Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/m5JmPYn7Q7Z6l3nNIoX1sgEdY38.roa
File: m5JmPYn7Q7Z6l3nNIoX1sgEdY38.roa (raw, json)
Hash identifier: vL3FY3GYKSP+t0pQeCuZ4+299xifNC5dDeLAe3zpTZw=
Subject key identifier: 9B:92:66:3D:89:FB:43:B6:7A:97:79:CD:22:85:F5:B2:01:1D:63:7F
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 018CC870F43B0C589E5BAAE5D75CBA354203
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/m5JmPYn7Q7Z6l3nNIoX1sgEdY38.roa
Signing time: Tue 02 Jan 2024 04:31:34 +0000
ROA not before: Tue 02 Jan 2024 04:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43700
IP address blocks: 185.246.242.0/23 maxlen: 23
31.172.224.0/23 maxlen: 23
31.172.224.0/22 maxlen: 22
31.172.226.0/23 maxlen: 23
185.252.204.0/23 maxlen: 23
185.252.204.0/22 maxlen: 22
185.252.206.0/23 maxlen: 23
185.246.240.0/22 maxlen: 22
185.246.240.0/23 maxlen: 23
185.252.108.0/22 maxlen: 22
185.252.108.0/23 maxlen: 23
185.252.110.0/23 maxlen: 23
45.84.244.0/23 maxlen: 23
45.84.244.0/22 maxlen: 22
95.215.140.0/23 maxlen: 23
95.215.140.0/22 maxlen: 22
95.215.142.0/23 maxlen: 23
78.158.0.0/19 maxlen: 19
78.158.0.0/20 maxlen: 20
91.200.252.0/22 maxlen: 22
91.200.252.0/23 maxlen: 23
91.200.254.0/23 maxlen: 23
78.158.16.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:f4:3b:0c:58:9e:5b:aa:e5:d7:5c:ba:35:42:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Jan 2 04:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b92663d89fb43b67a9779cd2285f5b2011d637f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:52:14:1f:35:58:6f:a2:76:52:7b:e9:8e:39:
be:f3:fd:6f:1c:c5:9c:6d:07:53:f2:65:69:ec:ea:
88:91:a3:17:28:c1:81:73:d0:71:a1:c4:33:95:da:
d1:d7:75:6a:06:08:11:a3:2e:57:dd:d3:52:f5:f5:
3e:2c:c6:df:5d:7f:f9:81:5f:a6:e8:64:0f:87:d8:
3b:54:3f:8f:54:be:22:57:3c:9a:07:21:80:aa:27:
9f:73:62:4d:ca:d1:f5:80:7e:80:cc:76:1f:9e:ed:
37:f1:31:16:b6:a3:1f:0e:d7:09:7c:78:7f:3b:ec:
44:a9:68:c6:93:a8:dd:85:b7:06:ad:61:83:55:89:
02:25:18:7e:9c:cf:8c:88:7a:af:e5:a2:9e:8b:a8:
dc:e6:1e:5c:8a:d5:3c:6f:23:b5:c1:fa:99:2b:04:
f8:0d:dd:c6:45:59:ad:14:08:6f:f1:03:68:3a:12:
86:64:d6:71:9e:32:dd:bb:24:23:6c:62:b4:7a:8f:
e1:fc:76:07:23:94:b4:dc:2f:07:ea:34:78:5e:0d:
9a:64:72:3f:6b:25:97:fe:4c:31:70:3d:93:48:41:
df:86:1d:1f:7e:59:2d:1e:ee:10:8b:d9:cd:b5:ed:
fd:81:5a:cd:55:e1:fe:27:86:f5:9c:6a:74:a8:58:
49:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:92:66:3D:89:FB:43:B6:7A:97:79:CD:22:85:F5:B2:01:1D:63:7F
