Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/C5-P9s8jIdVihKqMBbMkDDAMSZE.roa
File: C5-P9s8jIdVihKqMBbMkDDAMSZE.roa (raw, json)
Hash identifier: Ae1F7wCFyE846aDiZty8QY1uHOuEm6MsWveGkN3W+sg=
Subject key identifier: 0B:9F:8F:F6:CF:23:21:D5:62:84:AA:8C:05:B3:24:0C:30:0C:49:91
Certificate issuer: /CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Certificate serial: 018CC9BB3A82CE0CF5053A8F8132E5F99ED8
Authority key identifier: E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/C5-P9s8jIdVihKqMBbMkDDAMSZE.roa
Signing time: Tue 02 Jan 2024 10:32:19 +0000
ROA not before: Tue 02 Jan 2024 10:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8218
IP address blocks: 158.255.96.0/19 maxlen: 19
158.255.106.0/24 maxlen: 24
91.194.208.0/23 maxlen: 24
195.216.192.0/23 maxlen: 24
141.255.136.0/21 maxlen: 21
83.167.32.0/19 maxlen: 19
94.103.128.0/20 maxlen: 20
213.179.76.0/22 maxlen: 22
193.34.130.0/23 maxlen: 24
185.110.192.0/22 maxlen: 22
213.152.0.0/19 maxlen: 19
46.255.176.0/21 maxlen: 21
212.69.160.0/19 maxlen: 19
193.227.248.0/23 maxlen: 24
2001:1b48::/32 maxlen: 32
2a00:1f60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:3a:82:ce:0c:f5:05:3a:8f:81:32:e5:f9:9e:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Validity
Not Before: Jan 2 10:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b9f8ff6cf2321d56284aa8c05b3240c300c4991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fe:fb:c3:93:81:2f:aa:a4:33:21:1f:cd:55:
e4:b1:89:b7:3d:8c:40:63:f0:4f:a3:5f:d2:95:05:
ef:47:55:4d:65:42:ae:99:51:28:70:65:2c:e8:ec:
5b:1d:72:58:5d:45:2f:8e:75:44:d5:6e:af:46:3d:
44:65:a6:0e:52:f0:13:8a:3d:07:51:60:0a:29:06:
5a:fc:2b:ad:2e:f3:ff:fd:e2:01:09:a7:c3:9a:c3:
26:38:b8:2b:54:63:0a:44:8e:60:c3:6c:8d:8e:57:
bd:8e:40:64:bc:b8:85:65:7e:ff:02:82:6b:57:67:
20:36:d2:87:11:87:78:0b:46:02:6f:c4:51:fc:50:
f5:f0:45:a1:39:09:dd:6a:1e:6d:25:d1:d0:d5:95:
89:9f:7d:cd:14:61:d9:cd:7f:b0:4d:97:61:0d:7b:
41:e4:90:d3:04:e0:06:33:88:0b:e1:ce:36:7f:55:
ed:c1:46:95:b3:3e:fa:8a:c2:ca:f8:f3:04:4e:10:
83:b2:f4:c8:42:3d:2f:ec:15:cd:33:a7:14:a2:f5:
ad:db:2a:c3:fa:4b:a5:01:6d:4c:f7:d9:a4:09:e8:
c5:6b:81:79:ea:bd:ef:a4:25:d2:b2:74:6a:56:03:
e6:77:d9:fa:a2:55:f9:bc:23:32:fc:48:7a:d7:57:
0d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:9F:8F:F6:CF:23:21:D5:62:84:AA:8C:05:B3:24:0C:30:0C:49:91
X509v3 Authority Key Identifier:
keyid:E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/C5-P9s8jIdVihKqMBbMkDDAMSZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.176.0/21
83.167.32.0/19
91.194.208.0/23
94.103.128.0/20
141.255.136.0/21
158.255.96.0/19
185.110.192.0/22
193.34.130.0/23
193.227.248.0/23
195.216.192.0/23
