Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/1SpiLLhykGXwC0P7UEi97EOjSFI.roa
File: 1SpiLLhykGXwC0P7UEi97EOjSFI.roa (raw, json)
Hash identifier: z3Wugwhzy6TaKULx/v1wXneYG/ddnVaLgDKxIgfrzeU=
Subject key identifier: D5:2A:62:2C:B8:72:90:65:F0:0B:43:FB:50:48:BD:EC:43:A3:48:52
Certificate issuer: /CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Certificate serial: 018CC64B86656B078F83B17F2DEEBF071CED
Authority key identifier: 65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/1SpiLLhykGXwC0P7UEi97EOjSFI.roa
Signing time: Mon 01 Jan 2024 18:31:27 +0000
ROA not before: Mon 01 Jan 2024 18:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205614
IP address blocks: 185.171.44.0/22 maxlen: 24
193.22.251.0/24 maxlen: 24
45.135.124.0/22 maxlen: 22
45.89.160.0/23 maxlen: 23
45.89.162.0/24 maxlen: 24
2a0e:8b40::/29 maxlen: 29
2a0d:1f80::/32 maxlen: 36
2a0b:e880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:86:65:6b:07:8f:83:b1:7f:2d:ee:bf:07:1c:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6506096695f7e6610b19b08e1d7fd9c4d914a4f0
Validity
Not Before: Jan 1 18:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d52a622cb8729065f00b43fb5048bdec43a34852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cc:0c:76:1a:2d:b8:c4:82:2b:59:bc:b8:91:
43:cf:f6:b5:a6:8c:98:93:6c:e2:07:9d:b8:47:ec:
06:a1:91:ec:2e:03:27:7b:e3:98:21:e3:67:5c:ea:
68:11:86:f1:c5:ed:34:e6:86:7c:66:e8:6a:80:3a:
6e:cf:06:20:c1:74:2b:21:f6:be:10:d0:35:dd:ed:
c9:9a:eb:c8:fc:20:22:d8:52:78:d7:32:6a:84:d8:
09:d0:8f:08:69:3d:f6:ab:c7:29:1f:c7:c8:ac:fb:
db:cd:3b:68:e4:07:6d:b3:b8:a6:b0:e3:a3:35:2c:
d9:dc:1b:a8:a0:cd:e6:84:e5:4d:44:09:93:f5:be:
9a:8b:d0:97:35:7d:04:08:44:09:44:be:02:bb:10:
88:dc:3a:50:2e:0f:8b:9d:fd:d5:1f:9a:2e:ed:03:
ad:27:47:c7:61:b1:da:a2:83:49:87:ba:86:7a:94:
80:11:67:2b:66:7d:e1:12:d9:47:18:e6:d4:93:69:
8e:f8:9a:a1:cd:a1:7a:29:4b:9f:49:94:de:ac:98:
91:50:2c:f4:5e:a1:88:70:a5:77:39:b3:b1:de:39:
5b:0d:6e:59:62:19:8d:23:93:8b:43:a4:ab:80:fb:
1c:c6:4b:8f:8f:14:ee:b7:fe:9f:85:a2:8b:a6:fc:
62:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:2A:62:2C:B8:72:90:65:F0:0B:43:FB:50:48:BD:EC:43:A3:48:52
X509v3 Authority Key Identifier:
keyid:65:06:09:66:95:F7:E6:61:0B:19:B0:8E:1D:7F:D9:C4:D9:14:A4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZQYJZpX35mELGbCOHX_ZxNkUpPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/1SpiLLhykGXwC0P7UEi97EOjSFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/f5baa4-f670-4385-bc38-a4152558d18c/1/ZQYJZpX35mELGbCOHX_ZxNkUpPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.160.0-45.89.162.255
45.135.124.0/22
185.171.44.0/22
