Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/5Ce1LLmrppScdBgUzXOYPfMJVoI.roa
File: 5Ce1LLmrppScdBgUzXOYPfMJVoI.roa (raw, json)
Hash identifier: 0ICYer0le2kY8XUPXoznDwLQzpgIThBqsxz/9edLPyk=
Subject key identifier: E4:27:B5:2C:B9:AB:A6:94:9C:74:18:14:CD:73:98:3D:F3:09:56:82
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 018CC7933D5A0394C8B0DEEB57A01B1B6380
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/5Ce1LLmrppScdBgUzXOYPfMJVoI.roa
Signing time: Tue 02 Jan 2024 00:29:24 +0000
ROA not before: Tue 02 Jan 2024 00:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204303
IP address blocks: 185.137.71.0/24 maxlen: 24
185.137.70.0/24 maxlen: 24
185.137.68.0/24 maxlen: 24
185.137.68.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:3d:5a:03:94:c8:b0:de:eb:57:a0:1b:1b:63:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Jan 2 00:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e427b52cb9aba6949c741814cd73983df3095682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3a:80:18:15:8e:a0:34:49:2d:a3:1f:4f:f1:
11:54:06:10:ed:ad:e8:12:72:d7:58:2d:dc:14:a0:
7a:10:3e:4f:aa:63:9d:fb:a7:25:cc:1d:7c:e3:92:
6d:75:45:42:14:a7:1b:e1:b4:ad:ca:33:dc:c9:9d:
11:70:a7:5c:35:c6:1c:41:38:83:a3:36:ed:ce:19:
32:b5:fb:0b:27:25:be:81:99:2f:81:bd:cf:95:85:
b0:ac:c0:28:17:d1:c0:b4:1c:60:8e:b1:75:fa:43:
41:9a:79:09:3c:20:4e:a6:e5:24:88:31:df:47:5a:
08:bb:2b:3e:60:be:b7:39:50:81:e2:8f:ec:43:93:
d3:53:d2:4f:1f:37:39:e1:26:a6:4b:a9:af:1f:b5:
1c:be:6c:39:e0:8e:2f:77:7e:e4:b7:fc:3d:19:f3:
66:de:d9:d5:68:09:ae:ec:65:84:a8:9c:49:3a:0d:
31:cf:ba:df:cf:1d:d2:e0:ea:89:f2:7c:c3:44:d8:
eb:1d:86:da:14:8d:79:eb:cb:12:27:bb:5c:ce:75:
a6:a3:61:7a:c5:54:74:fb:13:1e:5a:20:58:b4:11:
16:f7:63:8a:02:fa:57:f4:e9:08:c0:9e:65:c8:75:
b1:b6:e2:e6:64:21:4d:61:f2:25:cc:e7:d5:c2:f4:
0f:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:27:B5:2C:B9:AB:A6:94:9C:74:18:14:CD:73:98:3D:F3:09:56:82
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/5Ce1LLmrppScdBgUzXOYPfMJVoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.68.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:d7:1a:1e:e9:ca:13:b5:14:bb:c5:b5:f5:a2:8d:93:66:11:
c6:0d:30:a9:3b:78:2f:8a:02:ea:19:ba:59:e0:f9:f7:24:4e:
79:c4:b9:53:70:88:f5:23:99:1b:c9:68:e2:fc:1c:8c:b5:37:
7a:c2:84:9b:ec:01:d2:c4:22:18:ab:42:29:50:cb:3e:17:d2:
6e:4b:cd:bc:4f:11:be:78:eb:81:90:4d:12:64:16:50:bc:a7:
e1:44:93:68:31:1a:8f:a9:5a:c7:6b:47:d8:7a:76:a5:f5:85:
7b:54:fc:b9:70:c8:e5:27:ba:a7:fd:6b:31:a5:74:cb:68:22:
c6:58:39:6a:97:a4:41:47:56:d1:76:a4:da:f1:5a:ca:8a:19:
0f:9d:a2:e2:32:50:be:45:21:cd:66:13:dd:08:df:49:6b:20:
ee:15:1f:49:bd:30:b0:85:be:8b:52:16:30:ce:1c:0d:c1:c6:
23:b1:d1:86:85:68:87:cc:8e:46:dd:2a:86:80:26:8f:19:30:
ac:9e:a1:f6:6f:14:ae:c2:e6:91:07:93:c5:96:cf:13:b8:df:
e7:82:77:04:4d:2c:14:fb:c6:bf:49:07:b5:25:0f:29:aa:45:
8f:54:53:2e:6a:7b:17:af:2e:a7:60:87:51:a9:8d:74:da:80:
57:17:d1:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHkz1aA5TIsN7rV6AbG2OAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjQwMTAyMDAyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDI3YjUyY2I5YWJhNjk0OWM3NDE4MTRjZDczOTgzZGYzMDk1NjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDqAGBWOoDRJLaMfT/ERVAYQ7a3o
EnLXWC3cFKB6ED5PqmOd+6clzB1845JtdUVCFKcb4bStyjPcyZ0RcKdcNcYcQTiD
ozbtzhkytfsLJyW+gZkvgb3PlYWwrMAoF9HAtBxgjrF1+kNBmnkJPCBOpuUkiDHf
R1oIuys+YL63OVCB4o/sQ5PTU9JPHzc54SamS6mvH7Ucvmw54I4vd37kt/w9GfNm
3tnVaAmu7GWEqJxJOg0xz7rfzx3S4OqJ8nzDRNjrHYbaFI1568sSJ7tcznWmo2F6
xVR0+xMeWiBYtBEW92OKAvpX9OkIwJ5lyHWxtuLmZCFNYfIlzOfVwvQPHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQntSy5q6aUnHQYFM1zmD3zCVaCMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvNUNlMUxMbXJwcFNjZEJnVXpYT1lQZk1KVm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYlEMA0G
CSqGSIb3DQEBCwUAA4IBAQC51xoe6coTtRS7xbX1oo2TZhHGDTCpO3gvigLqGbpZ
4Pn3JE55xLlTcIj1I5kbyWji/ByMtTd6woSb7AHSxCIYq0IpUMs+F9JuS828TxG+
eOuBkE0SZBZQvKfhRJNoMRqPqVrHa0fYenal9YV7VPy5cMjlJ7qn/WsxpXTLaCLG
WDlql6RBR1bRdqTa8VrKihkPnaLiMlC+RSHNZhPdCN9JayDuFR9JvTCwhb6LUhYw
zhwNwcYjsdGGhWiHzI5G3SqGgCaPGTCsnqH2bxSuwuaRB5PFls8TuN/ngncETSwU
+8a/SQe1JQ8pqkWPVFMuansXry6nYIdRqY102oBXF9Hk
-----END CERTIFICATE-----
Generated at Mon Jun 24 12:22:01 2024 by rpki-client on console-ams.rpki-client.org