Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/dleRO-UOr7fB3SzgxQ9LgYosKGc.roa
File: dleRO-UOr7fB3SzgxQ9LgYosKGc.roa (raw, json)
Hash identifier: wuPTdddeNwUhbnfg9VIffONNFaGvOP1vidlx66sw7fs=
Subject key identifier: 76:57:91:3B:E5:0E:AF:B7:C1:DD:2C:E0:C5:0F:4B:81:8A:2C:28:67
Certificate issuer: /CN=5b9a40fc3f350abda59dbfc01ca37a46d8d74764
Certificate serial: 018CC72744A6AAF885658B146D4136E4418E
Authority key identifier: 5B:9A:40:FC:3F:35:0A:BD:A5:9D:BF:C0:1C:A3:7A:46:D8:D7:47:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/dleRO-UOr7fB3SzgxQ9LgYosKGc.roa
Signing time: Mon 01 Jan 2024 22:31:28 +0000
ROA not before: Mon 01 Jan 2024 22:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43623
IP address blocks: 194.156.7.0/24 maxlen: 24
185.17.246.0/24 maxlen: 24
185.17.244.0/22 maxlen: 22
194.113.143.0/24 maxlen: 24
185.17.247.0/24 maxlen: 24
91.195.78.0/23 maxlen: 23
2a04:880:affe::/48 maxlen: 48
2a04:880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:44:a6:aa:f8:85:65:8b:14:6d:41:36:e4:41:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b9a40fc3f350abda59dbfc01ca37a46d8d74764
Validity
Not Before: Jan 1 22:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7657913be50eafb7c1dd2ce0c50f4b818a2c2867
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:de:2d:50:d8:93:c2:e5:00:ae:6c:04:cf:94:
f2:f9:5d:d2:58:2e:ef:d5:84:a8:a8:70:b2:51:a2:
cf:6d:4a:95:1f:af:5d:b7:1b:9e:c4:9d:9a:7c:6f:
57:ef:d6:8c:df:ff:1f:db:da:a8:f9:ea:96:2d:ac:
b2:87:04:6c:ea:12:f5:d6:35:4c:4d:e0:6e:cf:20:
2f:a8:a3:54:46:2a:7e:0c:3c:a4:4d:c1:03:27:76:
19:98:bb:7a:b6:c8:5a:3e:bc:f1:70:2c:c6:c6:ee:
d4:38:0e:d7:5d:7b:7a:74:16:b2:ac:f3:8b:17:9b:
5d:8c:bd:8d:a6:26:14:a0:3f:e3:4f:bb:c4:69:91:
4f:65:ad:55:8d:79:03:e6:4c:eb:31:31:59:bb:06:
8a:96:68:a5:dc:b1:70:4f:c6:32:d8:b6:d8:22:47:
a2:6a:33:ab:97:cd:34:b5:a5:87:a0:90:be:6d:6c:
40:59:19:f5:bc:1a:79:4d:4b:1f:0c:8b:b2:2f:df:
6c:d7:5a:b0:50:37:a4:39:6a:74:e7:ea:00:03:18:
9a:ca:d0:97:b1:d1:7c:d3:2f:a9:ed:0c:de:84:0f:
2a:e1:d0:78:ad:32:3b:21:d9:87:9b:c1:ac:6a:41:
dc:04:56:15:fb:94:01:de:38:fb:95:c5:22:59:e0:
f4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:57:91:3B:E5:0E:AF:B7:C1:DD:2C:E0:C5:0F:4B:81:8A:2C:28:67
X509v3 Authority Key Identifier:
keyid:5B:9A:40:FC:3F:35:0A:BD:A5:9D:BF:C0:1C:A3:7A:46:D8:D7:47:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/dleRO-UOr7fB3SzgxQ9LgYosKGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.78.0/23
185.17.244.0/22
194.113.143.0/24
194.156.7.0/24
IPv6:
2a04:880::/29
Signature Algorithm: sha256WithRSAEncryption
