Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/5jGGSJF4C0EvaGtK2odvF8Fz3VQ.roa
File: 5jGGSJF4C0EvaGtK2odvF8Fz3VQ.roa (raw, json)
Hash identifier: ASNn4tVN+o+IKJ+tM/Hmmn4cqkB4YpdW65GtjRpoXEs=
Subject key identifier: E6:31:86:48:91:78:0B:41:2F:68:6B:4A:DA:87:6F:17:C1:73:DD:54
Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Certificate serial: 018CC8023D4BAD50DB93C998DC4AADD9E193
Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/5jGGSJF4C0EvaGtK2odvF8Fz3VQ.roa
Signing time: Tue 02 Jan 2024 02:30:39 +0000
ROA not before: Tue 02 Jan 2024 02:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 94.198.152.0/24 maxlen: 24
94.198.154.0/24 maxlen: 24
94.198.155.0/24 maxlen: 24
94.198.156.0/24 maxlen: 24
94.198.157.0/24 maxlen: 24
94.198.153.0/24 maxlen: 24
94.198.158.0/24 maxlen: 24
94.198.159.0/24 maxlen: 24
185.76.134.0/24 maxlen: 24
185.76.135.0/24 maxlen: 24
193.176.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:3d:4b:ad:50:db:93:c9:98:dc:4a:ad:d9:e1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13
Validity
Not Before: Jan 2 02:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e631864891780b412f686b4ada876f17c173dd54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ca:5c:8a:fe:61:8f:fb:c7:d8:56:2f:34:04:
b1:b5:9c:26:8e:d7:41:0c:e8:c7:44:78:dd:dd:5a:
5b:28:dc:d8:ff:09:9d:73:7f:d8:86:ec:97:b6:ea:
f1:95:dd:31:52:c3:c2:a9:af:0c:f6:5d:d7:99:94:
b3:a2:ae:54:29:96:4f:e2:9f:da:9a:b1:30:29:ae:
e8:33:06:5a:7d:bb:6c:2a:0a:85:96:3c:62:c7:f3:
68:37:d6:ef:76:1d:71:9a:17:6c:0e:f9:70:22:5f:
37:47:a2:c4:1d:5c:a0:9d:8d:23:c0:b8:66:37:f1:
ac:a2:f7:c4:19:45:cd:67:05:1c:4c:37:5e:3c:8b:
55:ed:42:1a:d7:32:7a:61:9e:7f:83:20:7a:31:73:
e7:84:db:b4:ed:6e:6b:23:23:48:82:37:2d:6c:2c:
59:4f:ea:61:80:c4:9f:dd:66:e4:2a:15:6c:24:67:
4d:b0:c1:46:ff:67:84:d0:28:fc:cf:33:e3:dc:03:
f7:69:86:03:8b:25:18:5e:ab:b9:ac:c5:f6:26:bf:
fc:e1:a3:e8:04:3b:c6:f9:b8:04:2d:2f:45:ad:be:
f8:a0:f9:f5:eb:5d:74:f1:6b:04:a7:f4:5b:11:0b:
e5:e5:04:91:20:87:9a:ae:2c:4a:15:86:f8:ba:d0:
87:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:31:86:48:91:78:0B:41:2F:68:6B:4A:DA:87:6F:17:C1:73:DD:54
X509v3 Authority Key Identifier:
keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/5jGGSJF4C0EvaGtK2odvF8Fz3VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.152.0/21
185.76.134.0/23
