Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/VG0KgwRROLbVOd9JOrHJh-nPIlA.roa
File: VG0KgwRROLbVOd9JOrHJh-nPIlA.roa (raw, json)
Hash identifier: rxl4OCfqD96/CgzRQanv/nODbWfsv+MZDlgGNKcN/0A=
Subject key identifier: 54:6D:0A:83:04:51:38:B6:D5:39:DF:49:3A:B1:C9:87:E9:CF:22:50
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 01905E47226CE30964D90243863E9970A212
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/VG0KgwRROLbVOd9JOrHJh-nPIlA.roa
Signing time: Fri 28 Jun 2024 09:57:18 +0000
ROA not before: Fri 28 Jun 2024 09:57:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 27882
IP address blocks: 158.172.152.0/21 maxlen: 21
158.172.152.0/22 maxlen: 22
158.172.152.0/23 maxlen: 23
158.172.152.0/24 maxlen: 24
158.172.153.0/24 maxlen: 24
158.172.154.0/23 maxlen: 23
158.172.154.0/24 maxlen: 24
158.172.155.0/24 maxlen: 24
158.172.156.0/22 maxlen: 22
158.172.156.0/23 maxlen: 23
158.172.156.0/24 maxlen: 24
158.172.157.0/24 maxlen: 24
158.172.158.0/23 maxlen: 23
158.172.158.0/24 maxlen: 24
158.172.159.0/24 maxlen: 24
158.172.224.0/19 maxlen: 19
158.172.224.0/20 maxlen: 20
158.172.224.0/21 maxlen: 21
158.172.224.0/22 maxlen: 22
158.172.224.0/23 maxlen: 23
158.172.224.0/24 maxlen: 24
158.172.225.0/24 maxlen: 24
158.172.226.0/23 maxlen: 23
158.172.226.0/24 maxlen: 24
158.172.227.0/24 maxlen: 24
158.172.228.0/22 maxlen: 22
158.172.228.0/23 maxlen: 23
158.172.228.0/24 maxlen: 24
158.172.229.0/24 maxlen: 24
158.172.230.0/23 maxlen: 23
158.172.230.0/24 maxlen: 24
158.172.231.0/24 maxlen: 24
158.172.232.0/21 maxlen: 21
158.172.232.0/22 maxlen: 22
158.172.232.0/23 maxlen: 23
158.172.232.0/24 maxlen: 24
158.172.233.0/24 maxlen: 24
158.172.234.0/23 maxlen: 23
158.172.234.0/24 maxlen: 24
158.172.235.0/24 maxlen: 24
158.172.236.0/22 maxlen: 22
158.172.236.0/23 maxlen: 23
158.172.236.0/24 maxlen: 24
158.172.237.0/24 maxlen: 24
158.172.238.0/23 maxlen: 23
158.172.238.0/24 maxlen: 24
158.172.239.0/24 maxlen: 24
158.172.240.0/20 maxlen: 20
158.172.240.0/21 maxlen: 21
158.172.240.0/22 maxlen: 22
158.172.240.0/23 maxlen: 23
158.172.240.0/24 maxlen: 24
158.172.241.0/24 maxlen: 24
158.172.242.0/23 maxlen: 23
158.172.242.0/24 maxlen: 24
158.172.243.0/24 maxlen: 24
158.172.244.0/22 maxlen: 22
158.172.244.0/23 maxlen: 23
158.172.244.0/24 maxlen: 24
158.172.245.0/24 maxlen: 24
158.172.246.0/23 maxlen: 23
158.172.246.0/24 maxlen: 24
158.172.247.0/24 maxlen: 24
158.172.248.0/21 maxlen: 21
158.172.248.0/22 maxlen: 22
158.172.248.0/23 maxlen: 23
158.172.248.0/24 maxlen: 24
158.172.249.0/24 maxlen: 24
158.172.250.0/23 maxlen: 23
158.172.250.0/24 maxlen: 24
158.172.251.0/24 maxlen: 24
158.172.252.0/22 maxlen: 22
158.172.252.0/23 maxlen: 23
158.172.252.0/24 maxlen: 24
158.172.253.0/24 maxlen: 24
158.172.254.0/23 maxlen: 23
158.172.254.0/24 maxlen: 24
158.172.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5e:47:22:6c:e3:09:64:d9:02:43:86:3e:99:70:a2:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jun 28 09:57:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=546d0a83045138b6d539df493ab1c987e9cf2250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0e:db:6c:ad:b5:5f:65:30:83:ba:24:a0:fb:
84:d8:89:9e:bf:05:74:b9:5d:46:a5:2e:83:52:1d:
42:1a:e9:e6:06:d2:1e:b2:86:27:d1:a5:26:42:eb:
b6:e3:82:13:ea:66:d3:ec:42:b4:7f:ea:af:0a:5e:
f9:04:d9:0a:10:23:42:be:a0:99:67:9f:13:d8:09:
13:fb:3c:d3:00:e1:4d:6a:82:10:84:88:d3:f8:4a:
8b:b2:77:3c:05:67:69:01:2b:3d:a6:17:1c:6d:ce:
89:a5:d4:39:e2:f6:05:7d:f1:e7:10:8f:11:81:6b:
32:12:09:21:8c:e2:0b:84:6a:41:93:87:06:2c:89:
74:e5:7d:4c:e2:6d:7e:08:31:e4:f4:81:84:51:55:
71:49:97:ad:b3:72:35:4f:ca:de:46:44:fd:a4:0b:
ab:ed:05:26:8e:83:4a:ac:4e:02:b2:49:93:a3:2d:
7c:fe:42:50:8d:33:a3:df:b8:c4:10:d0:36:28:58:
8e:b9:b9:90:3a:5b:9c:97:9d:14:6b:e6:08:8d:ef:
5d:1d:b0:fd:06:a4:01:bd:9d:74:27:55:43:41:28:
ac:ca:1d:77:27:02:79:fc:95:a7:80:96:f1:da:c2:
84:68:3e:06:c8:9c:61:62:89:f3:1a:84:aa:40:39:
18:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6D:0A:83:04:51:38:B6:D5:39:DF:49:3A:B1:C9:87:E9:CF:22:50
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/VG0KgwRROLbVOd9JOrHJh-nPIlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.152.0/21
158.172.224.0/19
Signature Algorithm: sha256WithRSAEncryption
26:7e:6c:01:cc:fc:f2:83:92:c0:00:40:52:77:7c:ed:b3:ac:
0a:fd:6f:91:f9:15:84:f1:fe:9f:00:8d:73:7f:56:fd:be:3f:
ac:3f:aa:85:cc:b9:b6:6e:6d:17:02:40:2c:33:94:5b:85:82:
30:f0:a9:4c:9f:c3:de:19:9c:12:47:f0:44:0f:2b:e3:e3:b3:
42:eb:52:37:84:dd:5c:a0:2e:5c:1b:9a:4a:84:31:27:5f:64:
0f:a0:76:96:19:a6:f5:fb:bd:6b:ef:53:37:6d:b5:33:10:52:
96:79:e2:17:2b:c0:f5:3a:e0:56:28:c5:71:a4:91:9c:9f:29:
a7:d2:8d:51:91:85:8f:3a:e0:ad:26:81:51:2d:82:08:f0:ee:
0e:e5:cd:0e:96:d9:91:9f:1b:1c:17:33:3a:c0:08:81:10:8d:
07:48:4a:8b:f0:ac:96:a0:bc:06:75:d1:d2:e4:d2:39:da:b7:
f2:fe:5b:82:0c:d2:67:49:79:1d:19:9c:d6:11:91:99:b3:be:
10:43:fb:89:99:1f:5f:fd:a6:d1:77:34:39:f6:2a:6d:02:70:
75:fa:e8:23:05:cb:b9:d8:64:f4:d0:98:cc:c0:8f:df:96:ee:
9f:99:04:ab:75:03:bf:56:ce:99:67:89:a4:59:6d:99:88:c1:
79:4f:79:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBeRyJs4wlk2QJDhj6ZcKISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjQwNjI4MDk1NzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDZkMGE4MzA0NTEzOGI2ZDUzOWRmNDkzYWIxYzk4N2U5Y2YyMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig7bbK21X2Uwg7okoPuE2ImevwV0
uV1GpS6DUh1CGunmBtIesoYn0aUmQuu244IT6mbT7EK0f+qvCl75BNkKECNCvqCZ
Z58T2AkT+zzTAOFNaoIQhIjT+EqLsnc8BWdpASs9phccbc6JpdQ54vYFffHnEI8R
gWsyEgkhjOILhGpBk4cGLIl05X1M4m1+CDHk9IGEUVVxSZets3I1T8reRkT9pAur
7QUmjoNKrE4CskmToy18/kJQjTOj37jEENA2KFiOubmQOlucl50Ua+YIje9dHbD9
BqQBvZ10J1VDQSisyh13JwJ5/JWngJbx2sKEaD4GyJxhYonzGoSqQDkYqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFRtCoMEUTi21TnfSTqxyYfpzyJQMB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvVkcwS2d3UlJPTGJWT2Q5Sk9ySEpoLW5QSWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnqyYAwQF
nqzgMA0GCSqGSIb3DQEBCwUAA4IBAQAmfmwBzPzyg5LAAEBSd3zts6wK/W+R+RWE
8f6fAI1zf1b9vj+sP6qFzLm2bm0XAkAsM5RbhYIw8KlMn8PeGZwSR/BEDyvj47NC
61I3hN1coC5cG5pKhDEnX2QPoHaWGab1+71r71M3bbUzEFKWeeIXK8D1OuBWKMVx
pJGcnymn0o1RkYWPOuCtJoFRLYII8O4O5c0OltmRnxscFzM6wAiBEI0HSEqL8KyW
oLwGddHS5NI52rfy/luCDNJnSXkdGZzWEZGZs74QQ/uJmR9f/abRdzQ59iptAnB1
+ugjBcu52GT00JjMwI/flu6fmQSrdQO/Vs6ZZ4mkWW2ZiMF5T3mM
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:33:18 2024 by rpki-client on console-ams.rpki-client.org