Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/Cs548qvBLDHi5zpS_cEC4sX00tY.roa
File: Cs548qvBLDHi5zpS_cEC4sX00tY.roa (raw, json)
Hash identifier: Xoe4ESmq+g1psXEuTjK/4zjTvXRxB1xXSp+qiDZgvI4=
Subject key identifier: 0A:CE:78:F2:AB:C1:2C:31:E2:E7:3A:52:FD:C1:02:E2:C5:F4:D2:D6
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 01904FF3C720CCFFCBFC5C72743650A5BA39
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/Cs548qvBLDHi5zpS_cEC4sX00tY.roa
Signing time: Tue 25 Jun 2024 15:11:34 +0000
ROA not before: Tue 25 Jun 2024 15:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16246
IP address blocks: 77.87.232.0/21 maxlen: 21
78.108.144.0/21 maxlen: 21
78.108.152.0/21 maxlen: 21
82.150.160.0/19 maxlen: 19
86.63.192.0/19 maxlen: 19
91.197.116.0/22 maxlen: 22
92.240.160.0/19 maxlen: 19
94.74.192.0/18 maxlen: 18
95.143.128.0/20 maxlen: 20
176.98.96.0/20 maxlen: 20
178.17.96.0/20 maxlen: 20
185.15.252.0/22 maxlen: 22
188.175.0.0/16 maxlen: 16
213.180.32.0/19 maxlen: 19
2a00:d480::/32 maxlen: 32
2a02:350::/29 maxlen: 29
2a03:b4c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4f:f3:c7:20:cc:ff:cb:fc:5c:72:74:36:50:a5:ba:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jun 25 15:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ace78f2abc12c31e2e73a52fdc102e2c5f4d2d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3f:46:ed:f2:c4:72:37:ea:d3:d0:f2:91:43:
08:b4:40:99:01:0c:47:66:e2:41:f6:1d:39:e0:66:
1a:9a:ad:87:63:e3:25:dd:8b:42:3f:49:36:d5:90:
44:bb:06:29:ec:3c:59:7a:32:9a:db:ff:35:94:d7:
a0:2e:c7:12:f6:f3:79:3e:d8:97:14:0a:7b:44:ed:
af:b6:cb:a3:1d:3a:f3:2b:c5:ab:92:0b:6e:9b:fe:
61:28:9d:f1:83:f5:0e:e2:dd:6c:34:2c:a0:d3:f8:
9e:cd:69:26:30:07:8e:21:77:30:67:0a:24:ea:ee:
8d:5f:fa:2e:c9:31:8b:3a:40:26:1c:50:96:b0:18:
7f:a5:bb:09:44:2c:98:f2:4d:49:fb:b9:c8:6e:6f:
49:e6:31:2c:5c:27:d7:4e:2e:1d:95:41:56:4e:7a:
5a:5c:3f:98:54:6c:a4:09:0f:86:72:31:d2:f8:d6:
7f:39:2e:41:a9:70:d4:dc:99:f3:16:06:99:06:91:
0a:95:d4:70:49:75:a2:47:74:31:9d:74:27:6d:7d:
3b:c9:34:d9:da:20:32:f4:01:7d:06:68:12:06:3a:
68:b7:94:b5:ca:32:3b:87:66:75:69:b0:e4:2d:34:
7c:84:45:07:d9:82:aa:bc:d2:c9:07:25:e6:2b:90:
d5:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CE:78:F2:AB:C1:2C:31:E2:E7:3A:52:FD:C1:02:E2:C5:F4:D2:D6
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/Cs548qvBLDHi5zpS_cEC4sX00tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.232.0/21
78.108.144.0/20
82.150.160.0/19
86.63.192.0/19
91.197.116.0/22
92.240.160.0/19
94.74.192.0/18
