Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/c69704-db71-4b1d-b8ac-c5dc094df9c4/1/GDu9UTwUw2mbVfh-cjDWi1Vy2v0.roa
File: GDu9UTwUw2mbVfh-cjDWi1Vy2v0.roa (raw, json)
Hash identifier: FmUzJNzNiaHbkwh0d9w0h84Dyy3XTM1pMxH/etArrLQ=
Subject key identifier: 18:3B:BD:51:3C:14:C3:69:9B:55:F8:7E:72:30:D6:8B:55:72:DA:FD
Certificate issuer: /CN=5c75114adc2cf8edea505957e79e89044266c24e
Certificate serial: 018CC4250B00661CDB2EBD16883D71599623
Authority key identifier: 5C:75:11:4A:DC:2C:F8:ED:EA:50:59:57:E7:9E:89:04:42:66:C2:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHURStws-O3qUFlX556JBEJmwk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/c69704-db71-4b1d-b8ac-c5dc094df9c4/1/GDu9UTwUw2mbVfh-cjDWi1Vy2v0.roa
Signing time: Mon 01 Jan 2024 08:30:11 +0000
ROA not before: Mon 01 Jan 2024 08:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197988
IP address blocks: 95.183.48.0/20 maxlen: 20
95.183.58.0/24 maxlen: 24
46.28.200.0/21 maxlen: 24
2a0c:2240::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/c69704-db71-4b1d-b8ac-c5dc094df9c4/1/XHURStws-O3qUFlX556JBEJmwk4.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/c69704-db71-4b1d-b8ac-c5dc094df9c4/1/XHURStws-O3qUFlX556JBEJmwk4.mft
rsync://rpki.ripe.net/repository/DEFAULT/XHURStws-O3qUFlX556JBEJmwk4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0b:00:66:1c:db:2e:bd:16:88:3d:71:59:96:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c75114adc2cf8edea505957e79e89044266c24e
Validity
Not Before: Jan 1 08:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=183bbd513c14c3699b55f87e7230d68b5572dafd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:35:64:fa:d8:6e:18:80:e7:7e:cd:86:77:41:
d1:70:6b:d3:14:0e:9f:ca:20:09:b1:08:8d:7b:27:
11:84:ef:ea:40:2b:6f:31:3b:75:42:e9:80:b4:7c:
37:ca:d9:0c:e4:ca:a2:6b:61:85:8a:89:51:2a:f0:
68:3d:7b:db:54:4a:e5:84:be:69:b3:f8:47:54:89:
ac:70:24:bc:52:64:47:b5:95:ff:bc:60:c3:dc:32:
8b:d8:a4:11:fa:2a:39:51:8d:64:2f:ce:b2:cc:b6:
ec:a9:49:f2:d0:d7:98:77:ea:ba:24:2e:d2:28:81:
71:1c:4f:ad:f4:fa:3b:2a:96:50:2f:ce:5c:b5:46:
2d:e0:33:78:c6:7f:ae:3b:f7:23:37:12:45:2c:53:
7b:c9:19:a1:ef:cb:34:1f:a9:a3:51:b0:d1:28:c6:
e2:1c:10:6e:70:08:18:d5:99:ea:83:0e:57:8b:f0:
b9:a8:8d:98:e6:7a:bd:69:3a:a7:cb:6f:54:ef:b1:
92:76:bd:24:2d:2a:6c:38:4e:5e:5e:ce:ed:ca:93:
28:ae:9e:50:10:5b:f8:61:a0:00:69:53:cd:d6:a6:
ec:20:18:0e:14:57:9d:54:71:17:61:44:53:c2:ad:
4f:a6:1e:28:24:1f:eb:b5:3a:be:d2:d9:a3:ec:41:
f7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:3B:BD:51:3C:14:C3:69:9B:55:F8:7E:72:30:D6:8B:55:72:DA:FD
X509v3 Authority Key Identifier:
keyid:5C:75:11:4A:DC:2C:F8:ED:EA:50:59:57:E7:9E:89:04:42:66:C2:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHURStws-O3qUFlX556JBEJmwk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c69704-db71-4b1d-b8ac-c5dc094df9c4/1/GDu9UTwUw2mbVfh-cjDWi1Vy2v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/c69704-db71-4b1d-b8ac-c5dc094df9c4/1/XHURStws-O3qUFlX556JBEJmwk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.200.0/21
