Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/S_uHPc1XqUWIznbsVDdx542Sh9E.roa
File: S_uHPc1XqUWIznbsVDdx542Sh9E.roa (raw, json)
Hash identifier: +SguZl3q6J8PMUxGUQQmpXbJdi7N44HhuQjb9pBCLxE=
Subject key identifier: 4B:FB:87:3D:CD:57:A9:45:88:CE:76:EC:54:37:71:E7:8D:92:87:D1
Certificate issuer: /CN=53585138107965c389f367b55abd792b531eb9ca
Certificate serial: 018CC56E61A82354F989C8D9BE696E32033D
Authority key identifier: 53:58:51:38:10:79:65:C3:89:F3:67:B5:5A:BD:79:2B:53:1E:B9:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1hROBB5ZcOJ82e1Wr15K1Meuco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/S_uHPc1XqUWIznbsVDdx542Sh9E.roa
Signing time: Mon 01 Jan 2024 14:29:54 +0000
ROA not before: Mon 01 Jan 2024 14:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41369
IP address blocks: 94.199.112.0/21 maxlen: 24
93.191.120.0/21 maxlen: 24
195.60.252.0/22 maxlen: 24
80.242.16.0/20 maxlen: 24
185.87.244.0/22 maxlen: 24
185.145.172.0/22 maxlen: 24
77.240.16.0/23 maxlen: 24
89.250.48.0/20 maxlen: 24
79.171.224.0/21 maxlen: 24
77.240.24.0/21 maxlen: 24
5.250.160.0/21 maxlen: 24
2a00:f5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/U1hROBB5ZcOJ82e1Wr15K1Meuco.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/U1hROBB5ZcOJ82e1Wr15K1Meuco.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1hROBB5ZcOJ82e1Wr15K1Meuco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:61:a8:23:54:f9:89:c8:d9:be:69:6e:32:03:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53585138107965c389f367b55abd792b531eb9ca
Validity
Not Before: Jan 1 14:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bfb873dcd57a94588ce76ec543771e78d9287d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ee:6a:4e:f3:ee:2e:da:5a:bf:90:0b:36:55:
5b:56:2b:98:f7:9b:16:db:9c:0a:f8:a5:b3:ad:d0:
c9:41:3d:d5:48:a6:db:27:8d:be:54:bb:04:da:11:
8c:46:d1:94:4f:99:2f:77:7b:45:5d:b0:ff:7e:82:
0c:1c:f4:9c:e2:71:e3:84:53:0e:45:38:a5:45:f5:
35:df:76:21:d3:9e:a1:5f:3c:27:f9:4d:5c:6a:1b:
0e:e0:96:23:68:44:c3:8b:e7:e1:34:d8:6f:e2:01:
e9:b4:af:37:dc:ba:96:7b:a0:d6:63:cf:50:92:f5:
9b:44:68:25:ae:cc:47:12:9e:fb:aa:ad:00:e3:94:
5d:61:9c:a7:47:1c:8d:71:27:d3:73:c7:7a:f9:2f:
07:6d:54:ee:0f:31:8f:6a:96:0a:34:e7:cc:2c:91:
8a:b9:34:c3:2c:ce:d7:51:1c:e1:c1:8e:88:99:50:
95:96:17:4f:1b:5e:7d:eb:94:f4:39:a5:83:df:7d:
68:b8:0e:fd:2b:da:00:a9:6b:d6:a2:2b:ff:5b:e2:
f4:47:8e:78:fc:e1:2f:53:24:c3:e9:35:8a:e2:b3:
28:34:be:72:f1:69:00:8a:c1:02:14:22:24:ad:00:
d7:4a:fd:37:b5:9c:28:51:47:57:b2:73:3c:81:f3:
e2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:FB:87:3D:CD:57:A9:45:88:CE:76:EC:54:37:71:E7:8D:92:87:D1
X509v3 Authority Key Identifier:
keyid:53:58:51:38:10:79:65:C3:89:F3:67:B5:5A:BD:79:2B:53:1E:B9:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1hROBB5ZcOJ82e1Wr15K1Meuco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/S_uHPc1XqUWIznbsVDdx542Sh9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/47645f-3cd0-4b36-8c53-1850fff04425/1/U1hROBB5ZcOJ82e1Wr15K1Meuco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.160.0/21
