Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/su5kZF1z7CAhRSoJvQJfGRvLmY0.roa
File: su5kZF1z7CAhRSoJvQJfGRvLmY0.roa (raw, json)
Hash identifier: uq2/3AloAnZTqCrgDR1YqvR90dF/xFvWs8ZPoFuASNs=
Subject key identifier: B2:EE:64:64:5D:73:EC:20:21:45:2A:09:BD:02:5F:19:1B:CB:99:8D
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 01904919A022B8092B5355A1E438CFDAC450
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/su5kZF1z7CAhRSoJvQJfGRvLmY0.roa
Signing time: Mon 24 Jun 2024 07:15:34 +0000
ROA not before: Mon 24 Jun 2024 07:15:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210583
IP address blocks: 46.32.8.0/24 maxlen: 24
78.158.167.0/24 maxlen: 24
79.132.216.0/24 maxlen: 24
86.109.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Oct 2024 11:50:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:49:19:a0:22:b8:09:2b:53:55:a1:e4:38:cf:da:c4:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jun 24 07:15:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b2ee64645d73ec2021452a09bd025f191bcb998d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:03:87:83:00:13:0f:72:62:37:71:88:3a:c1:
ad:4f:f2:88:af:6e:92:fe:96:c8:29:65:15:e5:ea:
13:f2:bf:a3:9c:ad:6e:b7:c4:0a:80:26:c8:0b:09:
3f:d2:34:68:68:dd:65:65:eb:50:2d:8f:c8:0a:c1:
4b:a5:14:cd:aa:a2:19:a0:48:a5:a4:c0:7a:c5:13:
9d:3d:71:54:79:e8:39:73:24:00:35:58:63:ad:db:
e9:89:dc:2c:31:96:73:bc:89:63:22:69:29:cf:ad:
d8:13:ed:d8:73:45:2c:6d:a1:77:9a:6c:df:14:b2:
fa:b7:ef:c8:8b:ec:bb:59:92:68:b9:51:f5:f8:a7:
f6:aa:3a:9e:53:32:d3:57:d5:be:c9:04:05:ea:f6:
1b:99:83:d5:7d:19:11:48:d6:9d:54:a2:46:d1:36:
5d:7b:be:99:aa:4a:d0:26:81:5f:c1:cd:3b:9f:b0:
cf:6f:8b:40:96:dc:b2:8f:52:d1:45:55:49:1f:8c:
e2:97:d5:a0:60:4e:44:a3:f7:26:cb:c7:a5:bd:c6:
7f:3c:2f:da:6a:51:03:a2:76:92:83:0d:c0:1d:e2:
dd:a8:8a:20:b1:d6:9b:25:cf:3e:49:c2:5c:33:93:
db:28:ba:50:df:6e:26:ac:d8:41:67:e5:c9:62:2c:
fd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:EE:64:64:5D:73:EC:20:21:45:2A:09:BD:02:5F:19:1B:CB:99:8D
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/su5kZF1z7CAhRSoJvQJfGRvLmY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.8.0/24
78.158.167.0/24
79.132.216.0/24
86.109.61.0/24
Signature Algorithm: sha256WithRSAEncryption
88:80:2e:23:ca:db:fa:3d:cf:a5:1a:d3:d0:dc:a9:89:96:8e:
07:16:06:34:1c:9b:1b:d7:73:bc:f8:d0:5e:80:80:65:af:8e:
96:b4:72:e4:9c:23:ad:fd:db:d8:aa:78:ef:52:ee:6c:89:43:
7f:ac:2b:bb:fc:2e:c9:d8:19:63:7e:8f:7b:b5:4e:21:64:92:
01:1b:d1:35:9c:40:e8:89:50:99:c0:ae:d5:6b:98:18:f8:5d:
d6:07:51:2e:49:f1:5d:10:75:cb:f3:ef:f0:c0:fb:2c:9c:c8:
e6:33:aa:c1:3b:59:5a:a6:cc:87:37:ab:50:fa:39:97:71:de:
94:18:b3:00:23:4c:e5:d7:55:0d:bd:e2:c6:39:e5:12:26:81:
4d:4d:6e:df:c8:69:cb:74:6e:e3:15:1b:08:c6:e3:5f:21:1a:
4a:22:7f:15:51:86:6c:aa:f1:bd:da:8c:76:bb:c1:9f:99:17:
bf:0c:14:ea:b2:b2:27:26:22:1d:83:11:15:b9:3b:93:00:38:
37:b1:af:54:d8:27:8a:5e:3b:a0:a6:7d:7f:79:0e:1a:d3:01:
71:51:dc:9c:b2:cd:25:71:e0:66:07:44:b0:cc:29:7f:61:3b:
93:15:7e:fa:87:5f:f4:54:89:b8:4a:ec:42:e1:07:65:d7:31:
47:75:3b:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZBJGaAiuAkrU1Wh5DjP2sRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwNjI0MDcxNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmVlNjQ2NDVkNzNlYzIwMjE0NTJhMDliZDAyNWYxOTFiY2I5OThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+wOHgwATD3JiN3GIOsGtT/KIr26S
/pbIKWUV5eoT8r+jnK1ut8QKgCbICwk/0jRoaN1lZetQLY/ICsFLpRTNqqIZoEil
pMB6xROdPXFUeeg5cyQANVhjrdvpidwsMZZzvIljImkpz63YE+3Yc0UsbaF3mmzf
FLL6t+/Ii+y7WZJouVH1+Kf2qjqeUzLTV9W+yQQF6vYbmYPVfRkRSNadVKJG0TZd
e76ZqkrQJoFfwc07n7DPb4tAltyyj1LRRVVJH4zil9WgYE5Eo/cmy8elvcZ/PC/a
alEDonaSgw3AHeLdqIogsdabJc8+ScJcM5PbKLpQ324mrNhBZ+XJYiz9WwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLLuZGRdc+wgIUUqCb0CXxkby5mNMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvc3U1a1pGMXo3Q0FoUlNvSnZRSmZHUnZMbVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiAIAwQA
Tp6nAwQAT4TYAwQAVm09MA0GCSqGSIb3DQEBCwUAA4IBAQCIgC4jytv6Pc+lGtPQ
3KmJlo4HFgY0HJsb13O8+NBegIBlr46WtHLknCOt/dvYqnjvUu5siUN/rCu7/C7J
2Bljfo97tU4hZJIBG9E1nEDoiVCZwK7Va5gY+F3WB1EuSfFdEHXL8+/wwPssnMjm
M6rBO1lapsyHN6tQ+jmXcd6UGLMAI0zl11UNveLGOeUSJoFNTW7fyGnLdG7jFRsI
xuNfIRpKIn8VUYZsqvG92ox2u8GfmRe/DBTqsrInJiIdgxEVuTuTADg3sa9U2CeK
Xjugpn1/eQ4a0wFxUdycss0lceBmB0SwzCl/YTuTFX76h1/0VIm4SuxC4Qdl1zFH
dTv1
-----END CERTIFICATE-----
Generated at Sun Oct 6 18:17:26 2024 by rpki-client on console-ams.rpki-client.org