Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/StDs-hkAXwHhbqUAGhUXReM95Ng.roa
File: StDs-hkAXwHhbqUAGhUXReM95Ng.roa (raw, json)
Hash identifier: lriLAlQbHnvMxYzOb0GPx5vHDz/kKjjgD9j6LTQBXSE=
Subject key identifier: 4A:D0:EC:FA:19:00:5F:01:E1:6E:A5:00:1A:15:17:45:E3:3D:E4:D8
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0192BAF90ED02448DD52FD68EEF6ADE2191F
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/StDs-hkAXwHhbqUAGhUXReM95Ng.roa
Signing time: Wed 23 Oct 2024 20:02:17 +0000
ROA not before: Wed 23 Oct 2024 20:02:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51713
IP address blocks: 77.95.113.0/24 maxlen: 24
192.250.224.0/24 maxlen: 24
192.250.234.0/24 maxlen: 24
192.250.239.0/24 maxlen: 24
195.250.23.0/24 maxlen: 24
198.38.80.0/24 maxlen: 24
198.38.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ba:f9:0e:d0:24:48:dd:52:fd:68:ee:f6:ad:e2:19:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Oct 23 20:02:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ad0ecfa19005f01e16ea5001a151745e33de4d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:be:5d:ca:12:2d:21:32:12:4a:2b:c9:c0:3e:
a3:2b:5d:db:40:97:da:2b:73:cd:27:aa:a9:0e:f1:
84:69:9e:7a:54:95:38:8a:78:4f:36:27:f2:bb:50:
a8:78:67:98:65:24:e8:81:f0:68:b3:32:0c:5d:17:
a3:6a:c9:a6:46:4f:99:d4:8c:32:90:40:2d:4d:c6:
8f:de:09:67:b8:c5:ef:7d:0a:8e:01:03:cf:85:cc:
e2:56:68:e0:80:f3:dd:fe:e7:4c:1f:97:77:c3:54:
b3:16:d8:2f:ee:35:a3:44:b1:75:06:7a:08:7b:05:
01:24:5d:0c:11:cc:6e:28:8a:db:2b:e8:cf:a0:b7:
59:ce:11:a8:82:c7:b9:e3:cb:04:29:b7:1b:c4:22:
d6:cc:aa:94:ef:67:24:ce:bd:f5:d1:c6:db:03:e6:
53:2e:76:81:ab:3c:73:4b:37:0d:32:63:23:01:7c:
a5:fd:af:02:55:34:b7:81:07:88:6d:44:8c:77:9e:
7c:c4:41:ae:df:00:0c:e4:8d:d8:20:7e:da:d3:9e:
bf:92:33:36:50:4a:9f:30:22:8e:24:b3:9b:28:40:
41:fe:b9:b9:76:61:c8:e9:3b:26:05:73:f6:43:95:
50:3f:e8:c1:9a:44:d5:15:99:9c:4b:92:84:12:4a:
8c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D0:EC:FA:19:00:5F:01:E1:6E:A5:00:1A:15:17:45:E3:3D:E4:D8
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/StDs-hkAXwHhbqUAGhUXReM95Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.113.0/24
192.250.224.0/24
192.250.234.0/24
192.250.239.0/24
195.250.23.0/24
198.38.80.0/24
198.38.82.0/24
Signature Algorithm: sha256WithRSAEncryption
30:5f:25:1a:d4:49:cd:fa:0f:a4:4d:ca:4f:40:4b:69:f0:bc:
1e:2f:e1:44:84:62:3a:c8:5e:44:a3:99:6d:29:21:2a:ad:09:
5c:8f:6e:4b:4b:12:69:d3:04:bb:c1:78:08:81:4b:89:68:c0:
b2:2e:7c:8e:1d:8e:ea:37:f9:7d:2c:5c:59:8c:80:5b:5f:71:
6a:74:cc:3c:fe:f0:b1:e6:6d:da:4b:80:d7:e4:b7:30:c7:74:
30:52:b5:dd:fd:5f:be:36:87:33:b4:aa:57:98:f0:7d:33:7d:
02:98:a3:1c:93:e2:75:5b:fb:e9:ab:5f:b5:b4:86:8f:e0:a9:
58:f3:be:21:b2:5f:ea:eb:18:83:0d:39:bd:f3:d9:7f:6d:dc:
a8:cb:0b:d9:a8:70:33:7d:97:2e:11:90:f1:bd:3c:e8:6d:43:
7f:a7:19:db:96:9b:18:99:df:1e:8f:0a:56:5d:bb:9a:ec:4e:
b6:82:b4:0b:ed:6e:5f:05:94:2f:fe:a0:a4:2c:da:f2:96:0d:
fc:79:25:e9:86:29:76:f5:d5:f6:60:15:1d:ce:d1:e7:af:24:
95:8e:35:ee:14:32:e8:b7:19:6f:b1:ab:a2:dd:e6:d9:8b:ae:
a2:2a:fa:4a:0d:7c:b6:ef:ff:1e:60:e6:78:c4:0d:8f:ed:37:
f4:5c:67:ff
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZK6+Q7QJEjdUv1o7vat4hkfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQxMDIzMjAwMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQwZWNmYTE5MDA1ZjAxZTE2ZWE1MDAxYTE1MTc0NWUzM2RlNGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtr5dyhItITISSivJwD6jK13bQJfa
K3PNJ6qpDvGEaZ56VJU4inhPNifyu1CoeGeYZSTogfBoszIMXRejasmmRk+Z1Iwy
kEAtTcaP3glnuMXvfQqOAQPPhcziVmjggPPd/udMH5d3w1SzFtgv7jWjRLF1BnoI
ewUBJF0MEcxuKIrbK+jPoLdZzhGogse548sEKbcbxCLWzKqU72ckzr310cbbA+ZT
LnaBqzxzSzcNMmMjAXyl/a8CVTS3gQeIbUSMd558xEGu3wAM5I3YIH7a056/kjM2
UEqfMCKOJLObKEBB/rm5dmHI6TsmBXP2Q5VQP+jBmkTVFZmcS5KEEkqMiQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFErQ7PoZAF8B4W6lABoVF0XjPeTYMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvU3REcy1oa0FYd0hoYnFVQUdoVVhSZU05NU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATV9xAwQA
wPrgAwQAwPrqAwQAwPrvAwQAw/oXAwQAxiZQAwQAxiZSMA0GCSqGSIb3DQEBCwUA
A4IBAQAwXyUa1EnN+g+kTcpPQEtp8LweL+FEhGI6yF5Eo5ltKSEqrQlcj25LSxJp
0wS7wXgIgUuJaMCyLnyOHY7qN/l9LFxZjIBbX3FqdMw8/vCx5m3aS4DX5Lcwx3Qw
UrXd/V++NocztKpXmPB9M30CmKMck+J1W/vpq1+1tIaP4KlY874hsl/q6xiDDTm9
89l/bdyoywvZqHAzfZcuEZDxvTzobUN/pxnblpsYmd8ejwpWXbua7E62grQL7W5f
BZQv/qCkLNrylg38eSXphil29dX2YBUdztHnrySVjjXuFDLotxlvsaui3ebZi66i
KvpKDXy27/8eYOZ4xA2P7Tf0XGf/
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:28 2024 by rpki-client on console-fra.rpki-client.org