77.240.16.0/23
77.240.24.0/21
79.171.224.0/21
80.242.16.0/20
89.250.48.0/20
93.191.120.0/21
94.199.112.0/21
185.87.244.0/22
185.145.172.0/22
195.60.252.0/22
IPv6:
2a00:f5c0::/32
Signature Algorithm: sha256WithRSAEncryption
b6:73:a4:12:74:8c:5f:b7:81:bb:cd:5a:b7:82:12:88:69:21:
13:98:53:d8:f5:55:af:93:6e:c7:df:88:cc:35:a8:ce:88:8c:
40:98:a4:9f:a8:da:ea:9d:d2:b3:9d:4d:14:fb:18:e5:ab:38:
aa:16:f2:58:e7:4f:46:2c:ac:7f:61:dc:0c:5f:5c:1f:ca:02:
48:b7:d7:73:ce:20:21:ee:27:2d:69:e4:99:48:70:7d:28:df:
30:e0:a8:98:03:24:50:cc:fb:b0:04:ab:e6:78:a4:2d:1f:2c:
bf:59:14:a8:36:32:ea:e8:8b:71:34:4f:66:a3:56:9a:0d:a8:
ed:6c:90:6b:1c:8c:86:bc:4f:de:a8:4a:8b:d4:a5:1d:c5:46:
0c:5a:8b:5a:9d:41:06:a2:10:73:76:9f:14:a0:76:58:a3:da:
3c:4d:f2:46:44:ec:32:b7:b6:98:cc:18:17:b2:ee:a7:99:f9:
73:83:a2:54:f6:47:8f:9e:4c:dc:93:e1:4a:46:d8:69:1a:7f:
1d:00:01:8b:6d:06:fe:1c:72:0f:82:09:33:5e:c9:72:16:6b:
f0:b6:73:4e:75:fc:87:e1:d0:3b:28:bc:81:ab:6b:5c:fc:14:
f1:84:41:10:01:4f:2b:c6:4e:26:6c:6d:6f:75:2c:5a:85:0b:
d9:78:d5:23
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzFbmGoI1T5icjZvmluMgM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTg1MTM4MTA3OTY1YzM4OWYzNjdiNTVhYmQ3OTJiNTMx
ZWI5Y2EwHhcNMjQwMTAxMTQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmZiODczZGNkNTdhOTQ1ODhjZTc2ZWM1NDM3NzFlNzhkOTI4N2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAju5qTvPuLtpav5ALNlVbViuY95sW
25wK+KWzrdDJQT3VSKbbJ42+VLsE2hGMRtGUT5kvd3tFXbD/foIMHPSc4nHjhFMO
RTilRfU133Yh056hXzwn+U1cahsO4JYjaETDi+fhNNhv4gHptK833LqWe6DWY89Q
kvWbRGglrsxHEp77qq0A45RdYZynRxyNcSfTc8d6+S8HbVTuDzGPapYKNOfMLJGK
uTTDLM7XURzhwY6ImVCVlhdPG15965T0OaWD331ouA79K9oAqWvWoiv/W+L0R454
/OEvUyTD6TWK4rMoNL5y8WkAisECFCIkrQDXSv03tZwoUUdXsnM8gfPijQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFEv7hz3NV6lFiM527FQ3ceeNkofRMB8GA1UdIwQY
MBaAFFNYUTgQeWXDifNntVq9eStTHrnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFoUk9CQjVaY09KODJlMVdyMTVLMU1ldWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy80NzY0NWYtM2NkMC00YjM2LThjNTMt
MTg1MGZmZjA0NDI1LzEvU191SFBjMVhxVVdJem5ic1ZEZHg1NDJTaDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy80NzY0NWYtM2NkMC00YjM2LThjNTMtMTg1MGZmZjA0NDI1
LzEvVTFoUk9CQjVaY09KODJlMVdyMTVLMU1ldWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDBfqgAwQB
TfAQAwQDTfAYAwQDT6vgAwQEUPIQAwQEWfowAwQDXb94AwQDXsdwAwQCuVf0AwQC
uZGsAwQCwzz8MA0EAgACMAcDBQAqAPXAMA0GCSqGSIb3DQEBCwUAA4IBAQC2c6QS
dIxft4G7zVq3ghKIaSETmFPY9VWvk27H34jMNajOiIxAmKSfqNrqndKznU0U+xjl
qziqFvJY509GLKx/YdwMX1wfygJIt9dzziAh7ictaeSZSHB9KN8w4KiYAyRQzPuw
BKvmeKQtHyy/WRSoNjLq6ItxNE9mo1aaDajtbJBrHIyGvE/eqEqL1KUdxUYMWota
nUEGohBzdp8UoHZYo9o8TfJGROwyt7aYzBgXsu6nmflzg6JU9kePnkzck+FKRthp
Gn8dAAGLbQb+HHIPggkzXslyFmvwtnNOdfyH4dA7KLyBq2tc/BTxhEEQAU8rxk4m
bG1vdSxahQvZeNUj
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:46:55 2024 by rpki-client on console-fra.rpki-client.org