Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/1-qW5gTpDqTF9XCZz2aKsCJlRbHY.roa
File: 1-qW5gTpDqTF9XCZz2aKsCJlRbHY.roa (raw, json)
Hash identifier: sVRBOXiqcKGq9XYDuJTRr89TQfJ9d0eTUySJGft4ySU=
Subject key identifier: FA:A5:B9:81:3A:43:A9:31:7D:5C:26:73:D9:A2:AC:08:99:51:6C:76
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018E7DE9E85AAA19EA3695D60A85370927E6
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/1-qW5gTpDqTF9XCZz2aKsCJlRbHY.roa
Signing time: Wed 27 Mar 2024 03:17:45 +0000
ROA not before: Wed 27 Mar 2024 03:17:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 45.143.68.0/24 maxlen: 24
45.143.69.0/24 maxlen: 24
45.143.70.0/24 maxlen: 24
45.143.71.0/24 maxlen: 24
83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
95.181.216.0/24 maxlen: 24
95.181.217.0/24 maxlen: 24
95.181.218.0/24 maxlen: 24
95.181.219.0/24 maxlen: 24
185.75.208.0/24 maxlen: 24
185.75.209.0/24 maxlen: 24
185.75.210.0/24 maxlen: 24
185.75.211.0/24 maxlen: 24
185.201.190.0/24 maxlen: 24
185.253.68.0/24 maxlen: 24
185.253.69.0/24 maxlen: 24
185.253.70.0/24 maxlen: 24
185.253.71.0/24 maxlen: 24
193.108.242.0/24 maxlen: 24
193.108.243.0/24 maxlen: 24
193.201.248.0/24 maxlen: 24
193.201.249.0/24 maxlen: 24
193.201.250.0/24 maxlen: 24
193.201.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7d:e9:e8:5a:aa:19:ea:36:95:d6:0a:85:37:09:27:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 27 03:17:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faa5b9813a43a9317d5c2673d9a2ac0899516c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6a:f5:8f:97:32:e4:92:47:8c:b9:70:93:88:
31:82:31:1c:95:75:55:cc:ad:33:45:ff:a3:15:78:
de:5a:c5:f3:21:b9:b1:44:2e:f3:25:07:86:ab:58:
de:c8:05:f9:73:a8:0c:e5:e3:b3:6c:3a:34:c3:4c:
5c:4c:50:10:0a:5c:8e:eb:59:e1:c7:60:e6:ab:f1:
70:99:b0:5b:4f:94:97:39:0e:1c:7a:76:94:30:fe:
ac:d4:16:5d:b2:c5:70:e9:c3:46:6e:e3:8d:24:6d:
1e:1f:13:93:28:ab:df:e2:be:6a:ad:f8:bd:c6:db:
65:f3:63:de:8d:29:3f:db:91:0d:89:12:7c:4a:57:
f7:27:00:90:4d:ed:9a:0d:ad:fd:64:ac:a5:5f:c8:
3a:9d:89:64:9f:8d:a5:bb:99:cf:be:2c:0f:de:77:
cf:16:b9:cc:6b:35:1f:46:83:20:0d:03:1f:33:0a:
ed:04:08:a9:07:3a:7a:8a:25:42:4b:3a:e7:c4:86:
f9:e1:c0:63:68:5b:36:ac:98:e3:6a:c6:8c:2c:ac:
6f:26:f8:f9:36:a6:87:d9:38:e9:8b:d4:79:56:ec:
8c:19:fc:76:8c:45:c1:0a:8b:40:4a:98:c3:14:ff:
db:74:c5:53:a0:e0:85:0a:31:e1:3a:64:f8:0b:03:
2c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A5:B9:81:3A:43:A9:31:7D:5C:26:73:D9:A2:AC:08:99:51:6C:76
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/1-qW5gTpDqTF9XCZz2aKsCJlRbHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.68.0/22
