Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/WH8qbuIiMBn0Mv6ygSBSKZpPy6E.roa
File: WH8qbuIiMBn0Mv6ygSBSKZpPy6E.roa (raw, json)
Hash identifier: 8/OPnD0LAMyuJ7n5Lqj6UUhCDvaWFKfvp34PRgOJQG0=
Subject key identifier: 58:7F:2A:6E:E2:22:30:19:F4:32:FE:B2:81:20:52:29:9A:4F:CB:A1
Certificate issuer: /CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Certificate serial: 0192B8F945A56222C4E6527F6C3D93FE925A
Authority key identifier: 5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/WH8qbuIiMBn0Mv6ygSBSKZpPy6E.roa
Signing time: Wed 23 Oct 2024 10:43:17 +0000
ROA not before: Wed 23 Oct 2024 10:43:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43700
IP address blocks: 14.102.4.0/22 maxlen: 24
31.172.224.0/22 maxlen: 22
45.84.244.0/22 maxlen: 22
78.158.0.0/19 maxlen: 19
78.158.0.0/20 maxlen: 20
78.158.16.0/20 maxlen: 20
95.215.140.0/22 maxlen: 22
185.246.240.0/22 maxlen: 22
185.252.108.0/22 maxlen: 22
185.252.204.0/22 maxlen: 22
216.25.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:f9:45:a5:62:22:c4:e6:52:7f:6c:3d:93:fe:92:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd6f6d299bcdec73d13f2d842fc1df4bc1ee2d3
Validity
Not Before: Oct 23 10:43:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=587f2a6ee2223019f432feb2812052299a4fcba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:57:d6:ed:17:1e:05:e1:d7:22:fe:01:a4:84:
ff:ca:3b:bd:4b:64:75:6a:2f:da:18:a2:9f:be:45:
81:65:88:94:6a:1d:81:c6:03:df:ac:8d:81:41:08:
8e:b7:53:a1:e5:45:c9:8c:48:41:18:a0:4f:9b:f9:
22:9f:66:53:b9:74:21:29:97:d1:76:3c:c8:fc:f4:
90:ce:21:77:1d:23:98:da:8c:61:71:4f:bc:b6:a7:
a2:77:6c:63:f5:b5:6c:4f:71:37:35:9d:ea:d8:de:
e9:49:2f:7f:2f:2f:80:50:4b:20:6c:b0:0b:46:c8:
c9:69:e1:ce:78:bb:eb:b8:62:9b:ce:4a:8b:bf:70:
84:bf:38:3b:67:d0:64:31:1b:b9:0d:5e:f1:a2:72:
0d:52:93:65:1e:5a:26:80:f4:16:52:70:36:3c:13:
c3:bb:3f:9a:94:03:3c:ef:57:f3:fb:3b:26:fe:dc:
f5:52:17:b1:a1:3d:c3:b3:19:47:f9:f1:28:ad:b5:
85:22:d7:f2:b2:80:29:ba:78:48:a1:1a:93:06:c4:
81:6c:19:9f:7b:68:d6:64:20:86:6d:57:d2:cd:0f:
37:f1:29:03:05:4d:07:3b:8e:c8:8a:df:1a:e5:02:
c0:86:3f:56:1f:db:07:ea:d3:83:60:29:89:34:ab:
a7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:7F:2A:6E:E2:22:30:19:F4:32:FE:B2:81:20:52:29:9A:4F:CB:A1
X509v3 Authority Key Identifier:
keyid:5D:D6:F6:D2:99:BC:DE:C7:3D:13:F2:D8:42:FC:1D:F4:BC:1E:E2:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdb20pm83sc9E_LYQvwd9Lwe4tM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/WH8qbuIiMBn0Mv6ygSBSKZpPy6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a4b446-bb72-45be-bc46-51f5ff81c117/1/Xdb20pm83sc9E_LYQvwd9Lwe4tM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.4.0/22
