Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/SjuAKq0bm2AjDFpqL8m1c6Ra2U4.roa
File: SjuAKq0bm2AjDFpqL8m1c6Ra2U4.roa (raw, json)
Hash identifier: X69ML5MX+hMX3jeHVkKCFfYNPreygmvqHJLu78I4HYg=
Subject key identifier: 4A:3B:80:2A:AD:1B:9B:60:23:0C:5A:6A:2F:C9:B5:73:A4:5A:D9:4E
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018ED1D6034023531D022BA4E8D12725851C
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/SjuAKq0bm2AjDFpqL8m1c6Ra2U4.roa
Signing time: Fri 12 Apr 2024 10:24:07 +0000
ROA not before: Fri 12 Apr 2024 10:24:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44486
IP address blocks: 5.180.252.0/23 maxlen: 23
5.180.254.0/23 maxlen: 23
5.253.244.0/24 maxlen: 24
45.67.136.0/24 maxlen: 24
45.67.138.0/24 maxlen: 24
45.84.199.0/24 maxlen: 24
45.91.251.0/24 maxlen: 24
45.131.109.0/24 maxlen: 24
45.134.108.0/23 maxlen: 23
45.134.108.0/24 maxlen: 24
45.134.109.0/24 maxlen: 24
45.137.69.0/24 maxlen: 24
45.137.71.0/24 maxlen: 24
45.145.224.0/23 maxlen: 23
46.243.76.0/22 maxlen: 24
185.132.55.0/24 maxlen: 24
212.87.214.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:d6:03:40:23:53:1d:02:2b:a4:e8:d1:27:25:85:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Apr 12 10:24:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a3b802aad1b9b60230c5a6a2fc9b573a45ad94e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b0:3e:78:5f:e6:9b:c3:44:5f:11:c8:58:2c:
2a:82:ed:53:f2:d3:11:d4:8b:cc:b0:03:24:93:3a:
7f:36:c6:96:2d:4e:1c:e2:0b:46:9d:80:c9:a6:01:
16:b2:79:77:d2:6b:95:4f:3b:03:cd:3f:c6:c9:85:
21:70:28:ed:fc:26:b0:10:c6:75:24:bb:cf:4f:45:
58:c1:01:35:98:6c:25:a0:20:ef:f3:e4:70:93:a8:
a7:b3:8f:e8:d2:74:28:45:6d:0e:f2:55:9e:8c:02:
92:c9:43:ac:4a:e3:d4:ea:d3:0a:d7:d6:26:ee:40:
30:18:5c:05:66:26:e0:d6:58:c5:ed:18:20:6c:8a:
de:86:42:c8:28:83:d1:81:3b:e7:bf:a9:0a:9b:df:
b8:24:52:b7:a6:15:8d:ea:62:34:a2:8c:d4:aa:b1:
eb:53:9a:03:d4:67:17:67:93:b0:9e:75:39:75:33:
f8:9f:fb:a9:64:e3:27:35:5d:fc:0a:6d:5b:d0:5c:
29:b1:fb:22:a9:86:cc:06:df:ff:56:f0:49:49:76:
94:19:42:4d:d6:59:9a:31:e9:a2:f9:bc:2c:59:09:
cc:68:82:05:4d:ba:6f:e4:20:47:ea:4d:03:47:86:
9f:31:60:92:1b:35:f8:9b:12:af:15:00:7a:48:e9:
0a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3B:80:2A:AD:1B:9B:60:23:0C:5A:6A:2F:C9:B5:73:A4:5A:D9:4E
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/SjuAKq0bm2AjDFpqL8m1c6Ra2U4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.252.0/22
5.253.244.0/24
45.67.136.0/24
45.67.138.0/24
