Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tBenuAjz0yV1Mf3ADih4JoyLFds.roa
File: tBenuAjz0yV1Mf3ADih4JoyLFds.roa (raw, json)
Hash identifier: de0snphsRVUANZHxXEnDi/p/Dw+nkGnFIcsnYkLNIyY=
Subject key identifier: B4:17:A7:B8:08:F3:D3:25:75:31:FD:C0:0E:28:78:26:8C:8B:15:DB
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE603A30DD8FDFB46C10C23AD448F3757
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tBenuAjz0yV1Mf3ADih4JoyLFds.roa
Signing time: Tue 16 Apr 2024 08:26:21 +0000
ROA not before: Tue 16 Apr 2024 08:26:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38951
IP address blocks: 46.252.160.0/20 maxlen: 20
77.241.32.0/20 maxlen: 20
87.237.112.0/21 maxlen: 21
93.185.176.0/20 maxlen: 20
109.205.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:03:a3:0d:d8:fd:fb:46:c1:0c:23:ad:44:8f:37:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 16 08:26:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b417a7b808f3d3257531fdc00e2878268c8b15db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:26:05:d8:c6:4e:46:7e:01:3d:5a:8c:09:cf:
5d:a4:2d:27:b6:a6:f0:b7:07:70:60:e0:15:61:be:
3c:ac:b4:c9:71:ca:db:34:0c:43:31:5b:cf:74:7b:
d5:61:35:5f:6f:a0:3f:e3:88:25:80:a8:30:32:b2:
09:30:e2:28:3d:a4:a7:99:35:6f:a0:ce:f8:1e:de:
bc:28:e6:3c:c0:c6:ef:8e:b9:86:b7:d4:76:ef:55:
c8:35:45:f7:d1:04:f3:92:47:cb:a6:35:f0:41:5f:
03:5f:29:66:7d:e3:61:1b:64:00:12:e9:44:09:a5:
64:69:78:54:be:74:60:49:d6:a9:e4:c9:03:53:0a:
d0:4f:39:33:50:c1:7d:37:ed:38:f8:56:2c:a2:cc:
d1:aa:c1:12:3a:26:0f:e5:49:f6:2b:d3:5a:ce:44:
4b:5b:4b:db:06:67:c8:c7:d0:f6:6d:1b:9c:a2:a3:
29:91:d3:09:cf:4a:a1:52:21:81:76:e0:cf:61:2a:
1d:7d:87:4a:b8:56:a0:df:ab:eb:1f:99:d7:f3:01:
b8:63:78:6f:22:45:7f:b5:06:74:6b:27:03:9a:80:
43:4c:67:b4:2b:98:29:80:b8:42:ef:0e:5d:05:c8:
27:bf:6a:0c:ba:eb:15:72:65:38:84:45:40:ee:a4:
77:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:17:A7:B8:08:F3:D3:25:75:31:FD:C0:0E:28:78:26:8C:8B:15:DB
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/tBenuAjz0yV1Mf3ADih4JoyLFds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.160.0/20
77.241.32.0/20
87.237.112.0/21
93.185.176.0/20
109.205.248.0/21
Signature Algorithm: sha256WithRSAEncryption
67:45:97:01:0b:67:6f:70:fd:5f:2d:68:7e:d0:c2:e1:6c:93:
5c:94:ec:f2:d2:c1:43:3a:ae:95:91:66:b2:48:f1:3d:32:44:
fd:65:68:53:12:57:5e:15:e6:32:38:96:06:02:d5:94:3c:57:
27:b8:20:4b:d8:a0:8e:15:4c:31:50:43:d0:23:dc:67:38:5a:
f8:c4:5e:df:8f:bb:a2:f3:d6:5c:d6:bf:9e:01:93:63:9c:7f:
1a:1f:45:09:1f:49:0d:62:9e:0b:fa:8f:74:48:a7:d9:f6:54:
14:fc:20:64:1b:ca:19:1c:e7:53:01:00:30:ec:60:d4:6b:1f:
6b:0c:2b:1a:d4:ab:4d:a6:09:99:0b:55:23:f3:f9:88:3b:e7:
79:58:ce:77:25:d8:01:79:fd:58:1b:5c:19:ea:bd:7c:96:68:
89:4b:0d:b3:27:d0:2d:62:67:b7:39:8c:a4:10:d5:84:51:b3:
85:26:6d:70:15:c7:e5:b9:8e:64:67:05:6d:e7:b7:84:13:af:
16:7e:20:11:53:56:ed:38:9e:d1:58:c0:f8:80:7c:13:98:f1:
f8:38:10:fe:f7:ae:74:04:fa:7d:16:5e:54:d0:16:d4:2d:2c:
12:17:16:05:7a:2a:b8:a9:13:d2:40:27:60:09:92:96:c7:c1:
e8:08:99:65
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7mA6MN2P37RsEMI61EjzdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE2MDgyNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDE3YTdiODA4ZjNkMzI1NzUzMWZkYzAwZTI4NzgyNjhjOGIxNWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyYF2MZORn4BPVqMCc9dpC0ntqbw
twdwYOAVYb48rLTJccrbNAxDMVvPdHvVYTVfb6A/44glgKgwMrIJMOIoPaSnmTVv
oM74Ht68KOY8wMbvjrmGt9R271XINUX30QTzkkfLpjXwQV8DXylmfeNhG2QAEulE
CaVkaXhUvnRgSdap5MkDUwrQTzkzUMF9N+04+FYsoszRqsESOiYP5Un2K9NazkRL
W0vbBmfIx9D2bRucoqMpkdMJz0qhUiGBduDPYSodfYdKuFag36vrH5nX8wG4Y3hv
IkV/tQZ0aycDmoBDTGe0K5gpgLhC7w5dBcgnv2oMuusVcmU4hEVA7qR3ZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLQXp7gI89MldTH9wA4oeCaMixXbMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvdEJlbnVBanoweVYxTWYzQURpaDRKb3lMRmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQELvygAwQE
TfEgAwQDV+1wAwQEXbmwAwQDbc34MA0GCSqGSIb3DQEBCwUAA4IBAQBnRZcBC2dv
cP1fLWh+0MLhbJNclOzy0sFDOq6VkWaySPE9MkT9ZWhTEldeFeYyOJYGAtWUPFcn
uCBL2KCOFUwxUEPQI9xnOFr4xF7fj7ui89Zc1r+eAZNjnH8aH0UJH0kNYp4L+o90
SKfZ9lQU/CBkG8oZHOdTAQAw7GDUax9rDCsa1KtNpgmZC1Uj8/mIO+d5WM53JdgB
ef1YG1wZ6r18lmiJSw2zJ9AtYme3OYykENWEUbOFJm1wFcfluY5kZwVt57eEE68W
fiARU1btOJ7RWMD4gHwTmPH4OBD+9650BPp9Fl5U0BbULSwSFxYFeiq4qRPSQCdg
CZKWx8HoCJll
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:57 2024 by rpki-client on console-ams.rpki-client.org