Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/5CAKk40p2qMDTCYl-QjwfnPsY4Q.roa
File: 5CAKk40p2qMDTCYl-QjwfnPsY4Q.roa (raw, json)
Hash identifier: 6o58+1OBY8266SUDwKwnNfBZEDG2i/QHz8JHYPPno8I=
Subject key identifier: E4:20:0A:93:8D:29:DA:A3:03:4C:26:25:F9:08:F0:7E:73:EC:63:84
Certificate issuer: /CN=2f75bc7379f115b0671552c9baf2bed85bde8189
Certificate serial: 018CC3491C9C9CB08CA6BAC5B1E3BC5445C6
Authority key identifier: 2F:75:BC:73:79:F1:15:B0:67:15:52:C9:BA:F2:BE:D8:5B:DE:81:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L3W8c3nxFbBnFVLJuvK-2FvegYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/5CAKk40p2qMDTCYl-QjwfnPsY4Q.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48314
IP address blocks: 185.62.150.0/23 maxlen: 23
185.248.148.0/22 maxlen: 22
2a03:567::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/L3W8c3nxFbBnFVLJuvK-2FvegYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/L3W8c3nxFbBnFVLJuvK-2FvegYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/L3W8c3nxFbBnFVLJuvK-2FvegYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1c:9c:9c:b0:8c:a6:ba:c5:b1:e3:bc:54:45:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f75bc7379f115b0671552c9baf2bed85bde8189
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4200a938d29daa3034c2625f908f07e73ec6384
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e6:95:1d:a2:31:94:e3:52:96:b1:6f:1f:b3:
00:ab:39:d0:32:96:c8:fc:88:77:8a:97:97:75:16:
71:53:cb:38:17:06:01:f1:9d:8b:e8:47:ba:31:62:
5d:31:17:a0:74:a4:09:39:c0:b0:17:9e:5e:cd:a5:
5d:22:7f:c2:01:ae:79:7b:bd:f8:54:c5:84:35:28:
3e:16:3c:86:bc:f0:de:95:9e:d2:38:a8:fe:de:88:
3e:57:87:56:7a:17:5f:6b:ba:17:ac:60:98:ce:85:
0e:37:39:31:67:f8:0a:d4:6f:76:b6:80:60:d9:de:
e9:ab:6f:f6:63:ad:74:76:8a:14:a5:2f:66:73:d6:
f1:21:c5:a6:90:2c:6e:0b:4f:fd:9e:ce:8e:3c:dc:
46:cb:17:06:34:69:22:6e:fa:c5:82:48:34:dc:ae:
aa:54:39:41:39:17:2f:cc:dc:c2:83:a6:cb:5c:4a:
64:f8:c2:7c:92:b4:68:38:6e:3f:2f:0e:9c:5c:17:
d7:fe:49:60:d9:00:d6:f1:cc:be:4c:4d:f6:3f:4f:
6c:d5:3a:3d:f3:17:a4:01:eb:e1:00:80:fe:41:d1:
f7:76:25:76:09:af:25:33:41:a1:b1:ee:c3:38:39:
27:7b:53:88:7a:4a:ce:80:96:44:c5:27:98:50:5c:
40:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:20:0A:93:8D:29:DA:A3:03:4C:26:25:F9:08:F0:7E:73:EC:63:84
X509v3 Authority Key Identifier:
keyid:2F:75:BC:73:79:F1:15:B0:67:15:52:C9:BA:F2:BE:D8:5B:DE:81:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L3W8c3nxFbBnFVLJuvK-2FvegYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/5CAKk40p2qMDTCYl-QjwfnPsY4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/810d29-0c85-4057-b626-af0e417d4c3a/1/L3W8c3nxFbBnFVLJuvK-2FvegYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.62.150.0/23
