Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/R2wgyTd7ibQ1MGlwUyY261WjTdk.roa
File: R2wgyTd7ibQ1MGlwUyY261WjTdk.roa (raw, json)
Hash identifier: Az+5cbV50c0dQ3ghd0d3XId3jctmopubRikbfkat8Gc=
Subject key identifier: 47:6C:20:C9:37:7B:89:B4:35:30:69:70:53:26:36:EB:55:A3:4D:D9
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 018CC5DCB1F2FEE800686BFC3C922E787AC9
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/R2wgyTd7ibQ1MGlwUyY261WjTdk.roa
Signing time: Mon 01 Jan 2024 16:30:24 +0000
ROA not before: Mon 01 Jan 2024 16:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43160
IP address blocks: 5.40.191.0/24 maxlen: 24
89.140.40.0/23 maxlen: 24
62.82.238.0/24 maxlen: 24
5.40.128.0/24 maxlen: 24
89.140.197.0/24 maxlen: 24
89.140.112.0/24 maxlen: 24
62.175.202.0/24 maxlen: 24
62.82.84.0/24 maxlen: 24
84.124.116.0/24 maxlen: 24
89.140.120.0/24 maxlen: 24
89.140.122.0/24 maxlen: 24
5.40.86.0/24 maxlen: 24
5.40.32.0/23 maxlen: 23
5.40.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b1:f2:fe:e8:00:68:6b:fc:3c:92:2e:78:7a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 16:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=476c20c9377b89b435306970532636eb55a34dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9d:73:91:54:b5:73:63:7f:b0:6e:3a:18:23:
10:3d:68:c1:ab:10:10:f5:a2:5b:a3:b7:cf:14:fa:
d4:81:2f:11:64:4a:27:77:93:f9:a9:20:6e:d2:6a:
0e:28:26:35:5d:cd:b6:2b:02:28:4d:f3:55:b4:b4:
6a:6a:6f:fe:a9:49:3f:5b:2b:e5:bb:c1:48:91:9e:
42:9a:5d:3a:ea:70:78:f1:12:7c:a5:bc:2d:10:c9:
c4:b6:7a:f1:d9:e5:ab:20:6c:95:87:59:f4:d5:df:
9f:18:1e:e3:87:a1:e1:11:70:55:58:26:54:f2:77:
74:56:f0:6e:99:1c:79:2c:54:d4:07:b0:cb:04:ce:
ee:f2:c4:eb:f5:f7:c3:0d:f8:95:bf:22:c2:ae:59:
47:89:4a:ef:d3:68:49:aa:72:c3:bc:96:6e:49:d1:
2f:f5:11:e3:ac:f9:45:a1:d7:6f:6e:7f:56:92:87:
1c:d3:91:c3:11:e9:31:25:68:5d:bb:cd:ea:88:71:
48:25:1b:7e:da:26:0e:dd:0e:e8:a1:6f:1f:fc:c1:
cc:bf:16:1b:94:20:0a:2e:96:c3:28:1c:f5:ec:93:
18:2b:cc:79:5f:01:56:f1:7d:fb:a2:36:ef:d7:3d:
85:4e:c5:1e:da:dd:37:0b:87:bd:2f:3a:11:1e:f9:
8c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6C:20:C9:37:7B:89:B4:35:30:69:70:53:26:36:EB:55:A3:4D:D9
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/R2wgyTd7ibQ1MGlwUyY261WjTdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.32.0/23
5.40.86.0/24
5.40.128.0/24
5.40.191.0/24
5.40.252.0/24
62.82.84.0/24
62.82.238.0/24
62.175.202.0/24
