Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/SBgokZDkMly_DAX3VytkxV8Yydc.roa
File: SBgokZDkMly_DAX3VytkxV8Yydc.roa (raw, json)
Hash identifier: IHt513Q2Ku1YrEdbuB4+iFoKsbOGyaUVwjoz3lUyzOE=
Subject key identifier: 48:18:28:91:90:E4:32:5C:BF:0C:05:F7:57:2B:64:C5:5F:18:C9:D7
Certificate issuer: /CN=3be2f0164b66a76795860b4ea3586fad563bac47
Certificate serial: 0191E9A23B0E56168444781B6D16C4806C4B
Authority key identifier: 3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/SBgokZDkMly_DAX3VytkxV8Yydc.roa
Signing time: Fri 13 Sep 2024 04:26:48 +0000
ROA not before: Fri 13 Sep 2024 04:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206264
IP address blocks: 2.57.214.0/24 maxlen: 24
2.57.215.0/24 maxlen: 24
5.183.209.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.139.122.0/24 maxlen: 24
80.251.152.0/23 maxlen: 24
89.249.49.0/24 maxlen: 24
93.123.72.0/24 maxlen: 24
94.156.33.0/24 maxlen: 24
185.177.74.0/24 maxlen: 24
185.177.75.0/24 maxlen: 24
185.191.124.0/24 maxlen: 24
185.191.125.0/24 maxlen: 24
185.191.126.0/24 maxlen: 24
185.191.127.0/24 maxlen: 24
2a0d:1000::/29 maxlen: 29
2a0d:1000::/30 maxlen: 30
2a0d:1004::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e9:a2:3b:0e:56:16:84:44:78:1b:6d:16:c4:80:6c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be2f0164b66a76795860b4ea3586fad563bac47
Validity
Not Before: Sep 13 04:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4818289190e4325cbf0c05f7572b64c55f18c9d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0b:0a:a9:8b:ef:14:bb:f0:c8:cc:d0:47:1f:
a5:00:4e:e9:30:de:66:a7:51:b4:be:09:24:2b:93:
88:0f:86:cf:f9:07:45:5f:10:f5:c3:a4:cf:f5:ef:
34:68:04:91:e0:e1:f5:c3:f3:c9:f5:d0:16:d4:ab:
1f:97:b4:bd:56:85:62:67:82:3c:76:56:6b:0c:f7:
56:91:85:e8:3a:0f:82:65:73:e6:25:1d:dd:00:c4:
a5:02:7e:5d:11:d5:77:58:85:53:13:99:48:32:c4:
2f:53:d1:7c:eb:3a:40:b7:ba:0a:bf:00:2d:3c:60:
ae:f3:86:be:52:9d:1d:26:56:a0:a2:25:c7:73:ac:
d3:c6:b8:bc:2d:5f:f0:9f:cf:74:dd:2e:5d:7c:3f:
61:1e:52:a3:b2:79:1f:2e:e7:00:5f:de:b8:c2:6b:
09:de:ed:af:cb:0c:67:dc:53:14:99:a0:82:47:d1:
96:34:b1:92:b2:85:0b:a7:e8:83:10:e7:63:00:39:
52:03:a0:14:9d:4c:a8:9e:ce:05:24:9c:3f:18:00:
ad:d1:c1:b6:e8:e2:8c:42:23:e0:8f:8e:e0:8e:f1:
30:a2:cc:a8:f2:5b:fe:53:8f:08:d5:1d:4f:8e:9a:
88:d8:3d:b9:86:df:f5:c4:0e:ff:67:74:2c:34:e2:
17:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:18:28:91:90:E4:32:5C:BF:0C:05:F7:57:2B:64:C5:5F:18:C9:D7
X509v3 Authority Key Identifier:
keyid:3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/SBgokZDkMly_DAX3VytkxV8Yydc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.214.0/23
5.183.209.0/24
45.129.84.0/24
