Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/5uvb6vGZWSu9IMerEwV3PT25Omw.roa
File: 5uvb6vGZWSu9IMerEwV3PT25Omw.roa (raw, json)
Hash identifier: QSihGMWBpC3c1Qgq5MftXjgubohuzg28Nf0vVhTx4PA=
Subject key identifier: E6:EB:DB:EA:F1:99:59:2B:BD:20:C7:AB:13:05:77:3D:3D:B9:3A:6C
Certificate issuer: /CN=1dad7b9f1c49f8d13e1a67abcf2fba35b0a66d18
Certificate serial: 018CC5DD018335A8A01D1EBA4828904D3D21
Authority key identifier: 1D:AD:7B:9F:1C:49:F8:D1:3E:1A:67:AB:CF:2F:BA:35:B0:A6:6D:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/5uvb6vGZWSu9IMerEwV3PT25Omw.roa
Signing time: Mon 01 Jan 2024 16:30:44 +0000
ROA not before: Mon 01 Jan 2024 16:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50300
IP address blocks: 185.48.164.0/22 maxlen: 24
185.32.72.0/22 maxlen: 24
5.102.168.0/21 maxlen: 24
109.74.240.0/20 maxlen: 24
176.12.104.0/21 maxlen: 24
2a00:1c10::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:01:83:35:a8:a0:1d:1e:ba:48:28:90:4d:3d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dad7b9f1c49f8d13e1a67abcf2fba35b0a66d18
Validity
Not Before: Jan 1 16:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6ebdbeaf199592bbd20c7ab1305773d3db93a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f8:d8:6e:bc:2d:19:71:33:2e:68:09:f9:d8:
5c:88:b3:79:21:ff:82:91:bd:ca:c1:2a:a1:de:17:
66:6e:44:0b:69:43:a2:d7:6a:7b:ca:bf:21:01:96:
ef:39:0d:31:ca:35:22:1a:6d:b6:a2:bf:98:44:90:
d7:5e:d4:d9:a0:73:b2:df:d9:98:81:22:ff:38:64:
57:74:ab:ba:20:bc:9c:53:a6:6d:de:0b:02:a4:ce:
a2:f9:7d:a7:3a:1b:fe:d8:e1:a2:e0:74:be:fd:0b:
6e:a9:b6:04:71:8d:62:89:38:81:02:66:57:64:db:
92:63:57:9c:2c:d6:0d:c6:2f:fc:59:30:64:bd:bf:
22:a4:ca:68:7e:b2:00:3d:bc:81:f1:ea:a5:c6:1e:
3c:52:85:e6:0c:9d:6c:32:fc:23:f0:14:c3:81:f6:
c9:ec:23:36:65:9e:51:ff:dc:07:92:0d:cb:08:2a:
78:90:1a:36:92:de:5f:8d:02:9c:c3:61:e8:61:cf:
67:dd:6f:30:24:3c:4e:27:3b:25:e3:03:99:b6:e9:
c0:8e:86:4c:1b:aa:73:41:54:0f:8b:74:7f:7f:dc:
0a:10:b9:42:c8:70:70:b4:c5:7c:29:51:6b:03:df:
01:e0:64:84:17:89:e6:fd:16:53:8a:94:29:96:03:
0f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:EB:DB:EA:F1:99:59:2B:BD:20:C7:AB:13:05:77:3D:3D:B9:3A:6C
X509v3 Authority Key Identifier:
keyid:1D:AD:7B:9F:1C:49:F8:D1:3E:1A:67:AB:CF:2F:BA:35:B0:A6:6D:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/5uvb6vGZWSu9IMerEwV3PT25Omw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3c39f0-7e97-4ef7-8944-5ebd8eaee2c6/1/Ha17nxxJ-NE-Gmerzy-6NbCmbRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.168.0/21
109.74.240.0/20
176.12.104.0/21
185.32.72.0/22
185.48.164.0/22
IPv6:
2a00:1c10::/32
