Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3iWtpMHw4cgh5Ifxs1WfKxEEM5E.roa
File: 3iWtpMHw4cgh5Ifxs1WfKxEEM5E.roa (raw, json)
Hash identifier: lkKqa4fp1hwe2FSMv0dBzJ7p6RudC4OV/99lsAnp/rU=
Subject key identifier: DE:25:AD:A4:C1:F0:E1:C8:21:E4:87:F1:B3:55:9F:2B:11:04:33:91
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193297BAA4934DE632FFCF746AF8B9D8A09
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3iWtpMHw4cgh5Ifxs1WfKxEEM5E.roa
Signing time: Thu 14 Nov 2024 07:03:10 +0000
ROA not before: Thu 14 Nov 2024 07:03:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
31.169.124.0/24 maxlen: 24
31.169.125.0/24 maxlen: 24
31.169.126.0/24 maxlen: 24
31.169.127.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.95.0.0/24 maxlen: 24
45.95.2.0/24 maxlen: 24
87.120.92.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
87.120.219.0/24 maxlen: 24
87.120.222.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.184.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
193.148.58.0/24 maxlen: 24
193.148.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:29:7b:aa:49:34:de:63:2f:fc:f7:46:af:8b:9d:8a:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 14 07:03:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de25ada4c1f0e1c821e487f1b3559f2b11043391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e5:3e:7e:15:c2:19:60:6b:db:b0:d6:20:d2:
52:50:be:fc:7c:eb:ff:e4:53:00:06:78:86:f6:03:
c0:d2:8f:04:d2:e0:bd:4d:6c:1a:14:fc:dd:ea:7b:
6f:78:da:96:50:4a:8c:b8:69:9b:5d:a6:91:1e:b8:
ab:c2:31:55:14:18:22:4d:59:13:6c:45:7c:7f:8e:
bf:1c:a4:f6:7e:da:c7:df:22:64:9b:19:4f:53:22:
0a:b6:cb:41:78:10:12:b8:00:1b:f6:c9:9c:12:0e:
d0:24:d5:ea:a1:c3:ec:2a:ed:c0:6c:da:77:ee:a6:
72:bd:86:03:88:d5:1b:33:44:a8:28:cf:e0:11:0d:
a4:83:74:27:0c:47:20:e5:5b:10:cc:ad:f2:a9:fd:
e4:08:b0:2e:a1:59:3b:70:89:a5:2d:16:05:6e:51:
ab:8f:2a:15:17:95:d4:b4:ee:6a:d9:79:2d:18:4b:
68:5d:c0:2e:2c:fc:29:e2:66:23:c7:95:4a:1e:db:
83:94:bd:f9:e5:9f:94:85:5c:10:29:ac:1f:fa:b8:
1d:58:77:9a:96:27:86:d3:20:5c:e6:70:8b:cf:92:
5a:55:12:9d:97:3b:0c:23:ab:c3:97:0b:eb:98:ab:
e5:68:e2:e5:c6:8a:8a:57:c7:2f:4b:85:01:24:16:
90:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:25:AD:A4:C1:F0:E1:C8:21:E4:87:F1:B3:55:9F:2B:11:04:33:91
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3iWtpMHw4cgh5Ifxs1WfKxEEM5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
31.169.124.0/22
45.88.66.0/24
45.95.0.0/24
45.95.2.0/24
87.120.92.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.219.0/24
