Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/tg9g-FU6hB4PR-LQ0K3Un7vViJo.roa
File: tg9g-FU6hB4PR-LQ0K3Un7vViJo.roa (raw, json)
Hash identifier: XFE8TjCFHpdidlntoI7VRUZWvGW514emYRg6iqmfScs=
Subject key identifier: B6:0F:60:F8:55:3A:84:1E:0F:47:E2:D0:D0:AD:D4:9F:BB:D5:88:9A
Certificate issuer: /CN=5b00790bae3cd85a50e4f934388361763ebfbe5a
Certificate serial: 018CC34900468C42171886004B649B5E241B
Authority key identifier: 5B:00:79:0B:AE:3C:D8:5A:50:E4:F9:34:38:83:61:76:3E:BF:BE:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WwB5C6482FpQ5Pk0OINhdj6_vlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/tg9g-FU6hB4PR-LQ0K3Un7vViJo.roa
Signing time: Mon 01 Jan 2024 04:29:50 +0000
ROA not before: Mon 01 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 185.225.161.0/24 maxlen: 24
212.11.79.0/24 maxlen: 24
185.249.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/WwB5C6482FpQ5Pk0OINhdj6_vlo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/WwB5C6482FpQ5Pk0OINhdj6_vlo.mft
rsync://rpki.ripe.net/repository/DEFAULT/WwB5C6482FpQ5Pk0OINhdj6_vlo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 19:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:00:46:8c:42:17:18:86:00:4b:64:9b:5e:24:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b00790bae3cd85a50e4f934388361763ebfbe5a
Validity
Not Before: Jan 1 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b60f60f8553a841e0f47e2d0d0add49fbbd5889a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5a:74:29:0f:fc:70:40:25:e3:dc:cd:fe:2f:
b4:9b:77:5a:2d:64:73:97:7f:a7:f9:69:a0:c5:cc:
9d:c3:bf:b7:dd:df:f9:65:1d:9b:a9:c8:fc:7e:c7:
0a:f2:69:64:4d:bc:f6:ab:e3:92:46:70:a5:7d:3a:
dc:4d:86:0e:2c:08:39:a7:39:c0:35:16:a9:4d:79:
18:b6:7b:8e:ac:3d:88:dd:23:c2:1c:a0:69:a0:b5:
e9:57:41:2d:09:b7:ba:43:08:13:04:9f:de:5f:13:
91:d3:f5:b6:ca:e6:9b:d9:94:9c:87:0a:50:dd:de:
82:53:83:53:71:af:01:09:d7:79:d2:58:99:4a:b0:
e4:3a:1d:42:1a:32:ff:8b:a3:3b:e2:c4:0c:0b:83:
48:45:d3:fe:98:7b:9a:77:8c:92:89:d1:26:4a:e5:
68:25:1e:e4:45:a6:07:4a:a9:d6:2e:6f:d0:24:d8:
cf:28:d3:b3:c8:d8:66:02:d4:c6:55:da:d8:7e:17:
e4:a0:e7:92:1c:99:14:92:c0:c5:24:b4:c6:1c:f6:
6a:0b:58:b3:c1:99:da:ab:f1:4c:a5:d2:38:fb:48:
92:4f:43:bc:59:4e:1e:50:10:e9:18:cb:43:cf:ee:
ff:5f:c6:51:c3:9e:fa:e3:8e:3a:5c:de:10:e9:e9:
24:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0F:60:F8:55:3A:84:1E:0F:47:E2:D0:D0:AD:D4:9F:BB:D5:88:9A
X509v3 Authority Key Identifier:
keyid:5B:00:79:0B:AE:3C:D8:5A:50:E4:F9:34:38:83:61:76:3E:BF:BE:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WwB5C6482FpQ5Pk0OINhdj6_vlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/tg9g-FU6hB4PR-LQ0K3Un7vViJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8e416c-5550-4e81-a8c4-d6235b5fe67a/1/WwB5C6482FpQ5Pk0OINhdj6_vlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.161.0/24