45.84.199.0/24
45.91.251.0/24
45.131.109.0/24
45.134.108.0/23
45.137.69.0/24
45.137.71.0/24
45.145.224.0/23
46.243.76.0/22
185.132.55.0/24
212.87.214.0/23
Signature Algorithm: sha256WithRSAEncryption
67:34:56:72:34:9d:c2:f8:c8:fc:8e:3c:aa:2d:50:a3:ac:16:
d3:6d:bb:9b:d9:86:5d:e2:91:13:45:f8:0e:74:6f:50:96:4d:
9b:a0:5e:93:2f:1c:e4:87:4e:ee:5e:b0:41:ae:2d:b2:3a:cd:
c7:1c:c6:5b:8a:8e:90:50:c2:b9:ef:61:28:55:ec:a4:19:0c:
49:c1:51:f3:82:85:79:4a:6b:0d:25:d9:b1:ab:2d:10:27:77:
89:33:22:5c:33:d7:c6:29:0a:c0:54:94:0c:6d:08:55:9d:9e:
1a:a4:c6:96:ea:14:d9:e2:16:c2:b0:ff:7f:c1:f2:da:d4:cf:
f6:6d:82:98:61:44:c2:5a:97:0a:f4:b9:0a:2a:ba:6c:81:e8:
e4:2c:b6:c8:83:bb:33:ea:1d:19:09:e8:0a:85:3c:c7:ba:0d:
3b:95:22:32:4d:09:5b:99:bf:b8:8a:5f:5a:08:34:b3:2a:65:
e7:a9:af:16:9a:e8:cc:84:bc:54:20:bf:ee:80:3b:d2:50:56:
55:14:04:3e:29:d4:27:58:39:08:3b:9d:dc:74:58:85:0a:3a:
12:4a:9d:a6:50:1c:dd:2c:87:a0:88:38:51:08:d0:a1:05:4b:
53:7d:fd:e3:b6:11:a6:a2:1a:b8:6f:85:16:6d:c5:f9:55:c2:
b5:08:55:b2
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAY7R1gNAI1MdAiuk6NEnJYUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwNDEyMTAyNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTNiODAyYWFkMWI5YjYwMjMwYzVhNmEyZmM5YjU3M2E0NWFkOTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbA+eF/mm8NEXxHIWCwqgu1T8tMR
1IvMsAMkkzp/NsaWLU4c4gtGnYDJpgEWsnl30muVTzsDzT/GyYUhcCjt/CawEMZ1
JLvPT0VYwQE1mGwloCDv8+Rwk6ins4/o0nQoRW0O8lWejAKSyUOsSuPU6tMK19Ym
7kAwGFwFZibg1ljF7RggbIrehkLIKIPRgTvnv6kKm9+4JFK3phWN6mI0oozUqrHr
U5oD1GcXZ5OwnnU5dTP4n/upZOMnNV38Cm1b0FwpsfsiqYbMBt//VvBJSXaUGUJN
1lmaMemi+bwsWQnMaIIFTbpv5CBH6k0DR4afMWCSGzX4mxKvFQB6SOkKWwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEo7gCqtG5tgIwxaai/JtXOkWtlOMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvU2p1QUtxMGJtMkFqREZwcUw4bTFjNlJhMlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCBbT8AwQA
Bf30AwQALUOIAwQALUOKAwQALVTHAwQALVv7AwQALYNtAwQBLYZsAwQALYlFAwQA
LYlHAwQBLZHgAwQCLvNMAwQAuYQ3AwQB1FfWMA0GCSqGSIb3DQEBCwUAA4IBAQBn
NFZyNJ3C+Mj8jjyqLVCjrBbTbbub2YZd4pETRfgOdG9Qlk2boF6TLxzkh07uXrBB
ri2yOs3HHMZbio6QUMK572EoVeykGQxJwVHzgoV5SmsNJdmxqy0QJ3eJMyJcM9fG
KQrAVJQMbQhVnZ4apMaW6hTZ4hbCsP9/wfLa1M/2bYKYYUTCWpcK9LkKKrpsgejk
LLbIg7sz6h0ZCegKhTzHug07lSIyTQlbmb+4il9aCDSzKmXnqa8WmujMhLxUIL/u
gDvSUFZVFAQ+KdQnWDkIO53cdFiFCjoSSp2mUBzdLIegiDhRCNChBUtTff3jthGm
ohq4b4UWbcX5VcK1CFWy
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:47:32 2024 by rpki-client on console-fra.rpki-client.org