Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/IV4FU-kJ5O9LSn_h8dWGS1x4t3M.roa
File: IV4FU-kJ5O9LSn_h8dWGS1x4t3M.roa (raw, json)
Hash identifier: 6OH5uGxWzXCpN5S3OtJ9jq6Ih10LiMPnXtRn/7a5F60=
Subject key identifier: 21:5E:05:53:E9:09:E4:EF:4B:4A:7F:E1:F1:D5:86:4B:5C:78:B7:73
Certificate issuer: /CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Certificate serial: 018CC5DC173BE143D0A370CDE7392957244D
Authority key identifier: 5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/IV4FU-kJ5O9LSn_h8dWGS1x4t3M.roa
Signing time: Mon 01 Jan 2024 16:29:44 +0000
ROA not before: Mon 01 Jan 2024 16:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43926
IP address blocks: 185.182.152.0/24 maxlen: 24
185.182.153.0/24 maxlen: 24
185.182.155.0/24 maxlen: 24
185.182.154.0/24 maxlen: 24
46.253.43.0/24 maxlen: 24
46.253.42.0/24 maxlen: 24
46.253.44.0/24 maxlen: 24
46.253.41.0/24 maxlen: 24
46.253.40.0/24 maxlen: 24
46.253.46.0/24 maxlen: 24
46.253.45.0/24 maxlen: 24
46.253.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:17:3b:e1:43:d0:a3:70:cd:e7:39:29:57:24:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Validity
Not Before: Jan 1 16:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=215e0553e909e4ef4b4a7fe1f1d5864b5c78b773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:63:c3:0a:30:e6:2e:f2:47:b4:ff:4b:19:c6:
ce:7c:3e:ab:24:a3:de:70:01:d5:96:74:bc:24:d4:
4c:f3:c8:c6:83:78:cb:ce:c1:65:6c:5d:59:b3:b9:
1c:a9:fc:8c:73:9d:6e:fa:75:c4:f8:fd:56:0c:c9:
11:1e:dc:1f:9b:48:a6:c8:5f:61:cd:a5:aa:f6:55:
80:85:63:85:24:cf:e9:cc:f2:fd:c5:04:f7:86:74:
e5:99:d7:d1:92:2b:63:58:ed:5a:47:a2:84:7f:64:
2d:37:01:77:3d:d8:f0:1e:ca:de:e3:99:30:16:ca:
cb:92:3e:01:8d:af:8e:21:40:09:c9:50:82:c2:03:
c4:58:41:d9:6a:3d:12:19:39:97:9f:a9:15:cb:93:
a7:b3:64:80:ca:d3:c2:2a:e5:3a:68:90:8d:1c:08:
e5:f4:5a:b7:8c:f1:22:5f:80:f6:7b:ce:3e:cc:ce:
fe:41:c5:f6:49:c2:8e:67:34:f0:99:22:7e:cd:b0:
fa:32:4c:dc:58:84:1d:86:92:53:88:d8:27:db:17:
72:40:6e:f3:c2:15:59:f7:c0:8c:3d:d2:aa:b6:27:
a5:1f:19:3c:c3:4d:cc:d6:1e:b5:ea:e5:13:44:15:
28:4e:bf:17:a7:f2:4f:eb:5b:14:dc:64:eb:27:e2:
4d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5E:05:53:E9:09:E4:EF:4B:4A:7F:E1:F1:D5:86:4B:5C:78:B7:73
X509v3 Authority Key Identifier:
keyid:5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/IV4FU-kJ5O9LSn_h8dWGS1x4t3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.40.0/21
