Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/d5y6WE89H-Whx3tJw1uEN86WM_4.roa
File: d5y6WE89H-Whx3tJw1uEN86WM_4.roa (raw, json)
Hash identifier: AqD+LCf8bnbxLON9ChIh8Q05VgcjAs7eGTUQmWHNg8k=
Subject key identifier: 77:9C:BA:58:4F:3D:1F:E5:A1:C7:7B:49:C3:5B:84:37:CE:96:33:FE
Certificate issuer: /CN=c1ab247c636ad389bf9f8c5074c8220230e8edcc
Certificate serial: 018CC26D68C6C98C2313E1FA465651764A6C
Authority key identifier: C1:AB:24:7C:63:6A:D3:89:BF:9F:8C:50:74:C8:22:02:30:E8:ED:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/waskfGNq04m_n4xQdMgiAjDo7cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/d5y6WE89H-Whx3tJw1uEN86WM_4.roa
Signing time: Mon 01 Jan 2024 00:29:59 +0000
ROA not before: Mon 01 Jan 2024 00:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44964
IP address blocks: 93.188.40.0/21 maxlen: 21
37.203.240.0/24 maxlen: 24
37.203.242.64/27 maxlen: 27
37.203.243.0/24 maxlen: 24
37.203.242.192/26 maxlen: 26
37.203.242.128/26 maxlen: 26
37.203.242.0/24 maxlen: 29
37.203.245.0/24 maxlen: 24
37.203.246.0/24 maxlen: 24
37.203.247.0/24 maxlen: 24
93.188.41.79/32 maxlen: 32
37.203.242.48/29 maxlen: 29
37.203.242.32/28 maxlen: 28
2a00:c8c0:1::/48 maxlen: 48
2a00:c8c0::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/waskfGNq04m_n4xQdMgiAjDo7cw.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/waskfGNq04m_n4xQdMgiAjDo7cw.mft
rsync://rpki.ripe.net/repository/DEFAULT/waskfGNq04m_n4xQdMgiAjDo7cw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:68:c6:c9:8c:23:13:e1:fa:46:56:51:76:4a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1ab247c636ad389bf9f8c5074c8220230e8edcc
Validity
Not Before: Jan 1 00:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=779cba584f3d1fe5a1c77b49c35b8437ce9633fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:41:22:f5:e1:96:06:71:50:9f:12:bc:76:bf:
9a:cf:22:70:58:1f:d9:a3:84:99:2e:1b:5a:a6:0a:
a4:1a:4e:01:03:36:71:08:9b:75:65:fb:1b:64:d1:
f8:28:f6:fe:a0:e3:ad:26:a7:b9:4b:80:0b:88:41:
a6:94:4d:f1:3d:40:a2:60:3f:5f:f8:98:8c:d1:b9:
c4:ef:af:4a:58:70:dd:c9:66:e6:59:6e:8b:cb:03:
84:9f:8d:6b:22:c3:45:07:30:c3:7b:04:ac:3f:20:
f1:da:4a:31:2c:59:aa:50:14:c7:84:60:5a:4f:77:
4e:e3:78:c9:03:c7:d4:a2:e0:db:cd:a7:13:9c:1f:
f2:90:db:26:ce:f8:e0:24:11:3a:69:c2:76:bc:36:
b1:8c:39:ce:03:10:2f:43:ca:3e:0c:2c:af:41:b4:
ed:2e:a2:f2:84:5e:4a:76:32:8b:05:60:e9:eb:85:
8c:0c:99:00:85:a6:ca:ea:f9:b8:37:cf:f3:0f:2d:
6a:b4:59:1f:b3:43:38:d3:85:cc:3e:87:2b:11:1f:
60:e3:5f:08:dd:e4:01:22:a9:12:0c:fa:6d:3e:3e:
a3:de:42:a7:fb:a5:36:e9:2b:d6:33:fc:62:af:15:
ca:78:e9:cc:50:32:5e:5c:5c:8f:a4:45:3c:43:d5:
da:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9C:BA:58:4F:3D:1F:E5:A1:C7:7B:49:C3:5B:84:37:CE:96:33:FE
X509v3 Authority Key Identifier:
