Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/rLQEur4oLbtPQ4WGrcojRjKDWbg.roa
File: rLQEur4oLbtPQ4WGrcojRjKDWbg.roa (raw, json)
Hash identifier: Oa9Wk+l+eTaGWrop9M4KRABWbKMCAs/zKkGtBHgB22c=
Subject key identifier: AC:B4:04:BA:BE:28:2D:BB:4F:43:85:86:AD:CA:23:46:32:83:59:B8
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019324EF1B6528C75064C34FF889BEBAA152
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/rLQEur4oLbtPQ4WGrcojRjKDWbg.roa
Signing time: Wed 13 Nov 2024 09:51:10 +0000
ROA not before: Wed 13 Nov 2024 09:51:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 5.83.148.0/24 maxlen: 24
5.175.132.0/24 maxlen: 24
5.175.137.0/24 maxlen: 24
5.175.250.0/24 maxlen: 24
5.230.5.0/24 maxlen: 24
5.230.9.0/24 maxlen: 24
5.231.23.0/24 maxlen: 24
5.231.32.0/24 maxlen: 24
5.231.36.0/24 maxlen: 24
5.231.41.0/24 maxlen: 24
5.231.44.0/24 maxlen: 24
5.231.60.0/24 maxlen: 24
5.231.63.0/24 maxlen: 24
5.231.69.0/24 maxlen: 24
5.231.76.0/24 maxlen: 24
5.231.80.0/24 maxlen: 24
178.18.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:ef:1b:65:28:c7:50:64:c3:4f:f8:89:be:ba:a1:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 13 09:51:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acb404babe282dbb4f438586adca2346328359b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:fd:05:6f:82:cc:46:aa:5e:14:6e:1c:1d:
64:36:a8:41:dd:e1:25:f4:c0:f2:34:0d:18:06:af:
1d:df:0b:4c:92:2f:91:4a:a9:d5:1a:51:11:c6:ec:
8b:2a:b7:84:09:50:3d:de:bf:f1:91:57:11:9a:03:
0f:15:94:70:62:ed:e2:2b:8b:35:2a:0a:44:93:ff:
0a:ce:14:33:b0:14:6c:16:b9:ef:15:6a:51:0a:a7:
79:40:de:85:f5:df:8f:03:a6:96:e0:b0:96:e7:b0:
96:6f:ba:6e:7d:86:bc:77:9d:93:03:9c:61:44:69:
7c:10:ec:d3:09:1f:5c:c7:f9:d4:8c:04:a3:9b:30:
dc:7f:09:f6:46:f5:5f:26:97:30:2a:3a:05:75:f4:
18:f1:99:ce:6d:f0:46:c3:eb:85:9d:1a:ce:8c:ee:
66:d7:9c:86:db:e0:d0:51:9a:bd:8c:49:0a:69:58:
74:2e:22:fb:e0:82:48:65:6b:db:1e:50:6d:aa:59:
ca:a7:62:7c:01:df:9d:66:bf:d2:7b:4d:0b:47:2c:
95:bd:5f:13:40:22:0e:d7:87:3f:a7:7c:20:64:a3:
09:a8:23:ae:b5:12:17:a1:f4:b7:94:60:f6:fc:37:
a5:ec:75:62:92:7d:0b:09:49:63:8f:e1:9f:d5:2f:
e4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B4:04:BA:BE:28:2D:BB:4F:43:85:86:AD:CA:23:46:32:83:59:B8
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/rLQEur4oLbtPQ4WGrcojRjKDWbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.148.0/24
5.175.132.0/24
5.175.137.0/24
5.175.250.0/24
5.230.5.0/24
5.230.9.0/24
5.231.23.0/24
5.231.32.0/24
