Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/T1POvqxZjrhkctwxQC1bSBJl6-k.roa
File: T1POvqxZjrhkctwxQC1bSBJl6-k.roa (raw, json)
Hash identifier: FLWQ12R2565JfGUBAThHtcRd1IN3C3HGuE4ejo223Wg=
Subject key identifier: 4F:53:CE:BE:AC:59:8E:B8:64:72:DC:31:40:2D:5B:48:12:65:EB:E9
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 018D36BB766FA260E2C2941F0E458978D95F
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/T1POvqxZjrhkctwxQC1bSBJl6-k.roa
Signing time: Tue 23 Jan 2024 14:31:11 +0000
ROA not before: Tue 23 Jan 2024 14:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49687
IP address blocks: 5.157.136.0/21 maxlen: 21
5.157.137.0/24 maxlen: 24
5.157.138.0/24 maxlen: 24
5.157.140.0/22 maxlen: 22
5.157.144.0/21 maxlen: 21
5.157.224.0/22 maxlen: 22
37.35.44.0/22 maxlen: 22
146.66.216.0/23 maxlen: 23
178.157.127.0/24 maxlen: 24
188.74.153.0/24 maxlen: 24
188.74.154.0/23 maxlen: 23
188.74.170.0/24 maxlen: 24
188.74.191.0/24 maxlen: 24
188.119.176.0/22 maxlen: 22
2a03:8800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:bb:76:6f:a2:60:e2:c2:94:1f:0e:45:89:78:d9:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 23 14:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f53cebeac598eb86472dc31402d5b481265ebe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9f:18:82:3b:fb:84:59:f0:55:f6:44:c5:14:
0b:2b:18:6b:87:18:6f:87:6e:c7:47:64:61:82:82:
7c:ae:30:3d:07:ee:c3:9f:d7:36:be:6b:0b:f2:ff:
6d:66:4d:c5:45:f7:1c:31:c6:3d:e2:64:3d:56:17:
4f:34:2c:70:e5:9b:24:9d:28:42:9e:fc:6c:6d:ee:
1b:4a:8f:9a:49:fd:6e:76:89:be:2d:f5:9c:48:08:
8c:25:85:7b:8b:b2:f6:43:ff:57:4c:2e:7f:30:36:
e9:ac:f6:f8:6d:a5:8c:a3:6c:cc:d6:17:4a:cb:8a:
3e:21:3c:cd:1b:30:b4:4d:ba:a1:80:4d:55:86:69:
a8:e7:6c:b0:e3:e8:e0:ae:8c:94:57:74:c4:46:e5:
cb:3d:0f:ef:1e:32:c0:b1:82:07:d6:fa:c2:da:85:
a1:b8:47:d4:af:70:ad:a7:5e:c0:17:2e:12:8a:b2:
9b:b4:8c:ce:19:b2:b6:ba:5c:59:ff:e8:0b:20:dc:
e4:8b:22:3c:76:2b:5b:97:f1:d3:a1:f0:1f:0b:4e:
00:4a:a3:74:89:34:4e:9f:09:42:f5:e6:da:3f:3d:
fd:a4:1a:93:16:dc:97:cb:42:65:d8:c7:12:f7:e9:
ca:c5:c7:c9:10:af:03:b2:ab:fa:df:14:7b:81:28:
a4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:53:CE:BE:AC:59:8E:B8:64:72:DC:31:40:2D:5B:48:12:65:EB:E9
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/T1POvqxZjrhkctwxQC1bSBJl6-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0-5.157.151.255
5.157.224.0/22
37.35.44.0/22
146.66.216.0/23
178.157.127.0/24
