Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/sMb5OZgjg89ALeVR1cHVHEvK55E.roa
File: sMb5OZgjg89ALeVR1cHVHEvK55E.roa (raw, json)
Hash identifier: UGBvMpSjDSDd4iHW9CZiVTwzEwf5zk1T6LnFrFlDUC8=
Subject key identifier: B0:C6:F9:39:98:23:83:CF:40:2D:E5:51:D5:C1:D5:1C:4B:CA:E7:91
Certificate issuer: /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial: 0192B4A2BD2B5C56D32588BA6FA78590D1FC
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/sMb5OZgjg89ALeVR1cHVHEvK55E.roa
Signing time: Tue 22 Oct 2024 14:30:17 +0000
ROA not before: Tue 22 Oct 2024 14:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137409
IP address blocks: 5.180.179.0/24 maxlen: 24
31.217.248.0/24 maxlen: 24
185.137.164.0/24 maxlen: 24
193.35.228.0/24 maxlen: 24
2a11:53c0::/32 maxlen: 48
2a11:53c1::/32 maxlen: 48
2a11:53c2::/32 maxlen: 48
2a11:53c3::/32 maxlen: 48
2a11:53c4::/32 maxlen: 48
2a11:53c5::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:a2:bd:2b:5c:56:d3:25:88:ba:6f:a7:85:90:d1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Validity
Not Before: Oct 22 14:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0c6f939982383cf402de551d5c1d51c4bcae791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:dd:f2:ab:91:5b:61:c1:2c:b9:6d:46:ff:32:
75:41:f2:ee:7d:e0:ba:12:da:52:c1:5a:3e:c7:06:
8b:cb:f5:1f:7b:73:e8:fc:ca:f9:86:1f:44:2a:e4:
e9:8f:f0:7f:1d:cd:06:8a:28:93:56:ff:d2:37:ec:
83:04:81:ba:92:ea:5b:53:91:a0:9c:60:41:f7:46:
21:b9:d6:cf:94:14:a5:88:fe:7c:b4:7a:7d:ec:85:
d7:fd:98:d4:98:13:ee:aa:da:cb:db:29:12:54:fe:
17:67:36:0a:bc:d0:ed:04:ac:0b:24:f1:c0:f4:0e:
3b:fe:58:04:40:ec:fa:1c:91:ae:cc:68:17:ea:b0:
31:ce:68:cb:af:25:9b:d7:42:62:2a:65:41:d2:6f:
b5:ee:a8:ed:2a:0d:f0:19:af:81:92:83:b7:2d:bf:
9f:3d:7d:4d:68:2a:d2:22:eb:69:8b:87:f6:d9:ec:
4b:2d:38:c9:6e:37:39:b4:c2:b0:45:15:4d:19:c5:
07:32:bb:6e:42:ba:73:ad:1d:f6:65:e1:4b:b5:7e:
ac:f4:13:74:af:b5:98:af:7b:a4:82:00:76:62:09:
5f:7a:a1:6f:79:69:83:08:42:90:46:e3:33:bf:9a:
ce:53:f3:32:4b:0f:b6:3b:a2:02:4d:cc:97:37:a8:
20:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C6:F9:39:98:23:83:CF:40:2D:E5:51:D5:C1:D5:1C:4B:CA:E7:91
X509v3 Authority Key Identifier:
keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/sMb5OZgjg89ALeVR1cHVHEvK55E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.179.0/24
31.217.248.0/24
185.137.164.0/24
193.35.228.0/24
IPv6:
2a11:53c0::-2a11:53c5:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
90:44:78:1a:37:f7:12:20:50:46:d7:e1:05:c8:dc:99:55:05:
cd:b5:5f:0b:e1:c6:8c:28:0e:89:66:a5:f8:c6:70:ed:a4:c8:
ae:93:68:d7:4a:fa:1f:36:06:70:92:01:1a:5d:1d:23:d3:42:
06:a2:79:11:a6:c6:ab:4a:7e:83:64:77:cc:b8:e3:fc:63:3c:
16:46:d5:b3:b3:e9:69:ba:42:0d:88:04:17:b4:de:7b:41:0f:
b4:18:e7:01:9f:d2:94:25:44:64:30:21:05:88:e1:7a:c8:b4:
83:f3:12:97:fe:6b:59:33:ba:67:d5:c3:5b:ab:5b:5e:17:20:
db:6b:4c:55:c7:5a:1e:41:30:d5:c0:6d:af:30:6f:72:bf:af:
82:68:ac:fb:51:23:d0:87:66:dd:36:5a:71:c2:12:2a:2f:89:
12:d3:8b:85:99:4e:74:42:d4:c8:83:a8:03:d5:14:5a:c0:2b:
18:3f:d3:6a:55:99:ae:16:64:3f:61:6c:01:99:b8:f5:c7:b1:
eb:2b:d0:68:1a:ea:e5:50:f8:93:38:d1:c2:a0:65:8a:f0:69:
e5:c9:c6:db:70:0c:b4:54:8d:39:8b:23:bf:a7:fa:7d:1a:20:
15:3c:7a:6b:7d:52:e0:81:1b:87:fa:e6:37:de:d2:96:07:66:
95:39:c8:2b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZK0or0rXFbTJYi6b6eFkNH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjQxMDIyMTQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGM2ZjkzOTk4MjM4M2NmNDAyZGU1NTFkNWMxZDUxYzRiY2FlNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh93yq5FbYcEsuW1G/zJ1QfLufeC6
EtpSwVo+xwaLy/Ufe3Po/Mr5hh9EKuTpj/B/Hc0GiiiTVv/SN+yDBIG6kupbU5Gg
nGBB90YhudbPlBSliP58tHp97IXX/ZjUmBPuqtrL2ykSVP4XZzYKvNDtBKwLJPHA
9A47/lgEQOz6HJGuzGgX6rAxzmjLryWb10JiKmVB0m+17qjtKg3wGa+BkoO3Lb+f
PX1NaCrSIutpi4f22exLLTjJbjc5tMKwRRVNGcUHMrtuQrpzrR32ZeFLtX6s9BN0
r7WYr3ukggB2YglfeqFveWmDCEKQRuMzv5rOU/MySw+2O6ICTcyXN6ggzQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLDG+TmYI4PPQC3lUdXB1RxLyueRMB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvc01iNU9aZ2pnODlBTGVWUjFjSFZIRXZLNTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQABbSzAwQA
H9n4AwQAuYmkAwQAwSPkMBYEAgACMBAwDgMFBioRU8ADBQEqEVPEMA0GCSqGSIb3
DQEBCwUAA4IBAQCQRHgaN/cSIFBG1+EFyNyZVQXNtV8L4caMKA6JZqX4xnDtpMiu
k2jXSvofNgZwkgEaXR0j00IGonkRpsarSn6DZHfMuOP8YzwWRtWzs+lpukINiAQX
tN57QQ+0GOcBn9KUJURkMCEFiOF6yLSD8xKX/mtZM7pn1cNbq1teFyDba0xVx1oe
QTDVwG2vMG9yv6+CaKz7USPQh2bdNlpxwhIqL4kS04uFmU50QtTIg6gD1RRawCsY
P9NqVZmuFmQ/YWwBmbj1x7HrK9BoGurlUPiTONHCoGWK8GnlycbbcAy0VI05iyO/
p/p9GiAVPHprfVLggRuH+uY33tKWB2aVOcgr
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:28:12 2024 by rpki-client on console-ams.rpki-client.org