Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/w-3yAenUjWQ49vzAF2QD9uBZNno.roa
File: w-3yAenUjWQ49vzAF2QD9uBZNno.roa (raw, json)
Hash identifier: I7ZNX6ciwdjhHkayDn+sU0kJmPlWS3kGdj07CTEkLL4=
Subject key identifier: C3:ED:F2:01:E9:D4:8D:64:38:F6:FC:C0:17:64:03:F6:E0:59:36:7A
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0192BCC590CBB0033FDF1B12158EA806223C
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/w-3yAenUjWQ49vzAF2QD9uBZNno.roa
Signing time: Thu 24 Oct 2024 04:25:16 +0000
ROA not before: Thu 24 Oct 2024 04:25:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15723
IP address blocks: 5.178.4.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.9.0/24 maxlen: 24
5.178.10.0/24 maxlen: 24
5.178.11.0/24 maxlen: 24
5.178.12.0/24 maxlen: 24
5.178.13.0/24 maxlen: 24
5.178.14.0/24 maxlen: 24
5.178.15.0/24 maxlen: 24
46.23.100.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.103.0/24 maxlen: 24
62.217.128.0/19 maxlen: 19
62.217.128.0/24 maxlen: 24
62.217.129.0/24 maxlen: 24
62.217.130.0/24 maxlen: 24
62.217.131.0/24 maxlen: 24
62.217.132.0/24 maxlen: 24
62.217.134.0/24 maxlen: 24
62.217.135.0/24 maxlen: 24
62.217.136.0/24 maxlen: 24
62.217.137.0/24 maxlen: 24
62.217.138.0/24 maxlen: 24
62.217.139.0/24 maxlen: 24
62.217.140.0/24 maxlen: 24
62.217.141.0/24 maxlen: 24
62.217.142.0/24 maxlen: 24
62.217.143.0/24 maxlen: 24
62.217.144.0/24 maxlen: 24
62.217.145.0/24 maxlen: 24
62.217.146.0/24 maxlen: 24
62.217.147.0/24 maxlen: 24
62.217.148.0/24 maxlen: 24
62.217.149.0/24 maxlen: 24
62.217.150.0/24 maxlen: 24
62.217.151.0/24 maxlen: 24
62.217.152.0/24 maxlen: 24
62.217.153.0/24 maxlen: 24
62.217.154.0/24 maxlen: 24
62.217.155.0/24 maxlen: 24
62.217.156.0/24 maxlen: 24
62.217.157.0/24 maxlen: 24
62.217.158.0/24 maxlen: 24
62.217.159.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
109.205.208.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
188.64.8.0/24 maxlen: 24
188.64.9.0/24 maxlen: 24
188.64.10.0/24 maxlen: 24
188.64.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bc:c5:90:cb:b0:03:3f:df:1b:12:15:8e:a8:06:22:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Oct 24 04:25:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c3edf201e9d48d6438f6fcc0176403f6e059367a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:03:70:b9:ca:3c:f1:bb:46:a0:b3:55:fb:ca:
10:2f:c9:0c:ba:f6:75:4f:c5:3d:61:10:b5:eb:05:
b7:d2:f1:cc:72:a4:f4:95:71:ac:5d:0a:f1:da:84:
91:a6:3b:09:68:ad:ea:ab:09:72:fc:54:a1:d4:1a:
c4:ae:fd:2d:0a:b7:2e:c4:e4:a4:20:28:b8:00:60:
b1:38:c3:df:ce:ee:9e:79:bb:51:27:2d:d8:b5:67:
68:89:6f:1b:5a:0a:bf:ec:ad:bb:88:3d:20:62:c1:
b5:da:ea:7e:24:a5:93:41:93:2b:eb:bd:45:28:74:
39:ef:10:ef:86:cb:6f:72:e4:58:52:97:17:fd:19:
ad:a2:05:9e:c1:30:d4:59:3c:d2:96:46:78:79:3a:
a0:45:8c:f7:c3:8f:1a:d4:f7:68:ca:53:fc:5b:3b:
e1:e5:63:b2:17:60:bc:e6:80:df:34:73:31:af:a3:
09:c4:2f:fe:c0:43:7b:8d:b9:cf:32:1f:0a:15:f2:
ad:0d:c1:e2:29:17:5e:f9:5c:9e:ed:9b:8b:1f:ee:
dc:50:27:e1:0c:06:97:2e:9e:11:25:0a:92:29:88:
43:5d:af:eb:bc:1d:40:4e:94:3d:1d:53:3a:48:10:
e5:4b:f7:a3:ae:ee:d3:25:7f:d4:fe:b6:ec:a8:62:
dc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:ED:F2:01:E9:D4:8D:64:38:F6:FC:C0:17:64:03:F6:E0:59:36:7A
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/w-3yAenUjWQ49vzAF2QD9uBZNno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.4.0/22
5.178.9.0-5.178.15.255
46.23.100.0/22
62.217.128.0/19
88.151.199.0/24
109.205.208.0/24
185.81.217.0/24
188.64.8.0/22
Signature Algorithm: sha256WithRSAEncryption
c2:a2:79:aa:75:04:39:3a:02:fa:eb:3c:e6:2d:a2:f7:cc:85:
f3:57:3a:6c:c1:42:a2:98:36:d4:17:3b:56:cf:7d:82:17:bd:
d8:58:8c:b0:3e:7c:b3:4f:ed:11:1e:d9:c1:b5:b8:27:c9:4e:
0d:b1:53:67:bb:f1:22:05:a3:52:07:bd:17:da:5e:98:90:eb:
6d:d4:60:31:48:b3:60:55:48:3b:ff:78:eb:5a:05:1b:4a:1f:
f0:a3:1e:81:21:e1:de:c5:40:2f:3c:18:1a:c2:20:ff:12:b0:
02:22:87:21:ba:2d:76:04:25:08:fc:25:2d:38:38:a6:42:80:
3d:8c:76:66:c3:c1:e2:b6:8b:02:14:c4:2a:63:81:f9:3a:61:
05:aa:ec:ba:11:13:c4:89:94:e6:17:a0:8d:23:0d:ce:3f:d2:
c9:95:68:28:ef:15:96:0b:99:66:1a:f4:ac:59:c7:4e:c4:89:
14:81:9a:88:28:ba:76:22:4f:1b:12:35:30:3a:79:b2:b1:ee:
84:2d:f1:c7:49:d6:f1:a3:b2:3f:b3:6f:97:cc:83:da:c3:e1:
aa:7f:77:51:51:c6:83:99:aa:fe:15:f9:68:6b:10:cc:37:ad:
c7:03:96:d2:7c:de:3a:da:a5:8c:60:c7:79:45:fa:6c:5e:5b:
2f:22:a0:1e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZK8xZDLsAM/3xsSFY6oBiI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQxMDI0MDQyNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2VkZjIwMWU5ZDQ4ZDY0MzhmNmZjYzAxNzY0MDNmNmUwNTkzNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQNwuco88btGoLNV+8oQL8kMuvZ1
T8U9YRC16wW30vHMcqT0lXGsXQrx2oSRpjsJaK3qqwly/FSh1BrErv0tCrcuxOSk
ICi4AGCxOMPfzu6eebtRJy3YtWdoiW8bWgq/7K27iD0gYsG12up+JKWTQZMr671F
KHQ57xDvhstvcuRYUpcX/RmtogWewTDUWTzSlkZ4eTqgRYz3w48a1PdoylP8Wzvh
5WOyF2C85oDfNHMxr6MJxC/+wEN7jbnPMh8KFfKtDcHiKRde+Vye7ZuLH+7cUCfh
DAaXLp4RJQqSKYhDXa/rvB1ATpQ9HVM6SBDlS/ejru7TJX/U/rbsqGLcgwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMPt8gHp1I1kOPb8wBdkA/bgWTZ6MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvdy0zeUFlblVqV1E0OXZ6QUYyUUQ5dUJaTm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCBbIEMAwD
BAAFsgkDBAQFsgADBAIuF2QDBAU+2YADBABYl8cDBABtzdADBAC5UdkDBAK8QAgw
DQYJKoZIhvcNAQELBQADggEBAMKieap1BDk6AvrrPOYtovfMhfNXOmzBQqKYNtQX
O1bPfYIXvdhYjLA+fLNP7REe2cG1uCfJTg2xU2e78SIFo1IHvRfaXpiQ623UYDFI
s2BVSDv/eOtaBRtKH/CjHoEh4d7FQC88GBrCIP8SsAIihyG6LXYEJQj8JS04OKZC
gD2MdmbDweK2iwIUxCpjgfk6YQWq7LoRE8SJlOYXoI0jDc4/0smVaCjvFZYLmWYa
9KxZx07EiRSBmogounYiTxsSNTA6ebKx7oQt8cdJ1vGjsj+zb5fMg9rD4ap/d1FR
xoOZqv4V+WhrEMw3rccDltJ83jrapYxgx3lF+mxeWy8ioB4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:06:00 2024 by rpki-client on console-fra.rpki-client.org