Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/SOEskk18Pa5vDWI59w_g7ONbii0.roa
File: SOEskk18Pa5vDWI59w_g7ONbii0.roa (raw, json)
Hash identifier: /g+LaRwn2Z/MfFJ/kaxypyRm/EiZhj607iuNgojLs68=
Subject key identifier: 48:E1:2C:92:4D:7C:3D:AE:6F:0D:62:39:F7:0F:E0:EC:E3:5B:8A:2D
Certificate issuer: /CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Certificate serial: 018CC26D2C687C59EB835C9BFDF145502FAF
Authority key identifier: 58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/SOEskk18Pa5vDWI59w_g7ONbii0.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31673
IP address blocks: 185.111.120.0/22 maxlen: 24
185.2.24.0/22 maxlen: 24
80.247.160.0/20 maxlen: 24
193.239.88.0/22 maxlen: 24
185.139.148.0/22 maxlen: 24
85.255.208.0/20 maxlen: 24
81.26.208.0/20 maxlen: 24
87.237.96.0/21 maxlen: 24
94.126.64.0/21 maxlen: 24
62.148.160.0/19 maxlen: 24
81.93.48.0/20 maxlen: 24
2a02:728::/32 maxlen: 48
2a06:5dc0::/29 maxlen: 48
2001:16e8::/32 maxlen: 48
2a00:f80::/32 maxlen: 48
2a02:4640::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.mft
rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2c:68:7c:59:eb:83:5c:9b:fd:f1:45:50:2f:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48e12c924d7c3dae6f0d6239f70fe0ece35b8a2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:37:8d:5d:b3:d8:ee:c8:bc:91:fe:18:50:ec:
d4:34:a6:01:b3:c8:d6:4c:5a:cc:e8:ad:fb:a3:2b:
b9:cc:de:b3:5f:30:ff:82:77:67:b0:87:eb:de:7b:
a5:bf:15:b0:1f:d0:78:88:8d:d5:c4:8e:f9:91:ee:
68:88:03:43:60:65:d2:7c:6c:ec:c4:c2:81:00:83:
c8:99:15:11:c3:02:3a:3c:42:39:1f:7f:e2:ce:ce:
fd:9a:2f:6c:55:2d:ce:18:d5:f4:51:3e:15:53:9b:
fc:5e:94:e0:37:7f:fb:0a:9d:c7:57:85:f3:28:7e:
05:c3:84:32:07:e1:16:6f:0c:e8:f2:22:7b:ac:9c:
80:67:6d:37:52:1d:48:80:d6:2c:86:58:6e:49:8d:
8a:5f:63:fb:27:37:a3:c7:04:ea:d6:16:92:17:e3:
b3:49:ab:a0:3a:df:3a:b9:83:a2:a0:b3:1e:e3:f2:
75:ee:22:8f:00:00:f2:83:16:f6:24:4e:f0:70:6c:
41:f8:93:5f:ec:9d:ec:e3:98:eb:65:53:ba:0a:57:
87:d2:f7:85:d1:a4:cd:1b:df:05:56:08:7a:97:38:
a9:97:5d:5c:30:3b:09:e4:66:11:dc:5b:10:54:4c:
49:72:f7:2f:8e:98:30:23:38:03:13:52:5b:07:68:
80:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E1:2C:92:4D:7C:3D:AE:6F:0D:62:39:F7:0F:E0:EC:E3:5B:8A:2D
X509v3 Authority Key Identifier:
keyid:58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/SOEskk18Pa5vDWI59w_g7ONbii0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.160.0/19
80.247.160.0/20
81.26.208.0/20
81.93.48.0/20
85.255.208.0/20
87.237.96.0/21
94.126.64.0/21
185.2.24.0/22
185.111.120.0/22
185.139.148.0/22
193.239.88.0/22
IPv6:
2001:16e8::/32
2a00:f80::/32
