Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/SBIPkXjAfxT9ubd2ZvzOw0y6fzU.roa
File: SBIPkXjAfxT9ubd2ZvzOw0y6fzU.roa (raw, json)
Hash identifier: 2TNlAAm5XMazhWKJMo78jFE2vw0GvKkLqwJchQHylmM=
Subject key identifier: 48:12:0F:91:78:C0:7F:14:FD:B9:B7:76:66:FC:CE:C3:4C:BA:7F:35
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 01931BB24D3A6A0D112B3269DAFAD7841A1D
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/SBIPkXjAfxT9ubd2ZvzOw0y6fzU.roa
Signing time: Mon 11 Nov 2024 14:48:10 +0000
ROA not before: Mon 11 Nov 2024 14:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 5.181.20.0/24 maxlen: 32
5.181.21.0/24 maxlen: 32
5.181.22.0/24 maxlen: 32
5.181.23.0/24 maxlen: 32
45.14.244.0/24 maxlen: 24
45.14.245.0/24 maxlen: 24
45.14.246.0/24 maxlen: 24
45.14.247.0/24 maxlen: 24
45.91.52.0/22 maxlen: 32
45.140.146.0/24 maxlen: 32
45.140.147.0/24 maxlen: 32
45.140.166.0/24 maxlen: 32
45.140.167.0/24 maxlen: 32
45.144.28.0/24 maxlen: 32
45.144.29.0/24 maxlen: 32
45.144.30.0/24 maxlen: 32
45.144.31.0/24 maxlen: 32
45.150.64.0/24 maxlen: 32
45.150.65.0/24 maxlen: 32
45.150.67.0/24 maxlen: 32
45.155.52.0/22 maxlen: 32
91.194.11.0/24 maxlen: 24
146.19.230.0/24 maxlen: 24
185.74.222.0/24 maxlen: 24
185.234.247.0/24 maxlen: 32
195.16.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:b2:4d:3a:6a:0d:11:2b:32:69:da:fa:d7:84:1a:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Nov 11 14:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48120f9178c07f14fdb9b77666fccec34cba7f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2b:9e:9b:d6:3f:2e:4c:d2:d8:62:42:54:f0:
ff:88:a4:3d:f1:53:7c:18:90:69:95:09:8e:8e:a3:
e8:8b:02:b0:cd:98:8a:9c:5f:37:c2:23:12:80:07:
4d:49:90:f3:ea:d5:0b:32:76:a9:8b:5e:15:f3:7f:
aa:52:90:e6:6b:b5:24:73:5d:db:7a:20:8f:7a:a4:
90:4c:9e:c3:ba:ea:68:c3:b4:3e:8c:e0:c1:5d:61:
06:e4:e0:46:c5:e6:5e:1e:d9:ed:ee:7f:43:b9:99:
ab:b5:93:83:9a:66:f8:f0:1e:59:18:5a:09:4e:78:
75:9c:a4:58:21:cf:8f:ac:7c:c8:32:35:ea:b8:4b:
be:d6:a2:f1:e2:f3:7a:4a:c0:00:c1:55:e6:30:2e:
5f:95:02:30:d3:91:f8:e3:16:b0:c8:fe:17:a4:b0:
e0:b3:01:52:98:ef:86:e6:32:fc:2a:ab:f9:fd:d4:
01:0b:e1:c0:33:83:a9:c7:82:ef:cb:ca:18:09:84:
3e:67:36:24:57:66:3e:9a:9b:2d:a6:e6:91:6d:dd:
8b:82:29:92:32:90:41:89:88:46:49:bf:57:3c:d8:
30:e3:12:4e:15:ab:ba:99:4c:0d:2e:8c:e4:18:95:
d4:7a:39:2e:f5:49:9b:54:01:c4:38:d3:bc:61:6b:
cd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:12:0F:91:78:C0:7F:14:FD:B9:B7:76:66:FC:CE:C3:4C:BA:7F:35
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/SBIPkXjAfxT9ubd2ZvzOw0y6fzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0/22