31.172.224.0/22
45.84.244.0/22
78.158.0.0/19
95.215.140.0/22
185.246.240.0/22
185.252.108.0/22
185.252.204.0/22
216.25.0.0/22
Signature Algorithm: sha256WithRSAEncryption
61:0a:bb:92:de:72:72:55:7b:32:f5:3c:c8:1b:29:da:e5:f9:
fc:7e:8a:f1:09:eb:d7:23:1c:a8:cc:5f:c9:14:ed:03:19:33:
56:67:4b:32:16:84:ff:67:0c:86:7f:d7:b3:b8:9b:8a:33:a2:
29:b5:78:d4:3c:f7:67:8d:3b:72:d9:50:cb:2a:30:30:32:5c:
58:a5:61:01:f9:55:e0:d8:c7:83:31:f9:b8:68:cc:13:e4:f1:
f9:59:a2:64:a8:80:f5:48:0d:2f:b1:f4:7b:f3:67:a0:64:98:
bc:b6:5f:0f:76:3e:88:fe:e5:90:19:e7:3f:25:7c:6b:45:68:
ea:cd:65:b4:8f:a5:e0:1a:c2:dd:cf:65:a1:c8:ba:57:a7:41:
fb:9a:b0:33:2d:ad:2e:d4:a2:7f:44:5e:72:b6:a8:ff:70:96:
91:2e:0f:20:f5:9c:0c:84:24:4c:e1:63:02:4f:16:80:d0:10:
9d:7e:53:5a:c2:89:c9:9e:aa:0e:13:3c:a5:c1:bd:cf:0b:56:
e4:1b:25:47:e3:78:40:56:7f:41:56:b6:c7:f8:18:61:af:da:
3e:6d:aa:68:7c:80:83:8a:e2:f5:d8:80:10:15:01:89:db:23:
08:27:b9:52:91:6f:d6:96:4d:8e:27:94:eb:f7:75:ba:d0:c3:
46:81:c7:c7
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZK4+UWlYiLE5lJ/bD2T/pJaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDZmNmQyOTliY2RlYzczZDEzZjJkODQyZmMxZGY0YmMx
ZWUyZDMwHhcNMjQxMDIzMTA0MzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODdmMmE2ZWUyMjIzMDE5ZjQzMmZlYjI4MTIwNTIyOTlhNGZjYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFfW7RceBeHXIv4BpIT/yju9S2R1
ai/aGKKfvkWBZYiUah2BxgPfrI2BQQiOt1Oh5UXJjEhBGKBPm/kin2ZTuXQhKZfR
djzI/PSQziF3HSOY2oxhcU+8tqeid2xj9bVsT3E3NZ3q2N7pSS9/Ly+AUEsgbLAL
RsjJaeHOeLvruGKbzkqLv3CEvzg7Z9BkMRu5DV7xonINUpNlHlomgPQWUnA2PBPD
uz+alAM871fz+zsm/tz1UhexoT3DsxlH+fEorbWFItfysoApunhIoRqTBsSBbBmf
e2jWZCCGbVfSzQ838SkDBU0HO47Iit8a5QLAhj9WH9sH6tODYCmJNKunawIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFh/Km7iIjAZ9DL+soEgUimaT8uhMB8GA1UdIwQY
MBaAFF3W9tKZvN7HPRPy2EL8HfS8HuLTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYt
NTFmNWZmODFjMTE3LzEvV0g4cWJ1SWlNQm4wTXY2eWdTQlNLWnBQeTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hNGI0NDYtYmI3Mi00NWJlLWJjNDYtNTFmNWZmODFjMTE3
LzEvWGRiMjBwbTgzc2M5RV9MWVF2d2Q5THdlNHRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCDmYEAwQC
H6zgAwQCLVT0AwQFTp4AAwQCX9eMAwQCufbwAwQCufxsAwQCufzMAwQC2BkAMA0G
CSqGSIb3DQEBCwUAA4IBAQBhCruS3nJyVXsy9TzIGyna5fn8forxCevXIxyozF/J
FO0DGTNWZ0syFoT/ZwyGf9ezuJuKM6IptXjUPPdnjTty2VDLKjAwMlxYpWEB+VXg
2MeDMfm4aMwT5PH5WaJkqID1SA0vsfR782egZJi8tl8Pdj6I/uWQGec/JXxrRWjq
zWW0j6XgGsLdz2WhyLpXp0H7mrAzLa0u1KJ/RF5ytqj/cJaRLg8g9ZwMhCRM4WMC
TxaA0BCdflNawonJnqoOEzylwb3PC1bkGyVH43hAVn9BVrbH+Bhhr9o+bapofICD
iuL12IAQFQGJ2yMIJ7lSkW/Wlk2OJ5Tr93W60MNGgcfH
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:18 2024 by rpki-client on console-fra.rpki-client.org