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/m5JmPYn7Q7Z6l3nNIoX1sgEdY38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.224.0/22
45.84.244.0/22
78.158.0.0/19
91.200.252.0/22
95.215.140.0/22
185.246.240.0/22
185.252.108.0/22
185.252.204.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:89:6e:5c:8c:e1:f6:ed:2d:2f:71:ba:93:58:7c:3d:18:8a:
a1:75:94:75:c9:85:d8:e2:4d:72:a2:16:e8:62:20:38:87:2d:
ed:3e:a1:d8:d9:5b:61:b0:cc:36:d3:a2:42:a8:f0:ca:e0:42:
24:6a:51:69:46:01:d4:4b:a2:bd:76:93:8b:fe:5f:36:f4:97:
f5:11:00:e5:15:4b:d2:f2:5c:2f:a7:7d:be:f9:1f:46:9f:37:
12:df:2c:f9:33:6a:28:fe:77:2d:56:68:84:4b:0f:f3:7b:43:
4f:f6:74:55:07:8f:10:99:e3:d8:18:88:04:35:c9:b0:7c:60:
ba:76:85:b9:66:d4:34:ae:90:74:bd:dc:56:8d:be:be:aa:00:
53:bd:17:19:b6:b4:13:51:30:2c:46:cd:0f:3c:cd:bb:08:e2:
a4:ea:cc:1e:28:45:32:03:0e:6c:c9:42:fa:0e:c2:ac:2a:4c:
93:ad:54:c8:55:a4:26:cc:01:af:68:1e:23:4f:4b:37:f3:3e:
78:a4:1a:5b:57:db:0d:bc:f0:90:42:07:e8:c0:6d:4b:78:c0:
c5:1f:f8:01:05:ab:67:e4:95:eb:e2:6b:f2:0a:71:60:f5:71:
8b:84:0f:90:0e:35:fd:56:c8:9a:c0:30:3d:c5:f9:a9:06:b2:
4f:05:92:0f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzIcPQ7DFieW6rl11y6NUIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjQwMTAyMDQzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjkyNjYzZDg5ZmI0M2I2N2E5Nzc5Y2QyMjg1ZjViMjAxMWQ2MzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslIUHzVYb6J2Unvpjjm+8/1vHMWc
bQdT8mVp7OqIkaMXKMGBc9BxocQzldrR13VqBggRoy5X3dNS9fU+LMbfXX/5gV+m
6GQPh9g7VD+PVL4iVzyaByGAqiefc2JNytH1gH6AzHYfnu038TEWtqMfDtcJfHh/
O+xEqWjGk6jdhbcGrWGDVYkCJRh+nM+MiHqv5aKei6jc5h5citU8byO1wfqZKwT4
Dd3GRVmtFAhv8QNoOhKGZNZxnjLduyQjbGK0eo/h/HYHI5S03C8H6jR4Xg2aZHI/
ayWX/kwxcD2TSEHfhh0fflktHu4Qi9nNte39gVrNVeH+J4b1nGp0qFhJuQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJuSZj2J+0O2epd5zSKF9bIBHWN/MB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvbTVKbVBZbjdRN1o2bDNuTklvWDFzZ0VkWTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCH6zgAwQC
LVT0AwQFTp4AAwQCW8j8AwQCX9eMAwQCufbwAwQCufxsAwQCufzMMA0GCSqGSIb3
DQEBCwUAA4IBAQBeiW5cjOH27S0vcbqTWHw9GIqhdZR1yYXY4k1yohboYiA4hy3t
PqHY2VthsMw206JCqPDK4EIkalFpRgHUS6K9dpOL/l829Jf1EQDlFUvS8lwvp32+
+R9GnzcS3yz5M2oo/nctVmiESw/ze0NP9nRVB48QmePYGIgENcmwfGC6doW5ZtQ0
rpB0vdxWjb6+qgBTvRcZtrQTUTAsRs0PPM27COKk6sweKEUyAw5syUL6DsKsKkyT
rVTIVaQmzAGvaB4jT0s38z54pBpbV9sNvPCQQgfowG1LeMDFH/gBBatn5JXr4mvy
CnFg9XGLhA+QDjX9VsiawDA9xfmpBrJPBZIP
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:30:16 2024 by rpki-client on console-ams.rpki-client.org