Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/El8aS5oktriPKSNVIOQl1hXInV4.roa
File: El8aS5oktriPKSNVIOQl1hXInV4.roa (raw, json)
Hash identifier: NCJqqzXi03tGSbBpSVOCOEXNS9u23sVlzSzp/Jaxm8M=
Subject key identifier: 12:5F:1A:4B:9A:24:B6:B8:8F:29:23:55:20:E4:25:D6:15:C8:9D:5E
Certificate issuer: /CN=5ff9f4ecc5d050762c55698440f85ea96f7330f2
Certificate serial: 018FA9D4D36BAB8D7EB5081FF8B0BD930157
Authority key identifier: 5F:F9:F4:EC:C5:D0:50:76:2C:55:69:84:40:F8:5E:A9:6F:73:30:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_n07MXQUHYsVWmEQPheqW9zMPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/El8aS5oktriPKSNVIOQl1hXInV4.roa
Signing time: Fri 24 May 2024 09:00:48 +0000
ROA not before: Fri 24 May 2024 09:00:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60989
IP address blocks: 5.181.192.0/22 maxlen: 24
185.21.248.0/22 maxlen: 24
2a04:1d80::/29 maxlen: 32
2a0e:1000::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/X_n07MXQUHYsVWmEQPheqW9zMPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/X_n07MXQUHYsVWmEQPheqW9zMPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/X_n07MXQUHYsVWmEQPheqW9zMPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:d4:d3:6b:ab:8d:7e:b5:08:1f:f8:b0:bd:93:01:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff9f4ecc5d050762c55698440f85ea96f7330f2
Validity
Not Before: May 24 09:00:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=125f1a4b9a24b6b88f29235520e425d615c89d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:94:b0:58:6a:d5:d8:6d:b2:02:91:0d:3d:0e:
09:2f:7c:34:25:1e:d5:19:ff:b8:c0:26:76:1f:6e:
07:68:4d:5e:e4:ff:43:9a:ab:a5:c4:97:7a:52:0b:
06:8a:8c:a4:8d:e2:44:f4:cd:68:6b:13:c3:e5:93:
61:29:8f:0b:69:6c:54:83:30:4f:ad:ea:2b:8b:dd:
9b:49:3b:30:b9:e6:5c:0e:88:a5:45:da:83:5a:bd:
88:ac:5b:34:a7:1c:9d:66:03:bb:f0:d4:1a:e2:c6:
84:53:0f:76:91:8b:60:0a:ab:ea:e2:e2:e6:9c:b5:
97:d0:05:8c:a1:e1:a3:83:d5:56:c2:1d:64:aa:f5:
3d:af:1d:69:eb:72:9e:3b:b7:b8:fd:08:20:5d:e9:
98:06:0c:c6:50:ca:43:16:70:b3:b7:92:87:b1:16:
0a:7b:38:06:eb:cd:82:8e:99:d2:2e:54:56:e0:9b:
1d:f1:1d:f6:10:40:9b:fd:a4:10:08:b9:e9:58:a2:
18:78:b3:c0:71:1a:5a:3a:42:3f:e5:3d:69:27:d9:
6d:91:c6:f5:08:a2:43:1a:a6:80:0a:89:4f:b7:18:
db:96:10:77:06:ef:2e:c1:db:e5:2b:a6:5d:54:8a:
7a:75:6b:90:b4:ed:cc:55:1b:5a:32:dc:33:a4:6a:
71:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:5F:1A:4B:9A:24:B6:B8:8F:29:23:55:20:E4:25:D6:15:C8:9D:5E
X509v3 Authority Key Identifier:
keyid:5F:F9:F4:EC:C5:D0:50:76:2C:55:69:84:40:F8:5E:A9:6F:73:30:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_n07MXQUHYsVWmEQPheqW9zMPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/El8aS5oktriPKSNVIOQl1hXInV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/77c660-f82c-4106-abc9-4c1e49ec8f16/1/X_n07MXQUHYsVWmEQPheqW9zMPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.192.0/22
