Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/AthG-9f70sxh4pLm55tSGWNjdV0.roa
File: AthG-9f70sxh4pLm55tSGWNjdV0.roa (raw, json)
Hash identifier: xdjLdD272YDRNk2nGZkYNsoo5tK350OgXXNU5qQvZ80=
Subject key identifier: 02:D8:46:FB:D7:FB:D2:CC:61:E2:92:E6:E7:9B:52:19:63:63:75:5D
Certificate issuer: /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial: 018EE5CE94679C74C880A43C4AAD3B9333A3
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/AthG-9f70sxh4pLm55tSGWNjdV0.roa
Signing time: Tue 16 Apr 2024 07:28:24 +0000
ROA not before: Tue 16 Apr 2024 07:28:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 178.236.224.0/23 maxlen: 24
178.236.226.0/24 maxlen: 24
178.236.227.0/24 maxlen: 24
178.236.233.0/24 maxlen: 24
178.236.235.0/24 maxlen: 24
178.236.236.0/24 maxlen: 24
178.236.238.0/23 maxlen: 24
185.2.49.0/24 maxlen: 24
185.2.50.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e5:ce:94:67:9c:74:c8:80:a4:3c:4a:ad:3b:93:33:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Validity
Not Before: Apr 16 07:28:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02d846fbd7fbd2cc61e292e6e79b52196363755d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4b:e5:45:75:df:7a:cf:d7:29:92:c2:13:b4:
49:5d:3d:23:fc:56:c5:24:7e:16:07:53:e2:0f:d5:
b8:24:17:1e:28:06:17:c9:3a:ff:1f:09:af:82:76:
9c:3e:64:5b:cf:a7:2a:fc:91:59:d8:33:4c:db:a1:
24:3c:4a:6e:62:22:37:5a:74:bf:5c:de:1e:1e:5f:
8b:1a:c6:b3:ba:67:f5:12:f6:8d:26:75:93:84:39:
8b:2f:64:91:40:9d:15:78:19:9e:ad:57:af:e5:0f:
98:e8:8a:b3:ee:3f:f5:19:03:9c:7c:df:43:1b:3b:
f9:79:28:59:3c:aa:c8:af:f1:f6:e9:1a:3b:0b:60:
ce:57:da:f2:ee:a0:80:e1:32:bc:0b:5a:9c:07:ad:
08:6a:e9:9b:7d:b2:bb:47:4a:bb:a1:23:a6:dc:53:
59:fd:15:ec:04:dc:78:84:f7:e6:6d:c5:d4:90:2f:
9a:91:6b:fe:d0:0d:95:53:e1:b6:18:23:af:f4:87:
04:60:d5:03:a8:0d:2b:a1:a2:e7:5f:9b:72:a4:d2:
17:12:54:e4:2c:2e:3a:8b:95:58:57:8f:35:e2:5c:
5c:de:bd:92:14:2c:4c:6b:da:ab:cc:25:38:55:51:
5d:7f:15:53:cf:3f:92:77:66:0a:50:2c:d9:92:df:
ef:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D8:46:FB:D7:FB:D2:CC:61:E2:92:E6:E7:9B:52:19:63:63:75:5D
X509v3 Authority Key Identifier:
keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/AthG-9f70sxh4pLm55tSGWNjdV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.224.0/22
178.236.233.0/24
178.236.235.0-178.236.236.255
178.236.238.0/23
185.2.49.0-185.2.51.255
Signature Algorithm: sha256WithRSAEncryption
3c:ed:10:9b:39:a3:1c:50:3a:6e:0b:43:24:cb:de:1d:39:c2:
7a:6e:c7:ac:ce:af:76:ea:42:ec:88:7b:c4:7e:1f:d4:b7:92:
25:25:2b:0e:49:d6:08:e3:f1:a0:de:40:26:c6:03:34:ee:fa:
16:ce:94:2d:51:8d:a1:a9:fa:f0:11:43:2b:58:9e:96:56:34:
4a:11:06:93:af:73:88:d0:3e:10:81:d9:36:dc:49:57:81:de:
a4:c1:6a:8e:ee:31:cd:e1:d0:45:4f:1e:61:0a:7a:98:83:49:
9d:db:b7:da:d9:05:a7:52:7d:a6:e5:7e:96:c8:4b:0c:e7:f2:
fa:a5:49:d2:b7:ab:0c:e5:42:fc:2b:2e:98:53:61:c8:7d:fe:
3b:e7:83:66:b6:43:6b:70:42:fe:ce:4e:0c:a3:99:c0:44:86:
23:24:a8:df:c6:23:68:8c:89:8a:62:df:93:ea:e1:7f:9d:d1:
58:f1:10:d0:6b:9e:3a:41:19:cb:82:83:40:18:cf:5b:b4:6c:
7b:5f:34:c9:00:83:a1:ef:cb:05:28:11:a4:d2:0c:c6:29:bc:
35:bc:b4:fc:d4:c0:e8:06:36:13:c9:7b:75:30:47:35:2a:1f:
aa:4a:a5:a7:10:d1:63:c6:9a:f2:f4:f6:e7:c0:14:b2:ab:1a:
ac:b5:da:e0
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY7lzpRnnHTIgKQ8Sq07kzOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjQwNDE2MDcyODI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQ4NDZmYmQ3ZmJkMmNjNjFlMjkyZTZlNzliNTIxOTYzNjM3NTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10vlRXXfes/XKZLCE7RJXT0j/FbF
JH4WB1PiD9W4JBceKAYXyTr/HwmvgnacPmRbz6cq/JFZ2DNM26EkPEpuYiI3WnS/
XN4eHl+LGsazumf1EvaNJnWThDmLL2SRQJ0VeBmerVev5Q+Y6Iqz7j/1GQOcfN9D
Gzv5eShZPKrIr/H26Ro7C2DOV9ry7qCA4TK8C1qcB60IaumbfbK7R0q7oSOm3FNZ
/RXsBNx4hPfmbcXUkC+akWv+0A2VU+G2GCOv9IcEYNUDqA0roaLnX5typNIXElTk
LC46i5VYV4814lxc3r2SFCxMa9qrzCU4VVFdfxVTzz+Sd2YKUCzZkt/v+wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFALYRvvX+9LMYeKS5uebUhljY3VdMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvQXRoRy05Zjcwc3hoNHBMbTU1dFNHV05qZFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCsuzgAwQA
suzpMAwDBACy7OsDBACy7OwDBAGy7O4wDAMEALkCMQMEArkCMDANBgkqhkiG9w0B
AQsFAAOCAQEAPO0QmzmjHFA6bgtDJMveHTnCem7HrM6vdupC7Ih7xH4f1LeSJSUr
DknWCOPxoN5AJsYDNO76Fs6ULVGNoan68BFDK1iellY0ShEGk69ziNA+EIHZNtxJ
V4HepMFqju4xzeHQRU8eYQp6mINJndu32tkFp1J9puV+lshLDOfy+qVJ0rerDOVC
/CsumFNhyH3+O+eDZrZDa3BC/s5ODKOZwESGIySo38YjaIyJimLfk+rhf53RWPEQ
0GueOkEZy4KDQBjPW7Rse180yQCDoe/LBSgRpNIMxim8Nby0/NTA6AY2E8l7dTBH
NSofqkqlpxDRY8aa8vT258AUsqsarLXa4A==
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:45:42 2024 by rpki-client on console-fra.rpki-client.org