Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/HEeXGdtkG5CUKMV5W6dqoMoi0-U.roa
File: HEeXGdtkG5CUKMV5W6dqoMoi0-U.roa (raw, json)
Hash identifier: 5yCqKrYfH9pb7GvyPa+DotboI/WsKPaifsYCqyUkiFM=
Subject key identifier: 1C:47:97:19:DB:64:1B:90:94:28:C5:79:5B:A7:6A:A0:CA:22:D3:E5
Certificate issuer: /CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Certificate serial: 01906D7DC9766EB90DFA1857F18E72BD0A77
Authority key identifier: 5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/HEeXGdtkG5CUKMV5W6dqoMoi0-U.roa
Signing time: Mon 01 Jul 2024 08:51:18 +0000
ROA not before: Mon 01 Jul 2024 08:51:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34373
IP address blocks: 45.128.64.0/22 maxlen: 24
45.132.40.0/22 maxlen: 24
77.74.124.0/22 maxlen: 24
86.48.68.0/22 maxlen: 24
91.219.76.0/22 maxlen: 24
185.56.52.0/22 maxlen: 24
185.69.204.0/22 maxlen: 24
185.96.44.0/22 maxlen: 24
185.97.228.0/22 maxlen: 24
185.116.40.0/22 maxlen: 24
185.165.68.0/22 maxlen: 24
185.210.128.0/22 maxlen: 24
193.105.233.0/24 maxlen: 24
217.61.253.0/24 maxlen: 24
2a00:4140::/29 maxlen: 48
2a06:900::/29 maxlen: 48
2a06:7bc0::/29 maxlen: 48
2a0b:57c0::/29 maxlen: 48
2a0b:ec00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:7d:c9:76:6e:b9:0d:fa:18:57:f1:8e:72:bd:0a:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bea81aa9b2197d9127b442525100ffaa36e0d52
Validity
Not Before: Jul 1 08:51:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c479719db641b909428c5795ba76aa0ca22d3e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1f:4e:2c:c9:67:6f:b6:2d:33:aa:d9:26:2e:
54:db:96:d5:a3:dd:a0:22:be:21:b1:ff:06:7b:50:
39:7b:25:d1:4c:96:a2:16:f0:09:3b:39:db:29:e6:
a8:88:b4:50:8f:ed:33:17:84:82:7e:b9:f8:94:f4:
8b:bb:d5:d0:fa:f8:73:34:de:6e:59:d5:6f:35:e5:
ef:f1:64:15:6d:ba:3c:2d:e7:54:2f:b4:97:74:b8:
85:93:2d:32:73:f6:71:7d:bb:34:99:dc:7e:2e:9b:
16:01:76:ec:b2:be:5f:1e:67:be:e2:25:c6:c2:5c:
9e:03:a2:39:6f:32:78:88:4f:9b:ac:3b:12:dc:ea:
20:46:4b:97:47:28:3e:e0:93:cc:e4:51:cc:98:8d:
85:71:9b:27:35:c7:26:c5:05:1d:a8:2e:a1:c6:60:
1e:f4:06:3c:04:aa:65:01:76:67:6a:f2:ab:68:c8:
90:78:b4:e5:16:9a:0f:20:6d:74:38:d9:3c:8e:88:
2f:4d:2b:5a:34:df:32:77:9d:f3:85:45:d9:0e:0b:
4a:97:25:b7:e6:59:ea:91:46:92:c8:f3:26:6a:4d:
74:fd:bd:88:43:c7:3a:22:5d:5c:a9:bc:c5:02:cd:
43:da:80:ad:8f:32:3b:8c:f5:25:b6:17:dd:49:55:
fb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:47:97:19:DB:64:1B:90:94:28:C5:79:5B:A7:6A:A0:CA:22:D3:E5
X509v3 Authority Key Identifier:
keyid:5B:EA:81:AA:9B:21:97:D9:12:7B:44:25:25:10:0F:FA:A3:6E:0D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-qBqpshl9kSe0QlJRAP-qNuDVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/HEeXGdtkG5CUKMV5W6dqoMoi0-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/224155-3ca4-4ff7-a964-fc0dd9252c9a/1/W-qBqpshl9kSe0QlJRAP-qNuDVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.64.0/22
45.132.40.0/22
