Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/5YS6-af__QZZ4hIwq0Z0dKzoEc4.roa
File: 5YS6-af__QZZ4hIwq0Z0dKzoEc4.roa (raw, json)
Hash identifier: +E/JZ91rwKCSYrBtE49+plz/VLJfVbCjGDAxU5FLIqk=
Subject key identifier: E5:84:BA:F9:A7:FF:FD:06:59:E2:12:30:AB:46:74:74:AC:E8:11:CE
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 018CC26D46BAD10464D7A8E4348885CFDB7F
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/5YS6-af__QZZ4hIwq0Z0dKzoEc4.roa
Signing time: Mon 01 Jan 2024 00:29:50 +0000
ROA not before: Mon 01 Jan 2024 00:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49293
IP address blocks: 95.170.112.0/24 maxlen: 24
95.170.118.0/24 maxlen: 24
95.170.117.0/24 maxlen: 24
95.170.116.0/24 maxlen: 24
95.170.115.0/24 maxlen: 24
95.170.114.0/24 maxlen: 24
95.170.113.0/24 maxlen: 24
95.170.112.0/21 maxlen: 21
95.170.119.0/24 maxlen: 24
212.107.226.0/24 maxlen: 24
212.107.225.0/24 maxlen: 24
212.107.224.0/20 maxlen: 20
212.107.224.0/24 maxlen: 24
212.107.230.0/24 maxlen: 24
212.107.229.0/24 maxlen: 24
212.107.228.0/24 maxlen: 24
212.107.227.0/24 maxlen: 24
212.107.233.0/24 maxlen: 24
212.107.232.0/24 maxlen: 24
212.107.231.0/24 maxlen: 24
212.107.237.0/24 maxlen: 24
212.107.236.0/24 maxlen: 24
212.107.235.0/24 maxlen: 24
212.107.234.0/24 maxlen: 24
212.107.239.0/24 maxlen: 24
212.107.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 22:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:46:ba:d1:04:64:d7:a8:e4:34:88:85:cf:db:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 00:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e584baf9a7fffd0659e21230ab467474ace811ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d6:6a:05:5f:77:a0:dd:8d:67:ac:99:33:b4:
17:ca:9f:77:75:8e:a0:68:1b:cf:7b:02:28:82:9a:
07:e6:b4:27:f3:b7:74:41:87:f3:9a:cd:6c:b2:b8:
e8:ed:50:1d:38:aa:fd:28:a9:a2:b8:e7:fa:eb:df:
08:4f:cf:42:50:d4:8a:85:77:f0:ec:bb:76:c4:f0:
50:3a:14:e1:c7:7e:c1:73:d1:45:03:da:97:0e:c4:
ed:d1:7f:e2:06:70:59:c7:4b:80:6c:b6:fd:7a:9c:
ce:8c:09:d9:2a:97:d5:50:83:51:e1:3f:c9:5e:bd:
ae:53:26:5d:d9:ee:e4:28:75:b0:b3:bc:c1:c2:28:
a2:a2:f7:d9:6a:f0:cf:38:02:98:6d:03:d2:3c:a4:
bb:05:3e:1c:60:af:50:5d:12:fd:91:05:38:37:b8:
a8:75:21:46:aa:c2:24:b6:2a:80:fd:6e:93:0e:3a:
bc:57:53:48:b8:31:60:db:2d:44:f7:7b:7d:7f:b9:
cf:a4:27:b7:b3:d3:28:14:fc:7a:f3:e3:67:e8:ba:
e8:07:fd:e0:13:62:55:08:a4:03:5a:9d:cd:f2:02:
a9:f3:ac:14:d6:b6:06:73:05:ad:2a:3b:d0:7e:aa:
30:50:83:b8:8a:5c:8c:57:7a:2d:ee:c5:0c:ac:a5:
cf:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:84:BA:F9:A7:FF:FD:06:59:E2:12:30:AB:46:74:74:AC:E8:11:CE
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/5YS6-af__QZZ4hIwq0Z0dKzoEc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.112.0/21
212.107.224.0/20
Signature Algorithm: sha256WithRSAEncryption
4b:5e:07:1c:91:6c:20:f2:aa:a9:8f:a2:d4:06:a4:04:0d:6f:
b2:ca:8a:c6:00:22:a1:c2:03:38:d7:a8:76:dd:26:34:83:cf:
c1:e2:0a:ee:1b:ad:7c:98:a6:a6:21:ff:50:05:36:19:0a:ca:
79:24:75:ee:c4:03:3a:5e:d6:b4:a4:7a:3c:57:a7:07:5f:10:
fb:56:fb:b7:b6:66:17:c8:c2:6d:fd:68:5c:20:a0:84:ba:14:
d6:27:94:4d:34:d7:3f:bd:84:59:ac:b1:83:ee:a8:3d:a6:bc:
64:bf:c7:92:98:2e:48:78:b9:1d:ff:44:0d:c0:c1:d4:74:c6:
cc:55:60:fb:9b:6c:6b:3e:ee:db:c7:49:1f:4c:db:fd:45:cd:
8d:a8:fc:d5:48:b7:ca:a4:1d:f1:0b:3d:c1:46:e5:58:e9:e0:
a4:3e:ce:82:53:d3:b8:f3:5d:1d:d0:7c:68:5c:31:cf:c4:06:
66:89:e5:25:6c:84:82:e7:f5:8a:11:a2:92:58:9d:3f:29:05:
36:51:f3:c0:e5:f9:18:55:25:93:91:ba:29:f0:83:4e:a7:e0:
79:d7:4a:75:90:58:1f:2c:9c:ce:87:2a:e1:c6:8e:02:d7:4f:
55:9b:0e:e6:47:3a:9c:3c:4b:b2:77:86:f0:d4:c3:44:60:d7:
1a:41:4e:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbUa60QRk16jkNIiFz9t/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjQwMTAxMDAyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTg0YmFmOWE3ZmZmZDA2NTllMjEyMzBhYjQ2NzQ3NGFjZTgxMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldZqBV93oN2NZ6yZM7QXyp93dY6g
aBvPewIogpoH5rQn87d0QYfzms1ssrjo7VAdOKr9KKmiuOf6698IT89CUNSKhXfw
7Lt2xPBQOhThx37Bc9FFA9qXDsTt0X/iBnBZx0uAbLb9epzOjAnZKpfVUINR4T/J
Xr2uUyZd2e7kKHWws7zBwiiiovfZavDPOAKYbQPSPKS7BT4cYK9QXRL9kQU4N7io
dSFGqsIktiqA/W6TDjq8V1NIuDFg2y1E93t9f7nPpCe3s9MoFPx68+Nn6LroB/3g
E2JVCKQDWp3N8gKp86wU1rYGcwWtKjvQfqowUIO4ilyMV3ot7sUMrKXPbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOWEuvmn//0GWeISMKtGdHSs6BHOMB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvNVlTNi1hZl9fUVpaNGhJd3EwWjBkS3pvRWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDX6pwAwQE
1GvgMA0GCSqGSIb3DQEBCwUAA4IBAQBLXgcckWwg8qqpj6LUBqQEDW+yyorGACKh
wgM416h23SY0g8/B4gruG618mKamIf9QBTYZCsp5JHXuxAM6Xta0pHo8V6cHXxD7
Vvu3tmYXyMJt/WhcIKCEuhTWJ5RNNNc/vYRZrLGD7qg9prxkv8eSmC5IeLkd/0QN
wMHUdMbMVWD7m2xrPu7bx0kfTNv9Rc2NqPzVSLfKpB3xCz3BRuVY6eCkPs6CU9O4
810d0HxoXDHPxAZmieUlbISC5/WKEaKSWJ0/KQU2UfPA5fkYVSWTkbop8INOp+B5
10p1kFgfLJzOhyrhxo4C109Vmw7mRzqcPEuyd4bw1MNEYNcaQU7R
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:42:27 2024 by rpki-client on console-ams.rpki-client.org