Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/N5g44QOoebNREjKnwSHpqhvhxoM.roa
File: N5g44QOoebNREjKnwSHpqhvhxoM.roa (raw, json)
Hash identifier: CB/KJ7fZrazS4ND5uLCnquGpcRc2GWM4snco/CMqDKo=
Subject key identifier: 37:98:38:E1:03:A8:79:B3:51:12:32:A7:C1:21:E9:AA:1B:E1:C6:83
Certificate issuer: /CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Certificate serial: 018E8B26465F19C673E4DE8826B442DB64C7
Authority key identifier: 93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/N5g44QOoebNREjKnwSHpqhvhxoM.roa
Signing time: Fri 29 Mar 2024 16:58:45 +0000
ROA not before: Fri 29 Mar 2024 16:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29650
IP address blocks: 45.139.240.0/22 maxlen: 24
79.140.128.0/20 maxlen: 24
82.195.128.0/19 maxlen: 24
84.51.224.0/21 maxlen: 21
84.51.236.0/22 maxlen: 22
84.51.240.0/20 maxlen: 20
212.78.224.0/20 maxlen: 20
212.78.240.0/22 maxlen: 22
212.78.252.0/22 maxlen: 22
212.84.40.0/21 maxlen: 24
2001:1bd8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8b:26:46:5f:19:c6:73:e4:de:88:26:b4:42:db:64:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=937f12abaf613973feb3073d8ce637f1b00cbfa9
Validity
Not Before: Mar 29 16:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=379838e103a879b3511232a7c121e9aa1be1c683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3b:9b:37:95:f1:fb:45:e4:5c:3c:66:93:75:
37:58:4b:64:4e:5a:c1:6e:18:99:89:e4:c2:9c:a7:
dc:f0:ab:a2:49:8a:57:e2:98:ac:ed:59:f2:47:8d:
ce:da:19:3c:70:f2:51:c1:63:a6:64:4a:6d:d6:0b:
34:98:97:63:af:a2:ae:1e:bf:e9:33:33:c0:14:14:
8c:15:75:ef:7c:0f:8b:91:47:6c:2e:f7:62:5c:25:
c6:82:35:4e:e4:bb:53:99:82:89:38:b4:17:2d:65:
57:39:8c:98:66:36:19:d0:6e:f7:43:cb:b8:49:9e:
a9:bc:cc:95:f4:33:ef:76:0f:e8:00:2d:0b:13:89:
d3:d9:33:e1:2e:08:f7:62:7c:c7:93:98:5f:c6:85:
29:b8:70:70:d8:e9:8c:d1:20:9f:e3:7d:b1:62:54:
44:15:04:1c:4e:86:92:a3:10:d1:8e:5d:06:74:28:
42:f4:5b:0e:98:13:6c:45:a4:89:b2:15:42:f8:90:
68:69:72:a8:f1:4f:65:50:1c:dc:9a:9b:04:f4:e2:
10:7d:12:84:ee:07:1a:04:27:d9:7f:4e:e8:88:40:
f4:36:7c:7b:dc:25:1e:bf:06:00:a7:39:36:da:28:
fd:12:46:ad:37:e8:02:1d:1e:24:0c:e3:5d:55:0b:
e5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:98:38:E1:03:A8:79:B3:51:12:32:A7:C1:21:E9:AA:1B:E1:C6:83
X509v3 Authority Key Identifier:
keyid:93:7F:12:AB:AF:61:39:73:FE:B3:07:3D:8C:E6:37:F1:B0:0C:BF:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k38Sq69hOXP-swc9jOY38bAMv6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/N5g44QOoebNREjKnwSHpqhvhxoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/95e949-bf34-4122-8fa8-a1ae5892d421/1/k38Sq69hOXP-swc9jOY38bAMv6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.240.0/22
79.140.128.0/20
