Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/N5-pexFVA5BbQzVgzbTOOhnNV5o.roa
File: N5-pexFVA5BbQzVgzbTOOhnNV5o.roa (raw, json)
Hash identifier: HUMz72UBcy0wYfyIC3mCoBI2MEv7sN9tFYXjLEQxM9o=
Subject key identifier: 37:9F:A9:7B:11:55:03:90:5B:43:35:60:CD:B4:CE:3A:19:CD:57:9A
Certificate issuer: /CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Certificate serial: 018CC26D6C3CC9792B0E692CF16D65F35BE3
Authority key identifier: B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/N5-pexFVA5BbQzVgzbTOOhnNV5o.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8301
IP address blocks: 217.65.48.0/20 maxlen: 24
185.74.74.0/24 maxlen: 24
185.74.72.0/22 maxlen: 24
185.74.72.0/24 maxlen: 24
185.74.75.0/24 maxlen: 24
178.208.192.0/19 maxlen: 24
212.120.224.0/19 maxlen: 24
212.120.236.0/24 maxlen: 24
212.120.244.0/24 maxlen: 24
195.244.192.0/19 maxlen: 24
212.120.250.0/24 maxlen: 24
195.244.204.0/24 maxlen: 24
2a01:8c40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/uCtyJxX5G-eSoew8Med-2doFy-E.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/uCtyJxX5G-eSoew8Med-2doFy-E.mft
rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6c:3c:c9:79:2b:0e:69:2c:f1:6d:65:f3:5b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=379fa97b115503905b433560cdb4ce3a19cd579a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c8:4b:91:d2:27:c7:d1:cb:56:f8:9e:4e:c4:
f8:85:98:46:ab:65:c2:54:93:aa:ea:b7:16:e0:29:
52:e5:7d:90:ee:56:09:66:09:d3:c5:2b:a1:35:41:
1f:d8:32:b8:9a:64:3d:68:de:23:3b:7a:27:d5:ce:
2f:67:e3:b2:68:b6:9e:a1:ef:8e:dc:6a:59:46:c0:
67:83:3c:93:bb:7f:93:53:9a:73:9b:be:27:a8:36:
50:85:24:09:08:b8:01:b5:f7:83:ff:7f:51:7f:92:
62:88:d5:5f:7d:a4:20:9e:f6:94:fa:3e:77:59:4d:
bb:27:b8:75:e0:59:1a:74:a8:1e:8f:73:f3:29:4d:
3e:b0:30:92:19:0b:db:21:44:46:34:96:ea:62:1d:
01:bc:46:64:d3:c8:ed:a1:ff:76:01:4a:a3:a5:be:
11:9e:ac:e0:74:ca:f8:dd:01:68:d2:da:f9:32:d0:
1d:f8:89:4c:2e:28:2e:e1:8f:2c:74:67:c4:3d:80:
22:76:36:6a:7a:3c:cf:43:e5:7a:2e:ca:74:29:e0:
b8:59:64:f2:ca:36:68:d3:6e:6c:b2:91:39:85:5f:
8a:bf:b4:2a:1d:a7:32:f6:fd:3e:87:39:2f:70:fc:
f8:c3:19:fc:89:37:74:f0:93:8a:1f:af:f4:6c:41:
45:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:9F:A9:7B:11:55:03:90:5B:43:35:60:CD:B4:CE:3A:19:CD:57:9A
X509v3 Authority Key Identifier:
keyid:B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/N5-pexFVA5BbQzVgzbTOOhnNV5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/uCtyJxX5G-eSoew8Med-2doFy-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.208.192.0/19