45.139.122.0/24
80.251.152.0/23
89.249.49.0/24
93.123.72.0/24
94.156.33.0/24
185.177.74.0/23
185.191.124.0/22
IPv6:
2a0d:1000::/29
Signature Algorithm: sha256WithRSAEncryption
62:de:59:ff:1e:61:f0:25:12:38:24:92:07:a2:33:05:7b:12:
f7:3d:63:c4:13:c1:1c:c1:1c:e6:3f:a1:c0:08:6c:e6:8c:a3:
84:d1:f0:57:2a:2f:fc:bc:d7:5d:5a:52:50:9b:5f:16:65:ce:
15:b9:db:9a:70:ce:6d:08:c0:98:c8:8b:8e:22:17:4a:f1:f2:
90:2e:8c:0c:ce:0f:c0:51:fa:b8:54:35:07:99:72:82:ad:e8:
08:be:cb:e3:62:3f:a4:0e:32:6f:2a:25:ff:78:50:6e:fc:b8:
93:fe:d1:15:68:46:5a:24:aa:f3:52:d2:d0:44:44:65:50:fb:
8a:9b:1d:4d:61:39:ff:bb:8b:6e:0d:b2:5e:6e:49:9a:98:6e:
20:10:91:a8:4f:90:57:38:d2:36:09:e3:59:ec:4e:92:36:cb:
dc:29:73:43:b4:83:e3:07:f6:df:79:54:96:36:cd:5c:10:b9:
31:6b:96:de:19:9c:3c:e0:55:ee:dd:87:fb:ea:c2:bf:ea:34:
fc:c5:95:73:8e:04:03:ca:3f:16:87:af:7d:06:8e:04:77:da:
aa:37:20:ec:e4:a3:25:40:cb:f6:0a:50:2a:65:a0:67:5c:8d:
d1:19:25:f5:8f:6a:90:5a:5c:87:6a:68:9a:ee:8f:c4:8d:79:
a0:78:a7:94
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZHpojsOVhaERHgbbRbEgGxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTJmMDE2NGI2NmE3Njc5NTg2MGI0ZWEzNTg2ZmFkNTYz
YmFjNDcwHhcNMjQwOTEzMDQyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODE4Mjg5MTkwZTQzMjVjYmYwYzA1Zjc1NzJiNjRjNTVmMThjOWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAsKqYvvFLvwyMzQRx+lAE7pMN5m
p1G0vgkkK5OID4bP+QdFXxD1w6TP9e80aASR4OH1w/PJ9dAW1Ksfl7S9VoViZ4I8
dlZrDPdWkYXoOg+CZXPmJR3dAMSlAn5dEdV3WIVTE5lIMsQvU9F86zpAt7oKvwAt
PGCu84a+Up0dJlagoiXHc6zTxri8LV/wn8903S5dfD9hHlKjsnkfLucAX964wmsJ
3u2vywxn3FMUmaCCR9GWNLGSsoULp+iDEOdjADlSA6AUnUyons4FJJw/GACt0cG2
6OKMQiPgj47gjvEwosyo8lv+U48I1R1PjpqI2D25ht/1xA7/Z3QsNOIXUQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFEgYKJGQ5DJcvwwF91crZMVfGMnXMB8GA1UdIwQY
MBaAFDvi8BZLZqdnlYYLTqNYb61WO6xHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYt
ZjlhZDM4MDUxMjIwLzEvU0Jnb2taRGtNbHlfREFYM1Z5dGt4VjhZeWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYtZjlhZDM4MDUxMjIw
LzEvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQBAjnWAwQA
BbfRAwQALYFUAwQALYt6AwQBUPuYAwQAWfkxAwQAXXtIAwQAXpwhAwQBubFKAwQC
ub98MA0EAgACMAcDBQMqDRAAMA0GCSqGSIb3DQEBCwUAA4IBAQBi3ln/HmHwJRI4
JJIHojMFexL3PWPEE8EcwRzmP6HACGzmjKOE0fBXKi/8vNddWlJQm18WZc4Vudua
cM5tCMCYyIuOIhdK8fKQLowMzg/AUfq4VDUHmXKCregIvsvjYj+kDjJvKiX/eFBu
/LiT/tEVaEZaJKrzUtLQRERlUPuKmx1NYTn/u4tuDbJebkmamG4gEJGoT5BXONI2
CeNZ7E6SNsvcKXNDtIPjB/bfeVSWNs1cELkxa5beGZw84FXu3Yf76sK/6jT8xZVz
jgQDyj8Wh699Bo4Ed9qqNyDs5KMlQMv2ClAqZaBnXI3RGSX1j2qQWlyHamia7o/E
jXmgeKeU
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:55:00 2024 by rpki-client on console-ams.rpki-client.org