Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/m5jR3Hta1q0XEtKmUkRA_DG_UUc.roa
File: m5jR3Hta1q0XEtKmUkRA_DG_UUc.roa (raw, json)
Hash identifier: iddOC8ev9d69WwmvUYyCj7AjlR4GSK3MQN8L0J5no8I=
Subject key identifier: 9B:98:D1:DC:7B:5A:D6:AD:17:12:D2:A6:52:44:40:FC:31:BF:51:47
Certificate issuer: /CN=449b18e3296d795d3a9c959be25c70aaab365200
Certificate serial: 018CC492F486291954353274A0B968029B42
Authority key identifier: 44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/m5jR3Hta1q0XEtKmUkRA_DG_UUc.roa
Signing time: Mon 01 Jan 2024 10:30:14 +0000
ROA not before: Mon 01 Jan 2024 10:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49808
IP address blocks: 63.247.208.0/20 maxlen: 24
185.21.96.0/22 maxlen: 23
162.211.104.0/22 maxlen: 24
109.68.104.0/21 maxlen: 21
185.44.210.0/23 maxlen: 24
198.89.232.0/21 maxlen: 24
5.159.0.0/21 maxlen: 22
139.178.96.0/19 maxlen: 19
85.193.160.0/20 maxlen: 24
31.193.160.0/21 maxlen: 21
85.118.184.0/21 maxlen: 21
185.16.112.0/22 maxlen: 22
89.249.184.0/21 maxlen: 21
86.109.24.0/21 maxlen: 24
145.40.32.0/19 maxlen: 24
193.41.207.0/24 maxlen: 24
162.213.160.0/22 maxlen: 24
194.107.144.0/24 maxlen: 32
2a03:c100::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/RJsY4ylteV06nJWb4lxwqqs2UgA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/RJsY4ylteV06nJWb4lxwqqs2UgA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:f4:86:29:19:54:35:32:74:a0:b9:68:02:9b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=449b18e3296d795d3a9c959be25c70aaab365200
Validity
Not Before: Jan 1 10:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b98d1dc7b5ad6ad1712d2a6524440fc31bf5147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:95:c1:8e:08:c4:1d:13:2d:a3:af:ac:e4:24:
46:d4:60:bd:1d:df:49:68:52:d8:3a:48:26:7e:3b:
37:8f:75:40:82:90:cd:62:f3:1d:7a:a2:03:ce:c8:
7f:c6:90:c8:c5:7d:55:b6:17:fc:87:b9:88:11:05:
89:ac:7d:6e:b3:43:af:ef:c3:10:5b:a0:0b:e3:cc:
4a:13:71:a8:1d:30:65:a2:08:d0:60:e7:12:1a:e3:
e4:df:0f:70:07:f4:ae:dc:ea:14:ea:94:07:71:de:
d9:35:b8:f5:de:88:c1:1c:2b:5a:0e:cc:12:3f:44:
58:29:8e:3f:09:de:57:aa:b6:ff:9a:42:aa:74:ec:
66:8e:fa:bc:69:e2:4e:18:2d:f1:61:54:d8:f5:0a:
76:99:20:18:3e:b0:0b:56:7f:c0:a2:24:67:a3:c0:
50:8e:a5:68:ec:fe:bb:4a:f5:35:18:4b:d5:50:76:
4c:69:af:10:25:0c:5e:6e:f0:f0:9b:a5:c6:8a:54:
b5:8e:6c:be:3b:af:f1:da:92:88:20:83:73:29:11:
f5:bb:ff:16:a2:24:b1:7a:7b:67:ec:ce:6e:05:11:
ab:b4:0d:60:51:7d:4e:c5:e2:35:41:bf:74:0d:1b:
f2:15:d0:51:64:7b:db:e2:93:f1:58:f2:f4:44:cd:
02:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:98:D1:DC:7B:5A:D6:AD:17:12:D2:A6:52:44:40:FC:31:BF:51:47
X509v3 Authority Key Identifier:
keyid:44:9B:18:E3:29:6D:79:5D:3A:9C:95:9B:E2:5C:70:AA:AB:36:52:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RJsY4ylteV06nJWb4lxwqqs2UgA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/m5jR3Hta1q0XEtKmUkRA_DG_UUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/fb39ed-7c73-4478-901d-65a899a60366/1/RJsY4ylteV06nJWb4lxwqqs2UgA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.0.0/21
