Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/RsJUI84yiacLlOJqreVrBDrrx3o.roa
File: RsJUI84yiacLlOJqreVrBDrrx3o.roa (raw, json)
Hash identifier: q011JHCc62kT7ugcr0NF/zKSNJSBIwVdakrkc/gpiN4=
Subject key identifier: 46:C2:54:23:CE:32:89:A7:0B:94:E2:6A:AD:E5:6B:04:3A:EB:C7:7A
Certificate issuer: /CN=ba0d738dd28ff2549456ce66e744898372fc503d
Certificate serial: 018CC5DBEAC09453C18CC79B41DE9549B70F
Authority key identifier: BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/RsJUI84yiacLlOJqreVrBDrrx3o.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31229
IP address blocks: 193.29.205.0/24 maxlen: 24
185.23.21.0/24 maxlen: 24
185.23.20.0/24 maxlen: 24
185.23.20.0/22 maxlen: 22
185.23.23.0/24 maxlen: 24
185.23.22.0/24 maxlen: 24
178.216.200.0/21 maxlen: 21
46.245.192.0/22 maxlen: 22
46.245.192.0/24 maxlen: 24
46.245.193.0/24 maxlen: 24
46.245.195.0/24 maxlen: 24
46.245.196.0/22 maxlen: 22
46.245.194.0/24 maxlen: 24
92.43.112.0/21 maxlen: 21
109.205.48.0/21 maxlen: 21
91.102.112.0/21 maxlen: 21
5.149.160.0/21 maxlen: 21
5.149.165.0/24 maxlen: 24
109.205.55.0/24 maxlen: 24
193.187.64.0/24 maxlen: 24
193.187.68.0/23 maxlen: 23
193.187.66.0/23 maxlen: 23
193.187.71.0/24 maxlen: 24
193.187.70.0/24 maxlen: 24
194.50.186.0/24 maxlen: 24
185.49.150.0/23 maxlen: 23
185.49.148.0/23 maxlen: 23
2a02:951::/32 maxlen: 32
2001:67c:6c8::/48 maxlen: 48
2a02:952::/32 maxlen: 32
2a02:950::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ea:c0:94:53:c1:8c:c7:9b:41:de:95:49:b7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0d738dd28ff2549456ce66e744898372fc503d
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46c25423ce3289a70b94e26aade56b043aebc77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c8:1c:d4:c3:08:fa:a0:07:40:bf:8b:e0:a2:
74:8e:df:80:d9:1a:a3:91:ec:e4:65:cf:d5:1b:c6:
24:c1:57:89:03:40:31:82:c9:ef:e0:a6:26:6b:4d:
bc:3a:fd:f8:72:cf:16:fd:c1:60:43:fd:2f:45:fe:
c7:70:c5:ab:12:6a:85:4d:d5:43:1d:f3:02:01:2c:
3e:fe:0e:df:88:d8:ea:cb:a9:da:bf:3b:03:5f:68:
9b:8d:9c:d8:d5:0d:ae:9b:9b:3f:86:0a:92:98:e2:
3f:92:c6:22:e1:7a:f2:21:1e:fc:d7:9d:35:5e:bc:
b0:95:2f:8b:b2:91:ed:94:ea:14:a5:8f:a6:b2:69:
69:16:c0:bd:54:78:ff:ba:43:c6:96:e6:74:d1:25:
04:24:76:4a:76:9b:6f:4c:a0:64:af:60:f1:74:73:
ac:13:0e:e3:82:e8:bd:61:d7:48:09:d0:b0:4c:5a:
8f:e0:b1:61:a8:dd:b5:f9:20:23:b6:42:77:0e:fe:
d0:10:5c:18:64:b0:4e:07:c3:e9:56:a4:7d:98:b9:
fd:9c:63:5b:f5:05:e4:a4:8c:c0:1a:e0:5d:00:ed:
87:37:01:96:da:1d:47:c5:ab:ce:5c:4a:5e:85:1b:
84:3d:43:83:53:22:24:b5:18:a2:05:3e:db:bf:c7:
cf:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:C2:54:23:CE:32:89:A7:0B:94:E2:6A:AD:E5:6B:04:3A:EB:C7:7A
X509v3 Authority Key Identifier:
keyid:BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/RsJUI84yiacLlOJqreVrBDrrx3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.160.0/21
46.245.192.0/21