bb:03:69:5b:8c:4e:34:b8:82:a1:db:98:92:a4:08:04:eb:5f:
b7:47:1b:91:12:98:09:64:4b:7b:02:c3:2e:5d:c6:b5:ed:3a:
60:13:8c:c6:51:ce:78:25:f4:c8:54:15:88:7a:f0:56:04:bf:
40:2c:16:5a:a3:65:b1:6f:db:c2:10:8d:54:4b:9a:3b:48:4a:
a7:23:16:e4:6d:21:71:d7:22:e8:01:7b:b0:ee:12:05:16:4a:
7f:dc:c6:fb:8f:92:5c:fc:b4:e8:c5:fc:8d:09:f5:6f:d5:e3:
5f:57:ec:cb:8f:9f:5c:92:f0:4a:62:3d:ce:86:d5:f3:97:ee:
1b:d2:f1:93:52:2a:69:e9:8d:b9:f5:15:eb:5b:7c:24:9b:8d:
56:45:31:d7:74:cd:68:76:42:eb:94:89:e1:57:77:64:2e:2b:
e0:5c:cf:0f:b3:3b:10:85:cb:a1:6d:46:3c:cd:61:c5:da:c9:
3b:c7:bd:ff:8f:b8:76:da:0e:b7:e2:4f:e1:a0:78:ae:21:2e:
eb:66:a2:a9:69:ef:74:e8:58:49:b6:23:31:78:d6:b4:76:f6:
3b:76:69:1f:6d:63:a9:65:a6:fb:17:55:f0:e7:4c:18:13:d5:
9a:89:0d:10:43:6f:e7:de:a7:d5:6d:69:a9:54:99:5e:92:f9:
dd:56:3e:fe
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHJ0SmqviFZYsUbUE25EGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViOWE0MGZjM2YzNTBhYmRhNTlkYmZjMDFjYTM3YTQ2ZDhk
NzQ3NjQwHhcNMjQwMTAxMjIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjU3OTEzYmU1MGVhZmI3YzFkZDJjZTBjNTBmNGI4MThhMmMyODY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh94tUNiTwuUArmwEz5Ty+V3SWC7v
1YSoqHCyUaLPbUqVH69dtxuexJ2afG9X79aM3/8f29qo+eqWLayyhwRs6hL11jVM
TeBuzyAvqKNURip+DDykTcEDJ3YZmLt6tshaPrzxcCzGxu7UOA7XXXt6dBayrPOL
F5tdjL2NpiYUoD/jT7vEaZFPZa1VjXkD5kzrMTFZuwaKlmil3LFwT8Yy2LbYIkei
ajOrl800taWHoJC+bWxAWRn1vBp5TUsfDIuyL99s11qwUDekOWp05+oAAxiaytCX
sdF80y+p7QzehA8q4dB4rTI7IdmHm8GsakHcBFYV+5QB3jj7lcUiWeD0twIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHZXkTvlDq+3wd0s4MUPS4GKLChnMB8GA1UdIwQY
MBaAFFuaQPw/NQq9pZ2/wByjekbY10dkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzVwQV9EODFDcjJsbmJfQUhLTjZSdGpYUjJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yZWVkZTYtZmMyMC00ZjhhLWFlMjkt
NzI1Mzc1MjZhZWUyLzEvZGxlUk8tVU9yN2ZCM1N6Z3hROUxnWW9zS0djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yZWVkZTYtZmMyMC00ZjhhLWFlMjktNzI1Mzc1MjZhZWUy
LzEvVzVwQV9EODFDcjJsbmJfQUhLTjZSdGpYUjJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8NOAwQC
uRH0AwQAwnGPAwQAwpwHMA0EAgACMAcDBQMqBAiAMA0GCSqGSIb3DQEBCwUAA4IB
AQC7A2lbjE40uIKh25iSpAgE61+3RxuREpgJZEt7AsMuXca17TpgE4zGUc54JfTI
VBWIevBWBL9ALBZao2Wxb9vCEI1US5o7SEqnIxbkbSFx1yLoAXuw7hIFFkp/3Mb7
j5Jc/LToxfyNCfVv1eNfV+zLj59ckvBKYj3OhtXzl+4b0vGTUipp6Y259RXrW3wk
m41WRTHXdM1odkLrlInhV3dkLivgXM8PszsQhcuhbUY8zWHF2sk7x73/j7h22g63
4k/hoHiuIS7rZqKpae906FhJtiMxeNa0dvY7dmkfbWOpZab7F1Xw50wYE9WaiQ0Q
Q2/n3qfVbWmpVJlekvndVj7+
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:52:40 2024 by rpki-client on console-ams.rpki-client.org