2a02:728::/32
2a02:4640::/32
2a06:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
02:b5:a4:13:50:c1:0b:d1:a9:fa:44:16:e3:9a:b8:db:f6:2b:
5f:4a:02:24:56:1d:44:26:94:bf:a1:59:f6:1d:16:6f:43:81:
a2:67:bc:f6:b9:d1:59:85:59:9c:46:6e:63:7c:46:72:fc:74:
e7:ca:29:2a:8c:3a:aa:e0:c5:47:03:c6:4c:4e:b3:4e:bb:f3:
b6:14:16:70:7f:35:00:6e:76:30:09:a6:88:17:f3:00:0c:35:
27:78:3a:92:33:96:3a:3d:fd:86:f1:41:2a:6d:5c:59:6d:17:
d1:40:68:16:5c:ec:6f:b9:1e:bb:3e:4d:1a:12:1f:6b:7c:91:
e4:36:43:ff:58:f1:ec:1e:ab:2b:33:0c:48:49:db:32:96:47:
a5:4a:5e:99:c7:3f:59:6d:2a:c5:da:ee:92:96:2c:1c:30:27:
14:9c:30:1e:48:78:2a:0f:7b:60:1b:5e:53:9a:a6:a5:ec:71:
4e:64:a9:1a:4d:a1:5d:e9:b8:2b:7e:fb:ca:a3:fe:c2:1d:13:
72:3c:79:1d:fc:c5:7b:f4:64:58:0a:ca:d8:4b:5f:8a:6d:80:
a2:cd:54:87:fb:df:0a:d7:89:31:70:37:5d:04:be:b7:4b:c2:
0b:68:21:58:cf:f7:15:35:dc:fb:df:d3:43:30:29:ee:de:6a:
33:a5:9f:4c
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAYzCbSxofFnrg1yb/fFFUC+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjY3MTMxZDc2MGI1ZGIxZGU5OGVhMjBjMGY4MmZjMDFj
OWYxZDkwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGUxMmM5MjRkN2MzZGFlNmYwZDYyMzlmNzBmZTBlY2UzNWI4YTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jeNXbPY7si8kf4YUOzUNKYBs8jW
TFrM6K37oyu5zN6zXzD/gndnsIfr3nulvxWwH9B4iI3VxI75ke5oiANDYGXSfGzs
xMKBAIPImRURwwI6PEI5H3/izs79mi9sVS3OGNX0UT4VU5v8XpTgN3/7Cp3HV4Xz
KH4Fw4QyB+EWbwzo8iJ7rJyAZ203Uh1IgNYshlhuSY2KX2P7JzejxwTq1haSF+Oz
SaugOt86uYOioLMe4/J17iKPAADygxb2JE7wcGxB+JNf7J3s45jrZVO6CleH0veF
0aTNG98FVgh6lzipl11cMDsJ5GYR3FsQVExJcvcvjpgwIzgDE1JbB2iAmwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFEjhLJJNfD2ubw1iOfcP4OzjW4otMB8GA1UdIwQY
MBaAFFhmcTHXYLXbHemOogwPgvwByfHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQt
MjQ4MTEwNmY4YjI1LzEvU09Fc2trMThQYTV2RFdJNTl3X2c3T05iaWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQtMjQ4MTEwNmY4YjI1
LzEvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwSAQCAAEwQgMEBT6UoAME
BFD3oAMEBFEa0AMEBFFdMAMEBFX/0AMEA1ftYAMEA15+QAMEArkCGAMEArlveAME
ArmLlAMEAsHvWDApBAIAAjAjAwUAIAEW6AMFACoAD4ADBQAqAgcoAwUAKgJGQAMF
AyoGXcAwDQYJKoZIhvcNAQELBQADggEBAAK1pBNQwQvRqfpEFuOauNv2K19KAiRW
HUQmlL+hWfYdFm9DgaJnvPa50VmFWZxGbmN8RnL8dOfKKSqMOqrgxUcDxkxOs067
87YUFnB/NQBudjAJpogX8wAMNSd4OpIzljo9/YbxQSptXFltF9FAaBZc7G+5Hrs+
TRoSH2t8keQ2Q/9Y8eweqyszDEhJ2zKWR6VKXpnHP1ltKsXa7pKWLBwwJxScMB5I
eCoPe2AbXlOapqXscU5kqRpNoV3puCt++8qj/sIdE3I8eR38xXv0ZFgKythLX4pt
gKLNVIf73wrXiTFwN10EvrdLwgtoIVjP9xU13Pvf00MwKe7eajOln0w=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:22:42 2024 by rpki-client on console-fra.rpki-client.org