Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/SDl1d_LwR3-jsQaFpaRJ3Ye-bkk.roa
File: SDl1d_LwR3-jsQaFpaRJ3Ye-bkk.roa (raw, json)
Hash identifier: omZ9VHEx9ao81dZNxJqdiG1TdfTjWgNa/X5v4anT2h4=
Subject key identifier: 48:39:75:77:F2:F0:47:7F:A3:B1:06:85:A5:A4:49:DD:87:BE:6E:49
Certificate issuer: /CN=1daf46a40c246d6540d992c321b1cc3623d65995
Certificate serial: 018EC1C059E260B9CF3F4CAD4C328E883FD6
Authority key identifier: 1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/SDl1d_LwR3-jsQaFpaRJ3Ye-bkk.roa
Signing time: Tue 09 Apr 2024 07:26:32 +0000
ROA not before: Tue 09 Apr 2024 07:26:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62370
IP address blocks: 5.104.224.0/21 maxlen: 21
37.148.160.0/21 maxlen: 21
77.95.224.0/21 maxlen: 21
78.41.200.0/21 maxlen: 21
89.207.128.0/21 maxlen: 21
128.204.192.0/20 maxlen: 20
185.62.56.0/22 maxlen: 22
193.33.60.0/23 maxlen: 23
193.34.166.0/23 maxlen: 23
195.20.204.0/24 maxlen: 24
195.20.205.0/24 maxlen: 24
2a00:7b80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c1:c0:59:e2:60:b9:cf:3f:4c:ad:4c:32:8e:88:3f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1daf46a40c246d6540d992c321b1cc3623d65995
Validity
Not Before: Apr 9 07:26:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48397577f2f0477fa3b10685a5a449dd87be6e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:97:65:40:61:08:4e:e0:fe:2c:b0:a2:2c:91:
1e:ca:81:66:ab:c2:5f:a1:bd:c5:12:46:f9:7e:5e:
2b:5b:82:db:a3:a7:da:80:a8:97:bf:15:35:59:d0:
9b:67:4f:e6:28:4b:d8:07:49:be:05:9b:05:f0:47:
ee:a7:06:54:58:2e:81:14:0c:6d:4d:20:f1:58:d9:
76:eb:55:c8:35:27:fd:61:02:7d:4a:d6:3a:e2:15:
07:c3:96:fc:ba:4f:94:7c:28:ad:79:7f:d9:e8:07:
bc:ee:b6:91:99:55:b6:e0:eb:11:d2:03:e7:a7:e8:
ed:6a:cf:10:c8:08:0f:ae:33:41:e4:16:b5:e5:66:
b0:00:22:6f:55:52:67:f0:b2:45:3b:35:a2:fd:68:
10:fc:e4:98:5b:f2:bb:3c:bd:b4:4a:f1:48:cf:9c:
7b:02:55:f2:62:17:6b:a7:29:4f:91:03:1b:79:f7:
d8:14:f3:b2:07:c8:41:e9:be:19:0c:60:af:df:e6:
9f:ec:8a:40:17:36:7f:19:8d:9b:cf:e2:55:b7:36:
f3:2e:05:9a:28:2e:a7:fb:dd:de:86:b9:d8:5a:ff:
df:c2:a9:95:e1:17:dd:5f:b0:9c:80:41:68:65:81:
16:8c:64:83:92:d4:a5:c4:45:31:70:57:b3:af:28:
95:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:39:75:77:F2:F0:47:7F:A3:B1:06:85:A5:A4:49:DD:87:BE:6E:49
X509v3 Authority Key Identifier:
keyid:1D:AF:46:A4:0C:24:6D:65:40:D9:92:C3:21:B1:CC:36:23:D6:59:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/SDl1d_LwR3-jsQaFpaRJ3Ye-bkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/44c0ef-5da6-4ff2-b5ef-79f048bd2a7a/1/Ha9GpAwkbWVA2ZLDIbHMNiPWWZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.224.0/21
37.148.160.0/21
77.95.224.0/21
78.41.200.0/21