82.195.128.0/19
84.51.224.0/21
84.51.236.0-84.51.255.255
212.78.224.0-212.78.243.255
212.78.252.0/22
212.84.40.0/21
IPv6:
2001:1bd8::/32
Signature Algorithm: sha256WithRSAEncryption
47:37:b8:ae:d0:67:6b:61:ee:79:75:4d:b5:d1:5f:97:29:d2:
23:f6:1f:15:04:88:14:65:f7:e5:bf:5e:57:e5:11:5e:b2:01:
0c:cd:22:d1:19:5e:92:34:d6:6d:d3:a4:c7:e6:89:b9:bc:ba:
0a:34:f8:9f:84:28:3b:25:22:2a:a7:71:c9:ac:bb:64:73:b8:
55:cd:d0:3f:eb:f0:36:f1:27:5d:3b:f8:75:75:e5:30:6c:7e:
86:af:21:73:2d:63:71:05:3d:a3:aa:1b:12:44:86:4c:3a:be:
36:b4:c6:ce:0b:f9:79:c7:a0:60:75:12:c0:76:a3:40:91:48:
e3:8d:80:e0:d7:a1:48:1d:fb:b1:f7:f4:51:f8:4d:93:ca:58:
78:16:6b:f8:4a:a0:3b:3a:a1:e6:07:5a:40:49:7b:17:52:49:
67:5f:c0:e9:b5:5b:d4:09:af:86:9a:b8:1b:e8:de:98:06:ce:
50:e1:37:d0:02:37:7f:1b:e0:75:4f:e7:0f:0e:4f:96:b7:d1:
81:34:96:26:56:2d:8a:e6:07:d0:57:f3:e7:b8:b4:08:18:21:
3b:56:01:9d:4f:f7:6c:21:a5:fb:3e:fc:ef:a8:87:18:01:00:
27:9e:41:7b:9b:75:74:b5:f3:ed:36:d5:13:d8:9e:b1:4b:d5:
d2:31:3d:1d
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY6LJkZfGcZz5N6IJrRC22THMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzN2YxMmFiYWY2MTM5NzNmZWIzMDczZDhjZTYzN2YxYjAw
Y2JmYTkwHhcNMjQwMzI5MTY1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk4MzhlMTAzYTg3OWIzNTExMjMyYTdjMTIxZTlhYTFiZTFjNjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzubN5Xx+0XkXDxmk3U3WEtkTlrB
bhiZieTCnKfc8KuiSYpX4pis7VnyR43O2hk8cPJRwWOmZEpt1gs0mJdjr6KuHr/p
MzPAFBSMFXXvfA+LkUdsLvdiXCXGgjVO5LtTmYKJOLQXLWVXOYyYZjYZ0G73Q8u4
SZ6pvMyV9DPvdg/oAC0LE4nT2TPhLgj3YnzHk5hfxoUpuHBw2OmM0SCf432xYlRE
FQQcToaSoxDRjl0GdChC9FsOmBNsRaSJshVC+JBoaXKo8U9lUBzcmpsE9OIQfRKE
7gcaBCfZf07oiED0Nnx73CUevwYApzk22ij9EkatN+gCHR4kDONdVQvlZQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFDeYOOEDqHmzURIyp8Eh6aob4caDMB8GA1UdIwQY
MBaAFJN/EquvYTlz/rMHPYzmN/GwDL+pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgt
YTFhZTU4OTJkNDIxLzEvTjVnNDRRT29lYk5SRWpLbndTSHBxaHZoeG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC85NWU5NDktYmYzNC00MTIyLThmYTgtYTFhZTU4OTJkNDIx
LzEvazM4U3E2OWhPWFAtc3djOWpPWTM4YkFNdjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwQCLYvwAwQE
T4yAAwQFUsOAAwQDVDPgMAsDBAJUM+wDAwJUMDAMAwQF1E7gAwQC1E7wAwQC1E78
AwQD1FQoMA0EAgACMAcDBQAgARvYMA0GCSqGSIb3DQEBCwUAA4IBAQBHN7iu0Gdr
Ye55dU210V+XKdIj9h8VBIgUZfflv15X5RFesgEMzSLRGV6SNNZt06TH5om5vLoK
NPifhCg7JSIqp3HJrLtkc7hVzdA/6/A28SddO/h1deUwbH6GryFzLWNxBT2jqhsS
RIZMOr42tMbOC/l5x6BgdRLAdqNAkUjjjYDg16FIHfux9/RR+E2Tylh4Fmv4SqA7
OqHmB1pASXsXUklnX8DptVvUCa+Gmrgb6N6YBs5Q4TfQAjd/G+B1T+cPDk+Wt9GB
NJYmVi2K5gfQV/PnuLQIGCE7VgGdT/dsIaX7PvzvqIcYAQAnnkF7m3V0tfPtNtUT
2J6xS9XSMT0d
-----END CERTIFICATE-----
Generated at Sat Jun 1 10:00:31 2024 by rpki-client on console-ams.rpki-client.org