Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/m5U6DNdBgbxK6tI3T2eHPUAJZQA.roa
File: m5U6DNdBgbxK6tI3T2eHPUAJZQA.roa (raw, json)
Hash identifier: aiqfo/dHvgZbFArM12k2gr8ZCejOUQK2ikPETUWVFFM=
Subject key identifier: 9B:95:3A:0C:D7:41:81:BC:4A:EA:D2:37:4F:67:87:3D:40:09:65:00
Certificate issuer: /CN=ca926f963511893fa4d9fbd5e64e0f8a43837e40
Certificate serial: 0192721109E3DA7631D29C3B1F64955780DD
Authority key identifier: CA:92:6F:96:35:11:89:3F:A4:D9:FB:D5:E6:4E:0F:8A:43:83:7E:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ypJvljURiT-k2fvV5k4PikODfkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/m5U6DNdBgbxK6tI3T2eHPUAJZQA.roa
Signing time: Wed 09 Oct 2024 16:16:11 +0000
ROA not before: Wed 09 Oct 2024 16:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26380
IP address blocks: 185.96.136.0/23 maxlen: 23
185.96.136.0/24 maxlen: 24
185.96.137.0/24 maxlen: 24
185.96.138.0/24 maxlen: 24
185.175.204.0/23 maxlen: 23
185.175.204.0/24 maxlen: 24
185.175.205.0/24 maxlen: 24
185.175.206.0/23 maxlen: 23
185.175.206.0/24 maxlen: 24
185.175.207.0/24 maxlen: 24
185.199.60.0/24 maxlen: 24
185.199.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/ypJvljURiT-k2fvV5k4PikODfkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/ypJvljURiT-k2fvV5k4PikODfkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ypJvljURiT-k2fvV5k4PikODfkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:72:11:09:e3:da:76:31:d2:9c:3b:1f:64:95:57:80:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca926f963511893fa4d9fbd5e64e0f8a43837e40
Validity
Not Before: Oct 9 16:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b953a0cd74181bc4aead2374f67873d40096500
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:79:f8:cc:21:2f:33:3b:06:6a:70:6c:d6:63:
3d:91:ec:86:b4:b3:79:26:0f:5f:a6:ec:ae:2d:d0:
0e:b7:bf:59:15:05:96:21:1e:5b:fb:0a:80:0c:4a:
04:d4:ab:7c:3a:86:ad:cc:ae:5a:c7:ce:c5:7e:4a:
43:68:ac:f5:b6:d7:37:21:a9:ec:a9:09:d3:29:39:
73:08:58:99:bc:e1:75:01:43:05:ef:dd:9b:03:90:
82:00:33:f6:f0:7d:53:eb:6b:2d:87:41:41:69:60:
8d:87:5e:85:e0:24:6f:a9:4d:41:c9:1b:bb:32:00:
5a:37:6b:1a:fe:41:31:17:31:c3:d5:40:b3:e5:04:
ff:50:0f:bb:27:1c:14:e4:1a:57:9c:aa:d3:0b:4c:
a8:6d:6b:91:45:76:b7:fa:e7:73:36:54:d7:f0:6d:
31:fe:35:1d:e1:ab:24:ab:91:93:ce:3e:44:82:33:
43:fa:5f:01:b0:65:f7:05:77:d2:1b:bc:a5:20:42:
38:73:14:98:c4:5a:a5:8b:5d:77:d5:48:0e:90:93:
1a:05:3b:a4:6a:a3:d2:9d:44:e2:39:cd:a7:37:56:
4b:50:6b:38:19:6d:44:5e:df:9d:9e:2b:46:73:e6:
a3:94:4c:1c:da:7a:12:86:a6:aa:c0:38:43:b7:b0:
e1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:95:3A:0C:D7:41:81:BC:4A:EA:D2:37:4F:67:87:3D:40:09:65:00
X509v3 Authority Key Identifier:
keyid:CA:92:6F:96:35:11:89:3F:A4:D9:FB:D5:E6:4E:0F:8A:43:83:7E:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ypJvljURiT-k2fvV5k4PikODfkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/m5U6DNdBgbxK6tI3T2eHPUAJZQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/44b7bb-2605-425b-b341-14605db543d0/1/ypJvljURiT-k2fvV5k4PikODfkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.136.0-185.96.138.255
185.175.204.0/22
185.199.60.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:69:94:b5:67:49:30:9a:45:21:d8:c6:d4:19:fe:fd:9a:05:
82:7b:06:4c:5e:16:b1:97:d7:89:fd:6d:10:e7:45:97:f7:26:
e1:42:57:fd:48:a1:e3:42:dd:ac:c2:8c:ea:92:a0:aa:0d:9b:
f8:24:41:46:91:ed:48:ca:69:00:20:73:c4:a2:fd:f5:f5:68:
70:79:6d:b3:a4:4f:0f:d0:d4:8e:63:d4:c6:98:82:d2:dd:e9:
04:95:04:b4:29:5d:b6:77:8c:04:62:86:83:d5:20:e9:4b:92:
65:16:0d:9d:e2:1c:20:4e:a0:f8:5d:db:8d:7e:7f:b1:6a:6f:
87:8b:00:6c:d1:57:6d:94:ef:f6:d5:93:be:c2:2b:f7:13:c0:
1b:55:31:b8:21:03:f3:e5:56:0b:5c:60:ff:e8:2f:2d:bf:ae:
d7:6b:6b:3e:2d:a7:5b:aa:b9:80:97:b9:a5:1f:c2:38:6d:b2:
ed:3b:53:3f:41:48:31:ec:f5:0c:82:9d:12:e4:c0:70:9e:13:
59:53:42:eb:cd:9e:59:d2:66:9a:cb:c8:f9:67:a3:63:cb:99:
7c:9c:3a:ab:28:f8:87:2d:20:9b:f5:88:b6:fc:83:87:ca:b2:
89:3d:28:a1:97:c1:6a:f0:49:eb:0a:6f:2d:c5:b9:ed:d2:6a:
8f:be:0d:06
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZJyEQnj2nYx0pw7H2SVV4DdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhOTI2Zjk2MzUxMTg5M2ZhNGQ5ZmJkNWU2NGUwZjhhNDM4
MzdlNDAwHhcNMjQxMDA5MTYxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjk1M2EwY2Q3NDE4MWJjNGFlYWQyMzc0ZjY3ODczZDQwMDk2NTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHn4zCEvMzsGanBs1mM9keyGtLN5
Jg9fpuyuLdAOt79ZFQWWIR5b+wqADEoE1Kt8OoatzK5ax87FfkpDaKz1ttc3Ians
qQnTKTlzCFiZvOF1AUMF792bA5CCADP28H1T62sth0FBaWCNh16F4CRvqU1ByRu7
MgBaN2sa/kExFzHD1UCz5QT/UA+7JxwU5BpXnKrTC0yobWuRRXa3+udzNlTX8G0x
/jUd4askq5GTzj5EgjND+l8BsGX3BXfSG7ylIEI4cxSYxFqli1131UgOkJMaBTuk
aqPSnUTiOc2nN1ZLUGs4GW1EXt+dnitGc+ajlEwc2noShqaqwDhDt7DhgwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJuVOgzXQYG8SurSN09nhz1ACWUAMB8GA1UdIwQY
MBaAFMqSb5Y1EYk/pNn71eZOD4pDg35AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXBKdmxqVVJpVC1rMmZ2VjVrNFBpa09EZmtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy80NGI3YmItMjYwNS00MjViLWIzNDEt
MTQ2MDVkYjU0M2QwLzEvbTVVNkROZEJnYnhLNnRJM1QyZUhQVUFKWlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy80NGI3YmItMjYwNS00MjViLWIzNDEtMTQ2MDVkYjU0M2Qw
LzEveXBKdmxqVVJpVC1rMmZ2VjVrNFBpa09EZmtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAO5YIgD
BAC5YIoDBAK5r8wDBAG5xzwwDQYJKoZIhvcNAQELBQADggEBADpplLVnSTCaRSHY
xtQZ/v2aBYJ7BkxeFrGX14n9bRDnRZf3JuFCV/1IoeNC3azCjOqSoKoNm/gkQUaR
7UjKaQAgc8Si/fX1aHB5bbOkTw/Q1I5j1MaYgtLd6QSVBLQpXbZ3jARihoPVIOlL
kmUWDZ3iHCBOoPhd241+f7Fqb4eLAGzRV22U7/bVk77CK/cTwBtVMbghA/PlVgtc
YP/oLy2/rtdraz4tp1uquYCXuaUfwjhtsu07Uz9BSDHs9QyCnRLkwHCeE1lTQuvN
nlnSZprLyPlno2PLmXycOqso+IctIJv1iLb8g4fKsok9KKGXwWrwSesKby3Fue3S
ao++DQY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:33:27 2024 by rpki-client on console-fra.rpki-client.org