Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/Hj2m-qfTglHk09sVaJxXA31XnXg.roa
File: Hj2m-qfTglHk09sVaJxXA31XnXg.roa (raw, json)
Hash identifier: Ohti+8mAJWiDodZWfhxuF1cPdhFcxdfyXNMAqRlcb4E=
Subject key identifier: 1E:3D:A6:FA:A7:D3:82:51:E4:D3:DB:15:68:9C:57:03:7D:57:9D:78
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018F9C999FA22824EC31186FBB1C131797CC
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/Hj2m-qfTglHk09sVaJxXA31XnXg.roa
Signing time: Tue 21 May 2024 19:21:04 +0000
ROA not before: Tue 21 May 2024 19:21:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211183
IP address blocks: 5.253.62.0/24 maxlen: 24
37.140.241.0/24 maxlen: 24
45.128.204.0/24 maxlen: 24
79.133.181.0/24 maxlen: 24
79.133.182.0/24 maxlen: 24
79.133.183.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
94.154.11.0/24 maxlen: 24
185.198.152.0/24 maxlen: 24
185.240.103.0/24 maxlen: 24
185.244.51.0/24 maxlen: 24
185.250.44.0/24 maxlen: 24
185.250.46.0/24 maxlen: 24
185.250.47.0/24 maxlen: 24
193.187.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9c:99:9f:a2:28:24:ec:31:18:6f:bb:1c:13:17:97:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: May 21 19:21:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e3da6faa7d38251e4d3db15689c57037d579d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9c:27:a0:59:3f:35:3a:cb:02:24:6d:dd:6f:
2c:d7:d3:9d:02:7f:91:37:52:47:5f:cd:94:af:23:
36:34:75:a2:b1:7a:ec:31:f9:9c:1e:db:92:77:98:
b9:10:61:58:5a:eb:e2:b2:f5:6f:3a:e6:56:86:4f:
14:c5:c3:a0:34:aa:63:0d:b0:87:fc:31:7d:0a:f8:
84:5e:99:64:f3:0d:cc:d8:5d:7e:c0:38:1c:42:4c:
85:dc:56:5c:a7:1b:92:0f:71:7f:36:da:f4:fe:9f:
d2:36:d0:98:6c:81:a7:c1:3d:e2:75:d9:3c:b7:c4:
64:f5:5c:78:42:16:80:fd:25:06:19:87:9a:0c:33:
8d:2f:6c:9e:20:a6:6d:e0:58:1d:61:c5:ae:83:4e:
a0:ce:50:b7:ae:bf:98:67:8d:ee:53:cb:8f:06:d2:
78:b2:2d:91:70:c4:e3:32:1c:df:58:06:de:10:bf:
3a:72:c2:25:eb:9b:91:fb:77:4d:2e:90:f3:40:7a:
04:97:5a:15:10:66:8c:0b:7b:a8:cd:c0:00:61:e9:
69:94:d9:13:27:98:43:0d:6a:b8:19:97:ad:63:b4:
1d:62:d8:eb:36:a3:4c:68:8d:8d:6b:e3:ac:4a:99:
08:e6:52:62:74:ff:ea:26:8b:c5:36:ef:c7:06:9e:
94:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3D:A6:FA:A7:D3:82:51:E4:D3:DB:15:68:9C:57:03:7D:57:9D:78
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/Hj2m-qfTglHk09sVaJxXA31XnXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.62.0/24
37.140.241.0/24
45.128.204.0/24
79.133.181.0-79.133.183.255
89.191.225.0/24
