Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/W5giSNDmnJI0e9zdN3U7vGqWQj8.roa
File: W5giSNDmnJI0e9zdN3U7vGqWQj8.roa (raw, json)
Hash identifier: o35ZzoCl4bY3qgTRzeSYsVuiaU4VUybmfcXB/ks1yPc=
Subject key identifier: 5B:98:22:48:D0:E6:9C:92:34:7B:DC:DD:37:75:3B:BC:6A:96:42:3F
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018CC56E4EF78A5980B7F761A54198A50C78
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/W5giSNDmnJI0e9zdN3U7vGqWQj8.roa
Signing time: Mon 01 Jan 2024 14:29:49 +0000
ROA not before: Mon 01 Jan 2024 14:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7393
IP address blocks: 193.3.169.0/24 maxlen: 24
146.19.67.0/24 maxlen: 24
212.52.29.0/24 maxlen: 24
94.154.116.0/24 maxlen: 24
194.62.104.0/24 maxlen: 24
5.172.180.0/24 maxlen: 24
194.104.135.0/24 maxlen: 24
185.149.148.0/24 maxlen: 24
185.235.227.0/24 maxlen: 24
185.83.231.0/24 maxlen: 24
212.23.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:4e:f7:8a:59:80:b7:f7:61:a5:41:98:a5:0c:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Jan 1 14:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b982248d0e69c92347bdcdd37753bbc6a96423f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e6:d9:43:ee:ff:4f:bb:62:e0:6b:bc:d0:f7:
a5:e2:f9:d7:a8:75:00:ea:df:76:27:90:68:40:fc:
e1:56:b3:a2:ab:ca:b1:13:54:d9:8d:df:89:2c:64:
49:6b:9a:c6:73:d6:0e:c9:54:bd:b7:03:2e:68:28:
0a:ee:24:43:f1:0c:e9:25:19:e4:02:c8:d6:7f:27:
7f:fd:82:13:3c:8b:74:5f:64:59:f6:b2:9b:59:57:
0d:d7:27:a7:e2:5a:b7:14:36:0d:6c:2b:2d:e8:c7:
27:32:21:bb:ed:33:18:56:38:ab:02:b9:49:5d:26:
84:bd:80:56:0c:29:8e:8e:d4:7b:36:86:6b:e6:4c:
03:42:78:be:1b:05:2d:68:56:fb:08:9d:7d:84:2c:
d5:8f:09:04:a4:cf:b5:96:e3:0a:fb:ce:d3:69:3e:
91:61:6c:82:29:7d:3c:46:c3:d7:72:47:b5:94:57:
b6:40:3e:be:d8:38:f1:f7:a2:97:80:9d:64:62:93:
db:e9:22:be:d0:d8:76:ad:91:e6:1b:32:41:e9:9b:
72:47:21:1d:22:28:a2:9c:c4:7b:d2:24:fb:b8:e3:
6e:92:ae:42:b7:26:b1:08:95:97:cf:c0:35:24:ef:
77:ba:e2:73:f3:e2:bd:b2:ec:06:63:64:a0:13:d0:
7d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:98:22:48:D0:E6:9C:92:34:7B:DC:DD:37:75:3B:BC:6A:96:42:3F
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/W5giSNDmnJI0e9zdN3U7vGqWQj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.180.0/24
94.154.116.0/24
146.19.67.0/24
185.83.231.0/24
185.149.148.0/24
185.235.227.0/24
193.3.169.0/24
194.62.104.0/24
194.104.135.0/24
212.23.195.0/24
212.52.29.0/24
Signature Algorithm: sha256WithRSAEncryption
10:a9:3c:ea:f2:78:99:e8:38:ec:35:df:dc:d7:6c:25:35:ab:
60:fc:c4:09:f4:86:18:26:3e:b2:c7:f9:29:bc:17:21:0d:7c:
3e:49:0c:52:5c:51:9f:8c:fd:47:d8:7e:90:ba:a6:17:a2:7c:
36:6f:98:cc:33:2a:43:30:a7:02:7a:e2:30:f6:93:a0:dd:6b:
30:44:f9:4c:57:9b:1d:21:ec:99:69:24:a7:47:32:35:75:8d:
d7:07:70:1a:05:58:0c:ef:bd:e0:14:96:48:88:ac:65:a2:e5:
ad:6a:79:c6:78:1c:16:41:bc:f6:24:14:fb:bb:19:b5:b0:ff:
8e:b0:c6:77:4f:40:57:69:0a:e4:d0:56:35:bb:30:1d:be:1e:
2c:84:d0:d7:57:92:bb:95:6f:05:3d:18:d3:4c:90:40:d6:5e:
79:bb:eb:02:74:e1:7b:56:0a:d4:45:03:72:9b:49:ae:66:71:
44:8f:18:e5:04:a2:d5:99:56:7d:6b:88:91:54:36:2d:a5:ab:
82:16:fc:41:5b:da:69:93:9a:0d:db:48:1e:e7:93:5b:24:0c:
e8:8d:4e:96:c7:28:33:4e:34:83:19:ad:66:64:3e:2c:d1:e8:
30:8a:e0:d1:49:4f:6b:b5:fd:26:4c:c5:22:64:df:22:73:f0:
72:53:34:fa
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzFbk73ilmAt/dhpUGYpQx4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjQwMTAxMTQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yjk4MjI0OGQwZTY5YzkyMzQ3YmRjZGQzNzc1M2JiYzZhOTY0MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqObZQ+7/T7ti4Gu80Pel4vnXqHUA
6t92J5BoQPzhVrOiq8qxE1TZjd+JLGRJa5rGc9YOyVS9twMuaCgK7iRD8QzpJRnk
AsjWfyd//YITPIt0X2RZ9rKbWVcN1yen4lq3FDYNbCst6McnMiG77TMYVjirArlJ
XSaEvYBWDCmOjtR7NoZr5kwDQni+GwUtaFb7CJ19hCzVjwkEpM+1luMK+87TaT6R
YWyCKX08RsPXcke1lFe2QD6+2Djx96KXgJ1kYpPb6SK+0Nh2rZHmGzJB6ZtyRyEd
IiiinMR70iT7uONukq5CtyaxCJWXz8A1JO93uuJz8+K9suwGY2SgE9B9KwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFuYIkjQ5pySNHvc3Td1O7xqlkI/MB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvVzVnaVNORG1uSkkwZTl6ZE4zVTd2R3FXUWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQABay0AwQA
Xpp0AwQAkhNDAwQAuVPnAwQAuZWUAwQAuevjAwQAwQOpAwQAwj5oAwQAwmiHAwQA
1BfDAwQA1DQdMA0GCSqGSIb3DQEBCwUAA4IBAQAQqTzq8niZ6DjsNd/c12wlNatg
/MQJ9IYYJj6yx/kpvBchDXw+SQxSXFGfjP1H2H6QuqYXonw2b5jMMypDMKcCeuIw
9pOg3WswRPlMV5sdIeyZaSSnRzI1dY3XB3AaBVgM773gFJZIiKxlouWtannGeBwW
Qbz2JBT7uxm1sP+OsMZ3T0BXaQrk0FY1uzAdvh4shNDXV5K7lW8FPRjTTJBA1l55
u+sCdOF7VgrURQNym0muZnFEjxjlBKLVmVZ9a4iRVDYtpauCFvxBW9ppk5oN20ge
55NbJAzojU6WxygzTjSDGa1mZD4s0egwiuDRSU9rtf0mTMUiZN8ic/ByUzT6
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:47:39 2024 by rpki-client on console-ams.rpki-client.org