJYIlkLAcgWqa0AxrKRQMgUyxqIIcrEXBDNmvP7Xz+EiBKqHyu0kAM7mpmdCFL9
j67BNohhyE8RxBy4/1T3MH3n+HeYO9y5tzAOLYvsXTFe3iS0xo7Y6AR6AwIDAQAB
o4IDQTCCAz0wHQYDVR0OBBYEFCVG+IfB0AEiWo1RAdyRwvApI9lqMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvSlViNGg4SFFBU0phalZFQjNKSEM4Q2tqMldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVQYIKwYBBQUHAQcBAf8EggFEMIIBQDCCATwEAgABMIIB
NAMEAAVorwMEAE1MDgMEAE6AATAMAwQBToAGAwQBToAIAwQBToAqAwQAToA8AwQB
ToA+MAwDBAJOgEwDBABOgE4DBAFOgFADBABOgHYDBABOgH4DBABOjgYDBABOjiAD
BABOji8DBABOjjMDBAJOjjgDBAFOjj4wDAMEAk98BAMEAE98BgMEAE98DgMEAU98
EAMEAE98FgMEAE98HQMEAE98HwMEAE98LAMEAE98NDAMAwQAT3w/AwQCT3xAMAwD
BABPfEsDBABPfEwDBABPfFQDBABPfFoDBABSduUDBABSdvMDBABblJQDBABblKgD
BAJeSIgDBACCueEDBACCuegDBAGyhFYDBAK5xZgDBAG56JwwDAMEAdmukgMEAdmu
lDAMAwQA2a6XAwQB2a6YAwQA2a6bMA0GCSqGSIb3DQEBCwUAA4IBAQA7Y1CRj8Mq
D3rGxJ4SOefIephdz82BPrBI0clB8FgIz2d8KgeB8g0aCQLJXdSKnTGJZPvEKU6N
FzB3P4s+tS7W+WPvxPqtc4e9D6UYCdoxoSpR6w2L2fF13z3+YWrhTWb7tfUmYfJD
OGImh8sQAb8AXo434HuNj2YcBfq2fZjKnHUa5u/DVQEv7xayr3p37d0ZnctQd2uc
/rbeAIsGA8h1ljDvFbhyctVDU4ORmfMKPinjUzSQNN18vd7d75sNIO+TO3rV/rod
uu/XgunXwD+BWy9KfKT4ncRIGrxp3m2eJhY5YyASVw3EU7q8Xctf3BIbe6zV8+nI
7rUNrXpFmGrm
-----END CERTIFICATE-----
Generated at Sun May 19 03:49:24 2024 by rpki-client on console-fra.rpki-client.org