Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/5wG8ZSua9WMWbYmimqvnbKy2e04.roa
File: 5wG8ZSua9WMWbYmimqvnbKy2e04.roa (raw, json)
Hash identifier: N9EEH721iBVp1oEYEd2pVY3auPDlMlLn1YnDI80Y5dQ=
Subject key identifier: E7:01:BC:65:2B:9A:F5:63:16:6D:89:A2:9A:AB:E7:6C:AC:B6:7B:4E
Certificate issuer: /CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Certificate serial: 018CC500270CA6B6B61E23767E68FEAE373E
Authority key identifier: DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/5wG8ZSua9WMWbYmimqvnbKy2e04.roa
Signing time: Mon 01 Jan 2024 12:29:30 +0000
ROA not before: Mon 01 Jan 2024 12:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 95.142.116.0/24 maxlen: 24
95.142.113.0/24 maxlen: 24
95.142.119.0/24 maxlen: 24
95.142.123.0/24 maxlen: 24
95.142.122.0/24 maxlen: 24
185.54.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:27:0c:a6:b6:b6:1e:23:76:7e:68:fe:ae:37:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de0d9d6b697ca1c86570c256862e6858b4799c85
Validity
Not Before: Jan 1 12:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e701bc652b9af563166d89a29aabe76cacb67b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:24:06:b5:d6:a0:11:15:19:ad:fc:88:d0:53:
5a:aa:07:ca:15:47:17:0b:9f:d3:89:f3:1d:52:b3:
11:19:84:3c:85:f5:6c:03:13:48:0c:d0:77:cc:40:
13:8e:bd:00:ca:a9:32:cf:ae:f6:96:4d:65:5e:8c:
71:3d:fc:e6:06:69:94:87:3f:db:6e:fc:3d:66:08:
3c:4e:a1:c4:69:62:43:c1:34:1c:a8:87:e7:99:83:
1f:7c:7b:a0:7e:f7:e9:65:e6:d5:6e:d9:5f:a9:f8:
db:5e:fb:03:ce:d5:51:7e:18:d8:74:07:85:e0:7d:
ca:8f:95:63:5c:30:69:1f:38:3f:bd:02:22:21:bb:
92:07:b0:49:5a:bc:3e:e5:f8:85:ae:1a:10:31:eb:
e5:7a:e9:33:81:b4:5e:6e:a8:5c:68:27:7b:ad:71:
e1:f5:a0:01:9f:d1:5e:8e:64:fb:4e:77:3a:cc:80:
0e:e5:3b:ed:25:e8:d8:ad:6f:d1:0a:13:14:65:20:
1a:45:3d:3f:c6:1b:50:66:50:63:cd:b8:d0:90:be:
9b:8e:8c:c5:bb:24:b6:bd:e9:83:6c:bf:a0:50:e6:
05:99:f6:33:21:b8:66:c0:c6:48:94:70:73:2b:d9:
31:98:45:1d:73:9a:6a:4b:87:34:d7:e3:f8:82:48:
dc:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:01:BC:65:2B:9A:F5:63:16:6D:89:A2:9A:AB:E7:6C:AC:B6:7B:4E
X509v3 Authority Key Identifier:
keyid:DE:0D:9D:6B:69:7C:A1:C8:65:70:C2:56:86:2E:68:58:B4:79:9C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3g2da2l8ochlcMJWhi5oWLR5nIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/5wG8ZSua9WMWbYmimqvnbKy2e04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/68dc3c-df2e-4461-b7a6-01cbfc0e94e7/1/3g2da2l8ochlcMJWhi5oWLR5nIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.113.0/24
95.142.116.0/24
