Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/s-z8gs9eDqhL3L3Zzzp6INANBCw.roa
File: s-z8gs9eDqhL3L3Zzzp6INANBCw.roa (raw, json)
Hash identifier: od3Bpl6BnM+FnxHlS8LuIuBrqEOjGLrYQ6cpGVT360w=
Subject key identifier: B3:EC:FC:82:CF:5E:0E:A8:4B:DC:BD:D9:CF:3A:7A:20:D0:0D:04:2C
Certificate issuer: /CN=1232303d1638e0735240491aaa9e42b1887adaca
Certificate serial: 018CC348DE27B6F81D20C3ED645154DF910B
Authority key identifier: 12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/s-z8gs9eDqhL3L3Zzzp6INANBCw.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51440
IP address blocks: 46.28.136.0/24 maxlen: 24
46.28.140.0/24 maxlen: 24
95.215.130.0/24 maxlen: 24
95.215.129.0/24 maxlen: 24
195.35.85.0/24 maxlen: 24
46.32.222.0/24 maxlen: 24
5.34.160.0/24 maxlen: 24
2a03:2940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.mft
rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 01:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:de:27:b6:f8:1d:20:c3:ed:64:51:54:df:91:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1232303d1638e0735240491aaa9e42b1887adaca
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3ecfc82cf5e0ea84bdcbdd9cf3a7a20d00d042c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1a:a5:ef:3f:86:aa:1b:65:ec:db:67:c6:3f:
ef:32:7e:9e:0f:1d:f3:1e:a0:8d:26:92:f4:82:7f:
d8:a5:94:17:0a:e5:5d:b6:fc:99:af:e5:fb:10:04:
09:13:01:55:83:df:98:d3:fa:63:d3:bc:e8:92:00:
15:8e:24:e7:a5:84:25:df:ec:c8:0a:f8:f4:5a:f0:
39:2f:c8:a7:cf:3f:35:7d:39:c1:ba:ae:d1:0b:d4:
71:c1:42:44:0a:bb:8a:c0:01:7d:1d:4d:9a:af:e2:
c9:d5:3c:90:5f:9a:15:48:d6:ae:56:a1:3e:ed:7c:
39:e3:2c:17:13:92:ba:4a:3c:ca:01:6d:84:7b:2d:
e1:6f:31:61:60:0b:e0:ca:ea:d0:b9:9b:bd:3f:a8:
ee:33:60:74:fc:7e:34:81:4d:bf:1d:38:28:93:9c:
aa:25:17:94:de:1d:de:35:bf:db:5b:5b:b7:81:df:
c3:fd:84:d3:60:cb:51:c6:dd:2c:8f:27:39:67:bf:
e3:56:68:68:c8:fe:21:94:9a:ed:c4:a3:36:0d:10:
b5:11:b4:36:e6:eb:5f:eb:c2:09:86:e0:6d:ce:70:
13:01:b3:40:36:25:b4:cf:52:bc:76:e1:48:d0:c0:
35:d5:54:a0:bb:c2:7e:d7:52:9f:0f:11:e2:3e:2b:
01:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:EC:FC:82:CF:5E:0E:A8:4B:DC:BD:D9:CF:3A:7A:20:D0:0D:04:2C
X509v3 Authority Key Identifier:
keyid:12:32:30:3D:16:38:E0:73:52:40:49:1A:AA:9E:42:B1:88:7A:DA:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjIwPRY44HNSQEkaqp5CsYh62so.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/s-z8gs9eDqhL3L3Zzzp6INANBCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/0ab167-3094-4103-8131-064414d0340f/1/EjIwPRY44HNSQEkaqp5CsYh62so.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.160.0/24
46.28.136.0/24
46.28.140.0/24
