Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/5gcgGCZb9t7g2lchkqbMJVsa4AM.roa
File: 5gcgGCZb9t7g2lchkqbMJVsa4AM.roa (raw, json)
Hash identifier: dqRa/C9+w4EsEVJ6oEWG8F+EBXh0bH++xT3a2rjjHEA=
Subject key identifier: E6:07:20:18:26:5B:F6:DE:E0:DA:57:21:92:A6:CC:25:5B:1A:E0:03
Certificate issuer: /CN=ce958f181fb507a0a2a821856b8be0d54b118b85
Certificate serial: 018CC56EF12B771AE14B556EEA465952A1E5
Authority key identifier: CE:95:8F:18:1F:B5:07:A0:A2:A8:21:85:6B:8B:E0:D5:4B:11:8B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpWPGB-1B6CiqCGFa4vg1UsRi4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/5gcgGCZb9t7g2lchkqbMJVsa4AM.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207023
IP address blocks: 185.174.90.0/23 maxlen: 23
185.60.202.0/23 maxlen: 23
185.168.158.0/23 maxlen: 23
185.242.94.0/23 maxlen: 23
185.242.92.0/23 maxlen: 23
185.115.64.0/22 maxlen: 22
185.126.72.0/22 maxlen: 24
185.126.76.0/22 maxlen: 24
185.120.8.0/23 maxlen: 23
185.120.10.0/23 maxlen: 23
2a0a:d05::/32 maxlen: 32
2a0a:d01::/32 maxlen: 32
2a0a:d04::/32 maxlen: 32
2a0a:d02::/32 maxlen: 32
2a0a:d03::/32 maxlen: 32
2a0a:d07::/32 maxlen: 32
2a0a:d06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/zpWPGB-1B6CiqCGFa4vg1UsRi4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/zpWPGB-1B6CiqCGFa4vg1UsRi4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/zpWPGB-1B6CiqCGFa4vg1UsRi4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 15:27:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f1:2b:77:1a:e1:4b:55:6e:ea:46:59:52:a1:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce958f181fb507a0a2a821856b8be0d54b118b85
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6072018265bf6dee0da572192a6cc255b1ae003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:09:79:90:64:c2:4a:ae:03:a4:a0:ff:71:17:
59:03:e9:ee:6f:f1:84:0b:bc:5d:f8:5a:2f:65:6c:
1b:25:b2:b5:bd:d0:c4:4c:d1:11:60:e9:63:d9:5d:
62:2a:d4:45:4c:3e:1f:8b:3f:1a:fb:52:47:38:0f:
2e:0f:4a:3c:33:5d:1e:46:56:63:4b:23:92:f9:a0:
2c:5d:0f:35:6a:1f:6f:c7:e3:f5:a6:7e:a9:20:f5:
0a:15:12:8b:50:3c:a7:c4:2a:27:c9:80:ee:ec:e7:
05:74:20:fe:33:a2:93:15:f1:f1:09:df:15:fd:39:
52:50:cb:48:6c:79:b0:ec:93:e3:37:a0:5b:d6:db:
1e:b1:d4:54:74:c7:67:9a:38:60:fd:40:b1:c5:ab:
cc:cf:44:89:24:f2:3e:96:38:2f:c2:a0:ca:18:4c:
72:81:6b:48:c8:0d:d9:08:5d:97:a2:98:cb:b5:a1:
90:a1:cf:be:1e:51:5e:68:6e:9b:bc:4b:1e:16:e5:
56:dc:84:61:bf:56:1a:34:71:06:42:b8:36:2a:4c:
02:ed:d6:7d:14:7f:ec:0a:10:c5:3c:a7:e9:51:22:
b5:12:d3:a1:85:a0:62:1e:29:dc:28:ff:ba:5c:ad:
97:d9:58:51:7a:e7:36:35:7f:74:83:92:af:d4:4c:
29:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:07:20:18:26:5B:F6:DE:E0:DA:57:21:92:A6:CC:25:5B:1A:E0:03
X509v3 Authority Key Identifier:
keyid:CE:95:8F:18:1F:B5:07:A0:A2:A8:21:85:6B:8B:E0:D5:4B:11:8B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpWPGB-1B6CiqCGFa4vg1UsRi4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/5gcgGCZb9t7g2lchkqbMJVsa4AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/zpWPGB-1B6CiqCGFa4vg1UsRi4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.202.0/23