95.142.119.0/24
95.142.122.0/23
185.54.230.0/24
Signature Algorithm: sha256WithRSAEncryption
32:b8:24:8b:c7:9f:e5:6e:f6:95:eb:77:ba:87:4f:db:b9:ff:
1d:12:2e:62:71:02:e0:2c:d5:64:3d:cd:5d:46:ae:50:7d:ea:
d4:4e:45:97:b1:4a:0e:e2:f1:ee:0e:95:82:9d:54:59:5e:81:
82:b4:9b:9f:ba:92:f8:0b:6d:93:92:ff:5d:bb:0a:01:67:88:
e3:27:d5:e3:56:b8:b7:2b:12:2f:34:81:2e:cb:23:33:75:b6:
b0:bf:47:8d:b2:01:bb:53:19:1e:75:b1:54:f8:c0:61:a4:ea:
e6:a8:89:03:a3:9d:d5:10:f6:01:6b:8e:5e:47:70:27:f5:88:
ca:fa:94:43:64:6f:fe:ac:16:db:5c:70:e6:86:8d:18:82:3c:
de:50:19:ea:56:f2:da:99:7a:11:58:fd:ec:6f:ef:b2:20:2e:
88:30:f7:2e:2e:a1:ba:34:ee:9b:78:9a:1f:3c:7f:9b:92:45:
04:42:91:8a:f5:d2:0c:5f:be:e7:1b:54:ff:94:fc:ea:2c:54:
81:fb:be:32:50:ad:6f:5c:5e:c3:2f:59:d4:07:6a:9e:4b:6c:
ab:2a:4f:8a:e6:9e:66:fe:9e:1a:3c:81:ab:ce:b1:8c:ce:8f:
bf:c9:50:8d:70:07:5f:40:95:13:38:8e:8a:f2:dc:62:42:df:
ea:b5:87:7b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFACcMpra2HiN2fmj+rjc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMGQ5ZDZiNjk3Y2ExYzg2NTcwYzI1Njg2MmU2ODU4YjQ3
OTljODUwHhcNMjQwMTAxMTIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzAxYmM2NTJiOWFmNTYzMTY2ZDg5YTI5YWFiZTc2Y2FjYjY3YjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCQGtdagERUZrfyI0FNaqgfKFUcX
C5/TifMdUrMRGYQ8hfVsAxNIDNB3zEATjr0Ayqkyz672lk1lXoxxPfzmBmmUhz/b
bvw9Zgg8TqHEaWJDwTQcqIfnmYMffHugfvfpZebVbtlfqfjbXvsDztVRfhjYdAeF
4H3Kj5VjXDBpHzg/vQIiIbuSB7BJWrw+5fiFrhoQMevleukzgbRebqhcaCd7rXHh
9aABn9FejmT7Tnc6zIAO5TvtJejYrW/RChMUZSAaRT0/xhtQZlBjzbjQkL6bjozF
uyS2vemDbL+gUOYFmfYzIbhmwMZIlHBzK9kxmEUdc5pqS4c01+P4gkjcNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOcBvGUrmvVjFm2Jopqr52ystntOMB8GA1UdIwQY
MBaAFN4NnWtpfKHIZXDCVoYuaFi0eZyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYt
MDFjYmZjMGU5NGU3LzEvNXdHOFpTdWE5V01XYlltaW1xdm5iS3kyZTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82OGRjM2MtZGYyZS00NDYxLWI3YTYtMDFjYmZjMGU5NGU3
LzEvM2cyZGEybDhvY2hsY01KV2hpNW9XTFI1bklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAX45xAwQA
X450AwQAX453AwQBX456AwQAuTbmMA0GCSqGSIb3DQEBCwUAA4IBAQAyuCSLx5/l
bvaV63e6h0/buf8dEi5icQLgLNVkPc1dRq5QferUTkWXsUoO4vHuDpWCnVRZXoGC
tJufupL4C22Tkv9duwoBZ4jjJ9XjVri3KxIvNIEuyyMzdbawv0eNsgG7UxkedbFU
+MBhpOrmqIkDo53VEPYBa45eR3An9YjK+pRDZG/+rBbbXHDmho0YgjzeUBnqVvLa
mXoRWP3sb++yIC6IMPcuLqG6NO6beJofPH+bkkUEQpGK9dIMX77nG1T/lPzqLFSB
+74yUK1vXF7DL1nUB2qeS2yrKk+K5p5m/p4aPIGrzrGMzo+/yVCNcAdfQJUTOI6K
8txiQt/qtYd7
-----END CERTIFICATE-----
Generated at Sat May 4 00:13:22 2024 by rpki-client on console-fra.rpki-client.org