Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/rFm1vq8BqvY_GGOnLe_-WghGhV8.roa
File: rFm1vq8BqvY_GGOnLe_-WghGhV8.roa (raw, json)
Hash identifier: Yh+INgjfKAWwLwVpfmfJj6T3iGEP47HezkGAgipEHlI=
Subject key identifier: AC:59:B5:BE:AF:01:AA:F6:3F:18:63:A7:2D:EF:FE:5A:08:46:85:5F
Certificate issuer: /CN=0b9d86096a49110cf9bf670240b519315b66abcb
Certificate serial: 018CCA99A9C25C8B3875176A70B0E1ED015E
Authority key identifier: 0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/rFm1vq8BqvY_GGOnLe_-WghGhV8.roa
Signing time: Tue 02 Jan 2024 14:35:17 +0000
ROA not before: Tue 02 Jan 2024 14:35:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20559
IP address blocks: 185.122.116.0/22 maxlen: 24
194.213.112.0/23 maxlen: 24
5.172.40.0/21 maxlen: 24
31.200.208.0/21 maxlen: 24
91.224.248.0/23 maxlen: 24
45.13.164.0/22 maxlen: 24
46.226.88.0/21 maxlen: 24
185.51.56.0/22 maxlen: 24
45.133.196.0/22 maxlen: 24
193.37.204.0/22 maxlen: 24
185.46.64.0/22 maxlen: 24
193.187.188.0/22 maxlen: 24
45.146.124.0/22 maxlen: 24
88.218.152.0/22 maxlen: 24
185.113.84.0/22 maxlen: 24
46.19.216.0/21 maxlen: 24
91.218.148.0/22 maxlen: 24
93.186.176.0/20 maxlen: 24
85.209.108.0/22 maxlen: 24
2a03:3400::/32 maxlen: 48
2a00:d10::/32 maxlen: 48
2a06:6940::/29 maxlen: 48
2a04:a840::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:a9:c2:5c:8b:38:75:17:6a:70:b0:e1:ed:01:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b9d86096a49110cf9bf670240b519315b66abcb
Validity
Not Before: Jan 2 14:35:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac59b5beaf01aaf63f1863a72deffe5a0846855f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:64:66:20:2b:38:81:c9:38:16:a0:64:fb:1f:
01:05:14:13:e3:25:eb:c7:b0:4f:bb:fe:0c:46:8d:
9d:f9:7a:91:ab:f9:f7:a2:df:ca:8b:a9:dc:1d:39:
2c:cd:b8:ab:0d:2d:28:9e:17:72:67:d5:13:80:0c:
a7:1f:71:56:1f:e3:6d:1f:5a:76:48:ae:99:08:50:
ed:20:6b:0d:ea:f5:99:90:4b:83:24:f4:bc:03:62:
cf:07:d7:ba:54:47:14:fa:46:da:67:d4:7e:33:8b:
a5:5c:46:85:96:4d:e1:39:e7:93:65:3c:9f:aa:6f:
6d:3f:95:e6:71:78:fa:1a:52:bb:5e:bd:93:91:bd:
55:38:50:08:cb:78:d7:ab:3b:53:a6:38:86:1a:38:
5b:4b:8a:d7:50:f4:a5:fe:d7:a3:43:e7:c6:a6:9e:
4a:78:c9:d6:46:b7:3c:c3:11:f6:81:2f:5e:8c:e5:
6a:0a:56:83:84:bc:94:b8:48:0c:84:1d:de:44:fe:
f5:10:30:e7:e1:bb:d4:55:13:3a:3f:bf:dc:0c:b2:
f6:a8:b2:dc:f0:57:b9:de:1f:6e:dd:37:18:d3:c5:
f7:ad:37:34:98:72:c4:60:34:aa:79:de:fd:33:ae:
33:3d:bb:1b:27:be:ac:e5:b5:a6:93:e9:a2:0b:bc:
a1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:59:B5:BE:AF:01:AA:F6:3F:18:63:A7:2D:EF:FE:5A:08:46:85:5F
X509v3 Authority Key Identifier:
keyid:0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/rFm1vq8BqvY_GGOnLe_-WghGhV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.40.0/21
31.200.208.0/21
45.13.164.0/22
45.133.196.0/22
45.146.124.0/22
46.19.216.0/21
46.226.88.0/21
85.209.108.0/22