212.69.160.0/19
213.152.0.0/19
213.179.76.0/22
IPv6:
2001:1b48::/32
2a00:1f60::/32
Signature Algorithm: sha256WithRSAEncryption
4d:34:20:45:0a:fb:0c:e1:f3:ef:86:c6:0a:af:5a:76:7c:5e:
39:64:2c:42:e4:1f:2b:33:e2:a5:75:87:f7:e7:09:ac:2e:cd:
b0:c7:e6:9f:37:8c:ca:26:d3:22:8f:59:cf:61:aa:7c:db:aa:
97:64:bd:66:8f:86:04:b0:f2:fc:3b:42:51:26:ab:d8:38:f2:
ca:d4:86:60:59:f4:17:41:42:94:06:ef:b7:f0:44:e1:61:e5:
c8:7d:c9:de:d6:3b:9b:2f:68:a2:46:4b:4b:cf:9d:dc:aa:30:
c7:02:c2:41:b7:de:27:91:97:52:bf:6f:54:21:f1:e6:25:23:
97:ce:87:d9:bd:b1:e5:19:00:76:72:ac:27:bf:0a:e3:cc:84:
67:b6:85:66:40:11:5b:11:77:13:79:7c:ba:fe:67:fc:66:7a:
e6:00:ad:4e:33:ea:da:1b:40:6e:5e:b3:03:96:8d:c0:b3:5e:
ce:99:1f:a8:ba:35:cf:0f:61:c1:d8:e6:2e:ef:b3:44:68:e8:
d6:38:09:2a:bb:35:4b:9b:a2:15:7a:32:e8:bd:7a:5b:72:d8:
45:57:11:40:4d:0c:59:d3:6b:ce:6d:82:40:00:11:9f:04:66:
e8:45:76:2f:36:c8:a4:d6:63:cf:fd:0a:9d:bb:ee:00:ff:24:
4a:af:8d:b3
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYzJuzqCzgz1BTqPgTLl+Z7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzlhZjE3MTZkYzQ2MWU1YmIzZjg3NjIxNWJjYjk0ZTg4
MDhiYTAwHhcNMjQwMTAyMTAzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjlmOGZmNmNmMjMyMWQ1NjI4NGFhOGMwNWIzMjQwYzMwMGM0OTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv77w5OBL6qkMyEfzVXksYm3PYxA
Y/BPo1/SlQXvR1VNZUKumVEocGUs6OxbHXJYXUUvjnVE1W6vRj1EZaYOUvATij0H
UWAKKQZa/CutLvP//eIBCafDmsMmOLgrVGMKRI5gw2yNjle9jkBkvLiFZX7/AoJr
V2cgNtKHEYd4C0YCb8RR/FD18EWhOQndah5tJdHQ1ZWJn33NFGHZzX+wTZdhDXtB
5JDTBOAGM4gL4c42f1XtwUaVsz76isLK+PMEThCDsvTIQj0v7BXNM6cUovWt2yrD
+kulAW1M99mkCejFa4F56r3vpCXSsnRqVgPmd9n6olX5vCMy/Eh611cNAwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFAufj/bPIyHVYoSqjAWzJAwwDEmRMB8GA1UdIwQY
MBaAFOR5rxcW3EYeW7P4diFby5TogIugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTIt
MjQxZWFiNjE0ODNmLzEvQzUtUDlzOGpJZFZpaEtxTUJiTWtEREFNU1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS82MzI5OWEtODZiMi00OWZmLWI2ZTItMjQxZWFiNjE0ODNm
LzEvNUhtdkZ4YmNSaDVic19oMklWdkxsT2lBaTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQDLv+wAwQF
U6cgAwQBW8LQAwQEXmeAAwQDjf+IAwQFnv9gAwQCuW7AAwQBwSKCAwQBweP4AwQB
w9jAAwQF1EWgAwQF1ZgAAwQC1bNMMBQEAgACMA4DBQAgARtIAwUAKgAfYDANBgkq
hkiG9w0BAQsFAAOCAQEATTQgRQr7DOHz74bGCq9adnxeOWQsQuQfKzPipXWH9+cJ
rC7NsMfmnzeMyibTIo9Zz2GqfNuql2S9Zo+GBLDy/DtCUSar2DjyytSGYFn0F0FC
lAbvt/BE4WHlyH3J3tY7my9ookZLS8+d3KowxwLCQbfeJ5GXUr9vVCHx5iUjl86H
2b2x5RkAdnKsJ78K48yEZ7aFZkARWxF3E3l8uv5n/GZ65gCtTjPq2htAbl6zA5aN
wLNezpkfqLo1zw9hwdjmLu+zRGjo1jgJKrs1S5uiFXoy6L16W3LYRVcRQE0MWdNr
zm2CQAARnwRm6EV2LzbIpNZjz/0KnbvuAP8kSq+Nsw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:30:58 2024 by rpki-client on console-ams.rpki-client.org