Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/SuThizNxL4uF7FJ_DhoocCFauMA.roa
File: SuThizNxL4uF7FJ_DhoocCFauMA.roa (raw, json)
Hash identifier: nPezC9dWynMzFX6tCBrCxGncfyMaTP0xvgQ2tjeEzRY=
Subject key identifier: 4A:E4:E1:8B:33:71:2F:8B:85:EC:52:7F:0E:1A:28:70:21:5A:B8:C0
Certificate issuer: /CN=bbbe9612d1440bc6c704e0465f0ef5d6ca7397a6
Certificate serial: 018CC86F0F2C26BE3083FE71E90513218AAB
Authority key identifier: BB:BE:96:12:D1:44:0B:C6:C7:04:E0:46:5F:0E:F5:D6:CA:73:97:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/SuThizNxL4uF7FJ_DhoocCFauMA.roa
Signing time: Tue 02 Jan 2024 04:29:30 +0000
ROA not before: Tue 02 Jan 2024 04:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31272
IP address blocks: 109.104.160.0/19 maxlen: 32
212.92.224.0/19 maxlen: 32
77.247.16.0/20 maxlen: 32
80.252.240.0/20 maxlen: 32
217.77.208.0/20 maxlen: 32
185.147.196.0/22 maxlen: 32
185.148.56.0/22 maxlen: 32
185.35.100.0/22 maxlen: 32
37.25.96.0/19 maxlen: 32
46.33.224.0/19 maxlen: 32
185.147.60.0/22 maxlen: 32
141.101.0.0/19 maxlen: 32
5.255.32.0/20 maxlen: 32
185.159.160.0/22 maxlen: 32
2a00:bc00::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/u76WEtFEC8bHBOBGXw711spzl6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/u76WEtFEC8bHBOBGXw711spzl6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:0f:2c:26:be:30:83:fe:71:e9:05:13:21:8a:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbbe9612d1440bc6c704e0465f0ef5d6ca7397a6
Validity
Not Before: Jan 2 04:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ae4e18b33712f8b85ec527f0e1a2870215ab8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ae:17:83:73:e9:33:d2:c6:0b:c0:46:75:77:
a0:62:f8:ef:8c:d2:c1:c4:55:fa:ab:60:fb:fe:23:
00:b5:45:22:e0:dc:eb:6e:63:79:c7:8e:59:4c:be:
14:81:53:6b:69:e1:20:14:ce:61:15:c1:1a:70:af:
e9:c5:0c:c8:15:98:be:2e:80:6a:14:08:0c:a1:1f:
81:b9:6e:5b:ea:a9:bc:fe:da:28:76:c3:ad:bd:a5:
83:30:9a:cf:0b:dd:69:92:b6:66:84:e9:e9:d8:e5:
dd:df:97:c0:4a:76:3b:dc:29:18:b9:a7:3c:f3:49:
7c:9f:67:0f:19:66:3e:10:ae:27:2b:17:6e:fc:f6:
26:b6:79:c6:ef:df:e5:9d:af:f5:29:eb:36:1f:90:
7d:b0:c7:0d:9c:9f:5c:03:af:82:61:b7:9f:10:a7:
f2:9a:c4:8a:47:4a:02:db:c0:31:0f:24:77:b3:96:
33:1d:8f:31:5c:a9:5a:c3:09:c8:d7:7b:8f:17:e4:
2b:7c:49:7b:94:5c:d6:bb:e7:52:47:c9:97:41:df:
73:75:a8:34:d0:13:cf:21:dc:44:2e:8e:57:30:42:
d6:4b:f0:2f:ae:43:ff:25:30:52:db:85:85:7e:1d:
f0:5b:45:ad:0f:74:b5:c5:40:c5:f1:be:42:04:51:
b2:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E4:E1:8B:33:71:2F:8B:85:EC:52:7F:0E:1A:28:70:21:5A:B8:C0
X509v3 Authority Key Identifier:
keyid:BB:BE:96:12:D1:44:0B:C6:C7:04:E0:46:5F:0E:F5:D6:CA:73:97:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u76WEtFEC8bHBOBGXw711spzl6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/SuThizNxL4uF7FJ_DhoocCFauMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/f2640a-46e7-4650-83c5-cc55b81302cf/1/u76WEtFEC8bHBOBGXw711spzl6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.32.0/20