46.32.222.0/24
95.215.129.0-95.215.130.255
195.35.85.0/24
IPv6:
2a03:2940::/32
Signature Algorithm: sha256WithRSAEncryption
47:e9:d0:26:5e:86:f7:a3:99:7a:28:17:56:cb:82:e6:d8:06:
bd:93:15:ed:1f:ad:f4:d7:d7:08:1b:c3:ab:0e:29:17:28:8a:
f0:79:82:cb:4d:4a:21:e4:d3:e5:a0:12:41:24:1b:51:44:2b:
93:16:e1:02:64:70:8a:a8:54:41:b0:90:4b:fc:24:0f:ee:ac:
d4:8b:95:0f:d6:c0:5f:ca:b4:7e:5e:b5:c0:0f:d3:21:cb:81:
a2:28:ef:49:41:6b:8d:80:0c:3a:aa:9c:48:02:9b:65:6e:b0:
99:b8:44:64:cc:71:63:e0:42:89:92:7b:9b:9c:2e:c4:c8:a9:
f6:3e:fc:45:57:54:1d:b0:41:b4:9e:09:0e:05:3e:85:de:0d:
a8:84:35:e9:89:bc:1d:0d:0b:f0:84:a7:ea:58:8a:94:01:6d:
90:fb:42:d3:d3:cf:78:90:bf:6b:55:51:e5:db:ba:e2:14:31:
e9:61:81:d9:3f:58:d8:ce:db:db:51:cf:8b:00:7f:09:9c:cc:
5c:97:e2:e8:4d:b2:ff:bb:35:72:1f:13:e2:9f:49:3c:ab:49:
ac:8c:5c:c1:be:70:0e:35:2c:50:06:f9:a1:3c:9a:7a:01:61:
4a:e2:c5:74:b5:a9:0e:c3:e1:ec:2a:17:1d:24:8f:95:3c:7d:
ca:4c:dd:27
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzDSN4ntvgdIMPtZFFU35ELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzIzMDNkMTYzOGUwNzM1MjQwNDkxYWFhOWU0MmIxODg3
YWRhY2EwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2VjZmM4MmNmNWUwZWE4NGJkY2JkZDljZjNhN2EyMGQwMGQwNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhql7z+Gqhtl7Ntnxj/vMn6eDx3z
HqCNJpL0gn/YpZQXCuVdtvyZr+X7EAQJEwFVg9+Y0/pj07zokgAVjiTnpYQl3+zI
Cvj0WvA5L8inzz81fTnBuq7RC9RxwUJECruKwAF9HU2ar+LJ1TyQX5oVSNauVqE+
7Xw54ywXE5K6SjzKAW2Eey3hbzFhYAvgyurQuZu9P6juM2B0/H40gU2/HTgok5yq
JReU3h3eNb/bW1u3gd/D/YTTYMtRxt0sjyc5Z7/jVmhoyP4hlJrtxKM2DRC1EbQ2
5utf68IJhuBtznATAbNANiW0z1K8duFI0MA11VSgu8J+11KfDxHiPisBwQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFLPs/ILPXg6oS9y92c86eiDQDQQsMB8GA1UdIwQY
MBaAFBIyMD0WOOBzUkBJGqqeQrGIetrKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEt
MDY0NDE0ZDAzNDBmLzEvcy16OGdzOWVEcWhMM0wzWnp6cDZJTkFOQkN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wYWIxNjctMzA5NC00MTAzLTgxMzEtMDY0NDE0ZDAzNDBm
LzEvRWpJd1BSWTQ0SE5TUUVrYXFwNUNzWWg2MnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQABSKgAwQA
LhyIAwQALhyMAwQALiDeMAwDBABf14EDBABf14IDBADDI1UwDQQCAAIwBwMFACoD
KUAwDQYJKoZIhvcNAQELBQADggEBAEfp0CZehvejmXooF1bLgubYBr2TFe0frfTX
1wgbw6sOKRcoivB5gstNSiHk0+WgEkEkG1FEK5MW4QJkcIqoVEGwkEv8JA/urNSL
lQ/WwF/KtH5etcAP0yHLgaIo70lBa42ADDqqnEgCm2VusJm4RGTMcWPgQomSe5uc
LsTIqfY+/EVXVB2wQbSeCQ4FPoXeDaiENemJvB0NC/CEp+pYipQBbZD7QtPTz3iQ
v2tVUeXbuuIUMelhgdk/WNjO29tRz4sAfwmczFyX4uhNsv+7NXIfE+KfSTyrSayM
XMG+cA41LFAG+aE8mnoBYUrixXS1qQ7D4ewqFx0kj5U8fcpM3Sc=
-----END CERTIFICATE-----
Generated at Sat May 18 05:35:59 2024 by rpki-client on console-fra.rpki-client.org