Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/53-evmt5ByuaE8LvUO1WufJk954.roa
File: 53-evmt5ByuaE8LvUO1WufJk954.roa (raw, json)
Hash identifier: jTkEU9w/Qw39lkBxJXHsMX9VfumTiyJyUWKY8lGVSuM=
Subject key identifier: E7:7F:9E:BE:6B:79:07:2B:9A:13:C2:EF:50:ED:56:B9:F2:64:F7:9E
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 018DE5EA38BAABAB514585D8ECC05129A7DD
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/53-evmt5ByuaE8LvUO1WufJk954.roa
Signing time: Mon 26 Feb 2024 14:55:48 +0000
ROA not before: Mon 26 Feb 2024 14:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40065
IP address blocks: 2.56.255.0/24 maxlen: 24
2.59.151.0/24 maxlen: 24
5.181.219.0/24 maxlen: 24
31.40.214.0/24 maxlen: 24
45.12.88.0/24 maxlen: 24
45.12.90.0/24 maxlen: 24
45.67.223.0/24 maxlen: 24
185.183.84.0/24 maxlen: 24
185.186.146.0/23 maxlen: 23
185.194.148.0/24 maxlen: 24
185.201.226.0/24 maxlen: 24
185.201.227.0/24 maxlen: 24
185.238.248.0/24 maxlen: 24
185.238.250.0/24 maxlen: 24
193.9.44.0/24 maxlen: 24
193.9.46.0/24 maxlen: 24
193.22.152.0/24 maxlen: 24
212.103.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:ea:38:ba:ab:ab:51:45:85:d8:ec:c0:51:29:a7:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Feb 26 14:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e77f9ebe6b79072b9a13c2ef50ed56b9f264f79e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:16:f6:a6:4f:e2:72:29:df:7a:01:6c:5b:ad:
5d:7e:82:40:33:bd:eb:3c:78:53:04:24:b0:22:b0:
c0:f9:37:60:a5:ff:83:f0:eb:1a:8d:25:fc:1b:51:
58:fd:16:0b:01:5d:ee:56:d5:7d:f6:fe:d5:fc:33:
c8:7f:15:2a:26:74:9c:0f:55:2c:51:8f:41:78:2f:
bc:a1:a3:1a:0d:40:c5:91:d1:2d:a3:f0:af:5a:da:
0f:ab:4d:c4:7e:94:2e:c6:4d:c7:a7:f8:ee:fe:a9:
ac:d0:be:fa:97:1c:c2:ad:31:46:90:0c:75:da:6a:
d2:80:af:1d:b6:7d:2a:18:c1:5e:53:1c:57:87:3b:
fe:a2:66:73:15:30:52:1c:97:b2:29:cf:89:f3:7b:
9e:d4:9b:fa:f1:f3:e7:65:fe:66:77:1e:8f:71:50:
0a:17:00:df:f8:14:65:73:e0:69:3d:2c:6c:ae:7e:
cc:92:6a:85:4d:83:dc:a0:36:8b:5f:47:c4:af:34:
55:85:84:87:cc:1a:a1:5c:6f:9f:8f:11:36:83:ae:
91:6f:86:71:2b:ca:df:08:54:a8:50:a0:d2:0e:51:
4f:1f:7c:cb:02:71:ff:43:91:7a:d7:66:bb:b9:9e:
51:31:f8:bb:90:da:4b:54:cd:7f:cb:a7:df:fc:f3:
97:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7F:9E:BE:6B:79:07:2B:9A:13:C2:EF:50:ED:56:B9:F2:64:F7:9E
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/53-evmt5ByuaE8LvUO1WufJk954.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.255.0/24
2.59.151.0/24
5.181.219.0/24
31.40.214.0/24
45.12.88.0/24
45.12.90.0/24
