Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/ex-5IT6P-_6Llj2-qOUUfHjfej0.roa
File: ex-5IT6P-_6Llj2-qOUUfHjfej0.roa (raw, json)
Hash identifier: WwcJPzGbiKv/OQEbUHQiWzs8WM/ElDO9V/LEgRF6UEI=
Subject key identifier: 7B:1F:B9:21:3E:8F:FB:FE:8B:96:3D:BE:A8:E5:14:7C:78:DF:7A:3D
Certificate issuer: /CN=2cf6136315a52d5247124b7cf369aafb8312227e
Certificate serial: 018E19883668BBD5558AF18F81294C6D9141
Authority key identifier: 2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/ex-5IT6P-_6Llj2-qOUUfHjfej0.roa
Signing time: Thu 07 Mar 2024 15:29:01 +0000
ROA not before: Thu 07 Mar 2024 15:29:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200735
IP address blocks: 85.208.236.0/24 maxlen: 24
85.208.237.0/24 maxlen: 24
2a09:8e40::/36 maxlen: 36
2a09:8e40:1000::/36 maxlen: 36
2a09:8e40:2000::/36 maxlen: 36
2a09:8e40:3000::/36 maxlen: 36
2a09:8e40:4000::/36 maxlen: 36
2a09:8e40:5000::/36 maxlen: 36
2a09:8e40:6000::/36 maxlen: 36
2a09:8e40:7000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/LPYTYxWlLVJHEkt882mq-4MSIn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/LPYTYxWlLVJHEkt882mq-4MSIn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:88:36:68:bb:d5:55:8a:f1:8f:81:29:4c:6d:91:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cf6136315a52d5247124b7cf369aafb8312227e
Validity
Not Before: Mar 7 15:29:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b1fb9213e8ffbfe8b963dbea8e5147c78df7a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:41:45:7c:2c:0d:68:f3:0d:04:7e:2f:80:e1:
fc:ad:3f:2a:9b:63:4b:2b:b7:c5:20:31:ee:9f:ea:
2b:16:d9:0d:5f:ee:05:94:67:39:ad:4e:e1:3f:68:
30:71:7d:af:5a:34:2a:49:bb:c8:45:dd:46:fa:9f:
3b:b6:9d:69:41:87:55:c0:8f:2a:73:30:81:55:7c:
be:3d:bc:81:d7:42:c7:ef:7e:aa:db:ee:61:dc:f9:
5f:97:40:17:9a:dc:e1:b4:4d:d5:21:7d:ae:a9:c7:
66:0a:99:1e:f6:5f:f3:6c:e2:4c:e3:3d:67:76:99:
8b:77:cf:bd:62:31:99:24:e2:74:0e:0b:e7:a3:64:
26:af:dd:2d:da:73:15:5a:46:e7:ac:61:60:97:31:
71:db:54:4b:dd:a9:bb:57:b0:68:cc:cf:c9:b6:34:
d7:c8:74:19:4d:c1:0b:c6:03:47:c5:f2:a0:84:62:
6a:2e:45:6f:05:5d:37:7d:b2:91:e7:09:ce:3d:ed:
5a:47:58:86:7f:bd:62:cd:47:f3:b8:84:f7:aa:79:
b3:2a:69:7d:2f:5d:3c:3b:fd:9a:4f:67:df:d5:44:
28:9f:4c:ca:a4:b0:ed:df:c5:b4:88:6f:47:a1:f4:
c1:24:74:da:c6:f6:3e:3a:e3:94:10:46:45:14:1b:
2e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1F:B9:21:3E:8F:FB:FE:8B:96:3D:BE:A8:E5:14:7C:78:DF:7A:3D
X509v3 Authority Key Identifier:
keyid:2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/ex-5IT6P-_6Llj2-qOUUfHjfej0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/LPYTYxWlLVJHEkt882mq-4MSIn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.236.0/23
