Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/de5c5d-5812-4fe8-b3c0-6bc443f35544/1/SGZhhogyfUvGvdS1S7q9SLsCxAM.roa
File: SGZhhogyfUvGvdS1S7q9SLsCxAM.roa (raw, json)
Hash identifier: 0DaF1M2h4U9ikRteupo+qRccP3nuTDkkO+NaXxiWLEE=
Subject key identifier: 48:66:61:86:88:32:7D:4B:C6:BD:D4:B5:4B:BA:BD:48:BB:02:C4:03
Certificate issuer: /CN=112ba797577ea60a561af9a4598c45060e3b7088
Certificate serial: 018CC801255918E5870AA8C5AE3CCAFD9A10
Authority key identifier: 11:2B:A7:97:57:7E:A6:0A:56:1A:F9:A4:59:8C:45:06:0E:3B:70:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESunl1d-pgpWGvmkWYxFBg47cIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/de5c5d-5812-4fe8-b3c0-6bc443f35544/1/SGZhhogyfUvGvdS1S7q9SLsCxAM.roa
Signing time: Tue 02 Jan 2024 02:29:27 +0000
ROA not before: Tue 02 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34779
IP address blocks: 93.103.224.0/19 maxlen: 19
93.103.160.0/19 maxlen: 19
91.246.224.0/19 maxlen: 19
93.103.192.0/19 maxlen: 19
89.233.112.0/20 maxlen: 20
194.28.108.0/22 maxlen: 22
89.212.0.0/18 maxlen: 18
84.255.209.0/24 maxlen: 24
84.255.210.0/24 maxlen: 24
188.159.224.0/19 maxlen: 19
188.230.160.0/19 maxlen: 19
84.255.192.0/18 maxlen: 18
188.230.128.0/19 maxlen: 19
93.103.0.0/19 maxlen: 19
89.212.128.0/18 maxlen: 18
93.103.32.0/19 maxlen: 19
188.230.192.0/19 maxlen: 19
193.138.32.0/19 maxlen: 24
89.212.64.0/18 maxlen: 18
188.230.224.0/19 maxlen: 19
93.103.96.0/19 maxlen: 19
46.248.64.0/19 maxlen: 19
185.179.48.0/22 maxlen: 22
89.212.23.160/27 maxlen: 27
119.12.128.0/20 maxlen: 20
93.103.128.0/19 maxlen: 19
93.103.64.0/19 maxlen: 19
89.212.192.0/18 maxlen: 18
185.49.116.0/22 maxlen: 22
2a01:263::/32 maxlen: 32
2a01:261::/32 maxlen: 32
2a01:264::/32 maxlen: 32
2a01:267::/32 maxlen: 32
2a01:260::/32 maxlen: 32
2a01:266::/32 maxlen: 32
2a01:265::/32 maxlen: 32
2a01:262::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/de5c5d-5812-4fe8-b3c0-6bc443f35544/1/ESunl1d-pgpWGvmkWYxFBg47cIg.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/de5c5d-5812-4fe8-b3c0-6bc443f35544/1/ESunl1d-pgpWGvmkWYxFBg47cIg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ESunl1d-pgpWGvmkWYxFBg47cIg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:25:59:18:e5:87:0a:a8:c5:ae:3c:ca:fd:9a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=112ba797577ea60a561af9a4598c45060e3b7088
Validity
Not Before: Jan 2 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4866618688327d4bc6bdd4b54bbabd48bb02c403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a8:0e:5b:9c:f5:1e:e3:6b:20:fe:26:7a:f5:
53:fc:9d:35:3a:5b:88:00:82:72:5d:5d:15:d3:a1:
93:a2:59:51:7b:3b:b5:98:5f:ea:7b:5d:47:a4:d4:
a9:ec:55:bc:c0:1d:5b:cb:74:13:95:43:67:a9:2b:
60:58:8d:24:19:cb:79:1d:fa:d7:12:77:49:26:a7:
50:7d:61:ec:d6:e6:82:60:62:fa:c7:d2:4b:e4:88:
20:47:27:e2:9d:6b:2c:05:97:1b:ef:35:ec:9e:32:
1e:b9:d8:34:03:de:8b:5d:be:38:77:28:2e:5f:b1:
a3:9b:f3:d3:e8:32:b0:3f:85:10:eb:fa:c3:8f:db:
c7:5b:aa:ef:a1:0a:f4:0a:8c:fa:58:16:31:8c:8d:
45:d6:7d:11:9a:cc:da:1f:cf:5c:3e:33:39:62:e7:
65:5d:80:86:a1:c6:cc:d8:18:41:f7:13:04:d2:cd:
bc:79:98:f3:74:dc:23:fe:c8:a0:23:90:00:00:9e:
08:07:15:0c:36:b7:f0:47:df:a0:8f:b3:a3:72:a9:
39:63:40:52:0d:2b:68:71:71:9e:d2:1f:c6:7b:96:
7e:89:8b:7d:00:df:cc:5c:ea:0c:a7:77:69:a3:7a:
c3:09:50:4c:b5:0d:bb:01:12:67:11:df:24:0f:7f:
b0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:66:61:86:88:32:7D:4B:C6:BD:D4:B5:4B:BA:BD:48:BB:02:C4:03