185.115.64.0/22
185.120.8.0/22
185.126.72.0/21
185.168.158.0/23
185.174.90.0/23
185.242.92.0/22
IPv6:
2a0a:d01::-2a0a:d07:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
69:07:12:cb:60:95:d1:9a:39:19:fe:8a:2e:46:2c:be:28:20:
19:c4:c2:2c:cf:a9:ff:ae:49:3a:99:0b:62:e0:42:99:35:fe:
bb:37:69:0e:db:19:98:3b:5c:cc:f0:d3:e4:fc:14:ec:7a:d0:
26:91:18:71:be:00:a9:c5:8f:f4:8f:47:42:d0:4e:89:0c:b0:
4a:f5:69:e0:b1:c3:f2:34:92:17:69:4f:a7:85:92:1f:e8:50:
7e:e8:aa:01:fd:36:21:03:45:f2:1c:3a:57:ba:8c:23:4f:69:
8b:14:39:2e:16:41:de:8e:78:95:53:7a:d8:85:22:91:20:71:
a1:7c:19:80:1c:be:5c:1e:0e:e9:ac:e8:0c:b7:b5:d5:f3:b9:
52:f4:80:b8:76:6f:a5:1c:81:79:c3:df:24:15:df:8e:f0:11:
75:a3:7d:92:eb:4a:09:f1:6f:c7:37:63:44:92:33:0c:b4:f8:
7d:73:35:c6:56:16:2b:4d:af:ee:aa:43:51:38:68:f7:75:54:
a1:15:06:cf:31:f9:28:d1:f4:bd:83:d1:d6:e1:e8:04:fa:e1:
1b:28:b1:7a:85:72:12:ab:5e:2f:ea:53:6b:8c:9c:a4:be:87:
2e:99:d1:91:aa:e8:0a:05:94:e7:31:2f:fe:0e:21:07:54:dc:
f3:8a:d7:30
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYzFbvErdxrhS1Vu6kZZUqHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOTU4ZjE4MWZiNTA3YTBhMmE4MjE4NTZiOGJlMGQ1NGIx
MThiODUwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjA3MjAxODI2NWJmNmRlZTBkYTU3MjE5MmE2Y2MyNTViMWFlMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwl5kGTCSq4DpKD/cRdZA+nub/GE
C7xd+FovZWwbJbK1vdDETNERYOlj2V1iKtRFTD4fiz8a+1JHOA8uD0o8M10eRlZj
SyOS+aAsXQ81ah9vx+P1pn6pIPUKFRKLUDynxConyYDu7OcFdCD+M6KTFfHxCd8V
/TlSUMtIbHmw7JPjN6Bb1tsesdRUdMdnmjhg/UCxxavMz0SJJPI+ljgvwqDKGExy
gWtIyA3ZCF2XopjLtaGQoc++HlFeaG6bvEseFuVW3IRhv1YaNHEGQrg2KkwC7dZ9
FH/sChDFPKfpUSK1EtOhhaBiHincKP+6XK2X2VhReuc2NX90g5Kv1EwpQQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFOYHIBgmW/be4NpXIZKmzCVbGuADMB8GA1UdIwQY
MBaAFM6VjxgftQegoqghhWuL4NVLEYuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenBXUEdCLTFCNkNpcUNHRmE0dmcxVXNSaTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8zZDliZmEtY2ZkMC00NGE4LTg0MmUt
MGRiYjNiOGRiMTVmLzEvNWdjZ0dDWmI5dDdnMmxjaGtxYk1KVnNhNEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8zZDliZmEtY2ZkMC00NGE4LTg0MmUtMGRiYjNiOGRiMTVm
LzEvenBXUEdCLTFCNkNpcUNHRmE0dmcxVXNSaTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAwBAIAATAqAwQBuTzKAwQC
uXNAAwQCuXgIAwQDuX5IAwQBuaieAwQBua5aAwQCufJcMBYEAgACMBAwDgMFACoK
DQEDBQMqCg0AMA0GCSqGSIb3DQEBCwUAA4IBAQBpBxLLYJXRmjkZ/oouRiy+KCAZ
xMIsz6n/rkk6mQti4EKZNf67N2kO2xmYO1zM8NPk/BTsetAmkRhxvgCpxY/0j0dC
0E6JDLBK9WngscPyNJIXaU+nhZIf6FB+6KoB/TYhA0XyHDpXuowjT2mLFDkuFkHe
jniVU3rYhSKRIHGhfBmAHL5cHg7prOgMt7XV87lS9IC4dm+lHIF5w98kFd+O8BF1
o32S60oJ8W/HN2NEkjMMtPh9czXGVhYrTa/uqkNROGj3dVShFQbPMfko0fS9g9HW
4egE+uEbKLF6hXISq14v6lNrjJykvocumdGRqugKBZTnMS/+DiEHVNzzitcw
-----END CERTIFICATE-----
Generated at Sat Jun 22 22:15:36 2024 by rpki-client on console-ams.rpki-client.org