Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/jZ2286YpWSi-uMW5rExfwv073hI.roa
File: jZ2286YpWSi-uMW5rExfwv073hI.roa (raw, json)
Hash identifier: OHdpFP5I0KJeFx6rvbVh31RX8VvqFnbilG7DTbeVkI4=
Subject key identifier: 8D:9D:B6:F3:A6:29:59:28:BE:B8:C5:B9:AC:4C:5F:C2:FD:3B:DE:12
Certificate issuer: /CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Certificate serial: 018CC4253E5752CF69F3CC52E7E9EE5E87EC
Authority key identifier: E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/jZ2286YpWSi-uMW5rExfwv073hI.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39591
IP address blocks: 185.133.88.0/22 maxlen: 22
188.116.45.0/24 maxlen: 24
185.117.226.0/24 maxlen: 24
212.11.88.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 04:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3e:57:52:cf:69:f3:cc:52:e7:e9:ee:5e:87:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d9db6f3a6295928beb8c5b9ac4c5fc2fd3bde12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:24:ad:3a:31:d7:4a:b3:0c:99:15:06:11:4c:
ab:6e:e3:09:5f:1d:bb:c4:0e:79:77:1d:fa:3a:6a:
c1:53:f8:ad:a9:08:06:ea:3f:15:ee:46:f7:9a:36:
66:a4:ac:86:71:19:bb:7e:42:5f:e0:4a:15:1f:b3:
63:55:c9:28:28:ab:62:a1:28:f3:85:1e:31:e7:9d:
18:cf:33:16:14:03:01:66:56:56:2e:6f:8b:27:0e:
dc:7e:a9:e7:37:d1:e2:21:08:bb:09:73:f2:6f:34:
b9:43:86:17:20:7e:d0:22:0d:8d:9a:dd:42:d0:e3:
ec:fc:33:93:b3:cc:eb:73:a6:2e:04:0f:e5:1c:fc:
71:41:92:52:20:24:9f:38:f6:d9:a7:77:1a:2c:af:
59:37:fe:2d:36:89:1a:65:77:86:1e:97:1f:40:ab:
04:40:a0:35:c5:44:46:c8:94:7e:04:99:01:db:22:
ad:64:74:9f:9a:51:94:ed:47:b7:2d:eb:16:dd:8f:
08:2d:8b:65:0f:ac:66:d8:bd:ef:d2:8f:e1:85:a2:
24:d8:7b:56:ef:d1:99:23:84:e8:d6:39:ba:95:64:
d6:12:31:91:76:91:9a:a5:be:e2:86:6d:ea:df:36:
ff:fe:e7:b6:b1:67:3f:03:43:d9:f5:79:75:b2:17:
b0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9D:B6:F3:A6:29:59:28:BE:B8:C5:B9:AC:4C:5F:C2:FD:3B:DE:12
X509v3 Authority Key Identifier:
keyid:E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/jZ2286YpWSi-uMW5rExfwv073hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.226.0/24
185.133.88.0/22
188.116.45.0/24
212.11.88.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:be:79:a9:ac:67:e2:6e:3d:23:59:87:7f:3a:d7:a8:06:2c:
94:f5:fa:a9:f3:d9:21:99:75:e2:60:f8:5b:71:50:92:be:11:
7c:70:26:5a:fb:5e:37:96:e2:be:62:bf:a3:65:74:aa:70:64:
dd:c7:cb:b7:2c:8f:77:cd:9c:23:55:c1:8c:58:b0:94:2e:65:
3c:41:a8:a8:90:48:72:8c:1a:79:25:b8:dc:fa:6a:29:42:9e:
bf:14:6d:3c:43:67:e6:ce:88:92:1f:88:5c:0b:db:03:69:62:
63:59:83:b5:7f:7f:dc:91:56:fc:08:68:c1:60:5a:db:9c:51:
4a:18:d4:af:c0:df:a9:1b:14:6c:37:b8:0a:d0:f5:54:9e:52:
5f:69:e2:b4:fe:05:b0:6a:f2:ba:57:ad:17:b6:f7:a4:30:ea:
f9:a3:17:50:63:58:b1:58:64:98:7c:a4:ba:a1:1d:6f:9f:3f:
c8:ef:09:db:98:e7:f1:a0:ad:2e:3c:2c:38:7b:ad:6a:c2:9a:
16:a2:70:77:0f:52:93:46:18:6d:ea:43:52:cb:ab:b8:c5:18:
3c:e9:72:fa:50:f7:83:7c:f8:66:38:47:bb:fa:25:31:de:7e:
a7:cf:fd:2b:c8:c5:b2:43:c3:df:b6:b3:ef:9a:2d:83:30:87:
b1:53:5a:0c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEJT5XUs9p88xS5+nuXofsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzM0MGVlNWI5ZGFmMWE2ODE4ZjBkZjQwN2ZhNTk3NTg4
NmIxMGYwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDlkYjZmM2E2Mjk1OTI4YmViOGM1YjlhYzRjNWZjMmZkM2JkZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviStOjHXSrMMmRUGEUyrbuMJXx27
xA55dx36OmrBU/itqQgG6j8V7kb3mjZmpKyGcRm7fkJf4EoVH7NjVckoKKtioSjz
hR4x550YzzMWFAMBZlZWLm+LJw7cfqnnN9HiIQi7CXPybzS5Q4YXIH7QIg2Nmt1C
0OPs/DOTs8zrc6YuBA/lHPxxQZJSICSfOPbZp3caLK9ZN/4tNokaZXeGHpcfQKsE
QKA1xURGyJR+BJkB2yKtZHSfmlGU7Ue3LesW3Y8ILYtlD6xm2L3v0o/hhaIk2HtW
79GZI4To1jm6lWTWEjGRdpGapb7ihm3q3zb//ue2sWc/A0PZ9Xl1shewGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI2dtvOmKVkovrjFuaxMX8L9O94SMB8GA1UdIwQY
MBaAFOXDQO5bna8aaBjw30B/pZdYhrEPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2It
NmUxZjJmNjg1MWNmLzEvaloyMjg2WXBXU2ktdU1XNXJFeGZ3djA3M2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2ItNmUxZjJmNjg1MWNm
LzEvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuXXiAwQC
uYVYAwQAvHQtAwQC1AtYMA0GCSqGSIb3DQEBCwUAA4IBAQBsvnmprGfibj0jWYd/
OteoBiyU9fqp89khmXXiYPhbcVCSvhF8cCZa+143luK+Yr+jZXSqcGTdx8u3LI93
zZwjVcGMWLCULmU8QaiokEhyjBp5Jbjc+mopQp6/FG08Q2fmzoiSH4hcC9sDaWJj
WYO1f3/ckVb8CGjBYFrbnFFKGNSvwN+pGxRsN7gK0PVUnlJfaeK0/gWwavK6V60X
tvekMOr5oxdQY1ixWGSYfKS6oR1vnz/I7wnbmOfxoK0uPCw4e61qwpoWonB3D1KT
Rhht6kNSy6u4xRg86XL6UPeDfPhmOEe7+iUx3n6nz/0ryMWyQ8PftrPvmi2DMIex
U1oM
-----END CERTIFICATE-----
Generated at Mon Jun 3 10:14:07 2024 by rpki-client on console-ams.rpki-client.org