Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/sMW7_iAgimv9DfsZDnFnQuZJe1A.roa
File: sMW7_iAgimv9DfsZDnFnQuZJe1A.roa (raw, json)
Hash identifier: xc5IUEWjZjjqTyE3s955es5+4sm1QUO8/Z7OAZlomuE=
Subject key identifier: B0:C5:BB:FE:20:20:8A:6B:FD:0D:FB:19:0E:71:67:42:E6:49:7B:50
Certificate issuer: /CN=e43bac4a1bbba56cc434861a4c769ff9ce2d15ec
Certificate serial: 018CC94E4F77C26C4979C1AF994DC874A075
Authority key identifier: E4:3B:AC:4A:1B:BB:A5:6C:C4:34:86:1A:4C:76:9F:F9:CE:2D:15:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5DusShu7pWzENIYaTHaf-c4tFew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/sMW7_iAgimv9DfsZDnFnQuZJe1A.roa
Signing time: Tue 02 Jan 2024 08:33:21 +0000
ROA not before: Tue 02 Jan 2024 08:33:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197099
IP address blocks: 178.217.136.0/21 maxlen: 21
195.43.84.0/23 maxlen: 23
217.30.4.0/22 maxlen: 22
195.95.185.0/24 maxlen: 24
185.81.107.0/24 maxlen: 24
91.216.149.0/24 maxlen: 24
185.81.106.0/24 maxlen: 24
2a03:63e0::/29 maxlen: 29
2a03:63e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/5DusShu7pWzENIYaTHaf-c4tFew.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/5DusShu7pWzENIYaTHaf-c4tFew.mft
rsync://rpki.ripe.net/repository/DEFAULT/5DusShu7pWzENIYaTHaf-c4tFew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4f:77:c2:6c:49:79:c1:af:99:4d:c8:74:a0:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43bac4a1bbba56cc434861a4c769ff9ce2d15ec
Validity
Not Before: Jan 2 08:33:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0c5bbfe20208a6bfd0dfb190e716742e6497b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f9:b4:0e:e1:50:1b:74:1a:1c:4e:ea:60:95:
6d:fb:0b:53:60:09:d4:4f:5f:c4:5f:17:16:c1:b8:
62:64:9b:78:9e:15:89:e7:42:f6:de:fc:61:06:4e:
88:fd:0d:55:47:01:ea:cb:51:30:50:52:55:30:2b:
36:ca:6b:73:7a:8c:44:26:86:c3:40:5e:c5:70:3d:
06:93:48:b8:af:aa:f5:61:86:09:a2:bc:05:6d:74:
ce:c8:32:23:3a:cf:1d:9f:ce:3f:11:9a:24:98:3c:
b6:48:a3:ca:0b:52:6b:59:4a:51:ee:b8:3f:7a:0a:
f3:ea:1d:f8:b1:09:98:f8:d3:e5:3d:06:61:5a:93:
d9:3b:ae:e6:0b:49:e8:d8:67:4f:55:06:0b:ee:e0:
56:da:50:41:52:6d:d0:fa:54:7b:ad:75:e2:16:52:
6b:e3:0f:63:45:a1:43:21:dd:01:80:bc:60:f2:06:
40:c5:0e:88:3a:cd:8e:c6:07:85:a9:d9:1f:19:9c:
60:a0:ca:c3:25:fd:bd:d6:e2:4d:38:21:d8:cc:d3:
5b:de:da:99:39:11:1e:9d:b3:26:82:38:f3:c8:71:
b5:07:a9:e9:8b:c2:ea:da:64:f2:fd:31:fc:d4:20:
64:b6:b0:52:c8:bd:c2:09:6a:da:12:bd:d2:81:ae:
00:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C5:BB:FE:20:20:8A:6B:FD:0D:FB:19:0E:71:67:42:E6:49:7B:50
X509v3 Authority Key Identifier:
keyid:E4:3B:AC:4A:1B:BB:A5:6C:C4:34:86:1A:4C:76:9F:F9:CE:2D:15:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5DusShu7pWzENIYaTHaf-c4tFew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/sMW7_iAgimv9DfsZDnFnQuZJe1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2ab0f-be43-4665-bbaa-1cd3cb07ef5d/1/5DusShu7pWzENIYaTHaf-c4tFew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.149.0/24