Signature Algorithm: sha256WithRSAEncryption
01:96:3e:bf:ba:84:ea:1f:ba:a9:97:26:3b:e3:16:ce:09:b0:
b7:d7:cf:c7:f3:fd:5f:e6:1d:16:0e:7a:e9:74:86:d3:50:20:
7e:79:cf:17:fb:1a:e1:9f:04:61:52:10:ce:cd:0d:bb:d7:18:
00:44:db:5d:88:8d:38:55:ce:39:c2:25:5a:d3:d9:fd:32:17:
ec:aa:78:5d:20:9b:eb:22:ee:2d:d2:bd:28:ce:3a:cf:5d:6f:
ce:86:24:28:71:f8:27:71:4b:f9:fa:13:9d:12:97:1c:52:2a:
7c:15:ea:f8:86:4f:af:84:dd:c0:42:12:76:8c:62:09:f0:9a:
d6:2f:ae:13:12:1c:fa:8e:64:c7:fb:25:cd:59:e0:1d:58:ca:
b7:4e:d9:43:00:97:5c:83:f2:2e:57:33:71:c5:19:af:2f:15:
3c:dc:03:24:2c:bd:61:2c:7c:d9:5f:2e:4d:72:7a:b0:98:d8:
dc:92:6f:ad:a5:a3:ec:2e:14:0d:5c:e8:f7:30:97:d8:d1:29:
a3:c7:50:01:6a:ba:d5:cd:23:36:09:9d:48:10:c2:3b:ed:81:
18:55:8c:d2:8f:a2:61:42:ed:3b:51:fc:ff:31:22:2c:69:ed:
96:9e:af:22:9b:21:35:54:4c:fc:d0:65:b6:1c:bb:2e:88:cc:
23:43:5b:a2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzF3QGDNaigHR66SCiQTT0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYWQ3YjlmMWM0OWY4ZDEzZTFhNjdhYmNmMmZiYTM1YjBh
NjZkMTgwHhcNMjQwMTAxMTYzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmViZGJlYWYxOTk1OTJiYmQyMGM3YWIxMzA1NzczZDNkYjkzYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/jYbrwtGXEzLmgJ+dhciLN5If+C
kb3KwSqh3hdmbkQLaUOi12p7yr8hAZbvOQ0xyjUiGm22or+YRJDXXtTZoHOy39mY
gSL/OGRXdKu6ILycU6Zt3gsCpM6i+X2nOhv+2OGi4HS+/QtuqbYEcY1iiTiBAmZX
ZNuSY1ecLNYNxi/8WTBkvb8ipMpofrIAPbyB8eqlxh48UoXmDJ1sMvwj8BTDgfbJ
7CM2ZZ5R/9wHkg3LCCp4kBo2kt5fjQKcw2HoYc9n3W8wJDxOJzsl4wOZtunAjoZM
G6pzQVQPi3R/f9wKELlCyHBwtMV8KVFrA98B4GSEF4nm/RZTipQplgMPbwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFObr2+rxmVkrvSDHqxMFdz09uTpsMB8GA1UdIwQY
MBaAFB2te58cSfjRPhpnq88vujWwpm0YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGExN254eEotTkUtR21lcnp5LTZOYkNtYlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zYzM5ZjAtN2U5Ny00ZWY3LTg5NDQt
NWViZDhlYWVlMmM2LzEvNXV2YjZ2R1pXU3U5SU1lckV3VjNQVDI1T213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zYzM5ZjAtN2U5Ny00ZWY3LTg5NDQtNWViZDhlYWVlMmM2
LzEvSGExN254eEotTkUtR21lcnp5LTZOYkNtYlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBWaoAwQE
bUrwAwQDsAxoAwQCuSBIAwQCuTCkMA0EAgACMAcDBQAqABwQMA0GCSqGSIb3DQEB
CwUAA4IBAQABlj6/uoTqH7qplyY74xbOCbC318/H8/1f5h0WDnrpdIbTUCB+ec8X
+xrhnwRhUhDOzQ271xgARNtdiI04Vc45wiVa09n9MhfsqnhdIJvrIu4t0r0ozjrP
XW/OhiQocfgncUv5+hOdEpccUip8Fer4hk+vhN3AQhJ2jGIJ8JrWL64TEhz6jmTH
+yXNWeAdWMq3TtlDAJdcg/IuVzNxxRmvLxU83AMkLL1hLHzZXy5NcnqwmNjckm+t
paPsLhQNXOj3MJfY0Smjx1ABarrVzSM2CZ1IEMI77YEYVYzSj6JhQu07Ufz/MSIs
ae2Wnq8imyE1VEz80GW2HLsuiMwjQ1ui
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:47 2024 by rpki-client on console-fra.rpki-client.org