193.22.251.0/24
IPv6:
2a0b:e880::/29
2a0d:1f80::/32
2a0e:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
1c:d8:fa:21:4c:40:63:fb:c3:b7:a7:0a:f7:e3:99:8e:b6:65:
d3:77:4b:6b:41:4b:18:19:06:e7:79:f6:15:97:e3:41:d3:9d:
32:3d:9f:50:bc:55:fb:27:30:ed:bb:ed:4c:7b:38:90:68:95:
6e:a3:64:16:b6:6f:08:a8:ef:7a:cb:df:72:f1:47:13:ba:09:
c1:ef:6a:2c:d0:6a:5c:2d:fc:4b:f4:45:0b:36:b6:96:5d:f1:
89:d4:0f:84:b2:f2:5b:00:27:fd:c0:3e:b9:38:24:d8:58:b6:
46:29:3d:2a:9e:f9:29:47:36:4d:ed:bd:1c:d0:0d:e8:4f:01:
8b:5c:1c:78:4b:d7:56:d7:07:15:f7:e0:2a:3b:25:ce:d4:6b:
f1:6d:8d:9a:89:f8:a0:59:2e:fc:67:8e:4e:b8:f9:8f:9b:37:
a1:2e:9b:c7:53:e4:6a:63:e8:b7:46:f2:48:99:ff:0a:66:95:
51:82:46:12:1a:95:af:62:ff:f3:2a:78:95:8f:e7:b6:e7:76:
af:4d:7e:47:9a:16:53:f6:f5:e2:0f:89:d5:20:0f:98:2f:73:
d0:8a:03:d7:3a:d8:56:c5:d5:1b:9e:d5:0a:69:97:a7:63:dc:
b1:df:0d:58:6d:e4:cf:71:a7:65:09:c4:3e:2c:99:bc:08:c5:
f8:27:70:5f
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYzGS4ZlawePg7F/Le6/BxztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MDYwOTY2OTVmN2U2NjEwYjE5YjA4ZTFkN2ZkOWM0ZDkx
NGE0ZjAwHhcNMjQwMTAxMTgzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTJhNjIyY2I4NzI5MDY1ZjAwYjQzZmI1MDQ4YmRlYzQzYTM0ODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMwMdhotuMSCK1m8uJFDz/a1poyY
k2ziB524R+wGoZHsLgMne+OYIeNnXOpoEYbxxe005oZ8ZuhqgDpuzwYgwXQrIfa+
ENA13e3JmuvI/CAi2FJ41zJqhNgJ0I8IaT32q8cpH8fIrPvbzTto5Adts7imsOOj
NSzZ3BuooM3mhOVNRAmT9b6ai9CXNX0ECEQJRL4CuxCI3DpQLg+Lnf3VH5ou7QOt
J0fHYbHaooNJh7qGepSAEWcrZn3hEtlHGObUk2mO+JqhzaF6KUufSZTerJiRUCz0
XqGIcKV3ObOx3jlbDW5ZYhmNI5OLQ6SrgPscxkuPjxTut/6fhaKLpvxiQQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFNUqYiy4cpBl8AtD+1BIvexDo0hSMB8GA1UdIwQY
MBaAFGUGCWaV9+ZhCxmwjh1/2cTZFKTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgt
YTQxNTI1NThkMThjLzEvMVNwaUxMaHlrR1h3QzBQN1VFaTk3RU9qU0ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9mNWJhYTQtZjY3MC00Mzg1LWJjMzgtYTQxNTI1NThkMThj
LzEvWlFZSlpwWDM1bUVMR2JDT0hYX1p4TmtVcFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAmBAIAATAgMAwDBAUtWaAD
BAAtWaIDBAIth3wDBAK5qywDBADBFvswGwQCAAIwFQMFAyoL6IADBQAqDR+AAwUD
Kg6LQDANBgkqhkiG9w0BAQsFAAOCAQEAHNj6IUxAY/vDt6cK9+OZjrZl03dLa0FL
GBkG53n2FZfjQdOdMj2fULxV+ycw7bvtTHs4kGiVbqNkFrZvCKjvesvfcvFHE7oJ
we9qLNBqXC38S/RFCza2ll3xidQPhLLyWwAn/cA+uTgk2Fi2Rik9Kp75KUc2Te29
HNAN6E8Bi1wceEvXVtcHFffgKjslztRr8W2Nmon4oFku/GeOTrj5j5s3oS6bx1Pk
amPot0bySJn/CmaVUYJGEhqVr2L/8yp4lY/ntud2r01+R5oWU/b14g+J1SAPmC9z
0IoD1zrYVsXVG57VCmmXp2Pcsd8NWG3kz3GnZQnEPiyZvAjF+CdwXw==
-----END CERTIFICATE-----
Generated at Mon May 20 07:39:17 2024 by rpki-client on console-fra.rpki-client.org