Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/5WBjFGfcfwSP9jOwVPtBQp7H0cc.roa
File: 5WBjFGfcfwSP9jOwVPtBQp7H0cc.roa (raw, json)
Hash identifier: rM5tozWVbWgcarS4QryenO8qUFUaUA7OMB0V60k5m8Y=
Subject key identifier: E5:60:63:14:67:DC:7F:04:8F:F6:33:B0:54:FB:41:42:9E:C7:D1:C7
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 018D6423FBC8229DEA73E636753E8F4D122B
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/5WBjFGfcfwSP9jOwVPtBQp7H0cc.roa
Signing time: Thu 01 Feb 2024 10:08:16 +0000
ROA not before: Thu 01 Feb 2024 10:08:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34343
IP address blocks: 85.12.56.0/24 maxlen: 24
91.148.192.0/24 maxlen: 24
91.148.224.0/22 maxlen: 24
91.148.228.0/22 maxlen: 24
91.148.240.0/22 maxlen: 24
91.148.244.0/22 maxlen: 24
176.124.71.0/24 maxlen: 24
185.91.29.0/24 maxlen: 24
193.138.220.0/24 maxlen: 24
195.200.84.0/24 maxlen: 24
195.200.85.0/24 maxlen: 24
2a01:788:aaaa::/48 maxlen: 48
2a01:788:aaab::/48 maxlen: 48
2a01:788:aaac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.mft
rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:23:fb:c8:22:9d:ea:73:e6:36:75:3e:8f:4d:12:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Feb 1 10:08:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e560631467dc7f048ff633b054fb41429ec7d1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e9:88:6d:6e:b5:aa:ca:e8:e5:e4:ae:61:f9:
08:f1:ed:e3:3c:df:74:48:d6:f4:ba:11:df:c9:a2:
47:5a:e9:87:74:ce:0e:31:8a:23:47:65:cc:24:96:
c6:54:d5:18:aa:27:bd:d9:65:22:67:e7:b5:d5:24:
fc:10:00:61:31:db:de:00:a5:86:be:da:59:93:76:
4d:ae:1d:7f:90:c6:34:96:7f:5a:ab:a2:88:51:4f:
4d:66:b8:c8:97:3c:45:58:a0:e3:bd:a3:a1:94:14:
82:dc:54:31:c9:7f:da:08:ff:30:c9:9c:2b:4f:6a:
89:29:d5:43:70:09:4e:04:94:0d:a8:88:a3:1a:3a:
b2:c1:88:28:a4:83:6d:bc:79:11:9f:eb:b2:55:51:
dd:26:f2:05:49:7a:11:ea:4e:cf:e0:c9:8d:84:ea:
84:05:76:1a:e0:fa:57:4e:6f:93:f3:c5:17:b1:5a:
45:76:66:ca:39:8e:6f:02:51:d2:ac:aa:69:3c:60:
d3:69:79:a4:3d:f7:47:a3:72:b9:5f:72:9b:b6:84:
0e:d0:52:c9:e1:6e:3f:c7:fd:ac:4c:ec:ee:33:79:
da:9d:2e:2c:92:fc:a2:44:c2:e2:a6:8a:3c:cc:47:
70:88:0f:4d:db:47:0f:8d:28:d7:e0:41:93:6f:36:
5c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:60:63:14:67:DC:7F:04:8F:F6:33:B0:54:FB:41:42:9E:C7:D1:C7
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/5WBjFGfcfwSP9jOwVPtBQp7H0cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.56.0/24
91.148.192.0/24
91.148.224.0/21
91.148.240.0/21
176.124.71.0/24
185.91.29.0/24
193.138.220.0/24
195.200.84.0/23
IPv6:
2a01:788:aaaa::-2a01:788:aaac:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