91.102.112.0/21
92.43.112.0/21
109.205.48.0/21
178.216.200.0/21
185.23.20.0/22
185.49.148.0/22
193.29.205.0/24
193.187.64.0/24
193.187.66.0-193.187.71.255
194.50.186.0/24
IPv6:
2001:67c:6c8::/48
2a02:950::-2a02:952:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
ba:c5:ad:b4:b8:82:79:ec:eb:2c:1d:91:a1:67:a5:f1:3f:db:
92:d6:0e:00:83:6c:e6:ce:2c:48:cf:76:e8:74:6a:fe:00:fe:
f9:39:2f:d2:87:ab:7e:8a:02:2f:9e:ac:5d:37:fe:04:58:2d:
04:44:fb:2c:21:fc:53:fe:b5:6b:bf:3c:38:77:00:15:66:d0:
b3:29:87:31:31:d1:3c:23:fa:54:ed:0e:ba:e7:6c:cd:a6:c9:
5a:b5:a6:24:99:15:eb:40:63:04:e5:b3:51:5d:1c:e4:62:6d:
0e:1b:2c:81:ff:cb:e5:0f:bd:a4:4c:e3:df:01:01:cb:b7:26:
8f:f0:fc:7a:b8:80:ee:99:4b:e6:09:65:8c:bb:5e:4d:d6:99:
2f:39:39:8a:d9:56:a0:72:26:52:aa:e8:53:07:b4:ce:76:5e:
91:c0:a2:0a:27:95:2e:f0:29:3e:1b:3e:20:b7:32:d8:42:e3:
fe:72:91:f9:dc:0f:92:95:27:21:0f:02:70:b9:2f:ba:bc:8b:
9c:4c:ca:29:4e:c5:14:a8:3a:d3:99:77:31:c8:22:aa:66:82:
27:09:da:83:1e:5f:a6:fd:55:fe:12:d3:7a:65:9e:aa:d2:be:
af:8e:b8:6d:67:b0:f5:9c:cb:81:e1:9c:61:0a:6c:69:7a:3e:
c1:fc:f4:7c
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYzF2+rAlFPBjMebQd6VSbcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGQ3MzhkZDI4ZmYyNTQ5NDU2Y2U2NmU3NDQ4OTgzNzJm
YzUwM2QwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmMyNTQyM2NlMzI4OWE3MGI5NGUyNmFhZGU1NmIwNDNhZWJjNzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMgc1MMI+qAHQL+L4KJ0jt+A2Rqj
kezkZc/VG8YkwVeJA0Axgsnv4KYma028Ov34cs8W/cFgQ/0vRf7HcMWrEmqFTdVD
HfMCASw+/g7fiNjqy6navzsDX2ibjZzY1Q2um5s/hgqSmOI/ksYi4XryIR781501
XrywlS+LspHtlOoUpY+msmlpFsC9VHj/ukPGluZ00SUEJHZKdptvTKBkr2DxdHOs
Ew7jgui9YddICdCwTFqP4LFhqN21+SAjtkJ3Dv7QEFwYZLBOB8PpVqR9mLn9nGNb
9QXkpIzAGuBdAO2HNwGW2h1HxavOXEpehRuEPUODUyIktRiiBT7bv8fPPQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFEbCVCPOMomnC5Tiaq3lawQ668d6MB8GA1UdIwQY
MBaAFLoNc43Sj/JUlFbOZudEiYNy/FA9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYt
YmViNmRhMDM3NTVlLzEvUnNKVUk4NHlpYWNMbE9KcXJlVnJCRHJyeDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xY2Q3NmMtMDIwMS00NzAzLThlZDYtYmViNmRhMDM3NTVl
LzEvdWcxempkS1A4bFNVVnM1bTUwU0pnM0w4VUQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwVgQCAAEwUAMEAwWVoAME
Ay71wAMEA1tmcAMEA1wrcAMEA23NMAMEA7LYyAMEArkXFAMEArkxlAMEAMEdzQME
AMG7QDAMAwQBwbtCAwQDwbtAAwQAwjK6MB8EAgACMBkDBwAgAQZ8BsgwDgMFBCoC
CVADBQAqAglSMA0GCSqGSIb3DQEBCwUAA4IBAQC6xa20uIJ57OssHZGhZ6XxP9uS
1g4Ag2zmzixIz3bodGr+AP75OS/Sh6t+igIvnqxdN/4EWC0ERPssIfxT/rVrvzw4
dwAVZtCzKYcxMdE8I/pU7Q6652zNpslataYkmRXrQGME5bNRXRzkYm0OGyyB/8vl
D72kTOPfAQHLtyaP8Px6uIDumUvmCWWMu15N1pkvOTmK2VagciZSquhTB7TOdl6R
wKIKJ5Uu8Ck+Gz4gtzLYQuP+cpH53A+SlSchDwJwuS+6vIucTMopTsUUqDrTmXcx
yCKqZoInCdqDHl+m/VX+EtN6ZZ6q0r6vjrhtZ7D1nMuB4ZxhCmxpej7B/PR8
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:00:29 2024 by rpki-client on console-ams.rpki-client.org