77.74.124.0/22
86.48.68.0/22
91.219.76.0/22
185.56.52.0/22
185.69.204.0/22
185.96.44.0/22
185.97.228.0/22
185.116.40.0/22
185.165.68.0/22
185.210.128.0/22
193.105.233.0/24
217.61.253.0/24
IPv6:
2a00:4140::/29
2a06:900::/29
2a06:7bc0::/29
2a0b:57c0::/29
2a0b:ec00::/29
Signature Algorithm: sha256WithRSAEncryption
00:2b:f1:24:4b:a2:0f:8d:ac:fe:04:64:f5:c6:5a:05:20:c8:
eb:e7:e7:50:4d:2e:98:13:22:68:99:77:3a:6f:c9:30:2f:44:
fc:a5:2c:73:a5:57:3b:9a:8f:0d:21:61:cf:6d:02:72:e7:19:
b7:e9:7b:75:7d:0e:e8:a2:9c:d1:08:34:fd:dc:af:30:ef:6e:
e9:35:89:65:40:11:1d:2f:a8:92:71:b3:84:a0:cd:a3:51:80:
8c:79:df:00:dd:f2:96:77:12:1e:6f:41:45:3d:34:35:87:e7:
0b:af:d1:16:23:25:41:b3:d3:18:70:4c:22:01:50:0f:2c:54:
80:a8:5b:63:69:6d:90:5e:5b:4a:da:91:67:3f:c8:61:fe:b2:
ae:7d:ce:04:1d:22:5d:0a:cd:e1:80:7f:ac:f3:96:68:93:cb:
b7:71:a9:5f:97:1c:43:6d:dc:93:ae:13:40:61:80:1c:42:2b:
f1:67:55:54:d5:fc:42:31:aa:e2:43:ce:01:cf:af:2c:fe:46:
21:4b:b6:f8:f3:51:54:af:5f:3a:59:60:11:9a:e3:fb:86:51:
62:d2:5a:42:35:8c:99:40:b7:5f:3e:15:d0:18:77:25:34:b5:
7b:2d:05:5c:0b:fb:5b:f7:c3:f0:40:56:5f:cf:2d:d1:9e:72:
57:d0:f7:91
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZBtfcl2brkN+hhX8Y5yvQp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWE4MWFhOWIyMTk3ZDkxMjdiNDQyNTI1MTAwZmZhYTM2
ZTBkNTIwHhcNMjQwNzAxMDg1MTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzQ3OTcxOWRiNjQxYjkwOTQyOGM1Nzk1YmE3NmFhMGNhMjJkM2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx9OLMlnb7YtM6rZJi5U25bVo92g
Ir4hsf8Ge1A5eyXRTJaiFvAJOznbKeaoiLRQj+0zF4SCfrn4lPSLu9XQ+vhzNN5u
WdVvNeXv8WQVbbo8LedUL7SXdLiFky0yc/Zxfbs0mdx+LpsWAXbssr5fHme+4iXG
wlyeA6I5bzJ4iE+brDsS3OogRkuXRyg+4JPM5FHMmI2FcZsnNccmxQUdqC6hxmAe
9AY8BKplAXZnavKraMiQeLTlFpoPIG10ONk8jogvTStaNN8yd53zhUXZDgtKlyW3
5lnqkUaSyPMmak10/b2IQ8c6Il1cqbzFAs1D2oCtjzI7jPUlthfdSVX7oQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFBxHlxnbZBuQlCjFeVunaqDKItPlMB8GA1UdIwQY
MBaAFFvqgaqbIZfZEntEJSUQD/qjbg1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQt
ZmMwZGQ5MjUyYzlhLzEvSEVlWEdkdGtHNUNVS01WNVc2ZHFvTW9pMC1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yMjQxNTUtM2NhNC00ZmY3LWE5NjQtZmMwZGQ5MjUyYzlh
LzEvVy1xQnFwc2hsOWtTZTBRbEpSQVAtcU51RFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBaBAIAATBUAwQCLYBA
AwQCLYQoAwQCTUp8AwQCVjBEAwQCW9tMAwQCuTg0AwQCuUXMAwQCuWAsAwQCuWHk
AwQCuXQoAwQCuaVEAwQCudKAAwQAwWnpAwQA2T39MCkEAgACMCMDBQMqAEFAAwUD
KgYJAAMFAyoGe8ADBQMqC1fAAwUDKgvsADANBgkqhkiG9w0BAQsFAAOCAQEAACvx
JEuiD42s/gRk9cZaBSDI6+fnUE0umBMiaJl3Om/JMC9E/KUsc6VXO5qPDSFhz20C
cucZt+l7dX0O6KKc0Qg0/dyvMO9u6TWJZUARHS+oknGzhKDNo1GAjHnfAN3ylncS
Hm9BRT00NYfnC6/RFiMlQbPTGHBMIgFQDyxUgKhbY2ltkF5bStqRZz/IYf6yrn3O
BB0iXQrN4YB/rPOWaJPLt3GpX5ccQ23ck64TQGGAHEIr8WdVVNX8QjGq4kPOAc+v
LP5GIUu2+PNRVK9fOllgEZrj+4ZRYtJaQjWMmUC3Xz4V0Bh3JTS1ey0FXAv7W/fD
8EBWX88t0Z5yV9D3kQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:56:59 2024 by rpki-client on console-ams.rpki-client.org