178.217.136.0/21
185.81.106.0/23
195.43.84.0/23
195.95.185.0/24
217.30.4.0/22
IPv6:
2a03:63e0::/29
Signature Algorithm: sha256WithRSAEncryption
56:ec:4d:9d:47:f3:85:15:f3:b6:39:6a:8e:95:a3:1e:9e:8c:
1f:d3:23:0f:af:2e:b0:7f:85:d4:20:ac:2f:65:15:67:95:00:
ec:d8:40:b4:10:d9:8b:c2:e2:a4:0c:d8:f4:2a:55:ad:0c:46:
35:c0:ff:e1:8f:e6:0d:3d:69:23:e5:ca:32:33:a5:51:07:db:
4b:49:2e:72:fc:8b:d0:d7:65:41:23:4b:e5:4e:cd:f1:9c:d8:
d7:f9:63:3a:3c:e5:fc:67:48:ba:4f:d5:ea:c7:00:11:a2:0f:
76:a6:ab:e1:db:b4:03:99:54:76:5f:2a:9c:d5:96:9c:06:8a:
89:4d:52:ca:f6:04:e3:7d:4e:e1:8a:45:4f:97:0d:8d:dc:3f:
5f:13:98:c6:46:6f:eb:ba:00:a1:f5:8d:e1:89:3c:2d:f6:94:
4e:11:76:41:28:0d:ba:12:fc:27:44:ff:0b:53:ec:89:ae:b4:
57:40:44:ea:22:b4:c9:56:22:46:3c:59:60:7c:33:87:a1:3b:
78:d2:a9:e9:06:ef:3b:90:6f:8a:d4:58:9e:ae:7d:9b:0c:e4:
36:07:5b:1b:d2:fc:7c:2c:36:f7:dd:62:54:4e:98:d2:81:04:
5f:c5:fe:23:98:7b:e7:01:5a:6d:bc:6e:bc:9f:2d:85:e3:2a:
28:0b:7e:0d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzJTk93wmxJecGvmU3IdKB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2JhYzRhMWJiYmE1NmNjNDM0ODYxYTRjNzY5ZmY5Y2Uy
ZDE1ZWMwHhcNMjQwMTAyMDgzMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGM1YmJmZTIwMjA4YTZiZmQwZGZiMTkwZTcxNjc0MmU2NDk3YjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivm0DuFQG3QaHE7qYJVt+wtTYAnU
T1/EXxcWwbhiZJt4nhWJ50L23vxhBk6I/Q1VRwHqy1EwUFJVMCs2ymtzeoxEJobD
QF7FcD0Gk0i4r6r1YYYJorwFbXTOyDIjOs8dn84/EZokmDy2SKPKC1JrWUpR7rg/
egrz6h34sQmY+NPlPQZhWpPZO67mC0no2GdPVQYL7uBW2lBBUm3Q+lR7rXXiFlJr
4w9jRaFDId0BgLxg8gZAxQ6IOs2OxgeFqdkfGZxgoMrDJf291uJNOCHYzNNb3tqZ
OREenbMmgjjzyHG1B6npi8Lq2mTy/TH81CBktrBSyL3CCWraEr3Sga4AuwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLDFu/4gIIpr/Q37GQ5xZ0LmSXtQMB8GA1UdIwQY
MBaAFOQ7rEobu6VsxDSGGkx2n/nOLRXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUR1c1NodTdwV3pFTklZYVRIYWYtYzR0RmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmFiMGYtYmU0My00NjY1LWJiYWEt
MWNkM2NiMDdlZjVkLzEvc01XN19pQWdpbXY5RGZzWkRuRm5RdVpKZTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmFiMGYtYmU0My00NjY1LWJiYWEtMWNkM2NiMDdlZjVk
LzEvNUR1c1NodTdwV3pFTklZYVRIYWYtYzR0RmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9iVAwQD
stmIAwQBuVFqAwQBwytUAwQAw1+5AwQC2R4EMA0EAgACMAcDBQMqA2PgMA0GCSqG
SIb3DQEBCwUAA4IBAQBW7E2dR/OFFfO2OWqOlaMenowf0yMPry6wf4XUIKwvZRVn
lQDs2EC0ENmLwuKkDNj0KlWtDEY1wP/hj+YNPWkj5coyM6VRB9tLSS5y/IvQ12VB
I0vlTs3xnNjX+WM6POX8Z0i6T9XqxwARog92pqvh27QDmVR2Xyqc1ZacBoqJTVLK
9gTjfU7hikVPlw2N3D9fE5jGRm/rugCh9Y3hiTwt9pROEXZBKA26EvwnRP8LU+yJ
rrRXQETqIrTJViJGPFlgfDOHoTt40qnpBu87kG+K1Fiern2bDOQ2B1sb0vx8LDb3
3WJUTpjSgQRfxf4jmHvnAVptvG68ny2F4yooC34N
-----END CERTIFICATE-----
Generated at Sat Sep 28 18:41:49 2024 by rpki-client on console-fra.rpki-client.org