IPv6:
2a09:8e40::/33
Signature Algorithm: sha256WithRSAEncryption
e9:a6:74:2f:25:b3:35:84:85:c8:2f:41:46:4f:43:34:17:c6:
03:45:5f:90:1d:95:93:9d:91:0c:ce:00:3f:df:c4:54:58:f0:
a8:6a:6f:cb:e1:cd:e5:2a:e9:7c:d2:f8:c8:97:68:30:3f:70:
a7:1b:d8:44:f7:70:fb:f3:f7:83:ce:e0:fa:dc:a8:6d:e6:82:
cf:ef:c1:58:25:27:e9:95:5c:77:e6:f6:e4:5c:ef:92:26:3f:
4c:03:4a:67:b8:2e:e6:e4:f7:32:7a:2d:2a:85:4b:cc:37:e1:
10:3e:a9:ea:28:45:65:b2:03:77:3b:b6:b8:1c:8a:de:97:4e:
81:ff:ac:7d:ea:db:e2:be:71:4c:bf:12:f1:41:3c:c5:3b:a6:
53:d3:95:2b:a6:ec:b7:b9:e7:7a:c4:b5:f5:4c:36:fd:fc:2b:
c3:e1:04:58:29:1e:2b:48:c2:25:ae:69:8e:15:aa:33:d1:72:
69:7a:2a:2d:c4:14:02:62:aa:6e:e5:c2:05:da:18:38:60:61:
90:3a:99:66:aa:26:d7:81:b2:90:10:87:33:d9:c6:4d:3e:5b:
16:fe:d2:58:45:20:50:cb:87:82:d7:ce:a6:b9:9b:f7:15:cd:
90:43:3b:42:c5:16:9d:43:26:4e:2a:0a:a1:96:84:43:55:2a:
a3:26:2c:b9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY4ZiDZou9VVivGPgSlMbZFBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZjYxMzYzMTVhNTJkNTI0NzEyNGI3Y2YzNjlhYWZiODMx
MjIyN2UwHhcNMjQwMzA3MTUyOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFmYjkyMTNlOGZmYmZlOGI5NjNkYmVhOGU1MTQ3Yzc4ZGY3YTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEFFfCwNaPMNBH4vgOH8rT8qm2NL
K7fFIDHun+orFtkNX+4FlGc5rU7hP2gwcX2vWjQqSbvIRd1G+p87tp1pQYdVwI8q
czCBVXy+PbyB10LH736q2+5h3Plfl0AXmtzhtE3VIX2uqcdmCpke9l/zbOJM4z1n
dpmLd8+9YjGZJOJ0Dgvno2Qmr90t2nMVWkbnrGFglzFx21RL3am7V7BozM/JtjTX
yHQZTcELxgNHxfKghGJqLkVvBV03fbKR5wnOPe1aR1iGf71izUfzuIT3qnmzKml9
L108O/2aT2ff1UQon0zKpLDt38W0iG9HofTBJHTaxvY+OuOUEEZFFBsu/QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFHsfuSE+j/v+i5Y9vqjlFHx433o9MB8GA1UdIwQY
MBaAFCz2E2MVpS1SRxJLfPNpqvuDEiJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjIt
NzY4ZDNmYjA4ZTcwLzEvZXgtNUlUNlAtXzZMbGoyLXFPVVVmSGpmZWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjItNzY4ZDNmYjA4ZTcw
LzEvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBVdDsMA4E
AgACMAgDBgcqCY5AADANBgkqhkiG9w0BAQsFAAOCAQEA6aZ0LyWzNYSFyC9BRk9D
NBfGA0VfkB2Vk52RDM4AP9/EVFjwqGpvy+HN5SrpfNL4yJdoMD9wpxvYRPdw+/P3
g87g+tyobeaCz+/BWCUn6ZVcd+b25FzvkiY/TANKZ7gu5uT3MnotKoVLzDfhED6p
6ihFZbIDdzu2uByK3pdOgf+sferb4r5xTL8S8UE8xTumU9OVK6bst7nnesS19Uw2
/fwrw+EEWCkeK0jCJa5pjhWqM9FyaXoqLcQUAmKqbuXCBdoYOGBhkDqZZqom14Gy
kBCHM9nGTT5bFv7SWEUgUMuHgtfOprmb9xXNkEM7QsUWnUMmTioKoZaEQ1UqoyYs
uQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:44:32 2024 by rpki-client on console-ams.rpki-client.org