Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/W-sboLcXw9KUdEoEltmgBM7P_dY.roa
File: W-sboLcXw9KUdEoEltmgBM7P_dY.roa (raw, json)
Hash identifier: UY2uiC3KZbUx88dQBkuI0XDaKYCa2oBr4FdvA2AeC3k=
Subject key identifier: 5B:EB:1B:A0:B7:17:C3:D2:94:74:4A:04:96:D9:A0:04:CE:CF:FD:D6
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 019349EC6764E4C5F1C1BCF5D1C7CF0B3F44
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/W-sboLcXw9KUdEoEltmgBM7P_dY.roa
Signing time: Wed 20 Nov 2024 14:14:09 +0000
ROA not before: Wed 20 Nov 2024 14:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202635
IP address blocks: 86.110.32.0/24 maxlen: 24
86.110.35.0/24 maxlen: 24
86.110.38.0/24 maxlen: 24
86.110.39.0/24 maxlen: 24
86.110.43.0/24 maxlen: 24
86.110.45.0/24 maxlen: 24
185.158.176.0/22 maxlen: 24
185.193.60.0/22 maxlen: 24
185.244.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:49:ec:67:64:e4:c5:f1:c1:bc:f5:d1:c7:cf:0b:3f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Nov 20 14:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5beb1ba0b717c3d294744a0496d9a004cecffdd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:86:9f:b3:9b:49:37:4d:1d:5a:ff:de:83:6e:
7f:14:1a:3b:75:70:3c:63:1f:ca:bc:81:b1:09:87:
3a:53:6c:bb:fd:35:e7:49:e1:96:51:1b:04:30:07:
ea:47:6d:5d:d6:c6:5f:13:83:11:cc:3d:7a:80:f6:
e4:d4:15:a9:f7:38:b1:4e:86:91:3c:72:7b:f9:56:
69:fd:31:c5:5d:dc:13:61:3c:46:60:79:df:ff:c6:
9d:c8:46:10:5b:e4:c4:dc:f2:ef:4b:f3:69:32:04:
7f:92:d6:00:97:b8:57:a8:89:5f:2a:0e:68:3f:0f:
40:74:c5:bb:57:eb:d3:aa:ce:e5:e2:84:db:81:34:
de:10:6e:79:94:ea:fd:d9:38:fe:9e:c6:5a:35:fe:
a8:1c:14:e6:dc:ae:27:f2:ae:8f:24:ba:b7:14:d8:
6a:68:73:62:ba:c9:68:9b:3e:25:20:57:1c:c7:50:
4a:96:5d:cc:a0:c7:ee:0b:f8:21:4f:c6:67:f1:d8:
96:72:96:4d:ce:79:8b:7f:c8:fb:32:a1:f9:fc:cb:
4b:04:b0:fa:3d:cb:cc:92:19:37:49:c0:74:13:18:
fd:3e:14:24:2d:0e:94:4b:a3:b0:e2:26:98:3c:ab:
fe:1c:6f:51:61:a4:fe:d8:5e:75:c4:fc:d1:9d:21:
f3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:EB:1B:A0:B7:17:C3:D2:94:74:4A:04:96:D9:A0:04:CE:CF:FD:D6
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/W-sboLcXw9KUdEoEltmgBM7P_dY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.32.0/24
86.110.35.0/24
86.110.38.0/23
86.110.43.0/24
86.110.45.0/24
185.158.176.0/22
185.193.60.0/22
185.244.100.0/22
Signature Algorithm: sha256WithRSAEncryption
81:80:a8:87:ed:ec:ab:bb:44:71:af:5b:9d:a9:39:26:5e:74:
b2:b7:fb:d3:b6:f8:2c:61:ed:d3:ce:d6:71:2d:2f:f7:74:59:
be:63:18:7d:85:da:e4:d7:71:23:70:16:51:c9:71:e0:d6:c9:
46:8b:63:87:65:9c:84:73:db:c5:8d:6b:ea:17:1e:00:10:be:
b3:51:86:44:a1:64:49:c4:57:4a:73:8e:97:e3:37:6c:3c:f4:
cf:c4:3f:92:ef:96:62:1e:03:d0:45:01:b3:ab:a2:91:67:ab:
e7:2c:44:9b:97:9b:4f:f5:86:d2:a6:68:c4:76:b5:db:da:fe:
c0:93:4e:a8:a1:77:1a:f0:4e:07:a2:c8:48:6d:9f:6b:5d:9d:
4e:ef:8a:95:58:9b:0a:b4:10:d7:f7:09:bc:a6:d1:da:10:ab:
14:27:a4:08:3b:b2:2f:79:8b:92:36:9f:e1:96:2a:bb:c6:8d:
6c:e1:f1:d1:83:ed:90:e4:fb:63:e6:fa:c2:ca:b7:a6:e8:92:
e5:e2:b4:16:98:c3:16:6a:31:8d:23:b6:86:88:98:9b:63:f0:
a5:2e:4e:a7:aa:fa:33:9b:30:9e:3b:e4:17:92:6a:b3:93:f2:
23:5c:95:c5:75:9b:ed:67:f5:2a:12:3c:d9:6f:40:87:41:9c:
77:5c:79:95
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZNJ7Gdk5MXxwbz10cfPCz9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjQxMTIwMTQxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmViMWJhMGI3MTdjM2QyOTQ3NDRhMDQ5NmQ5YTAwNGNlY2ZmZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooafs5tJN00dWv/eg25/FBo7dXA8
Yx/KvIGxCYc6U2y7/TXnSeGWURsEMAfqR21d1sZfE4MRzD16gPbk1BWp9zixToaR
PHJ7+VZp/THFXdwTYTxGYHnf/8adyEYQW+TE3PLvS/NpMgR/ktYAl7hXqIlfKg5o
Pw9AdMW7V+vTqs7l4oTbgTTeEG55lOr92Tj+nsZaNf6oHBTm3K4n8q6PJLq3FNhq
aHNiuslomz4lIFccx1BKll3MoMfuC/ghT8Zn8diWcpZNznmLf8j7MqH5/MtLBLD6
PcvMkhk3ScB0Exj9PhQkLQ6US6Ow4iaYPKv+HG9RYaT+2F51xPzRnSHzxQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFvrG6C3F8PSlHRKBJbZoATOz/3WMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvVy1zYm9MY1h3OUtVZEVvRWx0bWdCTTdQX2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVm4gAwQA
Vm4jAwQBVm4mAwQAVm4rAwQAVm4tAwQCuZ6wAwQCucE8AwQCufRkMA0GCSqGSIb3
DQEBCwUAA4IBAQCBgKiH7eyru0Rxr1udqTkmXnSyt/vTtvgsYe3TztZxLS/3dFm+
Yxh9hdrk13EjcBZRyXHg1slGi2OHZZyEc9vFjWvqFx4AEL6zUYZEoWRJxFdKc46X
4zdsPPTPxD+S75ZiHgPQRQGzq6KRZ6vnLESbl5tP9YbSpmjEdrXb2v7Ak06ooXca
8E4HoshIbZ9rXZ1O74qVWJsKtBDX9wm8ptHaEKsUJ6QIO7IveYuSNp/hliq7xo1s
4fHRg+2Q5Ptj5vrCyrem6JLl4rQWmMMWajGNI7aGiJibY/ClLk6nqvozmzCeO+QX
kmqzk/IjXJXFdZvtZ/UqEjzZb0CHQZx3XHmV
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:09:34 2024 by rpki-client on console-fra.rpki-client.org