Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/0iMouhRSMZwfhz7BEl79ZyVFz8o.roa
File: 0iMouhRSMZwfhz7BEl79ZyVFz8o.roa (raw, json)
Hash identifier: CJ0ip2rzRlCE8E5Ya5LiZjJ7vfG7KYQH1oyXvxoaT78=
Subject key identifier: D2:23:28:BA:14:52:31:9C:1F:87:3E:C1:12:5E:FD:67:25:45:CF:CA
Certificate issuer: /CN=ce2b10d89b5537913503127eb87226afb89d1b2d
Certificate serial: 018CC3493B926C38136C55B5B54E46B1FA49
Authority key identifier: CE:2B:10:D8:9B:55:37:91:35:03:12:7E:B8:72:26:AF:B8:9D:1B:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zisQ2JtVN5E1AxJ-uHImr7idGy0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/0iMouhRSMZwfhz7BEl79ZyVFz8o.roa
Signing time: Mon 01 Jan 2024 04:30:05 +0000
ROA not before: Mon 01 Jan 2024 04:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20978
IP address blocks: 176.220.0.0/16 maxlen: 24
151.135.0.0/16 maxlen: 24
95.173.0.0/19 maxlen: 24
185.4.68.0/22 maxlen: 24
5.176.0.0/15 maxlen: 24
94.235.0.0/16 maxlen: 24
217.174.32.0/20 maxlen: 24
37.154.0.0/15 maxlen: 24
46.104.0.0/16 maxlen: 24
213.211.0.0/19 maxlen: 24
5.44.80.0/20 maxlen: 24
176.30.0.0/16 maxlen: 24
5.46.0.0/15 maxlen: 24
188.41.0.0/16 maxlen: 24
2a02:2010::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/zisQ2JtVN5E1AxJ-uHImr7idGy0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/zisQ2JtVN5E1AxJ-uHImr7idGy0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zisQ2JtVN5E1AxJ-uHImr7idGy0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 30 Jun 2024 20:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:3b:92:6c:38:13:6c:55:b5:b5:4e:46:b1:fa:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce2b10d89b5537913503127eb87226afb89d1b2d
Validity
Not Before: Jan 1 04:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d22328ba1452319c1f873ec1125efd672545cfca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ce:14:c0:8b:e2:53:69:2f:b7:0a:d5:71:98:
40:f2:79:33:5d:7d:52:9b:e8:cd:3d:f3:6d:f4:58:
6a:cb:ee:e3:cc:83:ee:32:40:a9:d2:d9:c3:25:34:
67:d3:f9:53:97:f4:83:63:99:87:b7:7f:b5:02:70:
7f:2e:9a:b7:88:02:fb:6b:af:2e:de:67:f2:90:5d:
63:5e:15:29:9c:98:ad:5b:58:4e:ed:4d:12:25:eb:
ae:95:82:37:60:5e:23:04:bf:0b:4f:72:e8:a6:79:
6d:f5:88:e4:b2:e4:62:96:68:57:ad:c6:52:7c:e2:
87:54:d7:65:00:b1:24:5c:04:47:b5:22:bb:c5:46:
34:ac:3f:76:f8:aa:0e:38:cc:d8:7d:34:bc:6f:4b:
f1:80:02:58:20:3e:73:f6:5f:fd:bb:0f:b5:6c:62:
71:46:54:4d:dd:1b:e9:6f:c5:03:ca:bf:ec:e0:b5:
10:bc:91:ec:eb:b8:52:e6:c6:3b:2f:e9:4c:0a:65:
eb:d7:6d:38:2c:6a:76:fa:fd:be:8f:fb:59:cc:c3:
a0:fe:99:12:72:e1:e7:47:3f:ec:b2:03:d4:9d:4d:
f7:34:5b:03:4b:7f:7d:0c:4f:27:e3:ac:ad:26:ad:
79:8e:e4:99:31:a6:c6:df:8e:0d:d3:b8:29:30:f3:
2d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:23:28:BA:14:52:31:9C:1F:87:3E:C1:12:5E:FD:67:25:45:CF:CA
X509v3 Authority Key Identifier:
keyid:CE:2B:10:D8:9B:55:37:91:35:03:12:7E:B8:72:26:AF:B8:9D:1B:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zisQ2JtVN5E1AxJ-uHImr7idGy0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/0iMouhRSMZwfhz7BEl79ZyVFz8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/d3b263-b0f1-4a6b-912e-373dda43f792/1/zisQ2JtVN5E1AxJ-uHImr7idGy0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.80.0/20
