Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/rhuSI9Q5UUxeIITFNWfnCf991-I.roa
File: rhuSI9Q5UUxeIITFNWfnCf991-I.roa (raw, json)
Hash identifier: N7cOlVC1/4bTtkX3GI7blrF2Wb8HdsY9MbfTMMh+pJw=
Subject key identifier: AE:1B:92:23:D4:39:51:4C:5E:20:84:C5:35:67:E7:09:FF:7D:D7:E2
Certificate issuer: /CN=9255218b69e551143c51fa1d919512e1a44c5c9d
Certificate serial: 018CC4254F0BA0AB16F46D3C0D44FADFE5E3
Authority key identifier: 92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/rhuSI9Q5UUxeIITFNWfnCf991-I.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47196
IP address blocks: 91.203.192.0/24 maxlen: 24
91.203.194.0/24 maxlen: 24
91.203.195.0/24 maxlen: 24
91.203.193.0/24 maxlen: 24
46.173.212.0/24 maxlen: 24
46.173.212.0/23 maxlen: 23
46.173.213.0/24 maxlen: 24
46.173.211.0/24 maxlen: 24
46.173.209.0/24 maxlen: 24
46.173.210.0/24 maxlen: 24
46.173.217.0/24 maxlen: 24
46.173.214.0/23 maxlen: 23
46.173.214.0/24 maxlen: 24
46.173.215.0/24 maxlen: 24
46.173.218.0/23 maxlen: 23
46.173.218.0/24 maxlen: 24
45.143.137.0/24 maxlen: 24
46.173.219.0/24 maxlen: 24
46.173.216.0/24 maxlen: 24
46.173.216.0/23 maxlen: 23
45.143.136.0/24 maxlen: 24
45.143.138.0/24 maxlen: 24
45.143.139.0/24 maxlen: 24
45.143.136.0/22 maxlen: 22
46.173.223.0/24 maxlen: 24
195.128.120.0/22 maxlen: 22
195.128.121.0/24 maxlen: 24
195.128.120.0/24 maxlen: 24
195.128.124.0/24 maxlen: 24
195.128.124.0/22 maxlen: 22
195.128.125.0/24 maxlen: 24
195.128.122.0/24 maxlen: 24
195.128.123.0/24 maxlen: 24
195.128.127.0/24 maxlen: 24
195.128.126.0/24 maxlen: 24
2a0f:6f80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/klUhi2nlURQ8UfodkZUS4aRMXJ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/klUhi2nlURQ8UfodkZUS4aRMXJ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4f:0b:a0:ab:16:f4:6d:3c:0d:44:fa:df:e5:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9255218b69e551143c51fa1d919512e1a44c5c9d
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae1b9223d439514c5e2084c53567e709ff7dd7e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b4:7f:17:14:c4:57:0d:24:b1:7d:18:ad:1d:
2b:96:c7:6e:dd:aa:97:67:1d:e9:2d:55:b6:d7:10:
ac:f1:aa:73:3c:e2:b8:fe:62:79:27:e8:6a:4e:cc:
82:49:f4:7d:da:40:64:f6:85:b9:12:97:94:e8:1c:
56:a8:db:f3:ae:1a:18:3d:7c:e6:7d:c2:11:89:86:
c4:2c:37:73:65:73:1d:aa:fc:ae:36:b7:f0:7a:7f:
15:cf:08:7b:6a:f2:e6:21:40:fb:b6:5a:f7:3a:9c:
3b:11:66:ab:86:5c:95:ce:e6:ef:c0:cb:fb:39:5d:
ca:9b:51:48:a1:bf:96:39:3e:28:dc:8d:de:7a:40:
85:08:ce:0a:44:f6:59:7c:a5:c3:84:6c:7b:e3:d9:
3a:41:30:93:c6:1e:88:35:ff:ea:b9:81:e9:74:88:
ee:f7:7e:c6:28:85:58:68:19:da:f7:20:dd:93:60:
9a:24:e6:f5:f9:26:d7:0d:4d:f3:fb:98:c7:bc:7e:
63:d6:da:dc:bb:95:dc:46:d0:1c:b7:94:b7:3a:11:
5c:20:2d:cf:70:f2:ef:39:01:05:cd:8d:52:bb:30:
5f:75:d1:7d:9f:32:97:40:44:a5:29:43:d9:3b:2d:
94:6c:ef:a0:71:fb:57:3e:db:db:70:33:5f:fb:bd:
3e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1B:92:23:D4:39:51:4C:5E:20:84:C5:35:67:E7:09:FF:7D:D7:E2
X509v3 Authority Key Identifier:
keyid:92:55:21:8B:69:E5:51:14:3C:51:FA:1D:91:95:12:E1:A4:4C:5C:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klUhi2nlURQ8UfodkZUS4aRMXJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/rhuSI9Q5UUxeIITFNWfnCf991-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/482896-826a-4bed-b14f-affba2df3d62/1/klUhi2nlURQ8UfodkZUS4aRMXJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.136.0/22
46.173.209.0-46.173.219.255
46.173.223.0/24
91.203.192.0/22
195.128.120.0/21
IPv6:
2a0f:6f80::/29
Signature Algorithm: sha256WithRSAEncryption
1f:b8:7f:52:ef:b7:eb:b3:c6:1d:47:32:0a:fc:4c:a3:25:60:
84:d2:20:a0:de:eb:17:f1:4a:26:33:0a:af:78:e7:80:a0:d2:
08:9e:41:2d:24:23:da:3b:7a:37:73:17:0d:ae:7c:34:1a:62:
3f:8b:e4:0c:59:ea:d4:3e:24:37:9f:d2:83:c2:f3:0c:07:ce:
f5:d6:7d:56:f6:d4:8e:94:02:6e:ba:7f:ca:30:c6:7d:f9:97:
db:d6:c8:f0:1f:31:4e:15:fe:49:a1:26:2e:9f:d4:64:2b:2b:
36:26:bc:6a:36:6e:d6:4c:81:9c:4d:18:1e:62:92:17:81:2d:
b5:56:91:a7:30:af:d6:84:e5:d5:b4:f1:44:3c:c9:75:c1:f5:
96:c7:09:da:59:2e:3e:3a:e7:e2:00:af:f5:73:ac:61:a2:32:
ca:ac:19:9c:68:c2:bc:67:cb:ff:24:f9:b2:ed:d8:12:8a:64:
62:b2:55:e0:01:73:f0:5b:f4:b7:f1:fe:c7:cb:3f:55:d6:5a:
7b:e2:6b:40:da:fb:0c:4e:60:06:27:54:4e:d3:d6:38:f1:3d:
1e:4b:ba:2f:79:da:0d:74:0b:31:de:8b:e1:21:6f:87:99:5c:
40:e9:00:36:6b:de:68:54:18:31:8f:c4:32:28:86:47:6c:75:
00:68:00:1d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzEJU8LoKsW9G08DUT63+XjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyNTUyMThiNjllNTUxMTQzYzUxZmExZDkxOTUxMmUxYTQ0
YzVjOWQwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFiOTIyM2Q0Mzk1MTRjNWUyMDg0YzUzNTY3ZTcwOWZmN2RkN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrR/FxTEVw0ksX0YrR0rlsdu3aqX
Zx3pLVW21xCs8apzPOK4/mJ5J+hqTsyCSfR92kBk9oW5EpeU6BxWqNvzrhoYPXzm
fcIRiYbELDdzZXMdqvyuNrfwen8Vzwh7avLmIUD7tlr3Opw7EWarhlyVzubvwMv7
OV3Km1FIob+WOT4o3I3eekCFCM4KRPZZfKXDhGx749k6QTCTxh6INf/quYHpdIju
937GKIVYaBna9yDdk2CaJOb1+SbXDU3z+5jHvH5j1trcu5XcRtAct5S3OhFcIC3P
cPLvOQEFzY1SuzBfddF9nzKXQESlKUPZOy2UbO+gcftXPtvbcDNf+70+jwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFK4bkiPUOVFMXiCExTVn5wn/fdfiMB8GA1UdIwQY
MBaAFJJVIYtp5VEUPFH6HZGVEuGkTFydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2xVaGkybmxVUlE4VWZvZGtaVVM0YVJNWEowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80ODI4OTYtODI2YS00YmVkLWIxNGYt
YWZmYmEyZGYzZDYyLzEvcmh1U0k5UTVVVXhlSUlURk5XZm5DZjk5MS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80ODI4OTYtODI2YS00YmVkLWIxNGYtYWZmYmEyZGYzZDYy
LzEva2xVaGkybmxVUlE4VWZvZGtaVVM0YVJNWEowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCLY+IMAwD
BAAurdEDBAIurdgDBAAurd8DBAJby8ADBAPDgHgwDQQCAAIwBwMFAyoPb4AwDQYJ
KoZIhvcNAQELBQADggEBAB+4f1Lvt+uzxh1HMgr8TKMlYITSIKDe6xfxSiYzCq94
54Cg0gieQS0kI9o7ejdzFw2ufDQaYj+L5AxZ6tQ+JDef0oPC8wwHzvXWfVb21I6U
Am66f8owxn35l9vWyPAfMU4V/kmhJi6f1GQrKzYmvGo2btZMgZxNGB5ikheBLbVW
kacwr9aE5dW08UQ8yXXB9ZbHCdpZLj465+IAr/VzrGGiMsqsGZxowrxny/8k+bLt
2BKKZGKyVeABc/Bb9Lfx/sfLP1XWWnvia0Da+wxOYAYnVE7T1jjxPR5Lui952g10
CzHei+Ehb4eZXEDpADZr3mhUGDGPxDIohkdsdQBoAB0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:39 2024 by rpki-client on console-fra.rpki-client.org