37.25.96.0/19
46.33.224.0/19
77.247.16.0/20
80.252.240.0/20
109.104.160.0/19
141.101.0.0/19
185.35.100.0/22
185.147.60.0/22
185.147.196.0/22
185.148.56.0/22
185.159.160.0/22
212.92.224.0/19
217.77.208.0/20
IPv6:
2a00:bc00::/32
Signature Algorithm: sha256WithRSAEncryption
38:96:6a:f0:ef:9b:38:1e:ca:b1:d0:ed:31:19:59:ec:ea:0f:
c5:62:ad:f4:70:71:35:13:ce:e3:2d:fa:b7:72:61:3d:34:5f:
08:1a:cf:52:53:eb:2d:32:6f:4c:27:15:98:3b:e7:15:47:b1:
f2:6f:6e:67:b8:df:56:f2:b9:73:1d:f8:e0:4e:78:dd:30:b2:
d8:16:9b:88:6a:23:00:3d:76:20:13:29:47:a1:f5:e7:9b:d3:
de:a8:7b:70:ed:7a:85:36:d9:10:71:d5:3f:5a:c7:eb:f6:99:
5f:45:b7:7e:e6:55:cf:6b:49:04:65:95:8d:c5:b8:1d:a4:57:
72:de:1a:f7:14:7b:b3:ff:2f:5c:49:00:7c:f4:4b:2b:dc:2b:
fd:42:30:68:84:37:20:11:44:37:c2:9c:a0:c4:23:29:e0:29:
23:63:10:21:17:8e:ed:ea:2a:99:f0:35:78:f5:4f:f9:d8:9b:
5a:61:26:5c:68:55:ca:92:dc:ca:f5:09:98:e7:98:36:c7:96:
6c:a4:b8:24:88:1a:4d:81:4f:53:49:9b:a1:d7:3b:ce:f2:ae:
28:4b:68:da:f2:8e:a9:f3:26:6e:d2:b2:fb:41:cb:71:3d:df:
45:41:65:67:38:d7:29:00:75:49:e3:99:82:1b:b9:f7:0a:4f:
12:d0:6d:eb
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAYzIbw8sJr4wg/5x6QUTIYqrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYmU5NjEyZDE0NDBiYzZjNzA0ZTA0NjVmMGVmNWQ2Y2E3
Mzk3YTYwHhcNMjQwMTAyMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWU0ZTE4YjMzNzEyZjhiODVlYzUyN2YwZTFhMjg3MDIxNWFiOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgK4Xg3PpM9LGC8BGdXegYvjvjNLB
xFX6q2D7/iMAtUUi4NzrbmN5x45ZTL4UgVNraeEgFM5hFcEacK/pxQzIFZi+LoBq
FAgMoR+BuW5b6qm8/toodsOtvaWDMJrPC91pkrZmhOnp2OXd35fASnY73CkYuac8
80l8n2cPGWY+EK4nKxdu/PYmtnnG79/lna/1Kes2H5B9sMcNnJ9cA6+CYbefEKfy
msSKR0oC28AxDyR3s5YzHY8xXKlawwnI13uPF+QrfEl7lFzWu+dSR8mXQd9zdag0
0BPPIdxELo5XMELWS/AvrkP/JTBS24WFfh3wW0WtD3S1xUDF8b5CBFGyKQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFErk4YszcS+LhexSfw4aKHAhWrjAMB8GA1UdIwQY
MBaAFLu+lhLRRAvGxwTgRl8O9dbKc5emMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTc2V0V0RkVDOGJIQk9CR1h3NzExc3B6bDZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9mMjY0MGEtNDZlNy00NjUwLTgzYzUt
Y2M1NWI4MTMwMmNmLzEvU3VUaGl6TnhMNHVGN0ZKX0Rob29jQ0ZhdU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9mMjY0MGEtNDZlNy00NjUwLTgzYzUtY2M1NWI4MTMwMmNm
LzEvdTc2V0V0RkVDOGJIQk9CR1h3NzExc3B6bDZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQEBf8gAwQF
JRlgAwQFLiHgAwQETfcQAwQEUPzwAwQFbWigAwQFjWUAAwQCuSNkAwQCuZM8AwQC
uZPEAwQCuZQ4AwQCuZ+gAwQF1FzgAwQE2U3QMA0EAgACMAcDBQAqALwAMA0GCSqG
SIb3DQEBCwUAA4IBAQA4lmrw75s4Hsqx0O0xGVns6g/FYq30cHE1E87jLfq3cmE9
NF8IGs9SU+stMm9MJxWYO+cVR7Hyb25nuN9W8rlzHfjgTnjdMLLYFpuIaiMAPXYg
EylHofXnm9PeqHtw7XqFNtkQcdU/Wsfr9plfRbd+5lXPa0kEZZWNxbgdpFdy3hr3
FHuz/y9cSQB89Esr3Cv9QjBohDcgEUQ3wpygxCMp4CkjYxAhF47t6iqZ8DV49U/5
2JtaYSZcaFXKktzK9QmY55g2x5ZspLgkiBpNgU9TSZuh1zvO8q4oS2ja8o6p8yZu
0rL7QctxPd9FQWVnONcpAHVJ45mCG7n3Ck8S0G3r
-----END CERTIFICATE-----
Generated at Thu May 23 08:04:12 2024 by rpki-client on console-fra.rpki-client.org