Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/tKk5ypEOn9czUKJiFl42YGncgFg.roa
File: tKk5ypEOn9czUKJiFl42YGncgFg.roa (raw, json)
Hash identifier: mm5eeX+ZHBF0PV0LmbHvIy47lwrKkg4aRrxg1wWiPTA=
Subject key identifier: B4:A9:39:CA:91:0E:9F:D7:33:50:A2:62:16:5E:36:60:69:DC:80:58
Certificate issuer: /CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Certificate serial: 018E5C1D419577100AE32E684625002C19C5
Authority key identifier: B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/tKk5ypEOn9czUKJiFl42YGncgFg.roa
Signing time: Wed 20 Mar 2024 13:46:44 +0000
ROA not before: Wed 20 Mar 2024 13:46:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199081
IP address blocks: 5.172.192.0/20 maxlen: 20
5.172.192.0/22 maxlen: 22
5.172.192.0/24 maxlen: 24
5.172.193.0/24 maxlen: 24
5.172.194.0/24 maxlen: 24
5.172.195.0/24 maxlen: 24
5.172.196.0/22 maxlen: 22
5.172.196.0/24 maxlen: 24
5.172.197.0/24 maxlen: 24
5.172.198.0/24 maxlen: 24
5.172.199.0/24 maxlen: 24
5.172.200.0/22 maxlen: 22
5.172.201.0/24 maxlen: 24
5.172.202.0/24 maxlen: 24
5.172.203.0/24 maxlen: 24
5.172.204.0/22 maxlen: 22
5.172.204.0/24 maxlen: 24
5.172.205.0/24 maxlen: 24
5.172.206.0/24 maxlen: 24
45.66.185.0/24 maxlen: 24
45.66.186.0/24 maxlen: 24
45.66.187.0/24 maxlen: 24
91.193.60.0/22 maxlen: 22
91.193.60.0/24 maxlen: 24
91.193.61.0/24 maxlen: 24
91.193.62.0/24 maxlen: 24
91.193.63.0/24 maxlen: 24
109.68.144.0/21 maxlen: 21
109.68.144.0/24 maxlen: 24
109.68.145.0/24 maxlen: 24
109.68.147.0/24 maxlen: 24
109.68.149.0/24 maxlen: 24
109.68.150.0/24 maxlen: 24
109.68.151.0/24 maxlen: 24
178.21.168.0/21 maxlen: 21
178.21.168.0/22 maxlen: 22
178.21.168.0/24 maxlen: 24
178.21.169.0/24 maxlen: 24
178.21.170.0/24 maxlen: 24
178.21.171.0/24 maxlen: 24
178.21.172.0/22 maxlen: 22
178.21.172.0/24 maxlen: 24
178.21.173.0/24 maxlen: 24
178.21.174.0/24 maxlen: 24
178.21.175.0/24 maxlen: 24
185.70.76.0/22 maxlen: 22
185.70.76.0/24 maxlen: 24
185.70.77.0/24 maxlen: 24
185.70.78.0/23 maxlen: 23
185.70.78.0/24 maxlen: 24
185.70.79.0/24 maxlen: 24
185.88.23.0/24 maxlen: 24
185.118.125.0/24 maxlen: 24
185.168.36.0/22 maxlen: 22
185.168.38.0/23 maxlen: 23
185.168.38.0/24 maxlen: 24
185.168.39.0/24 maxlen: 24
185.205.96.0/22 maxlen: 22
185.205.96.0/24 maxlen: 24
185.205.97.0/24 maxlen: 24
185.205.98.0/24 maxlen: 24
185.205.99.0/24 maxlen: 24
195.35.92.0/22 maxlen: 22
2a02:4fc0::/32 maxlen: 32
2a02:4fc0:4000::/48 maxlen: 48
2a02:4fc0:4001::/48 maxlen: 48
2a02:4fc0:4100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.mft
rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:1d:41:95:77:10:0a:e3:2e:68:46:25:00:2c:19:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3c51b0c063cfc16943fc9a47e2c805990f6eaae
Validity
Not Before: Mar 20 13:46:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4a939ca910e9fd73350a262165e366069dc8058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b6:24:41:1d:7c:e8:90:95:47:7a:9e:91:73:
3d:3e:e9:71:a4:57:f0:ef:dd:57:7f:73:23:4c:f9:
60:85:03:b9:8d:4d:38:07:b8:f1:23:d9:6b:4e:6c:
1a:12:13:98:01:a7:6e:9e:02:42:c3:33:8b:ff:dd:
4b:4d:41:34:24:76:9a:1f:8e:7a:6d:e6:f2:0b:52:
3b:f0:b4:68:c6:1e:93:29:7c:f7:f5:a5:cd:57:97:
f1:d8:b0:72:2c:47:9a:eb:64:b6:55:dd:db:36:c1:
6d:cc:17:89:b0:17:92:99:58:ab:89:db:8d:94:af:
b5:b6:d7:c2:ae:b4:5b:9d:89:36:b3:cc:0c:f7:d6:
5e:fa:8e:e1:8f:aa:6b:bc:cd:77:6b:8b:19:21:be:
71:14:eb:75:35:0b:87:88:3c:ee:48:49:1e:bc:16:
15:c8:4a:63:7d:43:38:e8:be:3f:0f:64:bc:de:99:
16:bc:f0:bf:c6:b6:f7:e3:c8:1f:d5:28:cf:5a:50:
6d:e7:ba:ab:6f:a0:34:4f:cd:b8:1e:08:f4:1e:a3:
89:b6:23:65:33:6f:80:4f:22:0b:c1:53:50:b0:db:
b7:1a:15:ab:33:99:3f:39:aa:38:44:b1:92:24:11:
e1:a8:1f:bc:1e:eb:87:d1:67:02:d0:30:85:ae:89:
b3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A9:39:CA:91:0E:9F:D7:33:50:A2:62:16:5E:36:60:69:DC:80:58
X509v3 Authority Key Identifier:
keyid:B3:C5:1B:0C:06:3C:FC:16:94:3F:C9:A4:7E:2C:80:59:90:F6:EA:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s8UbDAY8_BaUP8mkfiyAWZD26q4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/tKk5ypEOn9czUKJiFl42YGncgFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/587792-bae9-4183-a4b1-ff5f1ad69266/1/s8UbDAY8_BaUP8mkfiyAWZD26q4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.192.0/20
45.66.185.0-45.66.187.255
91.193.60.0/22
109.68.144.0/21
178.21.168.0/21
185.70.76.0/22
185.88.23.0/24
185.118.125.0/24
185.168.36.0/22
185.205.96.0/22
195.35.92.0/22
IPv6:
2a02:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
94:37:7c:24:eb:22:1a:3f:6b:f3:f2:a3:0f:28:03:dc:e1:48:
23:9d:c3:bd:37:b6:e9:3d:0f:08:87:c6:e3:9f:1d:59:92:93:
9e:3a:67:a3:83:83:9d:de:a8:cf:c4:2c:42:87:3d:7b:ff:c0:
31:49:63:7c:51:a3:02:96:c7:f2:fd:65:46:bc:8f:48:8c:8a:
80:dc:b2:6f:c0:e8:67:ca:e5:bb:42:46:b7:60:80:08:ef:c9:
c0:c5:e4:7d:09:28:a6:45:b9:3b:06:01:b4:f9:9d:5d:94:d9:
e4:be:b3:62:87:78:75:cd:06:c0:11:55:b7:6a:65:f9:4d:5e:
07:20:66:01:40:1b:b4:f0:c8:2e:22:30:6b:c6:db:15:e4:83:
aa:fb:f2:74:de:c1:35:f2:2a:f7:64:37:cc:33:ba:bc:2e:1d:
c0:15:7b:c0:1c:fa:ce:d3:4c:4c:d8:01:e8:4f:03:ef:6d:65:
5e:23:ef:09:8b:fb:26:56:db:ce:00:bc:0e:60:23:46:25:78:
6a:e2:88:0a:d6:17:73:36:66:d5:f7:fa:4e:49:2e:fd:a9:fb:
16:45:89:58:12:5a:49:df:ea:e8:73:b5:e1:c0:84:9a:14:a7:
e1:06:3a:ea:57:42:bf:14:27:d1:b1:c7:f1:ab:74:ba:9e:8e:
2a:91:2e:24
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY5cHUGVdxAK4y5oRiUALBnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYzUxYjBjMDYzY2ZjMTY5NDNmYzlhNDdlMmM4MDU5OTBm
NmVhYWUwHhcNMjQwMzIwMTM0NjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGE5MzljYTkxMGU5ZmQ3MzM1MGEyNjIxNjVlMzY2MDY5ZGM4MDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7YkQR186JCVR3qekXM9PulxpFfw
791Xf3MjTPlghQO5jU04B7jxI9lrTmwaEhOYAadungJCwzOL/91LTUE0JHaaH456
bebyC1I78LRoxh6TKXz39aXNV5fx2LByLEea62S2Vd3bNsFtzBeJsBeSmViriduN
lK+1ttfCrrRbnYk2s8wM99Ze+o7hj6prvM13a4sZIb5xFOt1NQuHiDzuSEkevBYV
yEpjfUM46L4/D2S83pkWvPC/xrb348gf1SjPWlBt57qrb6A0T824Hgj0HqOJtiNl
M2+ATyILwVNQsNu3GhWrM5k/Oao4RLGSJBHhqB+8HuuH0WcC0DCFromz/QIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFLSpOcqRDp/XM1CiYhZeNmBp3IBYMB8GA1UdIwQY
MBaAFLPFGwwGPPwWlD/JpH4sgFmQ9uquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEt
ZmY1ZjFhZDY5MjY2LzEvdEtrNXlwRU9uOWN6VUtKaUZsNDJZR25jZ0ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81ODc3OTItYmFlOS00MTgzLWE0YjEtZmY1ZjFhZDY5MjY2
LzEvczhVYkRBWThfQmFVUDhta2ZpeUFXWkQyNnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQEBazAMAwD
BAAtQrkDBAItQrgDBAJbwTwDBANtRJADBAOyFagDBAK5RkwDBAC5WBcDBAC5dn0D
BAK5qCQDBAK5zWADBALDI1wwDQQCAAIwBwMFACoCT8AwDQYJKoZIhvcNAQELBQAD
ggEBAJQ3fCTrIho/a/Pyow8oA9zhSCOdw703tuk9DwiHxuOfHVmSk546Z6ODg53e
qM/ELEKHPXv/wDFJY3xRowKWx/L9ZUa8j0iMioDcsm/A6GfK5btCRrdggAjvycDF
5H0JKKZFuTsGAbT5nV2U2eS+s2KHeHXNBsARVbdqZflNXgcgZgFAG7TwyC4iMGvG
2xXkg6r78nTewTXyKvdkN8wzurwuHcAVe8Ac+s7TTEzYAehPA+9tZV4j7wmL+yZW
284AvA5gI0YleGriiArWF3M2ZtX3+k5JLv2p+xZFiVgSWknf6uhzteHAhJoUp+EG
OupXQr8UJ9Gxx/GrdLqejiqRLiQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:27:00 2024 by rpki-client on console-fra.rpki-client.org