95.143.128.0/20
176.98.96.0/20
178.17.96.0/20
185.15.252.0/22
188.175.0.0/16
213.180.32.0/19
IPv6:
2a00:d480::/32
2a02:350::/29
2a03:b4c0::/32
Signature Algorithm: sha256WithRSAEncryption
a7:20:36:80:c6:b1:89:cc:43:3f:8f:45:3a:8b:07:19:f1:e7:
91:32:a2:ee:90:a6:5f:09:55:a6:9d:cc:c2:bb:47:0c:c3:8f:
b6:2c:ad:c0:2a:83:3b:cf:09:94:b7:a0:d8:50:e2:c6:29:31:
b3:54:7f:78:9f:11:b9:3f:af:d9:a2:ce:5d:d0:d8:38:af:df:
ac:17:fa:9d:11:bf:82:dd:32:18:90:4b:89:f8:c2:80:f5:ea:
6d:a6:ff:e3:8e:2d:dd:68:bb:df:98:04:55:af:1a:43:39:2b:
94:ce:4c:03:4a:e9:af:82:8c:d0:b1:2a:6b:2b:86:16:2d:a3:
d3:71:24:09:99:8f:f0:44:78:95:9d:81:76:bb:82:3b:57:aa:
b8:de:ba:94:d3:99:b2:64:48:b0:57:83:8c:9a:73:71:7c:7a:
d4:44:e0:ee:1a:ef:09:34:54:b5:e4:bb:15:e2:4a:bc:f8:bd:
5c:f1:4a:4c:c3:f3:b1:a7:8b:1a:4a:ca:48:a5:de:fe:3c:99:
19:68:1d:c3:b6:38:e2:35:e9:5c:e0:6f:68:8b:8b:96:a1:31:
2e:10:d5:06:d1:a9:f6:77:a5:e1:53:23:e7:fa:1c:bf:0f:76:
cb:df:d7:9d:86:fb:eb:7e:0d:53:d8:0f:53:e4:44:5c:05:d6:
19:74:00:0a
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZBP88cgzP/L/FxydDZQpbo5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjQwNjI1MTUxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNlNzhmMmFiYzEyYzMxZTJlNzNhNTJmZGMxMDJlMmM1ZjRkMmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuz9G7fLEcjfq09DykUMItECZAQxH
ZuJB9h054GYamq2HY+Ml3YtCP0k21ZBEuwYp7DxZejKa2/81lNegLscS9vN5PtiX
FAp7RO2vtsujHTrzK8Wrkgtum/5hKJ3xg/UO4t1sNCyg0/iezWkmMAeOIXcwZwok
6u6NX/ouyTGLOkAmHFCWsBh/pbsJRCyY8k1J+7nIbm9J5jEsXCfXTi4dlUFWTnpa
XD+YVGykCQ+GcjHS+NZ/OS5BqXDU3JnzFgaZBpEKldRwSXWiR3QxnXQnbX07yTTZ
2iAy9AF9BmgSBjpot5S1yjI7h2Z1abDkLTR8hEUH2YKqvNLJByXmK5DVjQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFArOePKrwSwx4uc6Uv3BAuLF9NLWMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvQ3M1NDhxdkJMREhpNXpwU19jRUM0c1gwMHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwUwQCAAEwTQMEA01X6AME
BE5skAMEBVKWoAMEBVY/wAMEAlvFdAMEBVzwoAMEBl5KwAMEBF+PgAMEBLBiYAME
BLIRYAMEArkP/AMDALyvAwQF1bQgMBsEAgACMBUDBQAqANSAAwUDKgIDUAMFACoD
tMAwDQYJKoZIhvcNAQELBQADggEBAKcgNoDGsYnMQz+PRTqLBxnx55Eyou6Qpl8J
VaadzMK7RwzDj7YsrcAqgzvPCZS3oNhQ4sYpMbNUf3ifEbk/r9mizl3Q2Div36wX
+p0Rv4LdMhiQS4n4woD16m2m/+OOLd1ou9+YBFWvGkM5K5TOTANK6a+CjNCxKmsr
hhYto9NxJAmZj/BEeJWdgXa7gjtXqrjeupTTmbJkSLBXg4yac3F8etRE4O4a7wk0
VLXkuxXiSrz4vVzxSkzD87GnixpKykil3v48mRloHcO2OOI16Vzgb2iLi5ahMS4Q
1QbRqfZ3peFTI+f6HL8Pdsvf152G++t+DVPYD1PkRFwF1hl0AAo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:41 2024 by rpki-client on console-ams.rpki-client.org