Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/5WvYUS894izAN50hHLGi8kPCQjA.roa
File: 5WvYUS894izAN50hHLGi8kPCQjA.roa (raw, json)
Hash identifier: hZN5WK9oYtDLbukBGmpw1FHc4eYY3VNcUF3feM+wI6s=
Subject key identifier: E5:6B:D8:51:2F:3D:E2:2C:C0:37:9D:21:1C:B1:A2:F2:43:C2:42:30
Certificate issuer: /CN=4ab6d7c468d092c921314d66473cfa53851cd686
Certificate serial: 018CC50116B2F348ACD4A58B8A1368F2BBD3
Authority key identifier: 4A:B6:D7:C4:68:D0:92:C9:21:31:4D:66:47:3C:FA:53:85:1C:D6:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrbXxGjQkskhMU1mRzz6U4Uc1oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/5WvYUS894izAN50hHLGi8kPCQjA.roa
Signing time: Mon 01 Jan 2024 12:30:31 +0000
ROA not before: Mon 01 Jan 2024 12:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35047
IP address blocks: 92.60.16.0/20 maxlen: 20
77.242.16.0/20 maxlen: 20
77.242.18.0/23 maxlen: 23
77.242.20.0/24 maxlen: 24
77.242.22.0/23 maxlen: 23
77.242.21.0/24 maxlen: 24
77.242.24.0/24 maxlen: 24
77.242.31.0/24 maxlen: 24
77.242.29.0/24 maxlen: 24
77.242.28.0/22 maxlen: 22
77.242.30.0/24 maxlen: 24
77.242.25.0/24 maxlen: 24
77.242.26.0/24 maxlen: 24
109.236.32.0/20 maxlen: 20
185.55.150.0/24 maxlen: 24
185.55.148.0/22 maxlen: 24
185.9.44.0/22 maxlen: 24
31.44.64.0/20 maxlen: 20
31.44.68.0/22 maxlen: 22
80.91.117.0/24 maxlen: 24
80.91.116.0/24 maxlen: 24
31.44.72.0/22 maxlen: 22
80.91.112.0/20 maxlen: 24
80.91.120.0/21 maxlen: 24
80.91.122.0/24 maxlen: 24
80.91.123.0/24 maxlen: 24
80.91.127.0/24 maxlen: 24
80.91.126.0/24 maxlen: 24
2a01:4f00:2233::/48 maxlen: 48
2a01:4f00::/32 maxlen: 32
2a01:4f00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/SrbXxGjQkskhMU1mRzz6U4Uc1oY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/SrbXxGjQkskhMU1mRzz6U4Uc1oY.mft
rsync://rpki.ripe.net/repository/DEFAULT/SrbXxGjQkskhMU1mRzz6U4Uc1oY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:16:b2:f3:48:ac:d4:a5:8b:8a:13:68:f2:bb:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab6d7c468d092c921314d66473cfa53851cd686
Validity
Not Before: Jan 1 12:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e56bd8512f3de22cc0379d211cb1a2f243c24230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d7:21:03:bf:7c:29:9c:b1:72:0a:3c:be:d7:
b1:7b:38:36:e7:95:4f:20:12:95:b1:1a:8e:6f:71:
d6:f6:43:63:6c:4d:fb:f4:8d:57:46:b6:e1:6f:e5:
11:27:b5:3f:ec:a2:9e:20:b4:e1:07:5e:54:85:b7:
fc:da:b1:2b:08:90:df:71:6d:89:24:5a:1a:4d:fc:
71:67:10:76:b5:4a:5d:fe:70:ca:7d:d0:eb:d6:d2:
ea:7a:72:7a:7e:4e:92:95:96:97:bf:4b:ad:e5:6c:
90:3f:f8:37:f3:71:1e:5a:6b:95:37:b1:c6:be:68:
65:ac:4b:8e:81:e0:31:dd:6b:2c:bd:8f:ff:f2:03:
95:6c:af:84:18:23:96:e2:c2:f6:d0:95:22:0b:20:
df:75:af:00:fe:e4:3a:eb:c2:15:9d:ac:6e:f5:aa:
a1:8d:48:0f:90:fc:f5:16:d3:1f:49:eb:64:53:16:
2e:58:7f:c6:d9:87:23:ec:d2:e1:8f:42:ed:8f:b7:
ca:44:8e:d8:27:3c:c8:73:be:4a:f4:b6:bf:dd:5d:
92:ab:e6:1a:5b:47:7a:cb:32:f6:68:c5:b8:1d:a9:
50:bb:c9:65:02:50:f3:ee:8f:43:3d:4a:a5:8d:e3:
a6:90:13:44:91:d5:14:f8:a1:81:7c:bb:9e:4b:08:
8c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:6B:D8:51:2F:3D:E2:2C:C0:37:9D:21:1C:B1:A2:F2:43:C2:42:30
X509v3 Authority Key Identifier:
keyid:4A:B6:D7:C4:68:D0:92:C9:21:31:4D:66:47:3C:FA:53:85:1C:D6:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrbXxGjQkskhMU1mRzz6U4Uc1oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/5WvYUS894izAN50hHLGi8kPCQjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/50f08f-f907-44de-be94-05764c7edaa7/1/SrbXxGjQkskhMU1mRzz6U4Uc1oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.64.0/20
77.242.16.0/20
80.91.112.0/20
92.60.16.0/20
109.236.32.0/20
185.9.44.0/22
185.55.148.0/22
IPv6:
2a01:4f00::/32
Signature Algorithm: sha256WithRSAEncryption
70:0d:e9:38:28:e8:51:bf:01:ac:b2:b6:de:51:bb:65:b0:ee:
2f:b2:12:09:c5:c5:69:20:ca:38:20:ea:d7:4d:3b:4a:af:37:
a0:32:52:11:8b:d8:be:81:3c:3b:0e:1f:73:7e:30:9f:93:af:
17:19:c5:b9:b7:18:ec:c7:64:64:39:3b:97:5a:35:ae:ce:38:
5c:b1:78:5a:57:4e:1b:94:4b:34:b0:ab:09:6b:09:0b:47:2e:
5a:f7:67:3d:43:38:7f:12:f3:f1:da:39:91:f9:50:7e:3a:57:
9d:7a:1e:85:e2:e7:b5:ff:1a:84:3d:b5:95:55:be:0e:57:e6:
5e:8b:4b:9b:3c:1a:37:01:a0:9d:66:a3:83:d9:6a:d6:21:21:
87:c5:f9:0a:7c:bd:ad:61:7c:55:a3:5f:a3:1d:36:39:1b:d3:
f4:a0:f7:56:56:7e:79:b4:5a:07:23:89:07:e4:4d:c2:75:98:
fa:4e:be:76:fb:b1:8d:66:21:35:56:7c:ea:ae:0a:11:2c:df:
d8:3f:98:5d:72:c8:f0:fd:01:a9:0a:52:d8:01:24:8a:17:b9:
a6:2b:27:bb:49:03:ec:2a:46:8b:04:63:b4:d2:a5:ca:1b:3d:
24:ee:c6:a5:25:69:ee:b0:6d:d4:91:33:82:84:7e:d6:11:6d:
3e:1d:05:36
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFARay80is1KWLihNo8rvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYjZkN2M0NjhkMDkyYzkyMTMxNGQ2NjQ3M2NmYTUzODUx
Y2Q2ODYwHhcNMjQwMTAxMTIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTZiZDg1MTJmM2RlMjJjYzAzNzlkMjExY2IxYTJmMjQzYzI0MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtchA798KZyxcgo8vtexezg255VP
IBKVsRqOb3HW9kNjbE379I1XRrbhb+URJ7U/7KKeILThB15Uhbf82rErCJDfcW2J
JFoaTfxxZxB2tUpd/nDKfdDr1tLqenJ6fk6SlZaXv0ut5WyQP/g383EeWmuVN7HG
vmhlrEuOgeAx3WssvY//8gOVbK+EGCOW4sL20JUiCyDfda8A/uQ668IVnaxu9aqh
jUgPkPz1FtMfSetkUxYuWH/G2Ycj7NLhj0Ltj7fKRI7YJzzIc75K9La/3V2Sq+Ya
W0d6yzL2aMW4HalQu8llAlDz7o9DPUqljeOmkBNEkdUU+KGBfLueSwiMZQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOVr2FEvPeIswDedIRyxovJDwkIwMB8GA1UdIwQY
MBaAFEq218Ro0JLJITFNZkc8+lOFHNaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3JiWHhHalFrc2toTVUxbVJ6ejZVNFVjMW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy81MGYwOGYtZjkwNy00NGRlLWJlOTQt
MDU3NjRjN2VkYWE3LzEvNVd2WVVTODk0aXpBTjUwaEhMR2k4a1BDUWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy81MGYwOGYtZjkwNy00NGRlLWJlOTQtMDU3NjRjN2VkYWE3
LzEvU3JiWHhHalFrc2toTVUxbVJ6ejZVNFVjMW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEHyxAAwQE
TfIQAwQEUFtwAwQEXDwQAwQEbewgAwQCuQksAwQCuTeUMA0EAgACMAcDBQAqAU8A
MA0GCSqGSIb3DQEBCwUAA4IBAQBwDek4KOhRvwGssrbeUbtlsO4vshIJxcVpIMo4
IOrXTTtKrzegMlIRi9i+gTw7Dh9zfjCfk68XGcW5txjsx2RkOTuXWjWuzjhcsXha
V04blEs0sKsJawkLRy5a92c9Qzh/EvPx2jmR+VB+Oledeh6F4ue1/xqEPbWVVb4O
V+Zei0ubPBo3AaCdZqOD2WrWISGHxfkKfL2tYXxVo1+jHTY5G9P0oPdWVn55tFoH
I4kH5E3CdZj6Tr52+7GNZiE1VnzqrgoRLN/YP5hdcsjw/QGpClLYASSKF7mmKye7
SQPsKkaLBGO00qXKGz0k7salJWnusG3UkTOChH7WEW0+HQU2
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:14 2024 by rpki-client on console-ams.rpki-client.org