Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/aTfmYz8GmqcP31_370UD7s9LfuI.roa
File: aTfmYz8GmqcP31_370UD7s9LfuI.roa (raw, json)
Hash identifier: EZ6hZkFFwZ0OcJBMfy7r4xjIrXPGhMEBHydiAGCnAy0=
Subject key identifier: 69:37:E6:63:3F:06:9A:A7:0F:DF:5F:F7:EF:45:03:EE:CF:4B:7E:E2
Certificate issuer: /CN=f1bbf9bee531f3dee2d03bbf4e69ef82eedb99af
Certificate serial: 018CC64B0005490A548B1F12D2C1FC4DA576
Authority key identifier: F1:BB:F9:BE:E5:31:F3:DE:E2:D0:3B:BF:4E:69:EF:82:EE:DB:99:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bv5vuUx897i0Du_Tmnvgu7bma8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/aTfmYz8GmqcP31_370UD7s9LfuI.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199248
IP address blocks: 5.56.44.0/24 maxlen: 24
5.56.40.0/24 maxlen: 24
5.56.43.0/24 maxlen: 24
5.56.41.0/24 maxlen: 24
5.56.47.0/24 maxlen: 24
5.56.46.0/24 maxlen: 24
5.56.45.0/24 maxlen: 24
2a01:46c0::/33 maxlen: 33
2a01:46c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/8bv5vuUx897i0Du_Tmnvgu7bma8.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/8bv5vuUx897i0Du_Tmnvgu7bma8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8bv5vuUx897i0Du_Tmnvgu7bma8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:00:05:49:0a:54:8b:1f:12:d2:c1:fc:4d:a5:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1bbf9bee531f3dee2d03bbf4e69ef82eedb99af
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6937e6633f069aa70fdf5ff7ef4503eecf4b7ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:17:cf:cf:f0:c1:54:30:97:36:49:b8:6d:
83:62:46:41:d4:88:7f:d4:b8:46:d5:ff:cf:30:b4:
cb:ae:52:ef:3e:2e:88:ce:a9:ab:0f:75:f1:f3:b3:
fe:3d:7c:8b:4d:cb:dc:6b:79:05:54:a6:cf:22:f7:
ba:8b:c1:af:88:e2:d3:9c:17:2a:02:81:72:e5:f5:
d5:7e:b2:15:e2:9c:17:76:34:5f:33:16:90:70:32:
55:aa:be:03:34:d8:30:e0:02:25:4c:7b:72:10:21:
e8:9f:ae:e2:0c:98:cd:d8:a9:70:7d:dc:b2:a1:a1:
4d:9e:86:a0:59:e2:62:05:56:05:5f:68:f7:fa:06:
ab:ec:35:dc:24:60:d3:c4:12:ed:15:e6:87:eb:74:
18:ad:86:1c:e8:a3:10:e0:a3:19:0f:bf:e4:a9:8c:
15:53:f3:cc:51:d4:a2:12:30:89:2b:f8:64:9b:1d:
6e:20:13:70:0e:1c:ea:06:cd:c6:f3:30:a0:f3:c5:
82:5e:09:34:d9:a4:33:d2:2b:5f:47:45:e9:54:24:
b3:da:ea:aa:c6:00:c8:28:0b:ff:b5:48:15:e8:4f:
6c:75:0a:3d:52:ec:02:6a:7b:e2:79:7e:88:de:47:
0f:1c:b6:6f:9c:a0:da:1a:75:07:2d:d4:1d:ab:1b:
f4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:37:E6:63:3F:06:9A:A7:0F:DF:5F:F7:EF:45:03:EE:CF:4B:7E:E2
X509v3 Authority Key Identifier:
keyid:F1:BB:F9:BE:E5:31:F3:DE:E2:D0:3B:BF:4E:69:EF:82:EE:DB:99:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bv5vuUx897i0Du_Tmnvgu7bma8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/aTfmYz8GmqcP31_370UD7s9LfuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3f110b-dedb-490f-9e66-6fad08aa20ee/1/8bv5vuUx897i0Du_Tmnvgu7bma8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.40.0/23