185.248.148.0/22
IPv6:
2a03:567::/32
Signature Algorithm: sha256WithRSAEncryption
17:53:cf:5e:f0:75:fd:c0:7a:a5:d5:85:e7:de:a8:0b:d9:47:
6c:f3:52:29:72:63:51:07:1f:fb:a2:eb:e4:12:3d:20:38:5e:
ac:34:c8:01:d7:50:22:23:f6:58:2c:1e:f3:16:f5:df:7e:52:
f1:34:6e:ff:da:71:42:18:44:a0:a9:37:ea:82:cc:a8:5d:16:
f5:e2:d3:ab:9e:4d:89:8b:c7:82:a2:d7:df:0f:89:72:41:c9:
40:af:ce:5d:0f:9c:98:5d:17:24:4b:95:9f:64:50:cb:1c:e0:
24:8b:84:3e:a2:48:b7:e9:be:18:46:6f:ca:e2:3f:35:d7:36:
bf:d0:f0:21:6c:7a:d4:3f:9c:d8:24:0f:19:c2:d2:c3:11:28:
38:8f:9e:dd:49:c1:ec:fe:12:b0:60:81:4f:6f:43:dd:c3:f8:
00:25:47:d9:7e:ca:f1:c3:30:6a:ee:a1:1d:89:42:b0:75:94:
0f:10:97:cb:7b:10:e6:f7:30:ec:97:a1:5b:4e:71:7f:b1:89:
fa:52:56:a4:43:f6:0b:d0:ab:bd:eb:48:86:bd:09:5a:2c:87:
67:a2:a9:fe:ac:77:d5:c2:8e:ea:4a:6d:60:29:74:ed:18:de:
71:50:fb:2f:b2:79:2b:79:39:b5:c3:4a:e0:5d:da:4d:24:5b:
82:ff:8e:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDSRycnLCMprrFseO8VEXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNzViYzczNzlmMTE1YjA2NzE1NTJjOWJhZjJiZWQ4NWJk
ZTgxODkwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDIwMGE5MzhkMjlkYWEzMDM0YzI2MjVmOTA4ZjA3ZTczZWM2Mzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOaVHaIxlONSlrFvH7MAqznQMpbI
/Ih3ipeXdRZxU8s4FwYB8Z2L6Ee6MWJdMRegdKQJOcCwF55ezaVdIn/CAa55e734
VMWENSg+FjyGvPDelZ7SOKj+3og+V4dWehdfa7oXrGCYzoUONzkxZ/gK1G92toBg
2d7pq2/2Y610dooUpS9mc9bxIcWmkCxuC0/9ns6OPNxGyxcGNGkibvrFgkg03K6q
VDlBORcvzNzCg6bLXEpk+MJ8krRoOG4/Lw6cXBfX/klg2QDW8cy+TE32P09s1To9
8xekAevhAID+QdH3diV2Ca8lM0Ghse7DODkne1OIekrOgJZExSeYUFxArwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOQgCpONKdqjA0wmJfkI8H5z7GOEMB8GA1UdIwQY
MBaAFC91vHN58RWwZxVSybryvthb3oGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDNXOGMzbnhGYkJuRlZMSnV2Sy0yRnZlZ1lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MTBkMjktMGM4NS00MDU3LWI2MjYt
YWYwZTQxN2Q0YzNhLzEvNUNBS2s0MHAycU1EVENZbC1RandmblBzWTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MTBkMjktMGM4NS00MDU3LWI2MjYtYWYwZTQxN2Q0YzNh
LzEvTDNXOGMzbnhGYkJuRlZMSnV2Sy0yRnZlZ1lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuT6WAwQC
ufiUMA0EAgACMAcDBQAqAwVnMA0GCSqGSIb3DQEBCwUAA4IBAQAXU89e8HX9wHql
1YXn3qgL2Uds81IpcmNRBx/7ouvkEj0gOF6sNMgB11AiI/ZYLB7zFvXfflLxNG7/
2nFCGESgqTfqgsyoXRb14tOrnk2Ji8eCotffD4lyQclAr85dD5yYXRckS5WfZFDL
HOAki4Q+oki36b4YRm/K4j811za/0PAhbHrUP5zYJA8ZwtLDESg4j57dScHs/hKw
YIFPb0Pdw/gAJUfZfsrxwzBq7qEdiUKwdZQPEJfLexDm9zDsl6FbTnF/sYn6Ulak
Q/YL0Ku960iGvQlaLIdnoqn+rHfVwo7qSm1gKXTtGN5xUPsvsnkreTm1w0rgXdpN
JFuC/45k
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:45:25 2024 by rpki-client on console-fra.rpki-client.org