32:7a:2d:85:53:ed:67:3d:98:f0:87:0c:93:47:6b:cf:79:66:
6e:9b:ed:c7:4c:1f:ca:22:d2:4c:26:36:28:78:04:9d:15:81:
5e:a5:e5:13:eb:18:b5:6a:f1:9e:73:a3:9d:4f:7a:e1:2e:7c:
50:c7:f7:08:ab:f5:8b:7e:97:92:65:5b:7c:9a:e3:70:45:70:
73:c4:e7:a6:17:81:f4:1c:37:75:bd:3d:a3:71:49:b9:fe:e3:
e6:1b:53:53:76:03:75:fc:fc:9a:7a:dc:2b:b9:bc:67:16:85:
a2:f1:42:53:b1:1b:9a:fe:a3:23:ff:32:3b:34:df:df:a0:1a:
c1:eb:01:8e:a8:32:93:35:33:f3:b9:45:2a:69:d4:5b:dc:44:
81:95:33:35:1a:f1:0d:c8:c1:f8:e4:a4:f1:95:84:a7:e3:cc:
db:5c:b5:a2:f3:65:d0:46:77:1e:9a:35:e2:e6:a8:00:53:e3:
2a:e3:d7:50:7c:f4:c0:e8:b9:ab:17:33:76:75:f6:38:11:5e:
ab:56:31:5f:d6:60:91:f6:22:bb:66:a9:bc:08:f5:d9:c8:86:
2a:f7:a5:89:d4:f2:28:8b:fc:c4:8f:3e:19:94:d9:14:a7:fe:
19:c1:0b:5b:87:28:8b:cc:59:a4:d2:9c:19:51:10:8f:6c:5d:
ae:d3:76:08
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY1kI/vIIp3qc+Y2dT6PTRIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDhjZjE0NmI0YzczZDI3NDA5NmQ3MDU3MDhkMjRiNzI5
MzI5ZjgwHhcNMjQwMjAxMTAwODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTYwNjMxNDY3ZGM3ZjA0OGZmNjMzYjA1NGZiNDE0MjllYzdkMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoumIbW61qsro5eSuYfkI8e3jPN90
SNb0uhHfyaJHWumHdM4OMYojR2XMJJbGVNUYqie92WUiZ+e11ST8EABhMdveAKWG
vtpZk3ZNrh1/kMY0ln9aq6KIUU9NZrjIlzxFWKDjvaOhlBSC3FQxyX/aCP8wyZwr
T2qJKdVDcAlOBJQNqIijGjqywYgopINtvHkRn+uyVVHdJvIFSXoR6k7P4MmNhOqE
BXYa4PpXTm+T88UXsVpFdmbKOY5vAlHSrKppPGDTaXmkPfdHo3K5X3KbtoQO0FLJ
4W4/x/2sTOzuM3nanS4skvyiRMLipoo8zEdwiA9N20cPjSjX4EGTbzZc4QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFOVgYxRn3H8Ej/YzsFT7QUKex9HHMB8GA1UdIwQY
MBaAFEtIzxRrTHPSdAltcFcI0ktykyn4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMt
NjRhNmEwNWI5OTA1LzEvNVdCakZHZmNmd1NQOWpPd1ZQdEJRcDdIMGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zYmJiNTItMzkzZS00NzYyLWE3MGMtNjRhNmEwNWI5OTA1
LzEvUzBqUEZHdE1jOUowQ1cxd1Z3alNTM0tUS2ZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA2BAIAATAwAwQAVQw4AwQA
W5TAAwQDW5TgAwQDW5TwAwQAsHxHAwQAuVsdAwQAwYrcAwQBw8hUMBoEAgACMBQw
EgMHASoBB4iqqgMHACoBB4iqrDANBgkqhkiG9w0BAQsFAAOCAQEAMnothVPtZz2Y
8IcMk0drz3lmbpvtx0wfyiLSTCY2KHgEnRWBXqXlE+sYtWrxnnOjnU964S58UMf3
CKv1i36XkmVbfJrjcEVwc8TnpheB9Bw3db09o3FJuf7j5htTU3YDdfz8mnrcK7m8
ZxaFovFCU7Ebmv6jI/8yOzTf36AawesBjqgykzUz87lFKmnUW9xEgZUzNRrxDcjB
+OSk8ZWEp+PM21y1ovNl0EZ3Hpo14uaoAFPjKuPXUHz0wOi5qxczdnX2OBFeq1Yx
X9ZgkfYiu2apvAj12ciGKvelidTyKIv8xI8+GZTZFKf+GcELW4coi8xZpNKcGVEQ
j2xdrtN2CA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:36:40 2024 by rpki-client on console-ams.rpki-client.org