87.120.222.0/24
87.121.47.0/24
87.121.216.0/24
93.123.31.0/24
94.125.102.0/23
185.207.14.0/23
185.252.179.0/24
193.8.184.0/24
193.8.186.0/23
193.148.56.0/22
Signature Algorithm: sha256WithRSAEncryption
98:f6:37:85:46:d7:4f:20:41:0e:0e:9a:de:7d:11:54:a9:ea:
6d:af:5b:ce:8a:be:c3:93:5e:8c:ba:b8:53:58:77:26:42:e3:
1c:f4:84:9b:6e:a8:69:f7:5f:85:ec:94:8f:86:94:2e:72:bf:
ff:7d:43:f3:e9:5f:af:42:00:22:a6:cd:ea:1c:31:28:d3:61:
b8:fb:27:83:a6:dd:9b:73:be:d5:4c:25:8d:99:12:50:5c:5b:
73:eb:13:e9:08:ce:91:ea:94:af:45:71:a3:01:e8:ff:11:9d:
fd:00:8c:a2:1a:0e:e9:9b:6e:31:c4:86:20:c5:48:3c:b5:42:
f7:f3:60:2c:6d:2f:47:00:16:51:36:44:ac:45:ad:84:00:4a:
29:c9:b3:dc:f8:69:d6:fe:11:ce:67:ff:3f:45:b6:61:07:cd:
5f:e8:5d:29:92:73:ea:61:eb:c1:65:eb:b5:5b:85:19:1f:65:
b3:87:98:16:92:e1:11:b8:88:53:e9:94:dd:4c:9c:2d:98:fd:
df:05:f9:14:d5:dc:c8:5b:76:97:fd:ca:b7:66:05:cf:ee:59:
f2:60:25:d9:4d:65:57:94:8a:06:88:c6:ac:00:8a:9d:77:1d:
10:1a:b5:6c:b9:81:58:dc:19:13:e0:fc:8e:69:09:64:6d:83:
0c:12:5d:86
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZMpe6pJNN5jL/z3Rq+LnYoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTE0MDcwMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI1YWRhNGMxZjBlMWM4MjFlNDg3ZjFiMzU1OWYyYjExMDQzMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+U+fhXCGWBr27DWINJSUL78fOv/
5FMABniG9gPA0o8E0uC9TWwaFPzd6ntveNqWUEqMuGmbXaaRHrirwjFVFBgiTVkT
bEV8f46/HKT2ftrH3yJkmxlPUyIKtstBeBASuAAb9smcEg7QJNXqocPsKu3AbNp3
7qZyvYYDiNUbM0SoKM/gEQ2kg3QnDEcg5VsQzK3yqf3kCLAuoVk7cImlLRYFblGr
jyoVF5XUtO5q2XktGEtoXcAuLPwp4mYjx5VKHtuDlL355Z+UhVwQKawf+rgdWHea
lieG0yBc5nCLz5JaVRKdlzsMI6vDlwvrmKvlaOLlxoqKV8cvS4UBJBaQPwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFN4lraTB8OHIIeSH8bNVnysRBDORMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM2lXdHBNSHc0Y2doNUlmeHMxV2ZLeEVFTTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYwDAME
AwX9OAMEAAX9OgMEAh+pfAMEAC1YQgMEAC1fAAMEAC1fAgMEAFd4XAMEAFd4bAME
AFd4xAMEAFd4zQMEAFd42AMEAFd42wMEAFd43gMEAFd5LwMEAFd52AMEAF17HwME
AV59ZgMEAbnPDgMEALn8swMEAMEIuAMEAcEIugMEAsGUODANBgkqhkiG9w0BAQsF
AAOCAQEAmPY3hUbXTyBBDg6a3n0RVKnqba9bzoq+w5NejLq4U1h3JkLjHPSEm26o
afdfheyUj4aULnK//31D8+lfr0IAIqbN6hwxKNNhuPsng6bdm3O+1UwljZkSUFxb
c+sT6QjOkeqUr0VxowHo/xGd/QCMohoO6ZtuMcSGIMVIPLVC9/NgLG0vRwAWUTZE
rEWthABKKcmz3Php1v4Rzmf/P0W2YQfNX+hdKZJz6mHrwWXrtVuFGR9ls4eYFpLh
EbiIU+mU3UycLZj93wX5FNXcyFt2l/3Kt2YFz+5Z8mAl2U1lV5SKBojGrACKnXcd
EBq1bLmBWNwZE+D8jmkJZG2DDBJdhg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:35:56 2024 by rpki-client on console-ams.rpki-client.org