Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Smy5oPaw_mOWmjglds1bWFiMwkQ.roa
File: Smy5oPaw_mOWmjglds1bWFiMwkQ.roa (raw, json)
Hash identifier: uu8J1qPZKCkfHLS+fL7ZaYijXdsDlD9RKLpIqUxqR4k=
Subject key identifier: 4A:6C:B9:A0:F6:B0:FE:63:96:9A:38:25:76:CD:5B:58:58:8C:C2:44
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 018F76DA8EFFD4C7D6E775CB27FFB0D5657E
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Smy5oPaw_mOWmjglds1bWFiMwkQ.roa
Signing time: Tue 14 May 2024 11:26:25 +0000
ROA not before: Tue 14 May 2024 11:26:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31250
IP address blocks: 93.152.128.0/18 maxlen: 24
93.152.151.0/24 maxlen: 24
93.152.162.0/23 maxlen: 23
93.152.172.0/24 maxlen: 24
93.152.173.0/24 maxlen: 24
93.152.175.0/24 maxlen: 24
93.152.180.0/24 maxlen: 24
93.152.181.0/24 maxlen: 24
93.152.192.0/21 maxlen: 21
93.152.200.0/22 maxlen: 22
93.152.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:da:8e:ff:d4:c7:d6:e7:75:cb:27:ff:b0:d5:65:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: May 14 11:26:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a6cb9a0f6b0fe63969a382576cd5b58588cc244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:50:f7:8f:f3:00:24:89:64:90:64:17:04:66:
b8:86:65:f5:c7:69:64:3a:da:de:ff:87:e4:98:17:
0c:16:72:12:6c:e3:39:29:1e:2b:de:84:a1:c9:34:
38:d3:55:36:94:79:0c:1c:5f:41:c9:34:a7:d6:55:
50:f3:8d:6a:6a:c2:4b:f8:92:1d:bc:5f:19:29:b4:
f7:a0:53:2a:21:fd:d5:f8:45:68:8a:13:76:37:cb:
6b:74:26:5a:93:a1:49:ea:1f:e2:1b:b7:67:cd:fc:
1e:11:7a:79:25:86:f8:e9:a4:04:db:4d:0b:74:14:
33:e2:4d:99:f6:df:9d:03:96:85:ca:c5:3c:5f:b6:
23:76:c6:dc:c7:1f:46:90:f2:79:e6:90:8c:b2:da:
f4:d1:50:9b:79:6a:a0:e6:0e:50:62:ab:87:f8:a3:
c6:58:2b:56:9e:c1:99:77:92:c4:e7:41:70:fb:77:
d2:5e:24:b3:3c:63:cf:f7:53:84:0a:99:b3:c1:a5:
57:a9:06:c2:38:cf:4c:a3:8f:b6:ec:4d:9c:75:f9:
3a:38:90:da:5a:08:75:6d:0b:cb:ed:fc:1e:7f:e0:
e6:0b:b4:94:8a:01:30:26:09:fb:10:cb:80:01:fe:
07:d7:f9:a0:cd:ee:51:94:d7:51:45:fe:83:96:ea:
bb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6C:B9:A0:F6:B0:FE:63:96:9A:38:25:76:CD:5B:58:58:8C:C2:44
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/Smy5oPaw_mOWmjglds1bWFiMwkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.128.0-93.152.204.255
Signature Algorithm: sha256WithRSAEncryption
aa:85:f6:8e:6f:0b:00:79:3f:05:41:1c:95:60:55:74:5d:79:
98:86:4b:d8:53:82:09:6f:9a:ae:31:50:bc:d0:5e:97:7c:75:
03:fa:99:74:92:52:7d:ba:b8:07:de:34:9c:6a:8a:2c:60:eb:
93:05:50:5e:cf:65:5c:fb:7c:a8:3d:f2:d0:d8:ed:aa:e9:e3:
02:e4:00:90:f5:64:2f:02:a1:2f:d3:a4:ab:ae:f0:7b:a5:9d:
d2:77:56:df:b6:cf:d9:aa:09:1a:b2:cb:80:8c:0a:73:4d:c9:
18:76:f6:3f:88:49:66:a8:d1:97:00:93:78:e7:d4:4f:ef:85:
89:12:60:af:cd:d2:56:e6:3f:cb:ba:d4:37:c1:27:0e:01:1c:
3e:96:dc:4e:84:3f:e7:45:51:f7:bc:5e:5e:8a:61:48:d5:f4:
35:ba:08:17:16:e0:97:29:cd:27:55:e3:66:ed:b4:95:0c:23:
dd:a2:2f:b3:7a:a5:41:6e:46:8d:83:78:83:2c:32:c8:da:a3:
0f:99:da:49:6d:07:d9:93:2a:d8:3d:fa:d9:39:db:b5:f0:00:
98:ae:8b:d5:5b:cb:75:ac:86:f5:08:54:93:53:a6:46:4a:54:
ff:05:5b:37:61:39:63:21:28:c4:2e:a9:03:7f:d6:34:7a:20:
54:d8:dc:2e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY922o7/1MfW53XLJ/+w1WV+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQwNTE0MTEyNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZjYjlhMGY2YjBmZTYzOTY5YTM4MjU3NmNkNWI1ODU4OGNjMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVD3j/MAJIlkkGQXBGa4hmX1x2lk
Otre/4fkmBcMFnISbOM5KR4r3oShyTQ401U2lHkMHF9ByTSn1lVQ841qasJL+JId
vF8ZKbT3oFMqIf3V+EVoihN2N8trdCZak6FJ6h/iG7dnzfweEXp5JYb46aQE200L
dBQz4k2Z9t+dA5aFysU8X7Yjdsbcxx9GkPJ55pCMstr00VCbeWqg5g5QYquH+KPG
WCtWnsGZd5LE50Fw+3fSXiSzPGPP91OECpmzwaVXqQbCOM9Mo4+27E2cdfk6OJDa
Wgh1bQvL7fwef+DmC7SUigEwJgn7EMuAAf4H1/mgze5RlNdRRf6Dluq7JQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEpsuaD2sP5jlpo4JXbNW1hYjMJEMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvU215NW9QYXdfbU9XbWpnbGRzMWJXRmlNd2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAddmIAD
BABdmMwwDQYJKoZIhvcNAQELBQADggEBAKqF9o5vCwB5PwVBHJVgVXRdeZiGS9hT
gglvmq4xULzQXpd8dQP6mXSSUn26uAfeNJxqiixg65MFUF7PZVz7fKg98tDY7arp
4wLkAJD1ZC8CoS/TpKuu8HulndJ3Vt+2z9mqCRqyy4CMCnNNyRh29j+ISWao0ZcA
k3jn1E/vhYkSYK/N0lbmP8u61DfBJw4BHD6W3E6EP+dFUfe8Xl6KYUjV9DW6CBcW
4JcpzSdV42bttJUMI92iL7N6pUFuRo2DeIMsMsjaow+Z2kltB9mTKtg9+tk527Xw
AJiui9Vby3WshvUIVJNTpkZKVP8FWzdhOWMhKMQuqQN/1jR6IFTY3C4=
-----END CERTIFICATE-----
Generated at Mon Jun 24 10:13:57 2024 by rpki-client on console-fra.rpki-client.org