185.249.220.0/24
212.11.79.0/24
Signature Algorithm: sha256WithRSAEncryption
82:34:bc:10:d3:a9:10:09:e4:c2:23:80:dc:75:47:a7:a3:00:
2a:e5:d4:c1:47:93:bc:c3:65:bc:09:cb:8b:61:ff:53:2f:70:
c0:15:71:3d:91:09:b5:00:42:10:8c:21:0f:3c:fc:ea:26:69:
5a:91:c5:90:a6:ce:b1:aa:7f:d4:de:77:4d:90:bd:c8:ff:73:
93:06:e9:2e:67:f3:e0:ec:4a:71:08:c4:e3:8a:f1:5d:37:7c:
6c:28:55:9f:90:f4:2a:5c:cf:7d:9b:62:af:91:f3:a6:15:52:
74:dd:9a:c4:bd:06:bc:ad:ac:81:73:32:86:97:a1:87:3f:f2:
c4:a8:eb:3c:66:88:2d:0e:a8:62:91:85:ac:6f:44:6f:47:b2:
71:1b:f8:79:05:61:de:cb:f2:66:ed:65:36:07:07:cb:e1:4d:
10:94:fa:58:cd:cd:e2:44:d9:e0:78:d7:0a:29:15:17:81:f5:
87:e0:12:4b:43:1a:32:9a:1f:81:eb:5f:9c:43:7a:a9:90:dd:
be:f9:58:a0:ff:33:10:4d:c2:88:6a:8b:aa:fb:16:8c:39:a5:
7b:56:e1:14:d5:7d:2b:ba:8c:f0:d7:f3:95:a7:ea:26:66:0d:
36:ac:3b:5d:c9:22:2a:64:3b:86:ad:c1:85:52:be:9b:15:22:
a3:bf:b7:2b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSQBGjEIXGIYAS2SbXiQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMDA3OTBiYWUzY2Q4NWE1MGU0ZjkzNDM4ODM2MTc2M2Vi
ZmJlNWEwHhcNMjQwMTAxMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjBmNjBmODU1M2E4NDFlMGY0N2UyZDBkMGFkZDQ5ZmJiZDU4ODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlp0KQ/8cEAl49zN/i+0m3daLWRz
l3+n+Wmgxcydw7+33d/5ZR2bqcj8fscK8mlkTbz2q+OSRnClfTrcTYYOLAg5pznA
NRapTXkYtnuOrD2I3SPCHKBpoLXpV0EtCbe6QwgTBJ/eXxOR0/W2yuab2ZSchwpQ
3d6CU4NTca8BCdd50liZSrDkOh1CGjL/i6M74sQMC4NIRdP+mHuad4ySidEmSuVo
JR7kRaYHSqnWLm/QJNjPKNOzyNhmAtTGVdrYfhfkoOeSHJkUksDFJLTGHPZqC1iz
wZnaq/FMpdI4+0iST0O8WU4eUBDpGMtDz+7/X8ZRw5764446XN4Q6ekkywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLYPYPhVOoQeD0fi0NCt1J+71YiaMB8GA1UdIwQY
MBaAFFsAeQuuPNhaUOT5NDiDYXY+v75aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3dCNUM2NDgyRnBRNVBrME9JTmhkajZfdmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84ZTQxNmMtNTU1MC00ZTgxLWE4YzQt
ZDYyMzViNWZlNjdhLzEvdGc5Zy1GVTZoQjRQUi1MUTBLM1VuN3ZWaUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84ZTQxNmMtNTU1MC00ZTgxLWE4YzQtZDYyMzViNWZlNjdh
LzEvV3dCNUM2NDgyRnBRNVBrME9JTmhkajZfdmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAueGhAwQA
ufncAwQA1AtPMA0GCSqGSIb3DQEBCwUAA4IBAQCCNLwQ06kQCeTCI4DcdUenowAq
5dTBR5O8w2W8CcuLYf9TL3DAFXE9kQm1AEIQjCEPPPzqJmlakcWQps6xqn/U3ndN
kL3I/3OTBukuZ/Pg7EpxCMTjivFdN3xsKFWfkPQqXM99m2KvkfOmFVJ03ZrEvQa8
rayBczKGl6GHP/LEqOs8ZogtDqhikYWsb0RvR7JxG/h5BWHey/Jm7WU2BwfL4U0Q
lPpYzc3iRNngeNcKKRUXgfWH4BJLQxoymh+B61+cQ3qpkN2++Vig/zMQTcKIaouq
+xaMOaV7VuEU1X0ruozw1/OVp+omZg02rDtdySIqZDuGrcGFUr6bFSKjv7cr
-----END CERTIFICATE-----
Generated at Mon May 6 04:07:45 2024 by rpki-client on console-ams.rpki-client.org