keyid:C1:AB:24:7C:63:6A:D3:89:BF:9F:8C:50:74:C8:22:02:30:E8:ED:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/waskfGNq04m_n4xQdMgiAjDo7cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/d5y6WE89H-Whx3tJw1uEN86WM_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/waskfGNq04m_n4xQdMgiAjDo7cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.240.0/24
37.203.242.0/23
37.203.245.0-37.203.247.255
93.188.40.0/21
IPv6:
2a00:c8c0::/47
Signature Algorithm: sha256WithRSAEncryption
70:ab:26:3e:95:12:33:16:80:83:02:68:d3:c6:40:67:26:be:
97:cf:76:92:bd:ab:43:73:36:ff:d3:a1:e4:a7:6b:2c:56:2c:
98:58:96:08:64:39:e4:cf:2d:b1:fc:4e:b0:f3:49:c4:53:8f:
55:f1:ae:a9:f8:43:61:1e:c1:cd:04:24:86:06:56:b7:4b:bb:
2e:63:c1:e9:82:66:e0:7f:5c:5d:46:17:5b:8f:7e:96:fa:17:
82:35:2d:c0:cf:2f:a1:bc:ed:7e:fd:2f:60:43:1a:82:5c:a0:
2b:27:8a:ab:c7:14:68:1b:03:fa:66:99:13:1e:89:fd:f7:39:
62:5f:e1:7e:de:4b:3a:1a:22:e6:3a:cc:65:c7:a5:67:3d:00:
40:b5:a9:89:78:ab:d0:ca:20:e5:f2:78:56:25:cd:97:7d:cd:
ad:0c:85:d6:c6:8a:bd:e5:0a:24:f9:a8:4f:f9:39:f9:59:e7:
16:75:71:28:d6:2f:6f:92:28:af:09:2f:e0:c7:cd:9c:2f:90:
ec:69:d3:4a:93:d5:fb:57:a7:fd:b8:9b:f7:51:32:1e:7c:24:
5c:81:53:e4:f5:64:d1:9e:b4:f4:15:ae:c2:af:c8:2a:1a:67:
d4:fc:55:17:2f:82:02:b8:76:64:bd:07:59:30:2a:cd:39:cd:
e4:08:3c:ae
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzCbWjGyYwjE+H6RlZRdkpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWIyNDdjNjM2YWQzODliZjlmOGM1MDc0YzgyMjAyMzBl
OGVkY2MwHhcNMjQwMTAxMDAyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzljYmE1ODRmM2QxZmU1YTFjNzdiNDljMzViODQzN2NlOTYzM2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEEi9eGWBnFQnxK8dr+azyJwWB/Z
o4SZLhtapgqkGk4BAzZxCJt1ZfsbZNH4KPb+oOOtJqe5S4ALiEGmlE3xPUCiYD9f
+JiM0bnE769KWHDdyWbmWW6LywOEn41rIsNFBzDDewSsPyDx2koxLFmqUBTHhGBa
T3dO43jJA8fUouDbzacTnB/ykNsmzvjgJBE6acJ2vDaxjDnOAxAvQ8o+DCyvQbTt
LqLyhF5KdjKLBWDp64WMDJkAhabK6vm4N8/zDy1qtFkfs0M404XMPocrER9g418I
3eQBIqkSDPptPj6j3kKn+6U26SvWM/xirxXKeOnMUDJeXFyPpEU8Q9XaKwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFHeculhPPR/locd7ScNbhDfOljP+MB8GA1UdIwQY
MBaAFMGrJHxjatOJv5+MUHTIIgIw6O3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2Fza2ZHTnEwNG1fbjR4UWRNZ2lBakRvN2N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81NjY5MzgtZTJhOC00OGIzLTgxNmIt
MjdiMTEzY2ZmNTNiLzEvZDV5NldFODlILVdoeDN0SncxdUVOODZXTV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81NjY5MzgtZTJhOC00OGIzLTgxNmItMjdiMTEzY2ZmNTNi
LzEvd2Fza2ZHTnEwNG1fbjR4UWRNZ2lBakRvN2N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQAJcvwAwQB
JcvyMAwDBAAly/UDBAMly/ADBANdvCgwDwQCAAIwCQMHASoAyMAAADANBgkqhkiG
9w0BAQsFAAOCAQEAcKsmPpUSMxaAgwJo08ZAZya+l892kr2rQ3M2/9Oh5KdrLFYs
mFiWCGQ55M8tsfxOsPNJxFOPVfGuqfhDYR7BzQQkhgZWt0u7LmPB6YJm4H9cXUYX
W49+lvoXgjUtwM8vobztfv0vYEMaglygKyeKq8cUaBsD+maZEx6J/fc5Yl/hft5L
Ohoi5jrMZcelZz0AQLWpiXir0Mog5fJ4ViXNl33NrQyF1saKveUKJPmoT/k5+Vnn
FnVxKNYvb5Iorwkv4MfNnC+Q7GnTSpPV+1en/bib91EyHnwkXIFT5PVk0Z609BWu
wq/IKhpn1PxVFy+CArh2ZL0HWTAqzTnN5Ag8rg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:21:47 2024 by rpki-client on console-fra.rpki-client.org