185.74.72.0/22
195.244.192.0/19
212.120.224.0/19
217.65.48.0/20
IPv6:
2a01:8c40::/32
Signature Algorithm: sha256WithRSAEncryption
48:6a:a3:74:8b:20:e5:c2:bb:ba:3f:e3:fa:94:b1:4e:6e:8b:
02:83:bc:d7:cd:cc:68:ef:b8:22:49:ad:83:fa:c0:d3:ec:2a:
20:33:81:06:6e:05:c0:13:d2:c5:60:37:51:fa:ce:ea:33:a0:
8a:56:65:43:e9:dc:b2:9a:ae:c5:0d:76:c3:81:b8:31:78:7d:
75:d8:7a:fb:c1:63:2d:47:84:af:62:f3:24:f7:b7:1f:9d:21:
b9:1c:1f:66:79:6f:38:0a:3c:81:9d:88:e1:33:30:73:97:d1:
ca:42:77:53:0d:d1:6c:4b:70:80:3e:b5:6c:74:4a:3a:81:5a:
3e:7a:a6:ed:14:c5:af:42:8a:fb:fe:82:5f:95:1b:c2:37:7b:
d1:81:cd:36:99:9c:cf:dc:31:fd:39:45:5f:1a:96:65:05:49:
b7:e7:d9:5d:63:0f:4b:2c:33:20:da:6e:07:d8:5f:96:69:ba:
5e:5f:80:b0:4c:17:14:59:7f:83:b8:d3:3c:c5:65:7a:c2:07:
1f:b4:82:98:b8:c8:d7:1c:a6:90:9d:22:f0:52:6c:9f:56:00:
e3:ad:30:73:36:40:ca:d1:95:8a:8d:32:50:21:2e:cf:4e:eb:
e3:70:97:f6:99:48:ff:7a:c4:84:04:9b:c1:1a:23:9c:cb:4c:
c5:4d:6b:2c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzCbWw8yXkrDmks8W1l81vjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MmI3MjI3MTVmOTFiZTc5MmExZWMzYzMxZTc3ZWQ5ZGEw
NWNiZTEwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzlmYTk3YjExNTUwMzkwNWI0MzM1NjBjZGI0Y2UzYTE5Y2Q1NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMhLkdInx9HLVvieTsT4hZhGq2XC
VJOq6rcW4ClS5X2Q7lYJZgnTxSuhNUEf2DK4mmQ9aN4jO3on1c4vZ+OyaLaeoe+O
3GpZRsBngzyTu3+TU5pzm74nqDZQhSQJCLgBtfeD/39Rf5JiiNVffaQgnvaU+j53
WU27J7h14FkadKgej3PzKU0+sDCSGQvbIURGNJbqYh0BvEZk08jtof92AUqjpb4R
nqzgdMr43QFo0tr5MtAd+IlMLigu4Y8sdGfEPYAidjZqejzPQ+V6Lsp0KeC4WWTy
yjZo025sspE5hV+Kv7QqHacy9v0+hzkvcPz4wxn8iTd08JOKH6/0bEFFfQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDefqXsRVQOQW0M1YM20zjoZzVeaMB8GA1UdIwQY
MBaAFLgrcicV+RvnkqHsPDHnftnaBcvhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMt
YTE1YTE4NjEzZGE2LzEvTjUtcGV4RlZBNUJiUXpWZ3piVE9PaG5OVjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMtYTE1YTE4NjEzZGE2
LzEvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFstDAAwQC
uUpIAwQFw/TAAwQF1HjgAwQE2UEwMA0EAgACMAcDBQAqAYxAMA0GCSqGSIb3DQEB
CwUAA4IBAQBIaqN0iyDlwru6P+P6lLFObosCg7zXzcxo77giSa2D+sDT7CogM4EG
bgXAE9LFYDdR+s7qM6CKVmVD6dyymq7FDXbDgbgxeH112Hr7wWMtR4SvYvMk97cf
nSG5HB9meW84CjyBnYjhMzBzl9HKQndTDdFsS3CAPrVsdEo6gVo+eqbtFMWvQor7
/oJflRvCN3vRgc02mZzP3DH9OUVfGpZlBUm359ldYw9LLDMg2m4H2F+WabpeX4Cw
TBcUWX+DuNM8xWV6wgcftIKYuMjXHKaQnSLwUmyfVgDjrTBzNkDK0ZWKjTJQIS7P
TuvjcJf2mUj/esSEBJvBGiOcy0zFTWss
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:43:14 2024 by rpki-client on console-fra.rpki-client.org