Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/ctgoqT_Y1tUMH4mKIOLBliE8kKM.roa
File: ctgoqT_Y1tUMH4mKIOLBliE8kKM.roa (raw, json)
Hash identifier: QVDxyBAhZvc6avwPRODzMq6pIUzD1LVHTmyl5zbU6vs=
Subject key identifier: 72:D8:28:A9:3F:D8:D6:D5:0C:1F:89:8A:20:E2:C1:96:21:3C:90:A3
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 018CC5DCB5889E40EB813DB9EC176842943A
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/ctgoqT_Y1tUMH4mKIOLBliE8kKM.roa
Signing time: Mon 01 Jan 2024 16:30:25 +0000
ROA not before: Mon 01 Jan 2024 16:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205888
IP address blocks: 5.40.168.0/24 maxlen: 24
62.175.210.0/24 maxlen: 24
5.40.0.0/24 maxlen: 24
89.140.57.0/24 maxlen: 24
5.40.225.0/24 maxlen: 24
5.40.122.0/24 maxlen: 24
95.39.64.0/24 maxlen: 24
5.40.133.0/24 maxlen: 24
5.40.155.0/24 maxlen: 24
5.40.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b5:88:9e:40:eb:81:3d:b9:ec:17:68:42:94:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 16:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72d828a93fd8d6d50c1f898a20e2c196213c90a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:84:4e:bd:68:26:b6:9f:8a:49:bd:4c:24:c9:
c9:dd:d6:b3:d0:a3:cc:e8:b3:77:15:56:df:28:09:
70:28:b8:46:55:d5:95:7e:1c:9e:3c:dc:df:15:c9:
9f:82:7a:2e:98:50:87:d4:c2:13:c6:07:0d:60:78:
0b:dc:9e:9b:d2:a6:17:45:0c:b4:9e:2b:0d:85:84:
0c:37:55:b5:d4:6e:ee:7a:af:90:96:33:a9:51:76:
19:49:ea:6e:32:75:87:b7:ff:6d:3c:b9:ca:38:82:
b5:0c:02:fe:37:e0:cd:de:c1:6c:90:dc:57:d6:08:
c5:e4:c2:3b:44:7d:d2:81:fd:49:b3:e7:48:41:67:
4a:0f:50:d9:1c:1b:4a:b4:77:1a:02:ce:54:a1:24:
ce:76:95:df:a4:77:a3:6a:9a:ee:87:91:5a:47:18:
f9:58:91:58:b1:b2:34:a6:79:9a:70:19:93:5a:11:
96:06:52:f2:9d:a0:27:d4:20:ae:d7:e2:5f:4a:13:
2e:25:0f:49:eb:2d:f5:5d:be:3c:a8:e2:c3:7d:68:
dd:21:9f:90:ec:95:12:59:d4:fe:14:b1:bb:70:20:
ba:73:e7:58:fe:82:ef:49:4f:71:af:49:22:f8:ab:
70:af:ef:76:33:05:18:53:da:60:9e:77:47:05:49:
49:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D8:28:A9:3F:D8:D6:D5:0C:1F:89:8A:20:E2:C1:96:21:3C:90:A3
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/ctgoqT_Y1tUMH4mKIOLBliE8kKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.0.0/24
5.40.122.0/24
5.40.133.0/24
5.40.155.0/24
5.40.157.0/24
5.40.168.0/24
5.40.225.0/24
62.175.210.0/24
89.140.57.0/24
95.39.64.0/24
Signature Algorithm: sha256WithRSAEncryption
59:82:45:1a:e5:66:06:20:d2:81:44:96:9e:c7:38:49:71:d0:
fc:44:77:1f:91:61:80:44:5b:8f:17:b8:1f:f1:e2:4f:7e:d6:
c0:82:db:06:d3:9a:44:0a:ae:31:ca:0b:28:87:b0:3d:31:18:
99:d5:6d:0f:7d:37:0d:92:6c:c9:a1:8b:32:3d:a9:0b:f6:6d:
c9:1c:92:bc:be:bc:76:64:31:86:a4:ee:6e:2b:6b:7c:4b:75:
0f:d6:27:65:e7:d9:c0:15:cf:6f:64:1a:e1:20:c1:b4:03:3f:
68:c0:fd:bc:49:f9:a6:f8:e7:bb:df:6f:59:18:fc:0a:1a:3a:
e2:2c:84:22:2b:92:83:a8:d3:05:c3:24:4b:e5:fe:81:79:5d:
8c:2c:a4:3b:1a:f3:d6:b2:2a:0e:82:4a:a8:be:48:f8:9e:4f:
c7:6c:af:b2:b9:e1:70:51:64:15:4a:26:b4:89:b6:be:86:3e:
29:4d:68:89:47:23:da:c8:79:e9:a8:bc:62:db:43:6b:ae:35:
fa:fc:60:20:04:56:09:c9:e7:df:26:d1:89:15:39:2a:f1:dc:
50:be:24:21:54:2d:78:f2:b1:b8:84:cf:54:cf:ab:26:68:f6:
32:dc:16:37:42:fc:af:53:93:22:00:bc:3c:e7:b3:79:41:55:
5a:8b:57:84
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzF3LWInkDrgT257BdoQpQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjQwMTAxMTYzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ4MjhhOTNmZDhkNmQ1MGMxZjg5OGEyMGUyYzE5NjIxM2M5MGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoROvWgmtp+KSb1MJMnJ3daz0KPM
6LN3FVbfKAlwKLhGVdWVfhyePNzfFcmfgnoumFCH1MITxgcNYHgL3J6b0qYXRQy0
nisNhYQMN1W11G7ueq+QljOpUXYZSepuMnWHt/9tPLnKOIK1DAL+N+DN3sFskNxX
1gjF5MI7RH3Sgf1Js+dIQWdKD1DZHBtKtHcaAs5UoSTOdpXfpHejapruh5FaRxj5
WJFYsbI0pnmacBmTWhGWBlLynaAn1CCu1+JfShMuJQ9J6y31Xb48qOLDfWjdIZ+Q
7JUSWdT+FLG7cCC6c+dY/oLvSU9xr0ki+Ktwr+92MwUYU9pgnndHBUlJMwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHLYKKk/2NbVDB+JiiDiwZYhPJCjMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvY3Rnb3FUX1kxdFVNSDRtS0lPTEJsaUU4a0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABSgAAwQA
BSh6AwQABSiFAwQABSibAwQABSidAwQABSioAwQABSjhAwQAPq/SAwQAWYw5AwQA
XydAMA0GCSqGSIb3DQEBCwUAA4IBAQBZgkUa5WYGINKBRJaexzhJcdD8RHcfkWGA
RFuPF7gf8eJPftbAgtsG05pECq4xygsoh7A9MRiZ1W0PfTcNkmzJoYsyPakL9m3J
HJK8vrx2ZDGGpO5uK2t8S3UP1idl59nAFc9vZBrhIMG0Az9owP28Sfmm+Oe7329Z
GPwKGjriLIQiK5KDqNMFwyRL5f6BeV2MLKQ7GvPWsioOgkqovkj4nk/HbK+yueFw
UWQVSia0iba+hj4pTWiJRyPayHnpqLxi20NrrjX6/GAgBFYJyeffJtGJFTkq8dxQ
viQhVC148rG4hM9Uz6smaPYy3BY3QvyvU5MiALw857N5QVVai1eE
-----END CERTIFICATE-----
Generated at Tue May 28 14:33:59 2024 by rpki-client on console-fra.rpki-client.org