Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/5ewqE0GpwxAn44r6L1vY6GFQu38.roa
File: 5ewqE0GpwxAn44r6L1vY6GFQu38.roa (raw, json)
Hash identifier: nVQET8kIq3rFfumlwBoAm8u5nKDBjhcxfJgrJylQjSM=
Subject key identifier: E5:EC:2A:13:41:A9:C3:10:27:E3:8A:FA:2F:5B:D8:E8:61:50:BB:7F
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 018CC26D2D97BF53316A91765E789DA0AA84
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/5ewqE0GpwxAn44r6L1vY6GFQu38.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210421
IP address blocks: 91.193.167.0/24 maxlen: 24
94.45.129.0/24 maxlen: 24
94.45.136.0/24 maxlen: 24
94.45.139.0/24 maxlen: 24
94.45.142.0/24 maxlen: 24
94.45.146.0/23 maxlen: 24
94.45.148.0/23 maxlen: 24
94.45.152.0/22 maxlen: 24
94.45.156.0/24 maxlen: 24
94.45.156.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2d:97:bf:53:31:6a:91:76:5e:78:9d:a0:aa:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5ec2a1341a9c31027e38afa2f5bd8e86150bb7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a8:ca:0e:ae:a7:f6:b2:21:44:83:e8:f9:45:
ed:58:73:16:c7:ff:68:62:2b:7a:47:97:96:9d:38:
61:00:c4:28:c8:4c:ac:04:26:68:e3:20:b0:17:98:
b8:cd:b6:94:dd:3d:25:ae:4f:af:9e:9d:7e:22:bf:
a8:8f:c4:8d:18:c4:c3:0f:3e:44:7a:db:4a:15:ec:
5c:ae:5b:b5:db:e8:2f:01:80:20:12:2a:ad:2e:e0:
1d:11:d5:ac:14:e0:93:b0:27:12:1f:ff:b9:8f:65:
ac:f9:b0:2b:49:da:08:78:06:74:3d:9d:aa:77:72:
be:99:73:36:c1:52:7c:dd:80:c4:b4:1d:b6:30:ee:
6a:3c:ff:5e:bb:72:a1:95:e0:0f:cd:be:e3:03:59:
8c:c4:96:21:f4:78:39:4a:89:4c:a5:bb:82:68:3e:
e9:2d:02:c7:6a:5d:b3:8f:f6:d3:c4:43:8f:49:f3:
ad:e3:19:98:ca:d2:69:d5:1f:1a:9d:8f:99:92:50:
f3:c6:25:c5:bf:f0:62:c3:86:04:f2:e4:f0:63:17:
7c:c7:08:33:c8:3a:72:96:48:6d:60:6c:cb:19:60:
6f:80:f7:54:4e:01:6b:d6:8e:5d:e0:5e:3a:e3:a5:
f8:86:64:ca:52:b1:80:5c:e7:44:ea:48:95:6b:a8:
02:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:EC:2A:13:41:A9:C3:10:27:E3:8A:FA:2F:5B:D8:E8:61:50:BB:7F
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/5ewqE0GpwxAn44r6L1vY6GFQu38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.167.0/24
94.45.129.0/24
94.45.136.0/24
94.45.139.0/24
94.45.142.0/24
94.45.146.0-94.45.149.255
94.45.152.0-94.45.157.255
Signature Algorithm: sha256WithRSAEncryption
31:d8:19:36:6b:54:60:e9:4b:19:b0:14:c7:0e:bf:76:94:7e:
cc:90:f3:30:b3:d8:33:29:a8:2b:d1:e3:36:d3:35:39:2b:f5:
fe:86:95:4d:98:32:6b:db:74:7f:e0:d0:4f:75:59:8a:7e:7f:
7b:dc:e6:4e:7d:c6:63:34:83:a6:6d:02:de:cf:43:ec:75:1a:
41:73:7c:0a:95:e4:b7:d6:ce:b9:71:00:1c:46:ae:12:c2:db:
ce:62:52:08:c1:73:da:9f:9f:c3:ac:e7:16:48:f8:3d:89:4e:
f9:7a:e4:71:ed:62:94:f8:a7:c9:1f:f3:4d:b2:3b:35:0b:03:
b7:2e:f8:a2:7e:50:c1:d8:d1:e8:c7:e5:cd:b3:d8:f0:a5:30:
72:42:36:b4:23:94:be:1b:e8:8d:da:81:6a:13:bb:b9:af:28:
f7:03:50:31:18:00:1e:6e:d8:4b:e8:13:59:95:ac:58:e9:8b:
7a:1c:67:d2:36:7e:c5:c3:50:4f:77:d8:7c:bb:c4:30:3f:d7:
ce:3a:a8:c5:20:4c:0f:dc:aa:45:be:53:b6:a0:f2:94:45:00:
92:d8:1c:13:d0:d7:ad:34:67:2b:87:b5:ca:34:ae:88:d5:9b:
ee:69:2e:f7:46:7b:1f:2e:57:15:54:f5:fe:f4:e7:c3:02:d6:
d7:0f:d9:a3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzCbS2Xv1MxapF2XnidoKqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWVjMmExMzQxYTljMzEwMjdlMzhhZmEyZjViZDhlODYxNTBiYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKjKDq6n9rIhRIPo+UXtWHMWx/9o
Yit6R5eWnThhAMQoyEysBCZo4yCwF5i4zbaU3T0lrk+vnp1+Ir+oj8SNGMTDDz5E
ettKFexcrlu12+gvAYAgEiqtLuAdEdWsFOCTsCcSH/+5j2Ws+bArSdoIeAZ0PZ2q
d3K+mXM2wVJ83YDEtB22MO5qPP9eu3KhleAPzb7jA1mMxJYh9Hg5SolMpbuCaD7p
LQLHal2zj/bTxEOPSfOt4xmYytJp1R8anY+ZklDzxiXFv/Biw4YE8uTwYxd8xwgz
yDpylkhtYGzLGWBvgPdUTgFr1o5d4F4646X4hmTKUrGAXOdE6kiVa6gCnQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOXsKhNBqcMQJ+OK+i9b2OhhULt/MB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvNWV3cUUwR3B3eEFuNDRyNkwxdlk2R0ZRdTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAW8GnAwQA
Xi2BAwQAXi2IAwQAXi2LAwQAXi2OMAwDBAFeLZIDBAFeLZQwDAMEA14tmAMEAV4t
nDANBgkqhkiG9w0BAQsFAAOCAQEAMdgZNmtUYOlLGbAUxw6/dpR+zJDzMLPYMymo
K9HjNtM1OSv1/oaVTZgya9t0f+DQT3VZin5/e9zmTn3GYzSDpm0C3s9D7HUaQXN8
CpXkt9bOuXEAHEauEsLbzmJSCMFz2p+fw6znFkj4PYlO+Xrkce1ilPinyR/zTbI7
NQsDty74on5QwdjR6MflzbPY8KUwckI2tCOUvhvojdqBahO7ua8o9wNQMRgAHm7Y
S+gTWZWsWOmLehxn0jZ+xcNQT3fYfLvEMD/XzjqoxSBMD9yqRb5TtqDylEUAktgc
E9DXrTRnK4e1yjSuiNWb7mku90Z7Hy5XFVT1/vTnwwLW1w/Zow==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:30:20 2024 by rpki-client on console-ams.rpki-client.org