Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/sRmIiwGmEyWBjWHZj12w3IfMgAg.roa
File: sRmIiwGmEyWBjWHZj12w3IfMgAg.roa (raw, json)
Hash identifier: Cdu9UzPUO8dDU3ASfTZseUza2FN5FuYnxxMAGxoINtM=
Subject key identifier: B1:19:88:8B:01:A6:13:25:81:8D:61:D9:8F:5D:B0:DC:87:CC:80:08
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018E9EADF897D005FF399704D37F2CA2536D
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/sRmIiwGmEyWBjWHZj12w3IfMgAg.roa
Signing time: Tue 02 Apr 2024 11:59:45 +0000
ROA not before: Tue 02 Apr 2024 11:59:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 5.44.42.0/24 maxlen: 24
31.129.22.0/24 maxlen: 24
45.95.232.0/24 maxlen: 24
45.95.233.0/24 maxlen: 24
45.129.184.0/24 maxlen: 24
85.92.109.0/24 maxlen: 24
92.118.112.0/24 maxlen: 24
141.98.233.0/24 maxlen: 24
141.98.234.0/24 maxlen: 24
185.166.199.0/24 maxlen: 24
185.247.184.0/24 maxlen: 24
195.80.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:ad:f8:97:d0:05:ff:39:97:04:d3:7f:2c:a2:53:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Apr 2 11:59:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b119888b01a61325818d61d98f5db0dc87cc8008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9c:a4:0e:c0:02:56:14:75:e7:97:dd:76:df:
18:c4:ec:36:2b:07:eb:99:c8:0a:9e:6b:c4:ca:d2:
c7:cd:a2:bc:98:51:61:d5:33:5e:a8:dc:d9:5f:9d:
b9:35:06:f5:ce:b4:ed:e2:82:74:86:67:88:fc:53:
df:09:6e:fc:ac:fe:50:88:11:c3:63:c4:de:12:63:
ae:fc:0c:60:8a:39:29:ed:87:9a:44:15:e8:bc:3e:
5f:f3:94:40:a0:83:bb:15:a1:f4:61:cb:9b:57:48:
33:e0:8a:80:dd:66:1d:da:36:ff:e0:ae:7f:fa:65:
77:c8:4d:b0:75:02:cd:4b:3f:44:94:92:89:b4:e0:
0f:17:72:b8:b6:2c:d4:fc:47:7f:05:7b:c6:61:d1:
8d:0e:21:41:02:3b:71:55:17:a4:03:8d:af:2f:eb:
e5:fa:52:7b:b2:c4:ed:13:86:c2:bf:9c:48:24:f7:
ca:35:6c:fd:6e:13:ef:6d:04:a5:ed:56:ed:9b:1b:
92:c9:67:d6:12:d5:de:97:1b:87:4d:35:50:ec:d0:
b4:6b:91:06:1c:50:c5:de:14:09:85:0e:24:27:88:
05:d7:4a:4f:29:19:04:23:50:10:39:d6:f2:90:63:
64:f0:6c:1e:4f:27:a0:4c:10:c6:8d:75:47:f5:bb:
ce:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:19:88:8B:01:A6:13:25:81:8D:61:D9:8F:5D:B0:DC:87:CC:80:08
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/sRmIiwGmEyWBjWHZj12w3IfMgAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.42.0/24
31.129.22.0/24
45.95.232.0/23
45.129.184.0/24
85.92.109.0/24
92.118.112.0/24
141.98.233.0-141.98.234.255
185.166.199.0/24
185.247.184.0/24
195.80.48.0/24
Signature Algorithm: sha256WithRSAEncryption
39:b8:23:97:7d:bf:15:2c:21:fe:68:af:8e:2c:c7:39:de:4c:
80:b0:21:7c:05:48:95:6d:4b:af:e0:e8:06:bf:18:73:82:e2:
17:5c:bf:38:7d:ec:22:a8:ef:54:be:8f:70:85:20:83:c7:ff:
c1:0a:03:9b:6e:cd:db:0e:bb:dc:e6:f8:cd:32:7f:05:bd:de:
64:02:ea:e4:94:e0:0e:88:47:30:e6:ed:bb:ed:de:a2:35:94:
4a:90:df:21:c6:2f:6f:c9:5c:ba:c0:30:f1:11:de:fd:e9:cc:
ce:57:57:51:32:a1:41:81:44:67:5c:e7:96:db:2a:94:69:4e:
fe:77:fb:38:f1:55:9c:05:a1:c7:48:38:13:47:6c:e4:c0:7c:
3c:83:bf:f1:79:ee:09:b7:a4:8a:38:61:3f:71:c0:e3:06:93:
b1:99:ec:69:cc:f1:1f:62:2f:4e:22:18:1d:2f:a8:da:c5:d4:
7d:c4:5d:c2:2b:e0:81:28:e2:a7:43:c5:18:ff:2f:ef:d3:91:
13:80:5d:1e:1e:b8:15:6e:c2:fc:e4:f2:9f:2e:e8:46:27:ef:
c5:f1:c4:c7:a8:d2:1e:ae:8b:8f:6b:06:91:ad:47:bc:9e:ac:
d8:55:bd:26:94:99:f1:2b:71:5a:0d:2f:2f:bb:79:1f:61:7b:
93:70:fb:df
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY6erfiX0AX/OZcE038solNtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwNDAyMTE1OTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTE5ODg4YjAxYTYxMzI1ODE4ZDYxZDk4ZjVkYjBkYzg3Y2M4MDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZykDsACVhR155fddt8YxOw2Kwfr
mcgKnmvEytLHzaK8mFFh1TNeqNzZX525NQb1zrTt4oJ0hmeI/FPfCW78rP5QiBHD
Y8TeEmOu/Axgijkp7YeaRBXovD5f85RAoIO7FaH0YcubV0gz4IqA3WYd2jb/4K5/
+mV3yE2wdQLNSz9ElJKJtOAPF3K4tizU/Ed/BXvGYdGNDiFBAjtxVRekA42vL+vl
+lJ7ssTtE4bCv5xIJPfKNWz9bhPvbQSl7VbtmxuSyWfWEtXelxuHTTVQ7NC0a5EG
HFDF3hQJhQ4kJ4gF10pPKRkEI1AQOdbykGNk8GweTyegTBDGjXVH9bvOQwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLEZiIsBphMlgY1h2Y9dsNyHzIAIMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvc1JtSWl3R21FeVdCaldIWmoxMnczSWZNZ0FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQABSwqAwQA
H4EWAwQBLV/oAwQALYG4AwQAVVxtAwQAXHZwMAwDBACNYukDBACNYuoDBAC5pscD
BAC597gDBADDUDAwDQYJKoZIhvcNAQELBQADggEBADm4I5d9vxUsIf5or44sxzne
TICwIXwFSJVtS6/g6Aa/GHOC4hdcvzh97CKo71S+j3CFIIPH/8EKA5tuzdsOu9zm
+M0yfwW93mQC6uSU4A6IRzDm7bvt3qI1lEqQ3yHGL2/JXLrAMPER3v3pzM5XV1Ey
oUGBRGdc55bbKpRpTv53+zjxVZwFocdIOBNHbOTAfDyDv/F57gm3pIo4YT9xwOMG
k7GZ7GnM8R9iL04iGB0vqNrF1H3EXcIr4IEo4qdDxRj/L+/TkROAXR4euBVuwvzk
8p8u6EYn78XxxMeo0h6ui49rBpGtR7yerNhVvSaUmfErcVoNLy+7eR9he5Nw+98=
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:00:29 2024 by rpki-client on console-ams.rpki-client.org