Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/R_-UY51YQf-sSSQ0BQZhEoh6624.roa
File: R_-UY51YQf-sSSQ0BQZhEoh6624.roa (raw, json)
Hash identifier: siG47CBH5OATHzPjQRGqPat/CHavoYjyvmVD5R0441w=
Subject key identifier: 47:FF:94:63:9D:58:41:FF:AC:49:24:34:05:06:61:12:88:7A:EB:6E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01935B6ED5D6BDCEB33C70CB441C75D1B2CA
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/R_-UY51YQf-sSSQ0BQZhEoh6624.roa
Signing time: Sat 23 Nov 2024 23:50:10 +0000
ROA not before: Sat 23 Nov 2024 23:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.108.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.139.0/24 maxlen: 24
45.94.170.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
85.209.120.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:5b:6e:d5:d6:bd:ce:b3:3c:70:cb:44:1c:75:d1:b2:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 23 23:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47ff94639d5841ffac49243405066112887aeb6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:21:21:c8:da:30:40:21:8e:08:91:4c:13:97:
cb:5b:e7:17:ed:72:b8:04:72:81:0c:35:05:fb:f7:
95:d6:e2:6f:a1:4f:e6:47:6b:9d:a9:ec:2f:4f:ca:
92:e1:62:22:34:a6:56:53:c0:7a:68:45:04:da:de:
e4:2b:57:87:b3:1d:02:fe:20:89:59:73:e4:2e:ac:
42:fb:6a:c1:d7:af:3e:8a:15:cf:f5:1d:75:90:47:
89:82:0b:31:d1:a6:00:f6:80:d5:7b:1f:bb:3a:f7:
a3:fd:a6:ed:6f:43:2d:b7:4c:ed:83:a9:9d:d9:31:
76:75:df:54:01:41:cc:09:ef:cb:c3:7d:63:86:5d:
c5:f5:00:2c:d5:d4:6e:76:a0:80:a3:30:b9:74:60:
d5:87:ea:48:00:2a:4f:70:92:65:9b:4c:b6:f2:0e:
90:39:89:e6:36:80:99:2a:73:00:33:7c:eb:9a:3a:
0c:83:42:78:be:fc:ab:b3:58:9f:8d:27:45:41:85:
0d:db:4a:7e:70:91:d9:15:02:71:83:18:0f:fe:84:
0a:9d:9c:19:a8:a6:6b:09:49:1a:eb:99:a1:50:15:
0c:57:4b:72:cb:d0:02:57:b5:1b:63:4a:a8:d2:a8:
45:cd:52:c5:e4:b3:28:19:cd:ae:ad:df:b6:4c:2c:
d2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FF:94:63:9D:58:41:FF:AC:49:24:34:05:06:61:12:88:7A:EB:6E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/R_-UY51YQf-sSSQ0BQZhEoh6624.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/23
45.81.113.0/24
45.81.115.0/24
45.88.139.0/24
45.94.170.0/24
45.132.181.0/24
45.151.3.0/24
85.209.120.0/24
194.15.52.0/24
195.211.191.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:3e:64:7f:44:b0:82:bc:ce:73:fe:16:16:82:aa:e6:47:e0:
de:ec:15:e5:c4:16:ed:79:49:35:b8:09:d1:13:42:27:f0:a2:
32:75:a6:5b:fc:e0:a2:e9:d0:22:6f:17:64:07:d9:10:ae:4c:
04:91:dd:3e:5d:42:8e:b6:94:60:b8:21:73:2f:cd:a0:a2:24:
5e:70:35:9a:47:7f:ae:84:eb:ed:93:2c:92:aa:d7:59:fa:70:
e3:23:b1:53:93:bc:0c:f6:7a:f6:36:57:2d:2e:10:dd:29:66:
13:21:d4:43:da:de:76:a0:8b:cc:f2:5d:df:c0:81:ef:b7:9e:
33:01:06:ee:84:9e:42:e6:6d:58:17:38:d0:64:3a:76:b0:4a:
bd:db:ca:29:42:3c:cd:db:9f:f8:46:9b:98:18:d8:b7:f9:ff:
d9:6f:f2:13:9c:2e:24:e0:48:7a:82:8a:34:10:28:14:bc:bf:
65:f0:ab:32:69:29:b3:ac:7f:aa:ce:5a:db:ce:02:a9:9b:4a:
99:a0:9f:32:c9:fb:29:54:0d:f3:28:7d:c5:6d:40:03:04:4e:
64:a3:a3:59:99:15:5a:00:b9:10:3c:d6:a2:34:81:48:17:b7:
8a:ad:af:93:70:07:c4:6b:ac:c7:1f:3e:f8:76:18:09:10:73:
69:b1:68:55
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZNbbtXWvc6zPHDLRBx10bLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQxMTIzMjM1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2ZmOTQ2MzlkNTg0MWZmYWM0OTI0MzQwNTA2NjExMjg4N2FlYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCEhyNowQCGOCJFME5fLW+cX7XK4
BHKBDDUF+/eV1uJvoU/mR2udqewvT8qS4WIiNKZWU8B6aEUE2t7kK1eHsx0C/iCJ
WXPkLqxC+2rB168+ihXP9R11kEeJggsx0aYA9oDVex+7Ovej/abtb0Mtt0ztg6md
2TF2dd9UAUHMCe/Lw31jhl3F9QAs1dRudqCAozC5dGDVh+pIACpPcJJlm0y28g6Q
OYnmNoCZKnMAM3zrmjoMg0J4vvyrs1ifjSdFQYUN20p+cJHZFQJxgxgP/oQKnZwZ
qKZrCUka65mhUBUMV0tyy9ACV7UbY0qo0qhFzVLF5LMoGc2urd+2TCzSpwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEf/lGOdWEH/rEkkNAUGYRKIeutuMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvUl8tVVk1MVlRZi1zU1NRMEJRWmhFb2g2NjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBAjhsAwQA
LVFxAwQALVFzAwQALViLAwQALV6qAwQALYS1AwQALZcDAwQAVdF4AwQAwg80AwQA
w9O/MA0GCSqGSIb3DQEBCwUAA4IBAQC5PmR/RLCCvM5z/hYWgqrmR+De7BXlxBbt
eUk1uAnRE0In8KIydaZb/OCi6dAibxdkB9kQrkwEkd0+XUKOtpRguCFzL82goiRe
cDWaR3+uhOvtkyySqtdZ+nDjI7FTk7wM9nr2NlctLhDdKWYTIdRD2t52oIvM8l3f
wIHvt54zAQbuhJ5C5m1YFzjQZDp2sEq928opQjzN25/4RpuYGNi3+f/Zb/ITnC4k
4Eh6goo0ECgUvL9l8KsyaSmzrH+qzlrbzgKpm0qZoJ8yyfspVA3zKH3FbUADBE5k
o6NZmRVaALkQPNaiNIFIF7eKra+TcAfEa6zHHz74dhgJEHNpsWhV
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:32:30 2024 by rpki-client on console-fra.rpki-client.org