188.74.153.0-188.74.155.255
188.74.170.0/24
188.74.191.0/24
188.119.176.0/22
IPv6:
2a03:8800::/32
Signature Algorithm: sha256WithRSAEncryption
4a:5b:2d:20:07:cb:5f:69:c1:ca:87:e1:39:d0:54:a4:92:49:
27:13:50:f7:0d:de:a9:d9:49:a5:0e:c7:ca:94:49:d6:68:45:
ae:bf:35:e2:b0:5e:52:6a:9a:ea:84:4c:cb:69:09:14:c2:6a:
9c:74:d8:aa:a0:51:73:69:cb:62:34:39:d8:24:20:f0:98:f9:
47:2e:5e:d1:92:37:c0:a5:36:1d:46:73:03:9a:16:3a:7d:f3:
86:b8:82:ca:79:2c:df:73:9b:c5:56:19:16:49:07:17:87:af:
65:1f:a3:b2:52:65:26:a3:f4:f8:f5:96:16:48:ff:e3:b8:51:
49:26:79:60:65:fc:14:66:81:f0:6b:f8:79:c8:f0:a8:4e:da:
9e:49:03:24:18:ea:a2:89:be:c8:e0:1c:89:c6:d5:2d:f2:bd:
98:05:04:5a:dd:f5:16:0b:66:cf:61:02:dc:3f:8f:eb:33:7b:
15:a9:c7:95:29:27:e4:ab:26:20:79:5c:72:74:f2:b3:d5:8e:
c0:2a:4a:e3:1b:57:96:98:81:f1:05:d2:96:17:e4:70:cf:3c:
bf:8a:4a:e8:29:3e:b7:1e:26:02:6a:99:c8:e0:e4:a6:7b:2f:
d8:06:56:90:e8:34:89:04:a9:a3:16:a3:f7:6a:cf:dd:0c:93:
bd:3c:ad:c3
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAY02u3ZvomDiwpQfDkWJeNlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjQwMTIzMTQzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjUzY2ViZWFjNTk4ZWI4NjQ3MmRjMzE0MDJkNWI0ODEyNjVlYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp8Ygjv7hFnwVfZExRQLKxhrhxhv
h27HR2RhgoJ8rjA9B+7Dn9c2vmsL8v9tZk3FRfccMcY94mQ9VhdPNCxw5ZsknShC
nvxsbe4bSo+aSf1udom+LfWcSAiMJYV7i7L2Q/9XTC5/MDbprPb4baWMo2zM1hdK
y4o+ITzNGzC0TbqhgE1Vhmmo52yw4+jgroyUV3TERuXLPQ/vHjLAsYIH1vrC2oWh
uEfUr3Ctp17AFy4SirKbtIzOGbK2ulxZ/+gLINzkiyI8ditbl/HTofAfC04ASqN0
iTROnwlC9ebaPz39pBqTFtyXy0Jl2McS9+nKxcfJEK8Dsqv63xR7gSikjQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFE9Tzr6sWY64ZHLcMUAtW0gSZevpMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvVDFQT3ZxeFpqcmhrY3R3eFFDMWJTQkpsNi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGMAwDBAMFnYgD
BAMFnZADBAIFneADBAIlIywDBAGSQtgDBACynX8wDAMEALxKmQMEArxKmAMEALxK
qgMEALxKvwMEArx3sDANBAIAAjAHAwUAKgOIADANBgkqhkiG9w0BAQsFAAOCAQEA
SlstIAfLX2nByofhOdBUpJJJJxNQ9w3eqdlJpQ7HypRJ1mhFrr814rBeUmqa6oRM
y2kJFMJqnHTYqqBRc2nLYjQ52CQg8Jj5Ry5e0ZI3wKU2HUZzA5oWOn3zhriCynks
33ObxVYZFkkHF4evZR+jslJlJqP0+PWWFkj/47hRSSZ5YGX8FGaB8Gv4ecjwqE7a
nkkDJBjqoom+yOAcicbVLfK9mAUEWt31Fgtmz2EC3D+P6zN7FanHlSkn5KsmIHlc
cnTys9WOwCpK4xtXlpiB8QXSlhfkcM88v4pK6Ck+tx4mAmqZyODkpnsv2AZWkOg0
iQSpoxaj92rP3QyTvTytww==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:51:21 2024 by rpki-client on console-ams.rpki-client.org