Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/5km8UhyfqAMu2cumwri3FqygDh8.roa
File: 5km8UhyfqAMu2cumwri3FqygDh8.roa (raw, json)
Hash identifier: Gp0Q/780StawRvCkSrR9I8q8S2BRDDaa9K4A4drCmzc=
Subject key identifier: E6:49:BC:52:1C:9F:A8:03:2E:D9:CB:A6:C2:B8:B7:16:AC:A0:0E:1F
Certificate issuer: /CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf
Certificate serial: 018CC348976AE6F85ADE155FE5D1AD8CE06D
Authority key identifier: 41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/5km8UhyfqAMu2cumwri3FqygDh8.roa
Signing time: Mon 01 Jan 2024 04:29:23 +0000
ROA not before: Mon 01 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197524
IP address blocks: 185.93.200.0/22 maxlen: 22
185.18.36.0/22 maxlen: 22
91.235.8.0/22 maxlen: 22
2a05:fa40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:97:6a:e6:f8:5a:de:15:5f:e5:d1:ad:8c:e0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=415c10f84dc22937ef6d15eb71bbb4a5308162bf
Validity
Not Before: Jan 1 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e649bc521c9fa8032ed9cba6c2b8b716aca00e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:85:a0:57:0e:b0:71:5e:e0:1a:f9:6a:5d:3d:
5e:d2:e1:58:a2:4c:b5:be:3b:11:94:dd:c8:fe:e3:
e6:88:17:2f:8c:59:ae:4a:14:8c:bc:43:26:ea:d5:
53:e8:cb:bd:e2:0b:40:fb:af:ad:31:81:ea:9c:b4:
02:8f:fe:21:9d:0f:e6:ef:88:d9:0f:43:a0:1a:f0:
e1:aa:95:c0:68:9e:ee:9f:af:e6:4c:58:a0:4a:8b:
77:a9:46:29:b5:d1:fd:8b:61:df:72:c2:77:cd:89:
54:65:f6:06:66:d3:63:72:3d:eb:eb:95:d9:ad:da:
ad:17:0d:b3:4a:0d:11:ad:d6:9b:d8:ca:7e:94:a8:
ae:b7:af:4a:96:76:51:29:9d:3d:aa:01:ce:64:21:
ae:18:b9:d4:12:23:1e:5f:33:8e:42:d5:f1:31:16:
35:d2:59:8f:32:fe:6a:65:17:0f:f2:c3:d0:c6:b4:
83:dd:73:46:2d:79:46:a1:53:ef:26:0b:69:d7:5f:
69:c0:5e:ef:91:c9:72:4b:35:96:ae:e3:e7:a7:59:
b6:91:0d:ad:95:8c:11:e3:7c:22:b7:99:0f:c5:47:
9d:b4:1b:99:ca:6d:91:44:3d:ee:43:f1:b2:9d:33:
4d:c5:0a:57:67:b4:85:fc:2e:a3:89:f2:7d:37:a1:
b2:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:49:BC:52:1C:9F:A8:03:2E:D9:CB:A6:C2:B8:B7:16:AC:A0:0E:1F
X509v3 Authority Key Identifier:
keyid:41:5C:10:F8:4D:C2:29:37:EF:6D:15:EB:71:BB:B4:A5:30:81:62:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/5km8UhyfqAMu2cumwri3FqygDh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5c57e7-7ba8-4a62-8d15-c6b6fd12ce27/1/QVwQ-E3CKTfvbRXrcbu0pTCBYr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.8.0/22
185.18.36.0/22
185.93.200.0/22
IPv6:
2a05:fa40::/29
Signature Algorithm: sha256WithRSAEncryption
01:b1:1b:e8:74:93:ac:7e:f9:6d:52:9a:ba:da:c6:8d:c8:d9:
f7:e4:9a:45:bb:fb:3e:50:c0:8b:61:b5:ed:48:aa:4f:c1:0b:
3e:53:b5:1d:ab:ec:b8:83:f2:64:3c:d9:86:7e:d2:2e:e9:d0:
e8:22:ce:42:10:79:51:69:86:c4:eb:93:5f:42:4b:aa:f1:58:
2b:7e:53:91:ad:6f:a8:9f:c3:84:52:ab:e9:b1:06:2c:3e:fd:
d3:2d:9a:f0:7a:0e:2c:e7:db:ee:42:c9:f4:ad:7b:87:eb:9f:
6f:a6:c1:48:94:e9:bc:0a:c4:c8:25:45:35:b2:ef:3f:62:45:
f3:ec:3d:1a:89:4d:be:46:6d:87:87:dd:5d:ad:fd:47:f1:42:
8a:7d:cb:f8:7d:6c:75:74:86:bc:9a:b8:3d:9e:76:a6:a4:d1:
c4:2d:a2:64:a6:1b:bf:59:db:21:09:ac:7a:29:f7:1b:fc:ac:
02:57:e2:6e:5d:ed:f3:cf:0c:9e:07:10:7a:12:d1:db:7c:80:
d7:f7:39:1e:e0:44:24:dd:12:ee:a2:13:10:4c:08:e5:40:a8:
91:c2:da:58:9e:ef:58:9e:9c:4f:d6:5d:55:9d:cd:68:18:ea:
56:28:ff:70:91:b9:0d:9d:8f:67:91:8d:74:c8:9d:32:65:d1:
10:12:a4:00
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDSJdq5vha3hVf5dGtjOBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNWMxMGY4NGRjMjI5MzdlZjZkMTVlYjcxYmJiNGE1MzA4
MTYyYmYwHhcNMjQwMTAxMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ5YmM1MjFjOWZhODAzMmVkOWNiYTZjMmI4YjcxNmFjYTAwZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04WgVw6wcV7gGvlqXT1e0uFYoky1
vjsRlN3I/uPmiBcvjFmuShSMvEMm6tVT6Mu94gtA+6+tMYHqnLQCj/4hnQ/m74jZ
D0OgGvDhqpXAaJ7un6/mTFigSot3qUYptdH9i2HfcsJ3zYlUZfYGZtNjcj3r65XZ
rdqtFw2zSg0Rrdab2Mp+lKiut69KlnZRKZ09qgHOZCGuGLnUEiMeXzOOQtXxMRY1
0lmPMv5qZRcP8sPQxrSD3XNGLXlGoVPvJgtp119pwF7vkclySzWWruPnp1m2kQ2t
lYwR43wit5kPxUedtBuZym2RRD3uQ/GynTNNxQpXZ7SF/C6jifJ9N6GynwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOZJvFIcn6gDLtnLpsK4txasoA4fMB8GA1UdIwQY
MBaAFEFcEPhNwik3720V63G7tKUwgWK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVZ3US1FM0NLVGZ2YlJYcmNidTBwVENCWXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81YzU3ZTctN2JhOC00YTYyLThkMTUt
YzZiNmZkMTJjZTI3LzEvNWttOFVoeWZxQU11MmN1bXdyaTNGcXlnRGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81YzU3ZTctN2JhOC00YTYyLThkMTUtYzZiNmZkMTJjZTI3
LzEvUVZ3US1FM0NLVGZ2YlJYcmNidTBwVENCWXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCW+sIAwQC
uRIkAwQCuV3IMA0EAgACMAcDBQMqBfpAMA0GCSqGSIb3DQEBCwUAA4IBAQABsRvo
dJOsfvltUpq62saNyNn35JpFu/s+UMCLYbXtSKpPwQs+U7Udq+y4g/JkPNmGftIu
6dDoIs5CEHlRaYbE65NfQkuq8VgrflORrW+on8OEUqvpsQYsPv3TLZrweg4s59vu
Qsn0rXuH659vpsFIlOm8CsTIJUU1su8/YkXz7D0aiU2+Rm2Hh91drf1H8UKKfcv4
fWx1dIa8mrg9nnampNHELaJkphu/WdshCax6Kfcb/KwCV+JuXe3zzwyeBxB6EtHb
fIDX9zke4EQk3RLuohMQTAjlQKiRwtpYnu9YnpxP1l1Vnc1oGOpWKP9wkbkNnY9n
kY10yJ0yZdEQEqQA
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:41:46 2024 by rpki-client on console-fra.rpki-client.org