45.67.223.0/24
185.183.84.0/24
185.186.146.0/23
185.194.148.0/24
185.201.226.0/23
185.238.248.0/24
185.238.250.0/24
193.9.44.0/24
193.9.46.0/24
193.22.152.0/24
212.103.62.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:78:fb:18:4d:18:57:1e:93:31:b6:b7:cb:51:2b:c0:1e:01:
5c:4a:44:25:9e:e3:47:30:fe:d5:58:39:2a:b2:d3:2f:bb:f5:
a7:a8:cc:d5:8b:44:e9:f1:21:92:33:49:4f:7a:af:80:99:3f:
47:a0:a2:37:2a:82:cd:da:9e:58:a6:4a:75:61:f2:75:b3:b4:
42:bd:4b:27:13:aa:6a:36:a0:f2:2f:d7:73:0f:b5:e8:82:f8:
32:56:03:88:83:85:35:d9:5b:d8:36:4f:a0:c3:7c:37:ec:d5:
ca:e8:0e:5e:92:e2:13:76:f5:bd:41:29:76:be:99:6c:96:af:
ee:3a:d7:11:0f:7e:5c:5a:40:51:a1:ea:5d:41:0b:aa:ff:6d:
62:01:0f:6c:1d:9d:03:ed:20:0e:39:2f:de:c6:64:fb:f2:99:
5a:3c:15:f1:3d:08:a4:e2:61:28:f9:ff:c3:52:e9:cb:86:d0:
95:fe:78:0e:8a:88:cf:8a:19:90:c1:d0:67:08:e8:5f:c6:c1:
20:e2:b0:61:a5:2c:da:0e:3d:ae:ff:1f:25:57:b4:b3:94:db:
e8:64:ca:7f:37:a1:85:38:24:8c:35:73:07:6a:d5:60:d1:e6:
8e:16:a8:f0:c5:29:bb:7d:ef:c5:5d:2c:8a:6e:a5:a6:ae:aa:
60:9e:48:5e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY3l6ji6q6tRRYXY7MBRKafdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjQwMjI2MTQ1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzdmOWViZTZiNzkwNzJiOWExM2MyZWY1MGVkNTZiOWYyNjRmNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxb2pk/icinfegFsW61dfoJAM73r
PHhTBCSwIrDA+Tdgpf+D8OsajSX8G1FY/RYLAV3uVtV99v7V/DPIfxUqJnScD1Us
UY9BeC+8oaMaDUDFkdEto/CvWtoPq03EfpQuxk3Hp/ju/qms0L76lxzCrTFGkAx1
2mrSgK8dtn0qGMFeUxxXhzv+omZzFTBSHJeyKc+J83ue1Jv68fPnZf5mdx6PcVAK
FwDf+BRlc+BpPSxsrn7MkmqFTYPcoDaLX0fErzRVhYSHzBqhXG+fjxE2g66Rb4Zx
K8rfCFSoUKDSDlFPH3zLAnH/Q5F612a7uZ5RMfi7kNpLVM1/y6ff/POXGQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFOd/nr5reQcrmhPC71DtVrnyZPeeMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvNTMtZXZtdDVCeXVhRThMdlVPMVd1ZkprOTU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAAjj/AwQA
AjuXAwQABbXbAwQAHyjWAwQALQxYAwQALQxaAwQALUPfAwQAubdUAwQBubqSAwQA
ucKUAwQBucniAwQAue74AwQAue76AwQAwQksAwQAwQkuAwQAwRaYAwQA1Gc+MA0G
CSqGSIb3DQEBCwUAA4IBAQA9ePsYTRhXHpMxtrfLUSvAHgFcSkQlnuNHMP7VWDkq
stMvu/WnqMzVi0Tp8SGSM0lPeq+AmT9HoKI3KoLN2p5Ypkp1YfJ1s7RCvUsnE6pq
NqDyL9dzD7XogvgyVgOIg4U12VvYNk+gw3w37NXK6A5ekuITdvW9QSl2vplslq/u
OtcRD35cWkBRoepdQQuq/21iAQ9sHZ0D7SAOOS/exmT78plaPBXxPQik4mEo+f/D
UunLhtCV/ngOiojPihmQwdBnCOhfxsEg4rBhpSzaDj2u/x8lV7SzlNvoZMp/N6GF
OCSMNXMHatVg0eaOFqjwxSm7fe/FXSyKbqWmrqpgnkhe
-----END CERTIFICATE-----
Generated at Sat May 4 11:36:39 2024 by rpki-client on console-fra.rpki-client.org