185.182.152.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:e3:04:9a:63:ff:f5:16:82:6e:41:31:e3:8f:2c:6a:78:31:
c7:12:ed:14:8c:a2:0f:56:ac:c0:8d:14:52:6a:c9:62:4f:e2:
22:50:a3:38:ea:d9:e5:68:ab:b0:fc:28:86:91:cc:80:0b:01:
c2:e8:fd:7c:e1:78:2b:47:cc:02:b9:3f:ed:11:6d:b7:ff:a6:
69:fa:44:fa:79:ef:33:65:79:4e:1d:d1:0d:1f:ab:9d:65:62:
f6:f4:1e:f6:bf:8d:58:54:2c:2d:d5:46:c2:38:61:eb:a8:29:
0d:b4:0b:d9:c6:6d:b7:99:4f:a4:71:5d:fc:c0:8e:51:10:2e:
e1:82:19:c9:4f:f9:b0:c8:8c:1f:68:22:4d:5c:3d:ee:ba:35:
61:a8:bb:f2:86:9b:3f:ad:e7:af:8c:e5:e0:10:fe:2e:fa:f7:
cf:1a:ff:c4:ab:67:97:9c:ac:45:d3:13:2c:8e:8a:9d:e6:03:
a7:1c:26:09:f3:e0:73:66:fe:f2:3a:bc:d2:b0:1b:52:f0:1a:
4c:8a:ab:5e:4f:58:e4:7f:fd:c2:35:9c:10:d9:31:59:93:3b:
c7:af:97:13:59:8f:5f:0e:bd:ba:15:ae:af:e7:71:37:d1:0a:
1a:e4:54:f8:a1:ba:61:d7:91:43:ae:fc:09:e7:a5:51:97:6a:
61:5a:33:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3Bc74UPQo3DN5zkpVyRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYWEzNTQwMWU1Mjk3YjNiNTI3ZTg0ZjkzZWE4YWExMTBk
OTdiOTUwHhcNMjQwMTAxMTYyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTVlMDU1M2U5MDllNGVmNGI0YTdmZTFmMWQ1ODY0YjVjNzhiNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGPDCjDmLvJHtP9LGcbOfD6rJKPe
cAHVlnS8JNRM88jGg3jLzsFlbF1Zs7kcqfyMc51u+nXE+P1WDMkRHtwfm0imyF9h
zaWq9lWAhWOFJM/pzPL9xQT3hnTlmdfRkitjWO1aR6KEf2QtNwF3PdjwHsre45kw
FsrLkj4Bja+OIUAJyVCCwgPEWEHZaj0SGTmXn6kVy5Ons2SAytPCKuU6aJCNHAjl
9Fq3jPEiX4D2e84+zM7+QcX2ScKOZzTwmSJ+zbD6MkzcWIQdhpJTiNgn2xdyQG7z
whVZ98CMPdKqtielHxk8w03M1h616uUTRBUoTr8Xp/JP61sU3GTrJ+JNHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCFeBVPpCeTvS0p/4fHVhktceLdzMB8GA1UdIwQY
MBaAFFuqNUAeUpeztSfoT5PqiqEQ2XuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2Et
NDQwMDE3MDBiOGNhLzEvSVY0RlUta0o1TzlMU25faDhkV0dTMXg0dDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2EtNDQwMDE3MDBiOGNh
LzEvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLv0oAwQC
ubaYMA0GCSqGSIb3DQEBCwUAA4IBAQBb4wSaY//1FoJuQTHjjyxqeDHHEu0UjKIP
VqzAjRRSasliT+IiUKM46tnlaKuw/CiGkcyACwHC6P184XgrR8wCuT/tEW23/6Zp
+kT6ee8zZXlOHdENH6udZWL29B72v41YVCwt1UbCOGHrqCkNtAvZxm23mU+kcV38
wI5REC7hghnJT/mwyIwfaCJNXD3uujVhqLvyhps/reevjOXgEP4u+vfPGv/Eq2eX
nKxF0xMsjoqd5gOnHCYJ8+BzZv7yOrzSsBtS8BpMiqteT1jkf/3CNZwQ2TFZkzvH
r5cTWY9fDr26Fa6v53E30Qoa5FT4obph15FDrvwJ56VRl2phWjOD
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:50:27 2024 by rpki-client on console-fra.rpki-client.org