185.21.248.0/22
IPv6:
2a04:1d80::/29
2a0e:1000::/29
Signature Algorithm: sha256WithRSAEncryption
91:5c:33:ff:ad:68:ce:0c:71:d4:5d:ee:46:d0:4e:ab:31:75:
bf:7b:1b:24:68:b7:b5:3a:27:5c:0b:71:1d:51:0e:8b:df:5f:
07:70:c9:6f:8c:01:15:aa:e1:ce:63:84:4e:15:53:a8:1a:db:
60:98:54:3c:39:29:b2:fb:b2:7f:35:35:11:84:c3:7a:c3:6e:
bb:48:75:b2:6b:dd:0e:c9:7c:ba:09:44:f7:ef:5b:6e:f3:bb:
c4:a2:32:61:f8:d5:69:18:a1:5e:9f:73:06:cb:25:54:ef:42:
1e:7a:b5:1e:fb:66:bf:3b:65:26:2f:bb:3b:85:8f:9e:a3:fd:
f0:aa:89:16:ea:46:34:19:5e:dd:2e:19:87:4e:c9:06:ad:a7:
30:5d:2e:d4:0e:e0:5f:27:b0:96:87:8e:a3:bd:70:65:d8:b6:
64:77:f8:8c:97:18:81:88:7e:37:eb:f0:27:04:5b:05:94:20:
36:0c:96:e9:07:9b:20:c5:29:3e:45:24:fb:d7:3a:04:a7:c9:
91:70:38:ce:d0:cf:08:1f:23:0d:6d:a7:58:7b:53:68:2d:c9:
a0:ac:c4:24:50:f7:c9:8a:5b:3f:01:a2:3a:6e:71:db:3e:50:
42:60:54:90:20:bb:62:66:20:6a:41:3a:47:ec:0a:98:4c:db:
93:28:39:c6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY+p1NNrq41+tQgf+LC9kwFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmZjlmNGVjYzVkMDUwNzYyYzU1Njk4NDQwZjg1ZWE5NmY3
MzMwZjIwHhcNMjQwNTI0MDkwMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjVmMWE0YjlhMjRiNmI4OGYyOTIzNTUyMGU0MjVkNjE1Yzg5ZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZSwWGrV2G2yApENPQ4JL3w0JR7V
Gf+4wCZ2H24HaE1e5P9DmqulxJd6UgsGioykjeJE9M1oaxPD5ZNhKY8LaWxUgzBP
reori92bSTswueZcDoilRdqDWr2IrFs0pxydZgO78NQa4saEUw92kYtgCqvq4uLm
nLWX0AWMoeGjg9VWwh1kqvU9rx1p63KeO7e4/QggXemYBgzGUMpDFnCzt5KHsRYK
ezgG682CjpnSLlRW4Jsd8R32EECb/aQQCLnpWKIYeLPAcRpaOkI/5T1pJ9ltkcb1
CKJDGqaAColPtxjblhB3Bu8uwdvlK6ZdVIp6dWuQtO3MVRtaMtwzpGpxBwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBJfGkuaJLa4jykjVSDkJdYVyJ1eMB8GA1UdIwQY
MBaAFF/59OzF0FB2LFVphED4XqlvczDyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWF9uMDdNWFFVSFlzVldtRVFQaGVxVzl6TVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83N2M2NjAtZjgyYy00MTA2LWFiYzkt
NGMxZTQ5ZWM4ZjE2LzEvRWw4YVM1b2t0cmlQS1NOVklPUWwxaFhJblY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83N2M2NjAtZjgyYy00MTA2LWFiYzktNGMxZTQ5ZWM4ZjE2
LzEvWF9uMDdNWFFVSFlzVldtRVFQaGVxVzl6TVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCBbXAAwQC
uRX4MBQEAgACMA4DBQMqBB2AAwUDKg4QADANBgkqhkiG9w0BAQsFAAOCAQEAkVwz
/61ozgxx1F3uRtBOqzF1v3sbJGi3tTonXAtxHVEOi99fB3DJb4wBFarhzmOEThVT
qBrbYJhUPDkpsvuyfzU1EYTDesNuu0h1smvdDsl8uglE9+9bbvO7xKIyYfjVaRih
Xp9zBsslVO9CHnq1HvtmvztlJi+7O4WPnqP98KqJFupGNBle3S4Zh07JBq2nMF0u
1A7gXyewloeOo71wZdi2ZHf4jJcYgYh+N+vwJwRbBZQgNgyW6QebIMUpPkUk+9c6
BKfJkXA4ztDPCB8jDW2nWHtTaC3JoKzEJFD3yYpbPwGiOm5x2z5QQmBUkCC7YmYg
akE6R+wKmEzbkyg5xg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 18:56:08 2024 by rpki-client on console-fra.rpki-client.org