Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/vg5cjPtHh1SQlIhYX0x8-Fn_E6w.roa
File: vg5cjPtHh1SQlIhYX0x8-Fn_E6w.roa (raw, json)
Hash identifier: 9oZ5SV5NYzj/ibZpCn9UVR/QQKsZ91ykN+QEwN0LF6I=
Subject key identifier: BE:0E:5C:8C:FB:47:87:54:90:94:88:58:5F:4C:7C:F8:59:FF:13:AC
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 01934A6D7E681B42A0636A076ED031ECEB7A
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/vg5cjPtHh1SQlIhYX0x8-Fn_E6w.roa
Signing time: Wed 20 Nov 2024 16:35:09 +0000
ROA not before: Wed 20 Nov 2024 16:35:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48551
IP address blocks: 31.193.186.0/24 maxlen: 24
45.94.252.0/24 maxlen: 24
45.94.254.0/24 maxlen: 24
45.94.255.0/24 maxlen: 24
45.150.150.0/24 maxlen: 24
45.159.196.0/24 maxlen: 24
45.159.197.0/24 maxlen: 24
45.159.198.0/24 maxlen: 24
45.159.199.0/24 maxlen: 24
91.217.177.0/24 maxlen: 24
103.216.60.0/24 maxlen: 24
103.216.61.0/24 maxlen: 24
103.216.62.0/24 maxlen: 24
103.216.63.0/24 maxlen: 24
157.119.188.0/24 maxlen: 24
157.119.190.0/24 maxlen: 24
157.119.191.0/24 maxlen: 24
185.63.114.0/24 maxlen: 24
185.74.221.0/24 maxlen: 24
185.86.180.0/24 maxlen: 24
185.86.181.0/24 maxlen: 24
185.128.40.0/24 maxlen: 24
185.149.192.0/24 maxlen: 24
185.236.36.0/24 maxlen: 24
185.236.37.0/24 maxlen: 24
185.236.38.0/24 maxlen: 24
185.236.39.0/24 maxlen: 24
185.238.143.0/24 maxlen: 24
194.147.212.0/24 maxlen: 24
194.147.222.0/24 maxlen: 24
195.114.4.0/24 maxlen: 24
195.114.5.0/24 maxlen: 24
195.114.8.0/24 maxlen: 24
195.114.9.0/24 maxlen: 24
2a0d:9500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.mft
rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4a:6d:7e:68:1b:42:a0:63:6a:07:6e:d0:31:ec:eb:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Nov 20 16:35:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be0e5c8cfb478754909488585f4c7cf859ff13ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d4:ea:31:ef:b7:e1:89:8c:ff:8f:da:c3:32:
f4:a9:6a:ad:0b:fe:d8:d1:fe:68:97:2b:6d:64:b5:
78:a7:e8:4a:b0:b9:4a:25:56:e8:6c:e3:7e:db:07:
2b:7a:ea:4d:ed:a2:09:61:12:06:24:27:30:fd:42:
ec:31:cb:b5:f7:96:58:bc:84:d4:da:af:44:f1:0b:
a4:8f:e0:c3:bc:c7:78:d2:f5:29:b4:9c:b1:a4:3c:
99:55:53:54:30:96:16:ea:59:dd:6c:61:2d:c9:5c:
a2:1e:e7:50:64:a6:46:d5:b9:29:d7:b0:36:24:30:
c8:ce:6f:98:12:7d:72:cf:99:8d:26:d7:92:41:2d:
08:a6:db:94:d3:9d:9f:00:f1:e3:38:9c:bb:fe:a2:
81:a0:3d:80:62:4d:05:39:91:e2:e2:36:bd:8d:3e:
0a:78:26:f4:a4:9b:9d:d5:06:cd:0c:68:79:ed:61:
71:bd:26:88:45:0a:91:e3:fe:bc:86:1f:25:04:d4:
e6:85:ab:95:d9:57:7f:a6:a8:37:af:26:a4:4b:6b:
20:4c:ac:96:2b:ad:f3:af:3a:95:c6:62:fd:95:c5:
f2:71:e7:89:94:3d:f1:9c:23:21:19:86:63:30:8a:
92:4c:31:98:82:6b:e7:b5:12:af:aa:5a:06:18:2d:
00:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:0E:5C:8C:FB:47:87:54:90:94:88:58:5F:4C:7C:F8:59:FF:13:AC
