Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/sdUoQChBR-UW4hVQlUfR8oyc_XQ.roa
File: sdUoQChBR-UW4hVQlUfR8oyc_XQ.roa (raw, json)
Hash identifier: dSS2BKUSbovzjsaorMtNrgFjaeYRd4eBzIAy9E1LWnc=
Subject key identifier: B1:D5:28:40:28:41:47:E5:16:E2:15:50:95:47:D1:F2:8C:9C:FD:74
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 018EAEDBF528F891E21AB2C105A2373C5A42
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/sdUoQChBR-UW4hVQlUfR8oyc_XQ.roa
Signing time: Fri 05 Apr 2024 15:23:54 +0000
ROA not before: Fri 05 Apr 2024 15:23:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 2.56.247.0/24 maxlen: 24
5.253.246.0/24 maxlen: 24
37.221.92.0/24 maxlen: 24
37.221.94.0/24 maxlen: 24
45.13.227.0/24 maxlen: 24
45.84.196.0/24 maxlen: 24
45.84.198.0/24 maxlen: 24
45.131.108.0/24 maxlen: 24
45.131.111.0/24 maxlen: 24
45.137.201.0/24 maxlen: 24
45.137.203.0/24 maxlen: 24
45.142.104.0/24 maxlen: 24
45.142.107.0/24 maxlen: 24
45.147.7.0/24 maxlen: 24
92.118.207.0/24 maxlen: 24
185.117.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:db:f5:28:f8:91:e2:1a:b2:c1:05:a2:37:3c:5a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Apr 5 15:23:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1d52840284147e516e215509547d1f28c9cfd74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0b:a0:ab:0e:e2:f3:e7:63:f3:e1:c2:3f:36:
b3:52:41:4c:9d:e8:f4:4b:6e:95:66:2d:e3:82:ea:
0a:6c:be:5e:24:22:05:63:df:05:02:f8:60:0e:21:
36:c3:96:91:cf:5a:79:2c:7a:bd:73:5a:c3:1a:e9:
df:7c:64:8a:b2:34:f0:7c:ee:c2:0e:28:12:92:e0:
48:e4:49:a3:06:17:11:89:2f:b9:5b:81:eb:7d:39:
21:58:c0:fe:2c:ab:06:90:71:63:4d:09:96:ee:97:
1e:53:38:92:0a:4e:b5:06:90:66:d3:d6:30:3b:71:
d7:e9:75:55:6b:b0:2e:44:e3:91:b7:5f:9a:a8:3a:
15:44:df:9d:2b:0e:3d:73:dc:8c:0a:20:16:0a:3a:
10:46:13:6e:0d:5a:a0:c3:f6:dc:96:38:14:17:51:
96:3c:5d:c0:00:ff:80:d4:32:d1:34:56:44:81:81:
c9:f3:07:0f:f3:79:2a:78:24:90:56:a7:3b:fa:c4:
7a:cd:d9:02:44:99:22:da:05:08:37:bd:d8:2d:bb:
22:83:60:b7:02:99:fd:50:6d:5f:51:f5:a3:96:ff:
fd:cc:f6:c5:1d:7b:4e:ed:ab:75:96:6f:98:ef:55:
1f:13:e8:4e:29:ba:d8:3b:5a:cd:14:d9:92:55:2c:
c2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D5:28:40:28:41:47:E5:16:E2:15:50:95:47:D1:F2:8C:9C:FD:74
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/sdUoQChBR-UW4hVQlUfR8oyc_XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.247.0/24
5.253.246.0/24
37.221.92.0/24
37.221.94.0/24
45.13.227.0/24
45.84.196.0/24
45.84.198.0/24
45.131.108.0/24