95.183.48.0/20
IPv6:
2a0c:2240::/48
Signature Algorithm: sha256WithRSAEncryption
16:78:1b:7f:54:98:36:7a:e0:71:e8:62:9a:79:d7:5d:9d:36:
39:41:f5:b6:39:53:9a:d3:69:65:9e:35:ef:03:e9:dc:85:09:
3e:42:e6:92:72:48:c7:24:08:d9:c0:66:48:87:d5:70:0b:b1:
ae:05:2c:0a:24:0c:25:6e:69:57:02:a4:a7:32:6b:6b:62:40:
6b:2c:82:a8:cf:e7:56:77:01:28:39:22:78:4f:0e:d1:40:3a:
7d:d0:9f:b8:c0:d9:86:bc:cb:5d:30:5f:fe:be:1a:54:b3:52:
55:43:01:af:c8:23:d8:84:47:91:e9:81:80:14:e8:51:a7:83:
df:51:11:70:42:50:ab:f3:88:12:6f:15:89:a4:f4:00:25:41:
ce:45:cc:79:a0:71:8d:d1:f4:25:71:76:8e:a5:67:59:5a:be:
86:03:fc:64:e3:ff:98:93:7f:68:1d:fb:9d:00:18:a6:19:8d:
8a:88:32:8c:15:c5:2b:09:9b:ba:6c:67:d7:8b:e0:5e:30:d9:
3d:70:33:d5:4c:56:0f:99:c5:20:bf:6c:17:b9:97:13:49:c7:
f3:53:8f:d6:08:4a:47:bd:2c:a3:cd:62:07:20:89:d7:f4:ec:
3c:e8:be:e9:44:77:7a:bf:c9:eb:80:bc:a6:e9:7a:0c:39:61:
e0:9b:9c:32
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEJQsAZhzbLr0WiD1xWZYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzUxMTRhZGMyY2Y4ZWRlYTUwNTk1N2U3OWU4OTA0NDI2
NmMyNGUwHhcNMjQwMTAxMDgzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODNiYmQ1MTNjMTRjMzY5OWI1NWY4N2U3MjMwZDY4YjU1NzJkYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjVk+thuGIDnfs2Gd0HRcGvTFA6f
yiAJsQiNeycRhO/qQCtvMTt1QumAtHw3ytkM5Mqia2GFiolRKvBoPXvbVErlhL5p
s/hHVImscCS8UmRHtZX/vGDD3DKL2KQR+io5UY1kL86yzLbsqUny0NeYd+q6JC7S
KIFxHE+t9Po7KpZQL85ctUYt4DN4xn+uO/cjNxJFLFN7yRmh78s0H6mjUbDRKMbi
HBBucAgY1Znqgw5Xi/C5qI2Y5nq9aTqny29U77GSdr0kLSpsOE5eXs7typMorp5Q
EFv4YaAAaVPN1qbsIBgOFFedVHEXYURTwq1Pph4oJB/rtTq+0tmj7EH36QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBg7vVE8FMNpm1X4fnIw1otVctr9MB8GA1UdIwQY
MBaAFFx1EUrcLPjt6lBZV+eeiQRCZsJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhVUlN0d3MtTzNxVUZsWDU1NkpCRUptd2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9jNjk3MDQtZGI3MS00YjFkLWI4YWMt
YzVkYzA5NGRmOWM0LzEvR0R1OVVUd1V3Mm1iVmZoLWNqRFdpMVZ5MnYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9jNjk3MDQtZGI3MS00YjFkLWI4YWMtYzVkYzA5NGRmOWM0
LzEvWEhVUlN0d3MtTzNxVUZsWDU1NkpCRUptd2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDLhzIAwQE
X7cwMA8EAgACMAkDBwAqDCJAAAAwDQYJKoZIhvcNAQELBQADggEBABZ4G39UmDZ6
4HHoYpp5112dNjlB9bY5U5rTaWWeNe8D6dyFCT5C5pJySMckCNnAZkiH1XALsa4F
LAokDCVuaVcCpKcya2tiQGssgqjP51Z3ASg5InhPDtFAOn3Qn7jA2Ya8y10wX/6+
GlSzUlVDAa/II9iER5HpgYAU6FGng99REXBCUKvziBJvFYmk9AAlQc5FzHmgcY3R
9CVxdo6lZ1lavoYD/GTj/5iTf2gd+50AGKYZjYqIMowVxSsJm7psZ9eL4F4w2T1w
M9VMVg+ZxSC/bBe5lxNJx/NTj9YISke9LKPNYgcgidf07DzovulEd3q/yeuAvKbp
egw5YeCbnDI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:17:54 2024 by rpki-client on console-fra.rpki-client.org