83.150.240.0/22
95.181.216.0/22
185.75.208.0/22
185.201.190.0/24
185.253.68.0/22
193.108.242.0/23
193.201.248.0/22
Signature Algorithm: sha256WithRSAEncryption
72:30:cb:3c:78:43:d8:ee:91:76:a4:96:38:3e:82:58:25:2b:
f5:e0:9f:80:76:9a:86:e0:80:91:44:4a:93:31:89:b9:d4:bd:
43:70:b1:b5:31:45:d0:54:dc:72:a9:e1:51:b2:0e:bd:a1:4e:
79:ca:7d:db:ef:fe:5b:f9:b5:6e:6b:c2:d4:75:a2:e4:35:9a:
d4:c1:8b:58:5b:40:3a:1c:38:f2:00:1c:5a:90:8f:5b:91:3a:
20:d7:65:f3:ad:3c:4d:5a:ab:08:02:50:af:b0:06:01:20:48:
77:a1:ef:76:89:d8:ca:06:85:88:97:78:2d:57:37:83:2c:04:
bb:29:2b:88:f0:e1:99:1e:3a:b9:db:2d:3c:b4:2b:63:10:d0:
f9:e9:39:b1:ea:b3:7f:c3:fd:03:a6:5c:9a:a7:1a:67:4e:41:
36:f1:1f:41:be:ea:6b:70:47:36:78:0e:af:72:d9:35:ab:26:
bf:d6:4c:f8:2e:fd:31:91:df:cd:4b:23:5a:5f:6e:91:8a:4e:
1d:f6:b1:fe:cb:50:32:06:e0:70:be:d3:d5:d2:4e:56:d2:ee:
21:58:00:b1:9a:2a:66:a3:f8:7a:cc:c0:e3:00:c2:0d:82:6f:
e2:60:70:00:18:a1:fb:f3:ac:b3:38:ef:32:a0:32:c7:8d:a0:
29:5c:c2:cf
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY596ehaqhnqNpXWCoU3CSfmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwMzI3MDMxNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE1Yjk4MTNhNDNhOTMxN2Q1YzI2NzNkOWEyYWMwODk5NTE2Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGr1j5cy5JJHjLlwk4gxgjEclXVV
zK0zRf+jFXjeWsXzIbmxRC7zJQeGq1jeyAX5c6gM5eOzbDo0w0xcTFAQClyO61nh
x2Dmq/FwmbBbT5SXOQ4cenaUMP6s1BZdssVw6cNGbuONJG0eHxOTKKvf4r5qrfi9
xttl82PejSk/25ENiRJ8Slf3JwCQTe2aDa39ZKylX8g6nYlkn42lu5nPviwP3nfP
FrnMazUfRoMgDQMfMwrtBAipBzp6iiVCSzrnxIb54cBjaFs2rJjjasaMLKxvJvj5
NqaH2Tjpi9R5VuyMGfx2jEXBCotASpjDFP/bdMVToOCFCjHhOmT4CwMsjQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPqluYE6Q6kxfVwmc9mirAiZUWx2MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvMS1xVzVnVHBEcVRGOVhDWnoyYUtzQ0psUmJIWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjUvNjk5MGU5LWMzYzAtNDc4YS05OTk3LTk1YjA4ZTM2NjBj
Zi8xL2tpSUl0SHRxaGsyZEhfTS1CcXFCMFRnWnAwNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBJBggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAi2PRAME
AlOW8AMEAl+12AMEArlL0AMEALnJvgMEArn9RAMEAcFs8gMEAsHJ+DANBgkqhkiG
9w0BAQsFAAOCAQEAcjDLPHhD2O6RdqSWOD6CWCUr9eCfgHaahuCAkURKkzGJudS9
Q3CxtTFF0FTccqnhUbIOvaFOecp92+/+W/m1bmvC1HWi5DWa1MGLWFtAOhw48gAc
WpCPW5E6INdl8608TVqrCAJQr7AGASBId6HvdonYygaFiJd4LVc3gywEuykriPDh
mR46udstPLQrYxDQ+ek5seqzf8P9A6ZcmqcaZ05BNvEfQb7qa3BHNngOr3LZNasm
v9ZM+C79MZHfzUsjWl9ukYpOHfax/stQMgbgcL7T1dJOVtLuIVgAsZoqZqP4eszA
4wDCDYJv4mBwABih+/OsszjvMqAyx42gKVzCzw==
-----END CERTIFICATE-----
Generated at Wed May 8 05:12:36 2024 by rpki-client on console-fra.rpki-client.org