5.231.36.0/24
5.231.41.0/24
5.231.44.0/24
5.231.60.0/24
5.231.63.0/24
5.231.69.0/24
5.231.76.0/24
5.231.80.0/24
178.18.146.0/24
Signature Algorithm: sha256WithRSAEncryption
af:09:fe:f8:01:f1:6f:8c:45:70:2c:b2:ef:59:be:84:0d:84:
0d:8d:6f:27:0f:9f:e3:63:4a:32:be:36:b9:af:aa:53:2a:78:
0f:44:45:0a:3d:37:16:48:99:7f:44:4c:03:8c:b1:0d:ea:95:
56:26:4d:24:f8:49:d7:7e:78:87:31:3f:fa:fd:26:d0:0c:e4:
d6:86:d7:a6:f0:f0:4f:ce:5e:35:8c:83:37:03:31:37:f6:dd:
9a:2f:ee:2c:ff:11:34:d1:3a:61:76:dc:70:22:d0:f1:39:c6:
74:58:49:26:f3:1e:6d:3e:b5:1e:f6:a6:09:d6:6a:bb:aa:f6:
d0:24:6a:7a:9b:37:16:09:2f:68:3a:8d:7a:2a:72:a4:02:ce:
d5:05:38:19:4f:e5:71:84:4d:6d:46:ac:2b:07:8f:73:c0:88:
b5:f4:82:3a:53:c1:c9:1f:09:6e:e4:59:5d:d1:0b:26:d3:6c:
31:85:64:cd:15:0c:ec:2a:71:7d:0d:af:0d:b0:ed:3e:40:9f:
f0:71:c2:2d:7e:18:a0:c4:ef:bc:a2:23:d8:7c:14:d6:dd:bb:
5c:6d:c2:9f:bd:2b:bc:30:8a:04:f1:6a:6f:c6:2c:c7:cb:23:
57:a6:4e:b6:2b:bc:c2:7f:ca:64:4b:ab:73:44:3b:d4:fb:fb:
fe:f0:a2:59
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZMk7xtlKMdQZMNP+Im+uqFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMTEzMDk1MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2I0MDRiYWJlMjgyZGJiNGY0Mzg1ODZhZGNhMjM0NjMyODM1OWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRP9BW+CzEaqXhRuHB1kNqhB3eEl
9MDyNA0YBq8d3wtMki+RSqnVGlERxuyLKreECVA93r/xkVcRmgMPFZRwYu3iK4s1
KgpEk/8KzhQzsBRsFrnvFWpRCqd5QN6F9d+PA6aW4LCW57CWb7pufYa8d52TA5xh
RGl8EOzTCR9cx/nUjASjmzDcfwn2RvVfJpcwKjoFdfQY8ZnObfBGw+uFnRrOjO5m
15yG2+DQUZq9jEkKaVh0LiL74IJIZWvbHlBtqlnKp2J8Ad+dZr/Se00LRyyVvV8T
QCIO14c/p3wgZKMJqCOutRIXofS3lGD2/Del7HVikn0LCUljj+Gf1S/kOwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFKy0BLq+KC27T0OFhq3KI0Yyg1m4MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvckxRRXVyNG9MYnRQUTRXR3Jjb2pSaktEV2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABVOUAwQA
Ba+EAwQABa+JAwQABa/6AwQABeYFAwQABeYJAwQABecXAwQABecgAwQABeckAwQA
BecpAwQABecsAwQABec8AwQABec/AwQABedFAwQABedMAwQABedQAwQAshKSMA0G
CSqGSIb3DQEBCwUAA4IBAQCvCf74AfFvjEVwLLLvWb6EDYQNjW8nD5/jY0oyvja5
r6pTKngPREUKPTcWSJl/REwDjLEN6pVWJk0k+EnXfniHMT/6/SbQDOTWhtem8PBP
zl41jIM3AzE39t2aL+4s/xE00TphdtxwItDxOcZ0WEkm8x5tPrUe9qYJ1mq7qvbQ
JGp6mzcWCS9oOo16KnKkAs7VBTgZT+VxhE1tRqwrB49zwIi19II6U8HJHwlu5Fld
0Qsm02wxhWTNFQzsKnF9Da8NsO0+QJ/wccItfhigxO+8oiPYfBTW3btcbcKfvSu8
MIoE8WpvxizHyyNXpk62K7zCf8pkS6tzRDvU+/v+8KJZ
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:45 2024 by rpki-client on console-ams.rpki-client.org