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/vg5cjPtHh1SQlIhYX0x8-Fn_E6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.186.0/24
45.94.252.0/24
45.94.254.0/23
45.150.150.0/24
45.159.196.0/22
91.217.177.0/24
103.216.60.0/22
157.119.188.0/24
157.119.190.0/23
185.63.114.0/24
185.74.221.0/24
185.86.180.0/23
185.128.40.0/24
185.149.192.0/24
185.236.36.0/22
185.238.143.0/24
194.147.212.0/24
194.147.222.0/24
195.114.4.0/23
195.114.8.0/23
IPv6:
2a0d:9500::/29
Signature Algorithm: sha256WithRSAEncryption
39:c1:50:d4:ce:5c:4f:68:59:2c:de:a0:bc:a8:12:fa:fb:26:
f4:e9:3b:e5:82:b2:e1:85:19:a3:c1:77:21:f7:a5:a3:e6:63:
5c:81:89:66:75:15:0c:87:9a:e1:37:ca:7c:b9:4c:1d:f1:13:
ef:00:f4:1c:76:06:68:b5:a9:ec:18:77:a4:6d:d7:b8:cb:0f:
ca:a6:76:ad:57:3c:68:35:19:ea:b2:e9:fb:fa:f3:24:bd:08:
3a:41:26:df:4b:c2:db:c9:65:ff:a2:80:46:56:61:07:1d:ce:
56:7e:29:ad:8a:65:ed:7a:4c:ec:f0:f5:94:a1:88:f1:7a:ca:
dd:e0:69:b0:5f:af:0c:18:fc:cc:99:57:fd:b7:90:17:7d:6b:
9d:22:ee:3c:d7:9a:05:d9:f1:9a:76:75:a2:37:fe:31:f0:8a:
fa:fc:69:b4:ac:c1:e2:05:78:07:bf:ae:66:2e:c6:ca:73:ff:
26:77:c5:27:bb:99:48:64:98:21:e8:ce:30:b8:84:f4:be:1c:
8c:67:0e:91:a0:e3:d5:21:76:ea:e6:1e:f6:7c:db:ec:bc:41:
4b:79:4d:b9:18:75:ba:3f:9b:e3:81:71:cc:53:80:f9:6c:98:
ee:7d:b9:eb:5c:17:5a:d4:d8:1e:67:2c:5e:96:c4:67:48:2e:
9b:94:ea:72
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZNKbX5oG0KgY2oHbtAx7Ot6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjQxMTIwMTYzNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTBlNWM4Y2ZiNDc4NzU0OTA5NDg4NTg1ZjRjN2NmODU5ZmYxM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNTqMe+34YmM/4/awzL0qWqtC/7Y
0f5olyttZLV4p+hKsLlKJVbobON+2wcreupN7aIJYRIGJCcw/ULsMcu195ZYvITU
2q9E8Qukj+DDvMd40vUptJyxpDyZVVNUMJYW6lndbGEtyVyiHudQZKZG1bkp17A2
JDDIzm+YEn1yz5mNJteSQS0IptuU052fAPHjOJy7/qKBoD2AYk0FOZHi4ja9jT4K
eCb0pJud1QbNDGh57WFxvSaIRQqR4/68hh8lBNTmhauV2Vd/pqg3ryakS2sgTKyW
K63zrzqVxmL9lcXyceeJlD3xnCMhGYZjMIqSTDGYgmvntRKvqloGGC0A8wIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFL4OXIz7R4dUkJSIWF9MfPhZ/xOsMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvdmc1Y2pQdEhoMVNRbEloWVgweDgtRm5fRTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB+BAIAATB4AwQAH8G6
AwQALV78AwQBLV7+AwQALZaWAwQCLZ/EAwQAW9mxAwQCZ9g8AwQAnXe8AwQBnXe+
AwQAuT9yAwQAuUrdAwQBuVa0AwQAuYAoAwQAuZXAAwQCuewkAwQAue6PAwQAwpPU
AwQAwpPeAwQBw3IEAwQBw3IIMA0EAgACMAcDBQMqDZUAMA0GCSqGSIb3DQEBCwUA
A4IBAQA5wVDUzlxPaFks3qC8qBL6+yb06TvlgrLhhRmjwXch96Wj5mNcgYlmdRUM
h5rhN8p8uUwd8RPvAPQcdgZotansGHekbde4yw/KpnatVzxoNRnqsun7+vMkvQg6
QSbfS8LbyWX/ooBGVmEHHc5WfimtimXtekzs8PWUoYjxesrd4GmwX68MGPzMmVf9
t5AXfWudIu4815oF2fGadnWiN/4x8Ir6/Gm0rMHiBXgHv65mLsbKc/8md8Unu5lI
ZJgh6M4wuIT0vhyMZw6RoOPVIXbq5h72fNvsvEFLeU25GHW6P5vjgXHMU4D5bJju
fbnrXBda1NgeZyxelsRnSC6blOpy
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:20:36 2024 by rpki-client on console-fra.rpki-client.org