X509v3 Authority Key Identifier:
keyid:11:2B:A7:97:57:7E:A6:0A:56:1A:F9:A4:59:8C:45:06:0E:3B:70:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESunl1d-pgpWGvmkWYxFBg47cIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/de5c5d-5812-4fe8-b3c0-6bc443f35544/1/SGZhhogyfUvGvdS1S7q9SLsCxAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/de5c5d-5812-4fe8-b3c0-6bc443f35544/1/ESunl1d-pgpWGvmkWYxFBg47cIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.64.0/19
84.255.192.0/18
89.212.0.0/16
89.233.112.0/20
91.246.224.0/19
93.103.0.0/16
119.12.128.0/20
185.49.116.0/22
185.179.48.0/22
188.159.224.0/19
188.230.128.0/17
193.138.32.0/19
194.28.108.0/22
IPv6:
2a01:260::/29
Signature Algorithm: sha256WithRSAEncryption
96:93:66:40:c1:9b:36:2d:54:b4:91:f5:aa:70:91:0f:01:1d:
ed:b5:d7:19:f7:0d:eb:91:44:15:95:e6:3f:78:32:91:30:4d:
f1:d2:96:a7:5a:4d:01:cf:6e:27:5d:d1:e2:8a:4d:a5:a2:d5:
5a:83:96:4d:c0:1d:f1:14:45:83:4f:36:2e:58:3f:f3:0a:06:
20:45:58:fe:0b:3f:bd:5d:04:6d:9c:5a:63:09:ab:69:8e:cc:
77:8f:85:c1:a2:2e:f3:c1:31:40:36:f2:1c:7e:24:8c:84:d7:
5f:45:5b:da:f8:cb:f7:0c:a7:19:8c:0f:00:ee:83:fc:35:3b:
fd:39:e7:67:c0:47:86:ec:f3:97:d3:13:49:26:2b:11:7b:8f:
1f:42:e6:63:09:ef:20:5b:5f:99:71:28:e2:ee:48:13:7e:f3:
a3:b6:c0:19:aa:2c:a5:8d:d8:b7:ff:1a:6a:f0:47:00:d5:92:
bb:04:cb:2d:5b:20:46:0f:c8:b5:a0:c2:e4:42:db:77:82:e9:
4b:01:ba:3a:7d:e0:34:a8:1e:13:1b:76:b9:fe:35:78:a5:00:
a6:ea:fb:1e:42:77:9e:51:4c:97:63:9c:ef:5e:76:7b:07:cd:
6b:d9:5c:cb:8e:2c:2f:59:90:51:28:3a:1a:1a:65:d9:7f:50:
8b:16:08:43
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzIASVZGOWHCqjFrjzK/ZoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMmJhNzk3NTc3ZWE2MGE1NjFhZjlhNDU5OGM0NTA2MGUz
YjcwODgwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODY2NjE4Njg4MzI3ZDRiYzZiZGQ0YjU0YmJhYmQ0OGJiMDJjNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKgOW5z1HuNrIP4mevVT/J01OluI
AIJyXV0V06GTollRezu1mF/qe11HpNSp7FW8wB1by3QTlUNnqStgWI0kGct5HfrX
EndJJqdQfWHs1uaCYGL6x9JL5IggRyfinWssBZcb7zXsnjIeudg0A96LXb44dygu
X7Gjm/PT6DKwP4UQ6/rDj9vHW6rvoQr0Coz6WBYxjI1F1n0RmszaH89cPjM5Yudl
XYCGocbM2BhB9xME0s28eZjzdNwj/sigI5AAAJ4IBxUMNrfwR9+gj7Ojcqk5Y0BS
DStocXGe0h/Ge5Z+iYt9AN/MXOoMp3dpo3rDCVBMtQ27ARJnEd8kD3+wYQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFEhmYYaIMn1Lxr3UtUu6vUi7AsQDMB8GA1UdIwQY
MBaAFBErp5dXfqYKVhr5pFmMRQYOO3CIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVN1bmwxZC1wZ3BXR3Zta1dZeEZCZzQ3Y0lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kZTVjNWQtNTgxMi00ZmU4LWIzYzAt
NmJjNDQzZjM1NTQ0LzEvU0daaGhvZ3lmVXZHdmRTMVM3cTlTTHNDeEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kZTVjNWQtNTgxMi00ZmU4LWIzYzAtNmJjNDQzZjM1NTQ0
LzEvRVN1bmwxZC1wZ3BXR3Zta1dZeEZCZzQ3Y0lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQFLvhAAwQG
VP/AAwMAWdQDBARZ6XADBAVb9uADAwBdZwMEBHcMgAMEArkxdAMEArmzMAMEBbyf
4AMEB7zmgAMEBcGKIAMEAsIcbDANBAIAAjAHAwUDKgECYDANBgkqhkiG9w0BAQsF
AAOCAQEAlpNmQMGbNi1UtJH1qnCRDwEd7bXXGfcN65FEFZXmP3gykTBN8dKWp1pN
Ac9uJ13R4opNpaLVWoOWTcAd8RRFg082Llg/8woGIEVY/gs/vV0EbZxaYwmraY7M
d4+FwaIu88ExQDbyHH4kjITXX0Vb2vjL9wynGYwPAO6D/DU7/TnnZ8BHhuzzl9MT
SSYrEXuPH0LmYwnvIFtfmXEo4u5IE37zo7bAGaospY3Yt/8aavBHANWSuwTLLVsg
Rg/ItaDC5ELbd4LpSwG6On3gNKgeExt2uf41eKUApur7HkJ3nlFMl2Oc7152ewfN
a9lcy44sL1mQUSg6Ghpl2X9QixYIQw==
-----END CERTIFICATE-----
Generated at Mon May 20 04:34:50 2024 by rpki-client on console-fra.rpki-client.org