Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/SuOwtMbuU-Z96TNV8ykX60wQcAA.roa
File: SuOwtMbuU-Z96TNV8ykX60wQcAA.roa (raw, json)
Hash identifier: XZipaCIidQfi/ERoF9Ii0CSbt4ytQJhD8tTSLBWZVGs=
Subject key identifier: 4A:E3:B0:B4:C6:EE:53:E6:7D:E9:33:55:F3:29:17:EB:4C:10:70:00
Certificate issuer: /CN=42116774afb5ed1ac9926b0bc2d57f8b8058b3e7
Certificate serial: 018CC3489B56B0611D30B1CF3932925C6F3C
Authority key identifier: 42:11:67:74:AF:B5:ED:1A:C9:92:6B:0B:C2:D5:7F:8B:80:58:B3:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QhFndK-17RrJkmsLwtV_i4BYs-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/SuOwtMbuU-Z96TNV8ykX60wQcAA.roa
Signing time: Mon 01 Jan 2024 04:29:24 +0000
ROA not before: Mon 01 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56724
IP address blocks: 185.61.252.0/22 maxlen: 24
5.149.152.0/23 maxlen: 24
5.149.154.0/24 maxlen: 24
5.149.159.0/24 maxlen: 24
2a04:ee00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/QhFndK-17RrJkmsLwtV_i4BYs-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/QhFndK-17RrJkmsLwtV_i4BYs-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/QhFndK-17RrJkmsLwtV_i4BYs-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9b:56:b0:61:1d:30:b1:cf:39:32:92:5c:6f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42116774afb5ed1ac9926b0bc2d57f8b8058b3e7
Validity
Not Before: Jan 1 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ae3b0b4c6ee53e67de93355f32917eb4c107000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:81:b0:81:0a:86:da:35:0e:7c:b9:1b:0e:6a:
c0:d0:ef:e7:e7:04:58:bf:1f:45:cd:72:3f:52:fa:
b0:2c:66:da:e9:95:14:6d:e4:87:ce:91:59:04:d4:
ab:56:08:9b:7b:62:0a:bd:52:cb:8f:03:57:37:c6:
82:9f:b2:69:14:aa:51:f4:84:02:ff:55:5e:0a:51:
af:9d:ee:0b:92:fd:f0:d2:f4:04:1b:23:66:38:a4:
b1:bb:95:ff:77:ec:09:9f:25:54:c0:80:ec:26:c5:
8b:e1:d8:84:60:b5:4d:42:52:d3:02:d1:2d:31:4c:
28:6f:ba:f5:de:cd:e0:4c:e7:ba:bf:35:b0:d6:a6:
11:22:69:3d:3b:7e:ca:c3:34:60:b0:c1:6b:6e:c4:
4c:96:98:e4:d7:57:41:13:a2:d4:fd:f7:5e:84:36:
af:9f:85:88:a9:31:59:ce:a3:b5:60:2d:02:9b:a3:
f9:99:28:91:11:99:43:b3:21:06:85:9a:b8:a7:d8:
d6:2d:cc:7b:d5:86:11:69:2d:39:3d:99:56:e1:19:
9d:eb:ac:11:63:ef:f5:a7:c2:f0:8e:20:d6:60:7f:
1a:e7:21:be:a2:5d:d4:e4:0a:8b:7c:39:43:17:89:
c8:a5:b6:ed:d4:e9:3a:f6:52:ba:53:7e:d9:7d:fd:
5c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E3:B0:B4:C6:EE:53:E6:7D:E9:33:55:F3:29:17:EB:4C:10:70:00
X509v3 Authority Key Identifier:
keyid:42:11:67:74:AF:B5:ED:1A:C9:92:6B:0B:C2:D5:7F:8B:80:58:B3:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QhFndK-17RrJkmsLwtV_i4BYs-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/SuOwtMbuU-Z96TNV8ykX60wQcAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/174627-e52f-4fa6-b331-e97cd3ad4da3/1/QhFndK-17RrJkmsLwtV_i4BYs-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.152.0-5.149.154.255