193.176.144.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:0b:7d:de:ad:d8:18:1e:be:65:81:64:81:3c:4b:7e:cd:4b:
f1:c0:d3:86:2b:ef:1f:3b:a2:c9:ee:df:4e:27:82:58:c1:eb:
69:6a:9b:58:0b:6b:df:1b:53:2c:d7:49:e5:16:41:53:5f:da:
55:87:f3:bd:ce:8f:39:5c:9a:f8:94:c9:91:e5:31:82:b5:2c:
ce:40:54:58:01:b6:30:3a:56:e2:40:b2:87:e0:ba:23:78:04:
0a:47:85:d3:38:c3:96:08:3d:5f:e9:76:62:c4:25:25:f4:dd:
43:ba:35:7a:e3:a3:d8:e2:09:d9:a2:72:cc:8e:8e:09:d6:78:
18:c7:74:f7:33:78:85:15:8f:05:6e:a0:73:76:7c:8a:ef:8a:
1f:21:39:da:55:60:fe:0b:c0:fb:16:6b:f2:58:e5:64:47:11:
c6:bb:24:80:c5:dc:a9:db:d2:e5:75:3c:6f:eb:69:3c:72:f1:
b2:34:ac:60:99:b2:03:e2:e1:3b:de:b9:7a:a0:ba:b2:8d:7e:
67:a4:61:22:16:83:a8:47:9d:91:7c:b3:2e:06:f1:5e:21:74:
53:52:88:06:b0:af:fb:70:ad:85:bd:ec:07:ad:0a:68:e9:c6:
f2:b5:83:a3:ae:40:d7:5b:8e:41:67:86:9d:92:26:21:bd:89:
c5:e0:6b:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAj1LrVDbk8mY3Eqt2eGTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzJiMGVlMTg3OTI4NDA5MDY1ZDE5ZWU5YzA4NThlOGMx
N2VhMTMwHhcNMjQwMTAyMDIzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjMxODY0ODkxNzgwYjQxMmY2ODZiNGFkYTg3NmYxN2MxNzNkZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Mpciv5hj/vH2FYvNASxtZwmjtdB
DOjHRHjd3VpbKNzY/wmdc3/YhuyXturxld0xUsPCqa8M9l3XmZSzoq5UKZZP4p/a
mrEwKa7oMwZafbtsKgqFljxix/NoN9bvdh1xmhdsDvlwIl83R6LEHVygnY0jwLhm
N/GsovfEGUXNZwUcTDdePItV7UIa1zJ6YZ5/gyB6MXPnhNu07W5rIyNIgjctbCxZ
T+phgMSf3WbkKhVsJGdNsMFG/2eE0Cj8zzPj3AP3aYYDiyUYXqu5rMX2Jr/84aPo
BDvG+bgELS9Frb74oPn161108WsEp/RbEQvl5QSRIIearixKFYb4utCHhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOYxhkiReAtBL2hrStqHbxfBc91UMB8GA1UdIwQY
MBaAFNLCsO4YeShAkGXRnunAhY6MF+oTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2Et
YzhlODYzYzFhOGQxLzEvNWpHR1NKRjRDMEV2YUd0SzJvZHZGOEZ6M1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2EtYzhlODYzYzFhOGQx
LzEvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXsaYAwQB
uUyGAwQAwbCQMA0GCSqGSIb3DQEBCwUAA4IBAQCPC33erdgYHr5lgWSBPEt+zUvx
wNOGK+8fO6LJ7t9OJ4JYwetpaptYC2vfG1Ms10nlFkFTX9pVh/O9zo85XJr4lMmR
5TGCtSzOQFRYAbYwOlbiQLKH4LojeAQKR4XTOMOWCD1f6XZixCUl9N1DujV646PY
4gnZonLMjo4J1ngYx3T3M3iFFY8FbqBzdnyK74ofITnaVWD+C8D7FmvyWOVkRxHG
uySAxdyp29LldTxv62k8cvGyNKxgmbID4uE73rl6oLqyjX5npGEiFoOoR52RfLMu
BvFeIXRTUogGsK/7cK2FvewHrQpo6cbytYOjrkDXW45BZ4adkiYhvYnF4GuB
-----END CERTIFICATE-----
Generated at Thu May 2 17:40:49 2024 by rpki-client on console-ams.rpki-client.org