45.14.244.0/22
45.91.52.0/22
45.140.146.0/23
45.140.166.0/23
45.144.28.0/22
45.150.64.0/23
45.150.67.0/24
45.155.52.0/22
91.194.11.0/24
146.19.230.0/24
185.74.222.0/24
185.234.247.0/24
195.16.74.0/24
Signature Algorithm: sha256WithRSAEncryption
82:46:30:59:b7:77:ff:8e:4f:f6:28:94:ac:58:d2:8a:19:50:
c6:89:c7:01:1e:d7:97:d2:93:b7:5b:78:f9:e9:24:55:9f:02:
6c:6a:13:e3:f7:c4:73:22:51:5a:72:b5:f0:6b:dd:76:dc:09:
41:b6:c6:9b:34:19:86:68:61:df:50:88:e4:44:c0:3f:0b:0a:
f6:76:fd:8e:39:02:44:7b:47:2d:9b:99:7a:d8:4b:ca:e8:c9:
0d:0b:16:d5:dc:83:c1:b1:32:50:43:7a:64:7b:d1:b5:03:92:
f8:2d:85:a4:d7:8f:67:74:25:9f:70:eb:66:1a:f6:12:92:d4:
89:e9:7f:fd:61:7d:62:1a:1d:8d:13:32:2e:ae:df:a7:a7:e3:
40:4c:4a:bc:9f:b8:0c:3a:ee:e9:39:f2:1a:db:c5:ef:92:e9:
89:6b:eb:3f:54:80:60:20:b6:7e:b4:92:d1:9e:e5:10:31:a0:
bb:25:42:6c:72:67:fc:9d:67:bc:ef:e7:e3:e4:e1:87:c2:91:
2a:5c:f5:de:e0:21:c9:65:b1:b8:18:1b:83:ee:7a:67:bb:10:
61:3a:14:79:5e:91:c9:c1:8a:91:ec:94:50:35:e5:20:bc:b6:
d7:c4:2c:41:42:6b:34:bd:d8:b1:8c:bd:a3:af:44:4b:b0:02:
0b:fd:7f:4a
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZMbsk06ag0RKzJp2vrXhBodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjQxMTExMTQ0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODEyMGY5MTc4YzA3ZjE0ZmRiOWI3NzY2NmZjY2VjMzRjYmE3ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSuem9Y/LkzS2GJCVPD/iKQ98VN8
GJBplQmOjqPoiwKwzZiKnF83wiMSgAdNSZDz6tULMnapi14V83+qUpDma7Ukc13b
eiCPeqSQTJ7Duupow7Q+jODBXWEG5OBGxeZeHtnt7n9DuZmrtZODmmb48B5ZGFoJ
Tnh1nKRYIc+PrHzIMjXquEu+1qLx4vN6SsAAwVXmMC5flQIw05H44xawyP4XpLDg
swFSmO+G5jL8Kqv5/dQBC+HAM4Opx4Lvy8oYCYQ+ZzYkV2Y+mpstpuaRbd2LgimS
MpBBiYhGSb9XPNgw4xJOFau6mUwNLozkGJXUejku9UmbVAHEONO8YWvNuwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEgSD5F4wH8U/bm3dmb8zsNMun81MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvU0JJUGtYakFmeFQ5dWJkMlp2ek93MHk2ZnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCBbUUAwQC
LQ70AwQCLVs0AwQBLYySAwQBLYymAwQCLZAcAwQBLZZAAwQALZZDAwQCLZs0AwQA
W8ILAwQAkhPmAwQAuUreAwQAuer3AwQAwxBKMA0GCSqGSIb3DQEBCwUAA4IBAQCC
RjBZt3f/jk/2KJSsWNKKGVDGiccBHteX0pO3W3j56SRVnwJsahPj98RzIlFacrXw
a9123AlBtsabNBmGaGHfUIjkRMA/Cwr2dv2OOQJEe0ctm5l62EvK6MkNCxbV3IPB
sTJQQ3pke9G1A5L4LYWk149ndCWfcOtmGvYSktSJ6X/9YX1iGh2NEzIurt+np+NA
TEq8n7gMOu7pOfIa28XvkumJa+s/VIBgILZ+tJLRnuUQMaC7JUJscmf8nWe87+fj
5OGHwpEqXPXe4CHJZbG4GBuD7npnuxBhOhR5XpHJwYqR7JRQNeUgvLbXxCxBQms0
vdixjL2jr0RLsAIL/X9K
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:20:26 2024 by rpki-client on console-ams.rpki-client.org