Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/JlQgzty5zLybx__D8PErHQyOraA.roa
File: JlQgzty5zLybx__D8PErHQyOraA.roa (raw, json)
Hash identifier: Wsh7toj32nC8/sk5wZ9BRAc+CNtH0mC1OY1ycz68+w8=
Subject key identifier: 26:54:20:CE:DC:B9:CC:BC:9B:C7:FF:C3:F0:F1:2B:1D:0C:8E:AD:A0
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01919DE5B590FD11AEF95017FC19B1CEF21D
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/JlQgzty5zLybx__D8PErHQyOraA.roa
Signing time: Thu 29 Aug 2024 11:29:22 +0000
ROA not before: Thu 29 Aug 2024 11:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58087
IP address blocks: 5.253.247.0/24 maxlen: 24
37.221.93.0/24 maxlen: 24
45.11.229.0/24 maxlen: 24
45.13.225.0/24 maxlen: 24
45.86.155.0/24 maxlen: 24
45.131.64.0/24 maxlen: 24
45.133.74.0/24 maxlen: 24
109.71.252.0/24 maxlen: 24
194.15.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:e5:b5:90:fd:11:ae:f9:50:17:fc:19:b1:ce:f2:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Aug 29 11:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=265420cedcb9ccbc9bc7ffc3f0f12b1d0c8eada0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:25:ce:6b:1d:fa:09:0e:c7:0e:e7:3c:3b:87:
83:6e:03:4b:36:35:52:82:5e:af:48:ab:f4:a9:cb:
4a:a9:39:0a:cc:59:10:07:30:c6:1b:bc:94:02:3a:
a9:9e:ca:e8:6e:dd:0f:55:06:e2:e9:1a:0d:c2:f8:
17:9b:25:bf:32:b2:07:c7:20:a7:21:42:ba:17:f7:
61:9d:85:d7:af:6f:13:9b:88:28:fe:dc:9f:e1:f6:
b7:6b:c7:a6:14:4e:42:c5:d1:88:14:58:c5:4a:52:
9b:6c:9e:c8:83:6f:17:3b:c6:20:fd:2d:cf:fb:db:
08:40:a2:9b:ed:a4:61:53:24:44:be:d7:9c:70:96:
29:ed:6a:b5:ca:96:ea:95:69:87:bd:53:c8:87:e2:
bd:b9:dc:58:59:ea:a2:29:ae:d1:15:72:06:0e:5f:
a2:9a:7c:93:f7:27:47:7a:da:2f:de:57:1e:c1:a5:
4a:c5:a1:62:c6:72:b9:ec:5d:e4:b1:6f:6a:fd:60:
3e:64:36:61:af:b7:d8:c0:59:0c:b6:af:b3:5a:80:
a5:65:2b:97:73:a2:0f:95:5f:b8:c1:da:56:73:50:
12:bc:e0:68:4f:42:92:98:42:31:e5:cb:a9:7e:2e:
3d:47:80:ee:64:1c:07:5d:8e:5e:90:59:10:e2:98:
14:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:54:20:CE:DC:B9:CC:BC:9B:C7:FF:C3:F0:F1:2B:1D:0C:8E:AD:A0
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/JlQgzty5zLybx__D8PErHQyOraA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.247.0/24
37.221.93.0/24
45.11.229.0/24
45.13.225.0/24
45.86.155.0/24
45.131.64.0/24
45.133.74.0/24
109.71.252.0/24
194.15.36.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:c5:ac:3b:f8:4c:4f:e0:04:b0:5c:83:4c:7b:d5:d2:40:d5:
45:e2:c0:d9:98:da:2c:9a:80:5d:8a:0a:e6:d5:c8:bc:11:ac:
6c:37:cb:ac:43:4a:d4:e9:a1:58:47:bb:0c:e5:37:37:71:bd:
60:91:71:e3:21:ec:fd:63:5c:e5:c0:62:60:97:2f:df:22:c9:
b6:c2:f8:60:e4:64:cf:9f:8d:27:20:7b:ae:26:cd:48:1d:73:
48:b4:b7:5c:c4:92:ba:01:34:9b:17:85:41:21:86:5a:59:17:
ce:27:eb:f1:2d:e4:46:4d:fa:83:5c:f7:81:04:80:1a:68:c8:
ba:af:8d:63:e5:ed:fc:c9:e3:61:90:74:c4:7f:a2:6b:fb:22:
57:2c:b6:7b:15:05:68:e3:25:23:81:d6:50:60:fc:9a:43:e3:
83:f7:7a:dd:70:82:5a:15:aa:b0:e8:d6:d4:67:f5:b7:7f:62:
a4:19:90:e3:78:fe:04:95:72:d0:d8:66:58:3d:dd:d9:80:fa:
f5:4d:64:1c:5e:b5:d2:bb:f3:ff:85:cc:cd:55:ca:08:76:c2:
8c:30:1f:fc:2c:7d:2b:67:74:1a:8e:1f:7b:dd:24:8e:0e:f2:
3e:14:45:1d:57:6a:62:3b:13:46:1e:ef:e6:83:1d:0d:f6:a5:
ae:5d:bf:e7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZGd5bWQ/RGu+VAX/BmxzvIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwODI5MTEyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjU0MjBjZWRjYjljY2JjOWJjN2ZmYzNmMGYxMmIxZDBjOGVhZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SXOax36CQ7HDuc8O4eDbgNLNjVS
gl6vSKv0qctKqTkKzFkQBzDGG7yUAjqpnsrobt0PVQbi6RoNwvgXmyW/MrIHxyCn
IUK6F/dhnYXXr28Tm4go/tyf4fa3a8emFE5CxdGIFFjFSlKbbJ7Ig28XO8Yg/S3P
+9sIQKKb7aRhUyREvteccJYp7Wq1ypbqlWmHvVPIh+K9udxYWeqiKa7RFXIGDl+i
mnyT9ydHetov3lcewaVKxaFixnK57F3ksW9q/WA+ZDZhr7fYwFkMtq+zWoClZSuX
c6IPlV+4wdpWc1ASvOBoT0KSmEIx5cupfi49R4DuZBwHXY5ekFkQ4pgUwQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCZUIM7cucy8m8f/w/DxKx0Mjq2gMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvSmxRZ3p0eTV6THlieF9fRDhQRXJIUXlPcmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABf33AwQA
Jd1dAwQALQvlAwQALQ3hAwQALVabAwQALYNAAwQALYVKAwQAbUf8AwQAwg8kMA0G
CSqGSIb3DQEBCwUAA4IBAQBNxaw7+ExP4ASwXINMe9XSQNVF4sDZmNosmoBdigrm
1ci8EaxsN8usQ0rU6aFYR7sM5Tc3cb1gkXHjIez9Y1zlwGJgly/fIsm2wvhg5GTP
n40nIHuuJs1IHXNItLdcxJK6ATSbF4VBIYZaWRfOJ+vxLeRGTfqDXPeBBIAaaMi6
r41j5e38yeNhkHTEf6Jr+yJXLLZ7FQVo4yUjgdZQYPyaQ+OD93rdcIJaFaqw6NbU
Z/W3f2KkGZDjeP4ElXLQ2GZYPd3ZgPr1TWQcXrXSu/P/hczNVcoIdsKMMB/8LH0r
Z3Qajh973SSODvI+FEUdV2piOxNGHu/mgx0N9qWuXb/n
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:01:45 2024 by rpki-client on console-ams.rpki-client.org