5.56.43.0-5.56.47.255
IPv6:
2a01:46c0::/33
Signature Algorithm: sha256WithRSAEncryption
93:6d:e5:29:f6:4d:b1:8a:0e:e9:10:78:e8:22:46:8f:8f:59:
7d:71:32:40:01:2d:01:4b:0e:10:e0:86:8f:de:6e:cd:ad:c0:
c0:8c:97:82:a7:89:c3:e6:96:fb:d4:fc:94:47:8b:38:f3:34:
dd:9e:b9:7b:52:c5:f3:51:ab:bf:b0:7e:3e:bb:d4:fe:e3:83:
2f:ed:c7:e9:ad:da:ea:6c:1e:6e:07:8c:7c:b3:47:8a:78:31:
18:22:14:32:2e:83:cc:e6:96:47:97:13:87:d4:ee:67:ee:1d:
ac:5f:aa:02:c2:96:62:86:3d:77:56:7d:08:b3:30:59:47:0e:
69:cc:d9:95:93:bb:7a:b5:6e:a2:0f:dd:a8:a9:1a:5e:2a:b6:
38:c9:a2:b7:5e:ae:79:98:4a:4b:0c:aa:bc:c8:b6:4c:cc:4e:
31:46:1c:6e:9e:2b:ae:b7:a5:a2:b2:32:8e:d3:c0:db:e4:6c:
38:f1:c7:2e:37:39:65:dd:d8:51:86:42:89:85:3f:5d:36:72:
23:56:a2:8c:24:1b:f1:aa:c1:84:00:e7:fb:bb:8b:77:1b:1a:
02:3b:1f:05:40:14:ba:08:b4:d0:35:ee:04:5c:21:eb:61:48:
f4:3e:e0:41:ba:92:df:60:3c:96:b3:82:02:ee:5a:77:99:e8:
9f:85:29:d5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGSwAFSQpUix8S0sH8TaV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYmJmOWJlZTUzMWYzZGVlMmQwM2JiZjRlNjllZjgyZWVk
Yjk5YWYwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTM3ZTY2MzNmMDY5YWE3MGZkZjVmZjdlZjQ1MDNlZWNmNGI3ZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdAXz8/wwVQwlzZJuG2DYkZB1Ih/
1LhG1f/PMLTLrlLvPi6IzqmrD3Xx87P+PXyLTcvca3kFVKbPIve6i8GviOLTnBcq
AoFy5fXVfrIV4pwXdjRfMxaQcDJVqr4DNNgw4AIlTHtyECHon67iDJjN2Klwfdyy
oaFNnoagWeJiBVYFX2j3+gar7DXcJGDTxBLtFeaH63QYrYYc6KMQ4KMZD7/kqYwV
U/PMUdSiEjCJK/hkmx1uIBNwDhzqBs3G8zCg88WCXgk02aQz0itfR0XpVCSz2uqq
xgDIKAv/tUgV6E9sdQo9UuwCanvieX6I3kcPHLZvnKDaGnUHLdQdqxv0AwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGk35mM/BpqnD99f9+9FA+7PS37iMB8GA1UdIwQY
MBaAFPG7+b7lMfPe4tA7v05p74Lu25mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJ2NXZ1VXg4OTdpMER1X1RtbnZndTdibWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zZjExMGItZGVkYi00OTBmLTllNjYt
NmZhZDA4YWEyMGVlLzEvYVRmbVl6OEdtcWNQMzFfMzcwVUQ3czlMZnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zZjExMGItZGVkYi00OTBmLTllNjYtNmZhZDA4YWEyMGVl
LzEvOGJ2NXZ1VXg4OTdpMER1X1RtbnZndTdibWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUAwQBBTgoMAwD
BAAFOCsDBAQFOCAwDgQCAAIwCAMGByoBRsAAMA0GCSqGSIb3DQEBCwUAA4IBAQCT
beUp9k2xig7pEHjoIkaPj1l9cTJAAS0BSw4Q4IaP3m7NrcDAjJeCp4nD5pb71PyU
R4s48zTdnrl7UsXzUau/sH4+u9T+44Mv7cfprdrqbB5uB4x8s0eKeDEYIhQyLoPM
5pZHlxOH1O5n7h2sX6oCwpZihj13Vn0IszBZRw5pzNmVk7t6tW6iD92oqRpeKrY4
yaK3Xq55mEpLDKq8yLZMzE4xRhxuniuut6WisjKO08Db5Gw48ccuNzll3dhRhkKJ
hT9dNnIjVqKMJBvxqsGEAOf7u4t3GxoCOx8FQBS6CLTQNe4EXCHrYUj0PuBBupLf
YDyWs4IC7lp3meifhSnV
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:03:24 2024 by rpki-client on console-fra.rpki-client.org