91.200.84.0/24
94.154.11.0/24
185.198.152.0/24
185.240.103.0/24
185.244.51.0/24
185.250.44.0/24
185.250.46.0/23
193.187.96.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:ff:0e:48:1f:c2:c1:12:73:06:e5:bf:36:51:d4:53:a1:dc:
2b:cf:1e:33:d8:25:2f:65:05:99:85:14:da:78:98:97:17:ce:
2a:a8:d4:39:f3:e3:60:21:31:24:87:35:fe:b5:7f:3f:04:34:
11:21:a4:1e:07:6e:e5:b2:28:1e:bd:19:4f:ae:55:2b:95:a0:
c5:a3:5a:3b:a8:67:9a:80:ef:0c:a0:bf:cd:f8:b8:ed:d1:c8:
c4:79:6e:c7:13:06:d4:e8:91:3e:6b:23:98:34:43:9c:54:c3:
81:5e:30:7b:ff:03:98:48:bd:aa:6c:d0:74:61:8d:33:03:7e:
83:21:69:b3:d6:0e:a5:86:b1:ae:c1:df:d5:43:36:01:b5:70:
bb:b0:17:80:bd:73:81:a0:1b:d2:ec:22:c9:a7:4b:70:31:1b:
da:47:62:ea:6a:b0:3b:a7:b7:36:28:08:48:c8:ea:d9:18:e7:
12:b9:62:d8:84:a7:61:bb:c1:47:25:f6:f6:07:43:36:86:95:
bf:1e:65:60:09:d8:e2:f5:07:84:b0:e0:c5:26:56:d7:5a:9f:
fe:27:db:d1:09:11:af:67:2c:59:45:06:de:89:b0:2c:fd:b0:
20:72:e9:b1:59:66:bc:14:38:52:51:0d:e0:a2:f4:99:09:1e:
8b:28:b7:6d
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAY+cmZ+iKCTsMRhvuxwTF5fMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwNTIxMTkyMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTNkYTZmYWE3ZDM4MjUxZTRkM2RiMTU2ODljNTcwMzdkNTc5ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZwnoFk/NTrLAiRt3W8s19OdAn+R
N1JHX82UryM2NHWisXrsMfmcHtuSd5i5EGFYWuvisvVvOuZWhk8UxcOgNKpjDbCH
/DF9CviEXplk8w3M2F1+wDgcQkyF3FZcpxuSD3F/Ntr0/p/SNtCYbIGnwT3iddk8
t8Rk9Vx4QhaA/SUGGYeaDDONL2yeIKZt4FgdYcWug06gzlC3rr+YZ43uU8uPBtJ4
si2RcMTjMhzfWAbeEL86csIl65uR+3dNLpDzQHoEl1oVEGaMC3uozcAAYelplNkT
J5hDDWq4GZetY7QdYtjrNqNMaI2Na+OsSpkI5lJidP/qJovFNu/HBp6UKQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFB49pvqn04JR5NPbFWicVwN9V514MB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvSGoybS1xZlRnbEhrMDlzVmFKeFhBMzFYblhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQABf0+AwQA
JYzxAwQALYDMMAwDBABPhbUDBANPhbADBABZv+EDBABbyFQDBABemgsDBAC5xpgD
BAC58GcDBAC59DMDBAC5+iwDBAG5+i4DBADBu2AwDQYJKoZIhvcNAQELBQADggEB
AHr/DkgfwsEScwblvzZR1FOh3CvPHjPYJS9lBZmFFNp4mJcXziqo1Dnz42AhMSSH
Nf61fz8ENBEhpB4HbuWyKB69GU+uVSuVoMWjWjuoZ5qA7wygv834uO3RyMR5bscT
BtTokT5rI5g0Q5xUw4FeMHv/A5hIvaps0HRhjTMDfoMhabPWDqWGsa7B39VDNgG1
cLuwF4C9c4GgG9LsIsmnS3AxG9pHYupqsDuntzYoCEjI6tkY5xK5YtiEp2G7wUcl
9vYHQzaGlb8eZWAJ2OL1B4Sw4MUmVtdan/4n29EJEa9nLFlFBt6JsCz9sCBy6bFZ
ZrwUOFJRDeCi9JkJHosot20=
-----END CERTIFICATE-----
Generated at Sun Jun 23 02:17:18 2024 by rpki-client on console-ams.rpki-client.org