45.131.111.0/24
45.137.201.0/24
45.137.203.0/24
45.142.104.0/24
45.142.107.0/24
45.147.7.0/24
92.118.207.0/24
185.117.3.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:63:12:05:31:4e:17:44:4e:e1:db:c6:26:c2:98:4e:8b:d9:
11:9f:02:8a:92:7f:5f:07:9c:c6:f0:2a:79:f4:82:e2:41:ae:
5e:e6:f7:29:00:af:f9:f9:1f:83:50:30:74:be:92:c6:49:fb:
a6:ca:96:7a:64:25:f1:1d:0d:30:52:94:c4:af:ef:70:33:67:
74:53:93:a6:e5:a2:cd:11:27:55:50:da:4b:cb:41:4c:14:a5:
40:37:f1:f0:b1:8f:27:b5:d8:4e:21:7a:47:90:98:ad:9b:15:
54:b2:d0:3d:e6:bc:ac:98:b4:76:bc:c9:5b:71:c3:92:22:0d:
d9:5e:c4:58:7c:09:40:4d:b8:62:b5:7e:00:42:69:1e:a3:c5:
59:5b:d2:29:84:a8:d8:66:a6:96:ff:3a:2a:30:9e:05:ab:48:
5e:fd:0f:d9:ee:c2:5f:e7:0b:7b:d9:c2:fe:01:08:cb:56:52:
63:b0:93:1b:80:9d:71:9b:e3:bc:d2:a1:fe:f0:0b:df:ce:cf:
04:fe:4e:15:2d:ab:0e:06:88:b8:8e:8d:af:03:9e:76:3e:20:
1b:4f:50:a4:be:91:ba:53:d3:65:84:9f:aa:69:0f:cc:4d:b7:
e6:7f:00:55:65:59:71:ea:2f:c7:00:03:52:05:85:41:1b:c8:
d9:61:ed:a2
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAY6u2/Uo+JHiGrLBBaI3PFpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjQwNDA1MTUyMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQ1Mjg0MDI4NDE0N2U1MTZlMjE1NTA5NTQ3ZDFmMjhjOWNmZDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwugqw7i8+dj8+HCPzazUkFMnej0
S26VZi3jguoKbL5eJCIFY98FAvhgDiE2w5aRz1p5LHq9c1rDGunffGSKsjTwfO7C
DigSkuBI5EmjBhcRiS+5W4HrfTkhWMD+LKsGkHFjTQmW7pceUziSCk61BpBm09Yw
O3HX6XVVa7AuROORt1+aqDoVRN+dKw49c9yMCiAWCjoQRhNuDVqgw/bcljgUF1GW
PF3AAP+A1DLRNFZEgYHJ8wcP83kqeCSQVqc7+sR6zdkCRJki2gUIN73YLbsig2C3
Apn9UG1fUfWjlv/9zPbFHXtO7at1lm+Y71UfE+hOKbrYO1rNFNmSVSzCPwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFLHVKEAoQUflFuIVUJVH0fKMnP10MB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvc2RVb1FDaEJSLVVXNGhWUWxVZlI4b3ljX1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAAjj3AwQA
Bf32AwQAJd1cAwQAJd1eAwQALQ3jAwQALVTEAwQALVTGAwQALYNsAwQALYNvAwQA
LYnJAwQALYnLAwQALY5oAwQALY5rAwQALZMHAwQAXHbPAwQAuXUDMA0GCSqGSIb3
DQEBCwUAA4IBAQCMYxIFMU4XRE7h28YmwphOi9kRnwKKkn9fB5zG8Cp59ILiQa5e
5vcpAK/5+R+DUDB0vpLGSfumypZ6ZCXxHQ0wUpTEr+9wM2d0U5Om5aLNESdVUNpL
y0FMFKVAN/HwsY8ntdhOIXpHkJitmxVUstA95rysmLR2vMlbccOSIg3ZXsRYfAlA
TbhitX4AQmkeo8VZW9IphKjYZqaW/zoqMJ4Fq0he/Q/Z7sJf5wt72cL+AQjLVlJj
sJMbgJ1xm+O80qH+8Avfzs8E/k4VLasOBoi4jo2vA552PiAbT1CkvpG6U9NlhJ+q
aQ/MTbfmfwBVZVlx6i/HAANSBYVBG8jZYe2i
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:01:45 2024 by rpki-client on console-ams.rpki-client.org