Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/gs0e5pt1XiKNvW3WcerFMYrjWEc.roa
File: gs0e5pt1XiKNvW3WcerFMYrjWEc.roa (raw, json)
Hash identifier: Aq/MFnvAYAaq23cp8hn1VWq3KnpB0emIIalm7lXlELo=
Subject key identifier: 82:CD:1E:E6:9B:75:5E:22:8D:BD:6D:D6:71:EA:C5:31:8A:E3:58:47
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018F13D7ED31281417E7AE6CED60DC34E672
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/gs0e5pt1XiKNvW3WcerFMYrjWEc.roa
Signing time: Thu 25 Apr 2024 06:01:09 +0000
ROA not before: Thu 25 Apr 2024 06:01:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13118
IP address blocks: 46.237.0.0/18 maxlen: 18
46.237.0.0/19 maxlen: 19
46.237.48.0/20 maxlen: 20
77.234.0.0/19 maxlen: 19
85.113.192.0/20 maxlen: 20
85.113.204.0/24 maxlen: 24
87.253.0.0/19 maxlen: 19
87.253.0.0/20 maxlen: 20
87.253.13.0/24 maxlen: 24
87.253.16.0/21 maxlen: 21
87.253.24.0/21 maxlen: 21
93.181.208.0/20 maxlen: 20
93.181.224.0/24 maxlen: 24
93.181.225.0/24 maxlen: 24
93.181.240.0/20 maxlen: 20
95.86.192.0/19 maxlen: 19
95.86.206.0/24 maxlen: 24
95.86.207.0/24 maxlen: 24
95.86.208.0/24 maxlen: 24
95.86.209.0/24 maxlen: 24
95.86.224.0/19 maxlen: 19
95.106.160.0/19 maxlen: 19
109.161.0.0/17 maxlen: 17
109.161.0.0/19 maxlen: 19
109.161.32.0/19 maxlen: 19
109.161.52.0/24 maxlen: 24
109.161.57.0/24 maxlen: 24
109.161.60.0/22 maxlen: 22
109.161.64.0/19 maxlen: 19
109.161.64.0/20 maxlen: 20
217.15.128.0/19 maxlen: 24
217.15.134.0/24 maxlen: 24
217.15.144.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:13:d7:ed:31:28:14:17:e7:ae:6c:ed:60:dc:34:e6:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 25 06:01:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82cd1ee69b755e228dbd6dd671eac5318ae35847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:84:26:b1:79:00:d4:08:9c:81:85:42:8c:0b:
c2:5e:70:d3:24:59:81:dc:b2:bf:ab:4a:6f:ce:0f:
d1:65:04:2c:9b:68:98:61:f3:6a:0c:fb:02:af:9a:
5f:da:d3:30:a5:b4:8c:a2:fb:3d:bf:b5:24:ab:5e:
b4:91:a9:5d:64:45:30:d6:c2:86:73:c3:e5:5e:91:
3e:3a:7f:af:bb:13:3b:94:74:77:13:cf:5b:fd:ad:
bd:bf:aa:82:e8:3c:b2:d5:9e:77:db:04:99:38:a7:
5e:84:78:c1:30:8b:90:d9:6d:71:19:ef:f3:0f:f6:
d7:25:96:a7:86:f6:5d:a9:7e:25:6f:1e:ce:1c:b1:
90:44:cd:ca:5f:8c:f6:c2:82:f4:32:fe:d7:00:39:
a5:88:18:b4:bf:4a:49:41:76:66:86:2d:fd:a7:ae:
89:af:d1:ee:1d:f7:f0:39:64:08:bb:c6:bb:06:e9:
24:4b:bd:8c:fd:0c:df:b0:22:38:ba:18:51:f8:fc:
25:fe:b5:c3:98:a4:87:82:f0:67:b3:db:43:9c:bd:
79:80:8e:7d:bf:b0:e5:4f:3d:1f:2d:a7:bf:92:41:
74:0f:cb:5a:37:f2:bd:d1:6e:cb:ef:dd:a5:ef:06:
0f:f9:7b:f7:37:3f:9e:52:33:9a:13:84:f3:fd:b3:
07:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CD:1E:E6:9B:75:5E:22:8D:BD:6D:D6:71:EA:C5:31:8A:E3:58:47
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/gs0e5pt1XiKNvW3WcerFMYrjWEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.237.0.0/18
77.234.0.0/19
85.113.192.0/20
87.253.0.0/19
93.181.208.0-93.181.225.255
93.181.240.0/20
95.86.192.0/18
95.106.160.0/19
109.161.0.0/17
217.15.128.0/19
Signature Algorithm: sha256WithRSAEncryption
02:68:91:9d:bd:75:fd:f8:75:40:66:e3:b9:88:83:be:c4:4d:
18:02:e7:75:67:62:1a:a9:56:89:c7:18:33:31:3b:7c:f4:8a:
72:b7:30:49:c1:72:b3:bb:a1:30:c0:c1:53:48:e7:0b:8f:a7:
1e:6c:43:15:ee:1b:0b:14:65:05:2b:6f:6e:43:7f:8f:33:62:
01:9d:3e:81:9c:b6:7c:6c:12:ec:4f:50:c2:10:a3:63:62:e3:
be:5c:a9:a5:f2:e3:11:ca:e6:c9:d5:b3:c8:c1:6f:0f:96:dd:
da:c4:24:1a:b1:42:ba:ad:85:8d:91:f9:a5:69:d5:74:6b:31:
b1:2e:4a:7d:43:ad:5d:ae:13:4b:87:1e:33:d0:de:91:2a:c7:
a3:13:d0:53:96:5b:8b:ff:58:50:9e:85:5a:8c:ff:42:12:0f:
73:43:89:a0:5e:44:c3:53:a0:3c:32:28:02:6f:d9:bb:fb:31:
10:eb:02:5f:6c:10:02:b0:b7:5f:45:e1:f8:22:d1:24:06:5d:
e6:f1:5c:90:9c:2c:6d:29:63:b9:c8:09:8d:30:41:b5:24:1c:
a3:64:5c:aa:18:25:7a:af:ea:a9:d6:14:9b:b6:84:59:9f:27:
54:f3:87:79:2f:84:df:e9:53:5e:7f:31:04:36:1a:af:ac:d2:
53:2d:7f:71
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY8T1+0xKBQX565s7WDcNOZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDI1MDYwMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNkMWVlNjliNzU1ZTIyOGRiZDZkZDY3MWVhYzUzMThhZTM1ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4QmsXkA1AicgYVCjAvCXnDTJFmB
3LK/q0pvzg/RZQQsm2iYYfNqDPsCr5pf2tMwpbSMovs9v7Ukq160kaldZEUw1sKG
c8PlXpE+On+vuxM7lHR3E89b/a29v6qC6Dyy1Z532wSZOKdehHjBMIuQ2W1xGe/z
D/bXJZanhvZdqX4lbx7OHLGQRM3KX4z2woL0Mv7XADmliBi0v0pJQXZmhi39p66J
r9HuHffwOWQIu8a7BukkS72M/QzfsCI4uhhR+Pwl/rXDmKSHgvBns9tDnL15gI59
v7DlTz0fLae/kkF0D8taN/K90W7L792l7wYP+Xv3Nz+eUjOaE4Tz/bMH0wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFILNHuabdV4ijb1t1nHqxTGK41hHMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZ3MwZTVwdDFYaUtOdlczV2NlckZNWXJqV0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQGLu0AAwQF
TeoAAwQEVXHAAwQFV/0AMAwDBARdtdADBAFdteADBARdtfADBAZfVsADBAVfaqAD
BAdtoQADBAXZD4AwDQYJKoZIhvcNAQELBQADggEBAAJokZ29df34dUBm47mIg77E
TRgC53VnYhqpVonHGDMxO3z0inK3MEnBcrO7oTDAwVNI5wuPpx5sQxXuGwsUZQUr
b25Df48zYgGdPoGctnxsEuxPUMIQo2Ni475cqaXy4xHK5snVs8jBbw+W3drEJBqx
QrqthY2R+aVp1XRrMbEuSn1DrV2uE0uHHjPQ3pEqx6MT0FOWW4v/WFCehVqM/0IS
D3NDiaBeRMNToDwyKAJv2bv7MRDrAl9sEAKwt19F4fgi0SQGXebxXJCcLG0pY7nI
CY0wQbUkHKNkXKoYJXqv6qnWFJu2hFmfJ1Tzh3kvhN/pU15/MQQ2Gq+s0lMtf3E=
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:56:01 2024 by rpki-client on console-fra.rpki-client.org