Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/t40IvNPN6mJJp6QnqnktRm4wjQg.roa
File: t40IvNPN6mJJp6QnqnktRm4wjQg.roa (raw, json)
Hash identifier: smWA2utvT5IfmsgjF3NcjGw2apxwiK57oxZ/baQFXIU=
Subject key identifier: B7:8D:08:BC:D3:CD:EA:62:49:A7:A4:27:AA:79:2D:46:6E:30:8D:08
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 018E60D3EBE6E3D80702D3E080EF97A3430B
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/t40IvNPN6mJJp6QnqnktRm4wjQg.roa
Signing time: Thu 21 Mar 2024 11:44:44 +0000
ROA not before: Thu 21 Mar 2024 11:44:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 5.183.240.0/23 maxlen: 23
5.183.242.0/23 maxlen: 23
45.14.80.0/24 maxlen: 24
45.86.24.0/22 maxlen: 22
92.119.24.0/23 maxlen: 23
92.119.26.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:60:d3:eb:e6:e3:d8:07:02:d3:e0:80:ef:97:a3:43:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Mar 21 11:44:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b78d08bcd3cdea6249a7a427aa792d466e308d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b2:28:8b:65:d5:09:52:a2:ef:e3:e2:78:52:
b7:b8:03:58:a0:3b:fd:77:3f:b9:72:54:d9:97:65:
06:d9:a5:ee:9e:43:3e:32:eb:51:23:7b:57:a6:7d:
55:59:46:34:3f:d0:8d:29:fd:d5:87:d1:c8:4f:e0:
39:ed:b0:0a:73:ae:6c:97:84:b0:c3:e1:89:fd:61:
37:c4:91:53:1c:e5:fa:7c:22:e0:da:f5:ec:73:68:
1b:90:a7:74:49:cc:7a:76:56:15:26:9d:d0:9a:11:
15:c1:2e:e8:a3:8b:fd:d6:40:94:4c:78:1e:a1:78:
57:3c:30:3e:19:a5:ac:98:61:6b:59:92:46:19:96:
de:93:9c:6e:54:cf:50:c6:ab:4d:1a:6b:63:9b:7d:
c5:6d:dd:2d:51:95:93:19:8d:f4:7c:8f:3b:5a:68:
fd:8b:29:f8:1f:8d:9a:32:f1:3c:c8:1f:67:7c:e5:
85:e7:96:29:d5:ad:ff:e3:d6:8c:54:dd:65:86:a4:
7a:2a:9a:95:80:4d:94:2a:20:81:e4:dc:be:09:1a:
b3:cd:d5:f3:ca:bd:79:64:6d:45:45:30:bd:55:20:
ca:fc:0c:73:b6:97:d6:ce:cd:f7:df:af:86:d9:d2:
f2:89:91:30:b7:4c:df:fa:e1:9d:ce:80:b7:70:ec:
dc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:8D:08:BC:D3:CD:EA:62:49:A7:A4:27:AA:79:2D:46:6E:30:8D:08
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/t40IvNPN6mJJp6QnqnktRm4wjQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.240.0/22
45.14.80.0/24
45.86.24.0/22
92.119.24.0/22
Signature Algorithm: sha256WithRSAEncryption
47:4b:56:ba:bd:9e:e9:6f:97:1a:9f:a7:fe:da:ea:39:44:be:
3e:96:fb:fb:93:18:e9:1b:fa:87:33:2d:ae:de:5a:e0:90:41:
84:55:a1:72:e6:1c:91:d6:3c:87:b2:46:9b:6f:cd:28:e3:08:
aa:12:07:68:ec:07:de:fb:c6:56:a2:57:10:51:89:15:f0:39:
a0:94:0f:19:ea:66:c5:cf:c5:40:02:00:f8:2e:66:e9:ea:53:
f9:ad:45:ae:97:1e:37:4f:f8:2f:51:a3:f0:8d:9c:74:51:2f:
38:a8:c5:ea:70:ae:2f:4b:b3:cd:ef:17:0c:ca:b7:0a:e0:12:
c7:c8:0d:44:b4:d9:d9:61:2d:49:2f:5b:50:0d:dc:44:f7:95:
36:83:ad:c8:d9:f5:eb:6a:45:75:6a:c6:08:e2:a2:0c:f9:54:
4a:9a:47:5e:bc:6a:d0:e2:3e:33:a7:2c:d0:54:3b:25:12:f5:
07:43:52:e7:61:69:92:f1:88:13:44:90:7d:79:25:30:13:ae:
66:a7:31:68:57:2a:5c:29:84:b4:ba:f8:93:33:24:0b:68:54:
2f:ff:e4:74:89:55:68:61:98:35:2a:7e:2c:70:4d:63:0c:2a:
1d:b6:1b:9d:ef:c2:e1:f9:c0:e5:26:b3:ed:5a:d8:55:18:ac:
5e:04:36:af
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5g0+vm49gHAtPggO+Xo0MLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjQwMzIxMTE0NDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzhkMDhiY2QzY2RlYTYyNDlhN2E0MjdhYTc5MmQ0NjZlMzA4ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLIoi2XVCVKi7+PieFK3uANYoDv9
dz+5clTZl2UG2aXunkM+MutRI3tXpn1VWUY0P9CNKf3Vh9HIT+A57bAKc65sl4Sw
w+GJ/WE3xJFTHOX6fCLg2vXsc2gbkKd0Scx6dlYVJp3QmhEVwS7oo4v91kCUTHge
oXhXPDA+GaWsmGFrWZJGGZbek5xuVM9QxqtNGmtjm33Fbd0tUZWTGY30fI87Wmj9
iyn4H42aMvE8yB9nfOWF55Yp1a3/49aMVN1lhqR6KpqVgE2UKiCB5Ny+CRqzzdXz
yr15ZG1FRTC9VSDK/AxztpfWzs3336+G2dLyiZEwt0zf+uGdzoC3cOzcYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLeNCLzTzepiSaekJ6p5LUZuMI0IMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvdDQwSXZOUE42bUpKcDZRbnFua3RSbTR3alFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbfwAwQA
LQ5QAwQCLVYYAwQCXHcYMA0GCSqGSIb3DQEBCwUAA4IBAQBHS1a6vZ7pb5can6f+
2uo5RL4+lvv7kxjpG/qHMy2u3lrgkEGEVaFy5hyR1jyHskabb80o4wiqEgdo7Afe
+8ZWolcQUYkV8DmglA8Z6mbFz8VAAgD4Lmbp6lP5rUWulx43T/gvUaPwjZx0US84
qMXqcK4vS7PN7xcMyrcK4BLHyA1EtNnZYS1JL1tQDdxE95U2g63I2fXrakV1asYI
4qIM+VRKmkdevGrQ4j4zpyzQVDslEvUHQ1LnYWmS8YgTRJB9eSUwE65mpzFoVypc
KYS0uviTMyQLaFQv/+R0iVVoYZg1Kn4scE1jDCodthud78Lh+cDlJrPtWthVGKxe
BDav
-----END CERTIFICATE-----
Generated at Sun Apr 28 10:04:24 2024 by rpki-client on console-ams.rpki-client.org