Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/s5moLvIi9RIWPUK4RGmT3EqxbeQ.roa
File: s5moLvIi9RIWPUK4RGmT3EqxbeQ.roa (raw, json)
Hash identifier: zB0CAs3QqvlV5ZY6fP4I7dxwolGLefS7MYK2gYSxSTU=
Subject key identifier: B3:99:A8:2E:F2:22:F5:12:16:3D:42:B8:44:69:93:DC:4A:B1:6D:E4
Certificate issuer: /CN=59dda539feb8f8a3725342600670c0c154e4baaa
Certificate serial: 018CC64B5902278C6243B9F470BDF60D38A6
Authority key identifier: 59:DD:A5:39:FE:B8:F8:A3:72:53:42:60:06:70:C0:C1:54:E4:BA:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd2lOf64-KNyU0JgBnDAwVTkuqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/s5moLvIi9RIWPUK4RGmT3EqxbeQ.roa
Signing time: Mon 01 Jan 2024 18:31:15 +0000
ROA not before: Mon 01 Jan 2024 18:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49847
IP address blocks: 185.42.225.0/24 maxlen: 24
185.42.224.0/24 maxlen: 24
185.42.226.0/24 maxlen: 24
185.42.227.0/24 maxlen: 24
45.132.172.0/24 maxlen: 24
45.132.175.0/24 maxlen: 24
45.132.174.0/24 maxlen: 24
45.132.173.0/24 maxlen: 24
2a04:9240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/Wd2lOf64-KNyU0JgBnDAwVTkuqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/Wd2lOf64-KNyU0JgBnDAwVTkuqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wd2lOf64-KNyU0JgBnDAwVTkuqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:59:02:27:8c:62:43:b9:f4:70:bd:f6:0d:38:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dda539feb8f8a3725342600670c0c154e4baaa
Validity
Not Before: Jan 1 18:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b399a82ef222f512163d42b8446993dc4ab16de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0c:02:cf:a0:32:38:4f:ec:98:ca:cd:f1:ca:
a8:6e:0b:47:01:7c:f0:1a:99:63:ad:86:87:67:07:
3d:c0:31:43:15:86:4e:c9:02:a3:3a:97:dd:8b:90:
74:46:f8:d8:60:ec:dd:5a:fb:1e:f6:df:4d:45:b2:
5f:02:9d:38:a8:d6:8d:4d:94:6c:e3:cb:f4:9d:8d:
08:99:ac:0a:3b:14:d6:1a:ad:5b:09:44:ac:62:4a:
23:9d:bd:77:7a:f2:3a:91:da:11:88:28:1a:dc:37:
24:38:f6:e9:f8:8e:78:ef:4d:62:aa:15:49:26:b7:
69:6f:98:f3:e4:15:48:64:9c:1d:ab:76:0f:64:2e:
cd:c3:3d:6a:7d:0e:25:13:25:1d:20:63:fc:d3:bf:
b6:97:3a:d5:51:0f:35:c0:6e:e9:07:0a:ed:36:f4:
39:2e:60:a3:45:7f:c3:90:43:5f:a4:22:c8:d7:2e:
a7:e5:aa:98:2e:86:be:04:36:1b:46:85:c2:8e:e5:
59:48:91:6f:29:6c:83:50:6d:ca:52:f6:be:05:4b:
d7:3b:57:70:e1:8c:18:ff:a3:cb:0c:8d:fb:29:41:
cc:19:d8:06:fc:5d:52:49:8b:61:07:be:af:f0:50:
0e:14:f5:25:dc:31:32:c3:11:c1:70:b5:9d:27:51:
d2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:99:A8:2E:F2:22:F5:12:16:3D:42:B8:44:69:93:DC:4A:B1:6D:E4
X509v3 Authority Key Identifier:
keyid:59:DD:A5:39:FE:B8:F8:A3:72:53:42:60:06:70:C0:C1:54:E4:BA:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd2lOf64-KNyU0JgBnDAwVTkuqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/s5moLvIi9RIWPUK4RGmT3EqxbeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/bf2ba5-f280-49e5-9a34-fec25d2e918d/1/Wd2lOf64-KNyU0JgBnDAwVTkuqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.172.0/22