5.46.0.0/15
5.176.0.0/15
37.154.0.0/15
46.104.0.0/16
94.235.0.0/16
95.173.0.0/19
151.135.0.0/16
176.30.0.0/16
176.220.0.0/16
185.4.68.0/22
188.41.0.0/16
213.211.0.0/19
217.174.32.0/20
IPv6:
2a02:2010::/29
Signature Algorithm: sha256WithRSAEncryption
09:23:90:c8:25:b5:1c:1d:b8:f1:6d:31:6d:54:54:6c:4e:73:
68:cc:f0:c0:40:d0:a2:da:14:0d:17:dd:23:6a:58:a1:ec:25:
6a:58:8f:bc:73:9f:5a:23:ab:ab:b6:5b:0c:2f:1d:12:ad:31:
84:f7:57:7c:97:a6:3a:13:58:10:0e:ef:27:18:7b:cf:35:c3:
09:1f:9d:0f:6c:ef:63:91:9a:b8:16:0f:57:ba:ba:3d:03:96:
19:60:eb:80:55:80:3b:56:e6:59:fd:72:d9:a5:72:d7:73:3c:
69:60:0c:02:35:b5:f0:49:7b:e6:b4:3b:4f:d8:05:8b:81:78:
ee:62:46:d2:03:d1:87:54:40:67:ee:98:6c:1e:84:fa:0a:1b:
f0:d1:4a:79:45:ab:53:a5:c6:3f:3a:b0:c8:8d:67:97:af:b3:
2f:73:b6:3a:5b:5d:a1:5a:b4:f1:bc:69:87:4e:56:cd:50:fd:
7c:b7:4f:ed:9f:d8:c3:f8:97:eb:14:ce:69:5f:f5:34:20:8f:
de:0a:52:2a:de:2b:10:60:8a:45:10:75:54:5e:be:76:93:46:
be:78:c0:f9:fc:d6:a0:bb:dd:4b:7e:a7:e8:38:84:b5:e3:91:
70:3a:6c:c7:35:31:93:8b:fa:d9:52:f6:7c:77:07:1f:ed:3f:
bd:8a:6f:48
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYzDSTuSbDgTbFW1tU5GsfpJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMmIxMGQ4OWI1NTM3OTEzNTAzMTI3ZWI4NzIyNmFmYjg5
ZDFiMmQwHhcNMjQwMTAxMDQzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIzMjhiYTE0NTIzMTljMWY4NzNlYzExMjVlZmQ2NzI1NDVjZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc4UwIviU2kvtwrVcZhA8nkzXX1S
m+jNPfNt9Fhqy+7jzIPuMkCp0tnDJTRn0/lTl/SDY5mHt3+1AnB/Lpq3iAL7a68u
3mfykF1jXhUpnJitW1hO7U0SJeuulYI3YF4jBL8LT3Lopnlt9YjksuRilmhXrcZS
fOKHVNdlALEkXARHtSK7xUY0rD92+KoOOMzYfTS8b0vxgAJYID5z9l/9uw+1bGJx
RlRN3Rvpb8UDyr/s4LUQvJHs67hS5sY7L+lMCmXr1204LGp2+v2+j/tZzMOg/pkS
cuHnRz/ssgPUnU33NFsDS399DE8n46ytJq15juSZMabG344N07gpMPMtrwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFNIjKLoUUjGcH4c+wRJe/WclRc/KMB8GA1UdIwQY
MBaAFM4rENibVTeRNQMSfrhyJq+4nRstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemlzUTJKdFZONUUxQXhKLXVISW1yN2lkR3kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9kM2IyNjMtYjBmMS00YTZiLTkxMmUt
MzczZGRhNDNmNzkyLzEvMGlNb3VoUlNNWndmaHo3QkVsNzlaeVZGejhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9kM2IyNjMtYjBmMS00YTZiLTkxMmUtMzczZGRhNDNmNzky
LzEvemlzUTJKdFZONUUxQXhKLXVISW1yN2lkR3kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBRBAIAATBLAwQEBSxQAwMB
BS4DAwEFsAMDASWaAwMALmgDAwBe6wMEBV+tAAMDAJeHAwMAsB4DAwCw3AMEArkE
RAMDALwpAwQF1dMAAwQE2a4gMA0EAgACMAcDBQMqAiAQMA0GCSqGSIb3DQEBCwUA
A4IBAQAJI5DIJbUcHbjxbTFtVFRsTnNozPDAQNCi2hQNF90jalih7CVqWI+8c59a
I6urtlsMLx0SrTGE91d8l6Y6E1gQDu8nGHvPNcMJH50PbO9jkZq4Fg9Xuro9A5YZ
YOuAVYA7VuZZ/XLZpXLXczxpYAwCNbXwSXvmtDtP2AWLgXjuYkbSA9GHVEBn7phs
HoT6Chvw0Up5RatTpcY/OrDIjWeXr7Mvc7Y6W12hWrTxvGmHTlbNUP18t0/tn9jD
+JfrFM5pX/U0II/eClIq3isQYIpFEHVUXr52k0a+eMD5/Nagu91LfqfoOIS145Fw
OmzHNTGTi/rZUvZ8dwcf7T+9im9I
-----END CERTIFICATE-----
Generated at Sun Jun 30 00:56:01 2024 by rpki-client on console-fra.rpki-client.org