5.149.159.0/24
185.61.252.0/22
IPv6:
2a04:ee00::/29
Signature Algorithm: sha256WithRSAEncryption
66:39:e6:7f:26:85:69:34:6c:43:18:46:cc:57:a3:74:a9:69:
46:03:78:c8:52:eb:9a:82:f0:2e:bc:ac:5a:16:57:9e:3f:2a:
53:8d:53:72:0c:0f:53:0b:6d:47:12:ed:ba:1d:3c:a8:09:14:
df:6f:c1:b6:03:69:68:8b:e1:f0:26:ab:61:05:10:7e:72:f8:
16:f6:8c:7e:10:39:87:45:82:ee:59:7d:95:3d:71:b6:f0:6d:
18:9b:5c:6f:39:3e:a4:41:e7:e5:ee:19:f7:38:9e:c2:2b:3a:
4f:71:e5:ec:46:4c:84:e0:1e:3f:2b:49:bd:02:60:47:86:2f:
12:a2:8a:13:b7:2b:3d:c8:67:b8:8f:d6:b8:fa:e2:dc:9b:1e:
6c:45:32:60:e9:22:7f:8f:cb:ff:a2:fc:aa:ec:31:f5:6b:2b:
cc:03:e1:55:65:38:bf:c8:31:c2:7c:eb:0d:07:e1:fb:6b:a9:
86:54:14:1d:d3:5a:bd:5a:69:64:cb:98:f2:e6:21:8d:8e:79:
5c:1f:19:45:a4:da:86:ab:99:c7:93:ed:c9:e8:80:d2:de:03:
25:fc:95:53:4f:99:bc:cb:c4:d7:c5:ef:2b:7b:1e:66:57:dc:
4c:e6:c4:62:76:60:52:35:25:bd:d9:9c:cc:07:49:82:b9:75:
cb:b2:51:48
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzDSJtWsGEdMLHPOTKSXG88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMTE2Nzc0YWZiNWVkMWFjOTkyNmIwYmMyZDU3ZjhiODA1
OGIzZTcwHhcNMjQwMTAxMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWUzYjBiNGM2ZWU1M2U2N2RlOTMzNTVmMzI5MTdlYjRjMTA3MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioGwgQqG2jUOfLkbDmrA0O/n5wRY
vx9FzXI/UvqwLGba6ZUUbeSHzpFZBNSrVgibe2IKvVLLjwNXN8aCn7JpFKpR9IQC
/1VeClGvne4Lkv3w0vQEGyNmOKSxu5X/d+wJnyVUwIDsJsWL4diEYLVNQlLTAtEt
MUwob7r13s3gTOe6vzWw1qYRImk9O37KwzRgsMFrbsRMlpjk11dBE6LU/fdehDav
n4WIqTFZzqO1YC0Cm6P5mSiREZlDsyEGhZq4p9jWLcx71YYRaS05PZlW4Rmd66wR
Y+/1p8LwjiDWYH8a5yG+ol3U5AqLfDlDF4nIpbbt1Ok69lK6U37Zff1cqwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFErjsLTG7lPmfekzVfMpF+tMEHAAMB8GA1UdIwQY
MBaAFEIRZ3Svte0ayZJrC8LVf4uAWLPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWhGbmRLLTE3UnJKa21zTHd0Vl9pNEJZcy1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xNzQ2MjctZTUyZi00ZmE2LWIzMzEt
ZTk3Y2QzYWQ0ZGEzLzEvU3VPd3RNYnVVLVo5NlROVjh5a1g2MHdRY0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xNzQ2MjctZTUyZi00ZmE2LWIzMzEtZTk3Y2QzYWQ0ZGEz
LzEvUWhGbmRLLTE3UnJKa21zTHd0Vl9pNEJZcy1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAMFlZgD
BAAFlZoDBAAFlZ8DBAK5PfwwDQQCAAIwBwMFAyoE7gAwDQYJKoZIhvcNAQELBQAD
ggEBAGY55n8mhWk0bEMYRsxXo3SpaUYDeMhS65qC8C68rFoWV54/KlONU3IMD1ML
bUcS7bodPKgJFN9vwbYDaWiL4fAmq2EFEH5y+Bb2jH4QOYdFgu5ZfZU9cbbwbRib
XG85PqRB5+XuGfc4nsIrOk9x5exGTITgHj8rSb0CYEeGLxKiihO3Kz3IZ7iP1rj6
4tybHmxFMmDpIn+Py/+i/KrsMfVrK8wD4VVlOL/IMcJ86w0H4ftrqYZUFB3TWr1a
aWTLmPLmIY2OeVwfGUWk2oarmceT7cnogNLeAyX8lVNPmbzLxNfF7yt7HmZX3Ezm
xGJ2YFI1Jb3ZnMwHSYK5dcuyUUg=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:41:19 2024 by rpki-client on console-fra.rpki-client.org