185.42.224.0/22
IPv6:
2a04:9240::/29
Signature Algorithm: sha256WithRSAEncryption
3a:32:cc:7e:b9:56:76:d3:1c:14:ec:59:d2:5e:2a:13:ea:cd:
32:52:7a:00:39:77:52:8e:24:4f:d3:b8:12:cf:b6:3f:db:5a:
71:f0:73:08:b3:9b:60:e6:ef:52:2e:10:4f:3d:82:ac:34:5d:
94:ca:58:26:70:b5:15:3d:aa:18:68:2e:d5:77:1f:3f:64:0b:
87:ea:f9:a5:f9:5c:43:1a:01:8b:2d:42:bd:76:19:81:3c:08:
20:3b:fc:bb:62:7d:8b:c7:9b:73:90:67:ce:66:45:c0:10:ee:
f1:d8:b4:70:fa:1b:4c:03:bd:7b:fc:4f:6d:e0:fd:cd:45:6e:
b8:98:60:13:e7:e7:78:05:24:1a:c8:24:2c:98:c8:6d:c4:ac:
57:f3:29:e2:6a:47:fb:11:8b:ed:77:c3:f9:57:08:87:96:8a:
3c:47:02:7e:18:11:f9:91:13:ee:f5:61:f9:be:93:b5:40:fd:
6f:28:02:f2:41:7f:38:a9:a9:36:a3:8f:df:22:a9:22:4d:e9:
e9:0d:5c:c9:f4:3e:5d:90:b5:c4:fe:b5:7c:55:70:76:ae:ce:
ed:8d:e8:ff:4c:5e:a4:1f:40:ad:6e:2a:f4:f0:1a:b3:ee:89:
c7:6c:7c:57:64:6b:a9:72:77:3e:96:50:2e:96:e0:53:37:69:
9f:60:5e:83
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGS1kCJ4xiQ7n0cL32DTimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGRhNTM5ZmViOGY4YTM3MjUzNDI2MDA2NzBjMGMxNTRl
NGJhYWEwHhcNMjQwMTAxMTgzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzk5YTgyZWYyMjJmNTEyMTYzZDQyYjg0NDY5OTNkYzRhYjE2ZGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQwCz6AyOE/smMrN8cqobgtHAXzw
GpljrYaHZwc9wDFDFYZOyQKjOpfdi5B0RvjYYOzdWvse9t9NRbJfAp04qNaNTZRs
48v0nY0ImawKOxTWGq1bCUSsYkojnb13evI6kdoRiCga3DckOPbp+I54701iqhVJ
Jrdpb5jz5BVIZJwdq3YPZC7Nwz1qfQ4lEyUdIGP807+2lzrVUQ81wG7pBwrtNvQ5
LmCjRX/DkENfpCLI1y6n5aqYLoa+BDYbRoXCjuVZSJFvKWyDUG3KUva+BUvXO1dw
4YwY/6PLDI37KUHMGdgG/F1SSYthB76v8FAOFPUl3DEywxHBcLWdJ1HSpwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLOZqC7yIvUSFj1CuERpk9xKsW3kMB8GA1UdIwQY
MBaAFFndpTn+uPijclNCYAZwwMFU5LqqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QybE9mNjQtS055VTBKZ0JuREF3VlRrdXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iZjJiYTUtZjI4MC00OWU1LTlhMzQt
ZmVjMjVkMmU5MThkLzEvczVtb0x2SWk5UklXUFVLNFJHbVQzRXF4YmVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iZjJiYTUtZjI4MC00OWU1LTlhMzQtZmVjMjVkMmU5MThk
LzEvV2QybE9mNjQtS055VTBKZ0JuREF3VlRrdXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYSsAwQC
uSrgMA0EAgACMAcDBQMqBJJAMA0GCSqGSIb3DQEBCwUAA4IBAQA6Msx+uVZ20xwU
7FnSXioT6s0yUnoAOXdSjiRP07gSz7Y/21px8HMIs5tg5u9SLhBPPYKsNF2Uylgm
cLUVPaoYaC7Vdx8/ZAuH6vml+VxDGgGLLUK9dhmBPAggO/y7Yn2Lx5tzkGfOZkXA
EO7x2LRw+htMA717/E9t4P3NRW64mGAT5+d4BSQayCQsmMhtxKxX8yniakf7EYvt
d8P5VwiHloo8RwJ+GBH5kRPu9WH5vpO1QP1vKALyQX84qak2o4/fIqkiTenpDVzJ
9D5dkLXE/rV8VXB2rs7tjej/TF6kH0Ctbir08Bqz7onHbHxXZGupcnc+llAuluBT
N2mfYF6D
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:42:06 2024 by rpki-client on console-ams.rpki-client.org