Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/ryEUpr2AUL7cC0-iIpMVqB_lhvA.roa
File: ryEUpr2AUL7cC0-iIpMVqB_lhvA.roa (raw, json)
Hash identifier: Ltj8zvUwWbKMNITY64Emz7biuEYA8qkJPXM2Q6TacMQ=
Subject key identifier: AF:21:14:A6:BD:80:50:BE:DC:0B:4F:A2:22:93:15:A8:1F:E5:86:F0
Certificate issuer: /CN=f779f5f0288985abde09827e03d787a52149e7ec
Certificate serial: 018DA38420A3EE900A73CCF43AE64B855069
Authority key identifier: F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/ryEUpr2AUL7cC0-iIpMVqB_lhvA.roa
Signing time: Tue 13 Feb 2024 17:29:21 +0000
ROA not before: Tue 13 Feb 2024 17:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29467
IP address blocks: 5.149.112.0/21 maxlen: 24
153.92.48.0/20 maxlen: 24
178.251.160.0/21 maxlen: 24
185.4.124.0/22 maxlen: 24
185.97.244.0/22 maxlen: 24
185.123.216.0/22 maxlen: 24
2a02:70c0::/32 maxlen: 32
2a03:2f00::/32 maxlen: 32
2a03:92e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/93n18CiJhaveCYJ-A9eHpSFJ5-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/93n18CiJhaveCYJ-A9eHpSFJ5-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a3:84:20:a3:ee:90:0a:73:cc:f4:3a:e6:4b:85:50:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f779f5f0288985abde09827e03d787a52149e7ec
Validity
Not Before: Feb 13 17:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af2114a6bd8050bedc0b4fa2229315a81fe586f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:83:b5:38:0b:51:94:d9:d5:fc:38:12:ab:5a:
12:75:24:89:60:23:7f:f2:d8:3a:71:de:49:a5:3f:
8c:cb:ba:5c:3f:8d:ba:ef:92:b9:ae:e1:e9:6f:d8:
6e:ab:36:33:56:0f:21:10:37:a2:b5:26:9e:fa:85:
7b:74:d2:50:36:8f:2d:be:88:31:e9:ce:d6:6e:8e:
f9:5f:24:03:a8:77:f5:e1:47:7e:95:a0:6b:e7:85:
45:59:bf:01:94:76:2f:ba:96:3e:aa:44:10:a2:bc:
0b:90:c6:67:b8:0d:a2:8f:b9:ff:0e:c9:ef:9c:b8:
d0:5a:ed:65:a2:10:7b:2c:85:90:4e:25:f6:d9:c5:
1c:59:36:b5:b3:cc:63:d5:53:60:59:a6:6f:82:27:
47:74:ee:0c:37:28:b8:b4:22:eb:d9:42:15:97:aa:
bb:7e:9f:f4:8e:18:6f:9f:b3:bf:88:37:19:c0:39:
2a:ff:ef:d2:18:b2:d2:e0:a8:36:81:6f:a4:9d:fc:
7d:6f:8c:3e:77:b1:d1:35:de:15:ea:ed:5b:c0:bb:
2a:48:3a:d8:60:05:41:f6:f2:f8:9a:5a:65:ed:16:
3a:27:a8:e1:6e:c6:2e:08:9b:7e:b8:21:a6:89:b5:
92:65:94:44:1e:90:0e:04:a5:3e:b3:3b:a4:3c:df:
67:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:21:14:A6:BD:80:50:BE:DC:0B:4F:A2:22:93:15:A8:1F:E5:86:F0
X509v3 Authority Key Identifier:
keyid:F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/ryEUpr2AUL7cC0-iIpMVqB_lhvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/93n18CiJhaveCYJ-A9eHpSFJ5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.112.0/21
153.92.48.0/20
178.251.160.0/21
185.4.124.0/22
185.97.244.0/22
185.123.216.0/22
IPv6:
2a02:70c0::/32
2a03:2f00::/32
2a03:92e0::/32
Signature Algorithm: sha256WithRSAEncryption
21:36:72:e1:68:fc:04:52:d2:c3:40:be:8a:9a:29:32:04:dd:
ba:bc:8f:32:de:a9:0e:ce:e8:dc:bb:8e:e7:f4:a4:85:e6:26:
01:b3:91:8a:6a:a7:f1:c7:82:1f:ce:80:2a:d0:d0:b4:ab:a4:
e4:95:e5:db:42:b3:d0:84:26:75:f2:cb:c9:21:ab:c1:1f:da:
14:77:d6:fb:dc:3f:93:51:ee:2b:51:12:5d:6a:2d:25:c8:2b:
0c:6e:b6:53:f1:02:3e:0c:9a:8f:2f:dd:e0:ef:0e:73:74:ef:
dc:14:a7:27:7d:ca:79:fc:c6:8b:f4:2e:fd:6b:09:4c:0c:89:
c6:8f:56:7d:02:c4:8a:33:ee:4d:53:b7:a9:ab:92:15:9f:72:
7a:a7:38:98:4d:f1:82:05:b0:66:a3:56:bc:be:29:55:5a:f6:
7a:5a:cb:ab:8c:49:c1:d7:5c:82:d4:86:55:01:f7:5c:fb:1e:
3b:cc:54:ed:a4:30:c1:9c:2d:85:73:32:55:84:49:e9:c8:7e:
26:ed:39:c6:89:80:25:ac:cd:f1:59:fc:14:2f:c5:de:14:57:
cd:27:98:79:96:95:c9:8f:dc:50:48:2c:76:28:c2:13:e2:2f:
ee:46:d2:26:43:77:06:79:c5:11:e8:52:3f:79:eb:24:b5:74:
ce:03:62:20
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY2jhCCj7pAKc8z0OuZLhVBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzlmNWYwMjg4OTg1YWJkZTA5ODI3ZTAzZDc4N2E1MjE0
OWU3ZWMwHhcNMjQwMjEzMTcyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjIxMTRhNmJkODA1MGJlZGMwYjRmYTIyMjkzMTVhODFmZTU4NmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoO1OAtRlNnV/DgSq1oSdSSJYCN/
8tg6cd5JpT+My7pcP42675K5ruHpb9huqzYzVg8hEDeitSae+oV7dNJQNo8tvogx
6c7Wbo75XyQDqHf14Ud+laBr54VFWb8BlHYvupY+qkQQorwLkMZnuA2ij7n/Dsnv
nLjQWu1lohB7LIWQTiX22cUcWTa1s8xj1VNgWaZvgidHdO4MNyi4tCLr2UIVl6q7
fp/0jhhvn7O/iDcZwDkq/+/SGLLS4Kg2gW+knfx9b4w+d7HRNd4V6u1bwLsqSDrY
YAVB9vL4mlpl7RY6J6jhbsYuCJt+uCGmibWSZZREHpAOBKU+szukPN9nQwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFK8hFKa9gFC+3AtPoiKTFagf5YbwMB8GA1UdIwQY
MBaAFPd59fAoiYWr3gmCfgPXh6UhSefsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNuMThDaUpoYXZlQ1lKLUE5ZUhwU0ZKNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hZWQzODEtNDVjYy00NGJjLWE1YzMt
ZmU3OTYzYmVjN2QzLzEvcnlFVXByMkFVTDdjQzAtaUlwTVZxQl9saHZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hZWQzODEtNDVjYy00NGJjLWE1YzMtZmU3OTYzYmVjN2Qz
LzEvOTNuMThDaUpoYXZlQ1lKLUE5ZUhwU0ZKNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDBZVwAwQE
mVwwAwQDsvugAwQCuQR8AwQCuWH0AwQCuXvYMBsEAgACMBUDBQAqAnDAAwUAKgMv
AAMFACoDkuAwDQYJKoZIhvcNAQELBQADggEBACE2cuFo/ARS0sNAvoqaKTIE3bq8
jzLeqQ7O6Ny7juf0pIXmJgGzkYpqp/HHgh/OgCrQ0LSrpOSV5dtCs9CEJnXyy8kh
q8Ef2hR31vvcP5NR7itREl1qLSXIKwxutlPxAj4Mmo8v3eDvDnN079wUpyd9ynn8
xov0Lv1rCUwMicaPVn0CxIoz7k1Tt6mrkhWfcnqnOJhN8YIFsGajVry+KVVa9npa
y6uMScHXXILUhlUB91z7HjvMVO2kMMGcLYVzMlWESenIfibtOcaJgCWszfFZ/BQv
xd4UV80nmHmWlcmP3FBILHYowhPiL+5G0iZDdwZ5xRHoUj956yS1dM4DYiA=
-----END CERTIFICATE-----
Generated at Wed May 22 02:41:53 2024 by rpki-client on console-fra.rpki-client.org