31.193.160.0/21
63.247.208.0/20
85.118.184.0/21
85.193.160.0/20
86.109.24.0/21
89.249.184.0/21
109.68.104.0/21
139.178.96.0/19
145.40.32.0/19
162.211.104.0/22
162.213.160.0/22
185.16.112.0/22
185.21.96.0/22
185.44.210.0/23
193.41.207.0/24
194.107.144.0/24
198.89.232.0/21
IPv6:
2a03:c100::/32
Signature Algorithm: sha256WithRSAEncryption
43:49:43:af:c3:11:53:5d:a7:f3:eb:a6:64:47:64:d0:f2:f1:
13:67:90:bb:d1:ff:ab:23:66:cc:cd:77:b3:9f:14:43:42:a5:
bf:be:0f:a8:6b:a4:68:8f:f1:ef:77:5f:c1:40:99:55:ac:32:
08:89:08:68:d5:3f:b8:bb:0a:61:f5:d6:a0:b0:29:74:d6:7f:
18:0a:ea:4c:8b:65:33:25:3f:1e:75:c2:45:9c:6f:7c:7f:30:
8a:4e:d9:35:a6:7c:52:b9:14:71:5a:9d:10:a0:6d:d7:55:9d:
80:45:8a:ef:76:e8:50:d7:92:ee:d3:d6:94:b4:7a:11:c4:ac:
cb:0a:13:be:d6:6e:33:2f:7b:d3:88:32:6e:ee:f2:f4:53:8a:
e9:90:99:b2:ab:5a:4a:ae:89:5b:03:cb:67:ae:f1:bb:cc:63:
17:bf:3d:ff:7a:99:fc:2b:e0:fc:06:4b:91:4a:6a:28:20:7c:
48:56:dc:4a:ed:10:7a:d4:63:64:cc:99:0b:6a:1d:63:0f:28:
86:c1:eb:a7:74:bc:76:a2:9f:fd:64:19:6c:92:ba:9e:48:ad:
90:47:72:82:20:b4:8c:93:09:4e:27:1a:4e:7d:ce:90:e4:bf:
4a:10:c2:b3:18:08:e8:bc:f3:6d:3b:31:9f:26:0a:f3:86:f9:
3c:83:bd:72
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYzEkvSGKRlUNTJ0oLloAptCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OWIxOGUzMjk2ZDc5NWQzYTljOTU5YmUyNWM3MGFhYWIz
NjUyMDAwHhcNMjQwMTAxMTAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjk4ZDFkYzdiNWFkNmFkMTcxMmQyYTY1MjQ0NDBmYzMxYmY1MTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpXBjgjEHRMto6+s5CRG1GC9Hd9J
aFLYOkgmfjs3j3VAgpDNYvMdeqIDzsh/xpDIxX1Vthf8h7mIEQWJrH1us0Ov78MQ
W6AL48xKE3GoHTBlogjQYOcSGuPk3w9wB/Su3OoU6pQHcd7ZNbj13ojBHCtaDswS
P0RYKY4/Cd5Xqrb/mkKqdOxmjvq8aeJOGC3xYVTY9Qp2mSAYPrALVn/AoiRno8BQ
jqVo7P67SvU1GEvVUHZMaa8QJQxebvDwm6XGilS1jmy+O6/x2pKIIINzKRH1u/8W
oiSxentn7M5uBRGrtA1gUX1OxeI1Qb90DRvyFdBRZHvb4pPxWPL0RM0CHQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFJuY0dx7WtatFxLSplJEQPwxv1FHMB8GA1UdIwQY
MBaAFESbGOMpbXldOpyVm+JccKqrNlIAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQt
NjVhODk5YTYwMzY2LzEvbTVqUjNIdGExcTBYRXRLbVVrUkFfREdfVVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC9mYjM5ZWQtN2M3My00NDc4LTkwMWQtNjVhODk5YTYwMzY2
LzEvUkpzWTR5bHRlVjA2bkpXYjRseHdxcXMyVWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQDBZ8A
AwQDH8GgAwQEP/fQAwQDVXa4AwQEVcGgAwQDVm0YAwQDWfm4AwQDbURoAwQFi7Jg
AwQFkSggAwQCotNoAwQCotWgAwQCuRBwAwQCuRVgAwQBuSzSAwQAwSnPAwQAwmuQ
AwQDxlnoMA0EAgACMAcDBQAqA8EAMA0GCSqGSIb3DQEBCwUAA4IBAQBDSUOvwxFT
Xafz66ZkR2TQ8vETZ5C70f+rI2bMzXeznxRDQqW/vg+oa6Roj/Hvd1/BQJlVrDII
iQho1T+4uwph9dagsCl01n8YCupMi2UzJT8edcJFnG98fzCKTtk1pnxSuRRxWp0Q
oG3XVZ2ARYrvduhQ15Lu09aUtHoRxKzLChO+1m4zL3vTiDJu7vL0U4rpkJmyq1pK
rolbA8tnrvG7zGMXvz3/epn8K+D8BkuRSmooIHxIVtxK7RB61GNkzJkLah1jDyiG
weundLx2op/9ZBlskrqeSK2QR3KCILSMkwlOJxpOfc6Q5L9KEMKzGAjovPNtOzGf
Jgrzhvk8g71y
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:50:25 2024 by rpki-client on console-fra.rpki-client.org