84.124.116.0/24
89.140.40.0/23
89.140.112.0/24
89.140.120.0/24
89.140.122.0/24
89.140.197.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:6d:eb:29:b1:a6:a8:35:d0:5b:3b:30:34:97:7a:73:a1:40:
ea:74:ce:85:30:de:30:7d:d1:45:1e:d5:0a:b1:f0:3d:12:51:
eb:21:a7:34:ce:29:4d:99:16:4f:78:76:89:88:88:14:d1:25:
39:b3:9c:5d:a0:12:ad:94:d3:54:55:e8:2a:a8:ba:3f:44:39:
18:a9:fd:21:4b:fa:15:09:b8:a3:7f:91:1b:67:f0:4d:5e:17:
ff:43:5e:7f:cc:30:f9:82:b1:57:7f:e6:5a:61:61:d5:48:a4:
98:49:8b:69:59:38:fd:07:af:a8:27:c1:51:05:6d:86:62:3d:
d3:99:d5:79:d9:41:c8:a0:d2:fe:ee:7e:88:76:45:5e:93:36:
76:e2:e1:f5:b3:a8:da:dd:fc:4a:17:09:90:09:55:f3:14:03:
3c:ec:22:96:9b:e9:ee:f7:aa:47:d4:fd:7d:9e:e8:fe:04:b4:
e3:3a:01:57:8b:b0:72:d7:25:6f:39:b0:b9:69:97:81:a9:a8:
e9:ef:2e:ce:0b:7c:43:d9:78:6e:36:76:a9:cf:83:af:d2:b4:
22:99:4b:ab:6f:68:4d:15:bb:19:da:95:f3:4c:f6:ac:58:48:
4d:d7:b4:8d:b8:66:99:d0:96:a0:4e:9c:ef:92:ac:47:86:ac:
29:72:3b:96
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzF3LHy/ugAaGv8PJIueHrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjQwMTAxMTYzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzZjMjBjOTM3N2I4OWI0MzUzMDY5NzA1MzI2MzZlYjU1YTM0ZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ1zkVS1c2N/sG46GCMQPWjBqxAQ
9aJbo7fPFPrUgS8RZEond5P5qSBu0moOKCY1Xc22KwIoTfNVtLRqam/+qUk/Wyvl
u8FIkZ5Cml066nB48RJ8pbwtEMnEtnrx2eWrIGyVh1n01d+fGB7jh6HhEXBVWCZU
8nd0VvBumRx5LFTUB7DLBM7u8sTr9ffDDfiVvyLCrllHiUrv02hJqnLDvJZuSdEv
9RHjrPlFoddvbn9Wkocc05HDEekxJWhdu83qiHFIJRt+2iYO3Q7ooW8f/MHMvxYb
lCAKLpbDKBz17JMYK8x5XwFW8X37ojbv1z2FTsUe2t03C4e9LzoRHvmMXQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEdsIMk3e4m0NTBpcFMmNutVo03ZMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvUjJ3Z3lUZDdpYlExTUdsd1V5WTI2MVdqVGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBBSggAwQA
BShWAwQABSiAAwQABSi/AwQABSj8AwQAPlJUAwQAPlLuAwQAPq/KAwQAVHx0AwQB
WYwoAwQAWYxwAwQAWYx4AwQAWYx6AwQAWYzFMA0GCSqGSIb3DQEBCwUAA4IBAQBN
bespsaaoNdBbOzA0l3pzoUDqdM6FMN4wfdFFHtUKsfA9ElHrIac0zilNmRZPeHaJ
iIgU0SU5s5xdoBKtlNNUVegqqLo/RDkYqf0hS/oVCbijf5EbZ/BNXhf/Q15/zDD5
grFXf+ZaYWHVSKSYSYtpWTj9B6+oJ8FRBW2GYj3TmdV52UHIoNL+7n6IdkVekzZ2
4uH1s6ja3fxKFwmQCVXzFAM87CKWm+nu96pH1P19nuj+BLTjOgFXi7By1yVvObC5
aZeBqajp7y7OC3xD2XhuNnapz4Ov0rQimUurb2hNFbsZ2pXzTPasWEhN17SNuGaZ
0JagTpzvkqxHhqwpcjuW
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:31:23 2024 by rpki-client on console-ams.rpki-client.org