Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/SvhYk25wgY732wR4K5fzfGVu4lw.roa
File: SvhYk25wgY732wR4K5fzfGVu4lw.roa (raw, json)
Hash identifier: kgFq3XMShHbF0EzEaCKQWGg431CBGgHWdwzyHli0CaY=
Subject key identifier: 4A:F8:58:93:6E:70:81:8E:F7:DB:04:78:2B:97:F3:7C:65:6E:E2:5C
Certificate issuer: /CN=b30e3011a0fb3111fbe8493c1230974aef532704
Certificate serial: 018CC424E7DCEC6B790AFDEF26B8EB8D2168
Authority key identifier: B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/SvhYk25wgY732wR4K5fzfGVu4lw.roa
Signing time: Mon 01 Jan 2024 08:30:02 +0000
ROA not before: Mon 01 Jan 2024 08:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208951
IP address blocks: 188.227.57.0/24 maxlen: 24
188.227.58.0/24 maxlen: 24
188.227.59.0/24 maxlen: 24
94.141.96.0/24 maxlen: 24
94.141.97.0/24 maxlen: 24
94.141.98.0/24 maxlen: 24
94.141.99.0/24 maxlen: 24
188.227.84.0/24 maxlen: 24
188.227.85.0/24 maxlen: 24
188.227.86.0/24 maxlen: 24
188.227.87.0/24 maxlen: 24
45.138.24.0/24 maxlen: 24
31.44.2.0/24 maxlen: 24
31.44.1.0/24 maxlen: 24
31.44.3.0/24 maxlen: 24
31.44.0.0/24 maxlen: 24
45.138.26.0/24 maxlen: 24
45.138.25.0/24 maxlen: 24
188.227.107.0/24 maxlen: 24
188.227.106.0/24 maxlen: 24
78.111.84.0/24 maxlen: 24
45.14.48.0/24 maxlen: 24
45.14.50.0/24 maxlen: 24
45.14.49.0/24 maxlen: 24
45.14.51.0/24 maxlen: 24
109.207.168.0/24 maxlen: 24
109.207.169.0/24 maxlen: 24
109.207.171.0/24 maxlen: 24
109.207.172.0/24 maxlen: 24
92.246.130.0/24 maxlen: 24
92.246.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 04:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:e7:dc:ec:6b:79:0a:fd:ef:26:b8:eb:8d:21:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b30e3011a0fb3111fbe8493c1230974aef532704
Validity
Not Before: Jan 1 08:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4af858936e70818ef7db04782b97f37c656ee25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1e:23:21:db:9e:1d:0e:e0:0c:96:b7:d5:82:
82:80:c1:bc:6f:7d:ea:db:f6:9c:94:4d:4a:97:13:
6b:4e:f1:c0:a2:bd:87:07:0f:6c:6a:67:45:cd:e9:
07:e6:17:63:49:b9:ae:62:b6:7b:3c:8a:b6:67:7e:
7b:c2:85:d1:58:82:b7:f4:2b:f1:bb:01:6e:81:fa:
88:64:8b:f7:b3:88:f2:72:c6:f1:21:4e:44:38:93:
7d:00:11:63:a1:9a:a0:8e:f4:3b:b4:05:4c:4d:79:
b0:c4:be:0b:c3:c9:8d:9b:13:8a:7f:3d:1c:d4:04:
da:12:a5:f6:14:f0:be:00:fa:0d:9d:97:09:1d:a4:
7d:a8:64:d8:11:3f:37:67:33:5c:45:00:28:69:ec:
e9:f5:05:01:93:68:bf:23:a9:6c:ed:9f:7e:b4:b3:
d9:d1:ad:24:b4:df:0b:e0:8f:82:cd:b3:d9:9f:c9:
2f:50:bc:80:b1:a0:8b:9b:35:d9:61:cf:8a:72:fd:
fe:9f:8c:a9:cd:45:df:a4:58:f0:13:4c:53:74:5d:
50:bd:92:41:61:b0:80:f7:68:c6:98:63:13:61:d0:
75:d8:72:1e:3e:2e:bb:ec:01:1a:28:d5:41:21:20:
26:80:2b:9f:0d:b4:7e:e5:29:91:3f:8c:2d:0d:62:
56:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F8:58:93:6E:70:81:8E:F7:DB:04:78:2B:97:F3:7C:65:6E:E2:5C
X509v3 Authority Key Identifier:
keyid:B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/SvhYk25wgY732wR4K5fzfGVu4lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.0.0/22
45.14.48.0/22
45.138.24.0-45.138.26.255
78.111.84.0/24
92.246.130.0/23
94.141.96.0/22
109.207.168.0/23
109.207.171.0-109.207.172.255
188.227.57.0-188.227.59.255
188.227.84.0/22
188.227.106.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:87:49:c2:fe:db:f7:31:92:2f:b8:4f:12:e9:77:a4:53:b0:
8d:9f:fe:3c:ab:2c:cb:d4:52:b0:6d:02:70:3a:f7:63:e5:0c:
0f:e6:28:9f:5e:3d:92:ae:20:fd:0c:0b:7a:69:2b:20:bf:df:
44:a1:c0:9d:ad:10:6b:8d:8c:21:05:57:16:e9:33:69:0c:2d:
bc:59:59:01:13:e0:8b:e6:89:84:66:60:0d:70:0a:71:bb:d8:
ee:4f:c0:10:bf:8a:e8:87:3a:a3:10:9b:f1:f2:42:17:64:61:
08:82:a7:e0:71:a7:4e:cb:de:d5:fe:72:88:4d:43:94:25:8d:
46:eb:bc:69:57:22:e6:61:30:9b:2f:9d:77:a4:1e:12:fa:f0:
4e:d8:c1:2a:ff:c5:28:7d:6d:d8:40:ed:7f:78:42:1f:1b:6c:
35:62:69:41:52:59:ef:18:02:a9:f1:52:d8:90:74:1d:b2:1e:
f5:19:9c:fa:bc:41:ff:51:16:b3:c1:38:8c:85:de:af:24:2e:
ee:cd:81:47:06:be:ac:13:ee:3d:6e:71:02:31:aa:96:35:e4:
88:67:c0:10:1f:65:ed:bc:1a:42:b5:ef:a5:49:9b:0b:f1:f7:
69:b0:b6:b9:ff:8a:bf:53:71:22:8d:df:36:f2:23:4f:e5:bd:
94:5c:1a:37
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzEJOfc7Gt5Cv3vJrjrjSFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMGUzMDExYTBmYjMxMTFmYmU4NDkzYzEyMzA5NzRhZWY1
MzI3MDQwHhcNMjQwMTAxMDgzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWY4NTg5MzZlNzA4MThlZjdkYjA0NzgyYjk3ZjM3YzY1NmVlMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB4jIdueHQ7gDJa31YKCgMG8b33q
2/aclE1KlxNrTvHAor2HBw9samdFzekH5hdjSbmuYrZ7PIq2Z357woXRWIK39Cvx
uwFugfqIZIv3s4jycsbxIU5EOJN9ABFjoZqgjvQ7tAVMTXmwxL4Lw8mNmxOKfz0c
1ATaEqX2FPC+APoNnZcJHaR9qGTYET83ZzNcRQAoaezp9QUBk2i/I6ls7Z9+tLPZ
0a0ktN8L4I+CzbPZn8kvULyAsaCLmzXZYc+Kcv3+n4ypzUXfpFjwE0xTdF1QvZJB
YbCA92jGmGMTYdB12HIePi677AEaKNVBISAmgCufDbR+5SmRP4wtDWJWNQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEr4WJNucIGO99sEeCuX83xlbuJcMB8GA1UdIwQY
MBaAFLMOMBGg+zER++hJPBIwl0rvUycEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDIt
ZjlmYjM4Yzc3YzU1LzEvU3ZoWWsyNXdnWTczMndSNEs1ZnpmR1Z1NGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDItZjlmYjM4Yzc3YzU1
LzEvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCHywAAwQC
LQ4wMAwDBAMtihgDBAAtihoDBABOb1QDBAFc9oIDBAJejWADBAFtz6gwDAMEAG3P
qwMEAG3PrDAMAwQAvOM5AwQCvOM4AwQCvONUAwQBvONqMA0GCSqGSIb3DQEBCwUA
A4IBAQBbh0nC/tv3MZIvuE8S6XekU7CNn/48qyzL1FKwbQJwOvdj5QwP5iifXj2S
riD9DAt6aSsgv99EocCdrRBrjYwhBVcW6TNpDC28WVkBE+CL5omEZmANcApxu9ju
T8AQv4rohzqjEJvx8kIXZGEIgqfgcadOy97V/nKITUOUJY1G67xpVyLmYTCbL513
pB4S+vBO2MEq/8UofW3YQO1/eEIfG2w1YmlBUlnvGAKp8VLYkHQdsh71GZz6vEH/
URazwTiMhd6vJC7uzYFHBr6sE+49bnECMaqWNeSIZ8AQH2XtvBpCte+lSZsL8fdp
sLa5/4q/U3Eijd828iNP5b2UXBo3
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:03:34 2024 by rpki-client on console-ams.rpki-client.org