88.218.152.0/22
91.218.148.0/22
91.224.248.0/23
93.186.176.0/20
185.46.64.0/22
185.51.56.0/22
185.113.84.0/22
185.122.116.0/22
193.37.204.0/22
193.187.188.0/22
194.213.112.0/23
IPv6:
2a00:d10::/32
2a03:3400::/32
2a04:a840::/29
2a06:6940::/29
Signature Algorithm: sha256WithRSAEncryption
dc:5b:26:db:0b:7c:c7:8a:da:3f:f2:c3:e5:49:e2:cc:2c:ab:
77:d1:71:3b:3a:b2:5d:75:80:b5:3a:16:6d:b5:8b:65:18:87:
ca:26:39:46:2f:b9:46:0c:5f:42:fe:6e:68:b2:c8:60:b3:1a:
be:1b:03:05:8c:44:7d:48:a7:f1:43:54:45:d1:7e:13:85:08:
cc:84:52:00:fc:3c:a0:42:7e:0b:3d:48:bd:3b:a3:6c:bd:94:
39:2e:55:97:d3:17:e1:d2:41:80:4b:b6:43:dc:92:41:06:80:
53:b9:f5:35:30:fa:9d:22:ed:d5:01:46:8c:ee:7e:0d:0a:61:
ff:89:82:36:0d:43:bd:67:3d:ca:38:e7:f3:ef:7f:04:73:d9:
7e:26:b1:b0:60:ad:44:91:2f:a9:82:f8:94:6b:55:f9:c6:ca:
5d:d8:1b:7d:20:f1:4b:8d:4e:5d:ec:91:59:fd:7d:4d:d5:e6:
a1:f7:d7:69:aa:c1:c7:db:47:92:84:a7:53:7f:7f:7a:c8:89:
a1:a9:70:ea:1b:3c:4f:43:5d:76:aa:df:0a:da:a4:92:f1:cf:
f3:2b:cb:f9:8c:aa:58:93:dc:e3:4f:68:a0:f0:58:a7:90:0e:
d9:56:42:3e:31:a0:d0:39:c9:09:e4:68:8c:62:91:3f:e6:52:
35:28:e7:76
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYzKmanCXIs4dRdqcLDh7QFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOWQ4NjA5NmE0OTExMGNmOWJmNjcwMjQwYjUxOTMxNWI2
NmFiY2IwHhcNMjQwMTAyMTQzNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzU5YjViZWFmMDFhYWY2M2YxODYzYTcyZGVmZmU1YTA4NDY4NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGRmICs4gck4FqBk+x8BBRQT4yXr
x7BPu/4MRo2d+XqRq/n3ot/Ki6ncHTkszbirDS0onhdyZ9UTgAynH3FWH+NtH1p2
SK6ZCFDtIGsN6vWZkEuDJPS8A2LPB9e6VEcU+kbaZ9R+M4ulXEaFlk3hOeeTZTyf
qm9tP5XmcXj6GlK7Xr2Tkb1VOFAIy3jXqztTpjiGGjhbS4rXUPSl/tejQ+fGpp5K
eMnWRrc8wxH2gS9ejOVqClaDhLyUuEgMhB3eRP71EDDn4bvUVRM6P7/cDLL2qLLc
8Fe53h9u3TcY08X3rTc0mHLEYDSqed79M64zPbsbJ76s5bWmk+miC7yhTQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFKxZtb6vAar2Pxhjpy3v/loIRoVfMB8GA1UdIwQY
MBaAFAudhglqSREM+b9nAkC1GTFbZqvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUt
OGMxMDkwOWE0ODVjLzEvckZtMXZxOEJxdllfR0dPbkxlXy1XZ2hHaFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUtOGMxMDkwOWE0ODVj
LzEvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjB4BAIAATByAwQDBawo
AwQDH8jQAwQCLQ2kAwQCLYXEAwQCLZJ8AwQDLhPYAwQDLuJYAwQCVdFsAwQCWNqY
AwQCW9qUAwQBW+D4AwQEXbqwAwQCuS5AAwQCuTM4AwQCuXFUAwQCuXp0AwQCwSXM
AwQCwbu8AwQBwtVwMCIEAgACMBwDBQAqAA0QAwUAKgM0AAMFAyoEqEADBQMqBmlA
MA0GCSqGSIb3DQEBCwUAA4IBAQDcWybbC3zHito/8sPlSeLMLKt30XE7OrJddYC1
OhZttYtlGIfKJjlGL7lGDF9C/m5osshgsxq+GwMFjER9SKfxQ1RF0X4ThQjMhFIA
/DygQn4LPUi9O6NsvZQ5LlWX0xfh0kGAS7ZD3JJBBoBTufU1MPqdIu3VAUaM7n4N
CmH/iYI2DUO9Zz3KOOfz738Ec9l+JrGwYK1EkS+pgviUa1X5xspd2Bt9IPFLjU5d
7JFZ/X1N1eah99dpqsHH20eShKdTf396yImhqXDqGzxPQ112qt8K2qSS8c/zK8v5
jKpYk9zjT2ig8FinkA7ZVkI+MaDQOckJ5GiMYpE/5lI1KOd2
-----END CERTIFICATE-----
Generated at Tue Nov 26 10:15:57 2024 by rpki-client on console-ams.rpki-client.org