89.207.128.0/21
128.204.192.0/20
185.62.56.0/22
193.33.60.0/23
193.34.166.0/23
195.20.204.0/23
IPv6:
2a00:7b80::/32
Signature Algorithm: sha256WithRSAEncryption
38:e9:d7:41:52:dc:8a:4a:84:90:34:46:35:0f:a2:f6:6e:1c:
39:dc:c2:d6:42:be:e4:6c:37:60:64:dd:e6:ed:6f:65:34:46:
ff:ae:58:3d:60:e5:6b:ce:29:c6:bf:b6:b1:1b:3a:80:8b:38:
5b:63:7e:42:79:b5:d9:be:94:a6:5d:db:cc:b4:17:50:60:12:
42:cf:bf:5d:5f:db:3e:09:ca:6d:11:d9:f6:2a:14:87:79:b0:
1a:d4:8d:78:db:ee:dd:d0:08:21:92:e7:91:c3:98:20:ee:06:
cc:83:16:ff:40:dd:3d:8e:9a:43:0a:4f:2e:94:f2:b9:22:1d:
2f:dc:67:99:e2:c7:b9:7c:3a:1f:27:02:58:6c:da:aa:ea:e6:
03:3d:0f:38:ad:3e:d6:63:22:40:0b:98:81:ec:eb:d1:44:34:
32:74:5b:40:34:58:15:21:1a:f8:0d:fe:eb:bb:47:03:8a:c8:
00:55:e9:7e:cf:81:e5:c8:51:97:3a:1a:90:de:ea:4c:b9:97:
92:48:93:ac:1a:e8:48:a2:ec:2e:f1:65:9a:bf:4a:4f:af:fe:
d5:d1:e0:73:43:64:0d:68:d1:20:89:2b:d0:02:ed:60:9d:c4:
1a:b3:71:d3:18:fd:cf:ad:46:c2:c0:29:78:d7:4b:ef:f6:eb:
0c:42:2d:d8
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY7BwFniYLnPP0ytTDKOiD/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYWY0NmE0MGMyNDZkNjU0MGQ5OTJjMzIxYjFjYzM2MjNk
NjU5OTUwHhcNMjQwNDA5MDcyNjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODM5NzU3N2YyZjA0NzdmYTNiMTA2ODVhNWE0NDlkZDg3YmU2ZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJdlQGEITuD+LLCiLJEeyoFmq8Jf
ob3FEkb5fl4rW4Lbo6fagKiXvxU1WdCbZ0/mKEvYB0m+BZsF8EfupwZUWC6BFAxt
TSDxWNl261XINSf9YQJ9StY64hUHw5b8uk+UfCiteX/Z6Ae87raRmVW24OsR0gPn
p+jtas8QyAgPrjNB5Ba15WawACJvVVJn8LJFOzWi/WgQ/OSYW/K7PL20SvFIz5x7
AlXyYhdrpylPkQMbeffYFPOyB8hB6b4ZDGCv3+af7IpAFzZ/GY2bz+JVtzbzLgWa
KC6n+93ehrnYWv/fwqmV4RfdX7CcgEFoZYEWjGSDktSlxEUxcFezryiVfQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFEg5dXfy8Ed/o7EGhaWkSd2Hvm5JMB8GA1UdIwQY
MBaAFB2vRqQMJG1lQNmSwyGxzDYj1lmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYt
NzlmMDQ4YmQyYTdhLzEvU0RsMWRfTHdSMy1qc1FhRnBhUkozWWUtYmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS80NGMwZWYtNWRhNi00ZmYyLWI1ZWYtNzlmMDQ4YmQyYTdh
LzEvSGE5R3BBd2tiV1ZBMlpMREliSE1OaVBXV1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBWjgAwQD
JZSgAwQDTV/gAwQDTinIAwQDWc+AAwQEgMzAAwQCuT44AwQBwSE8AwQBwSKmAwQB
wxTMMA0EAgACMAcDBQAqAHuAMA0GCSqGSIb3DQEBCwUAA4IBAQA46ddBUtyKSoSQ
NEY1D6L2bhw53MLWQr7kbDdgZN3m7W9lNEb/rlg9YOVrzinGv7axGzqAizhbY35C
ebXZvpSmXdvMtBdQYBJCz79dX9s+CcptEdn2KhSHebAa1I142+7d0AghkueRw5gg
7gbMgxb/QN09jppDCk8ulPK5Ih0v3GeZ4se5fDofJwJYbNqq6uYDPQ84rT7WYyJA
C5iB7OvRRDQydFtANFgVIRr4Df7ru0cDisgAVel+z4HlyFGXOhqQ3upMuZeSSJOs
GuhIouwu8WWav0pPr/7V0eBzQ2QNaNEgiSvQAu1gncQas3HTGP3PrUbCwCl410vv
9usMQi3Y
-----END CERTIFICATE-----
Generated at Tue May 28 14:21:52 2024 by rpki-client on console-fra.rpki-client.org