Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/5QiU4KjHe6rURZgDdGTMl8Zyezw.roa
File: 5QiU4KjHe6rURZgDdGTMl8Zyezw.roa (raw, json)
Hash identifier: yuQ/7BQYs9jM3jrH4SGueIzc9M29YlEPUkdg3FNwGhc=
Subject key identifier: E5:08:94:E0:A8:C7:7B:AA:D4:45:98:03:74:64:CC:97:C6:72:7B:3C
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CC94DFF5D677EF378ECAFE27883877091
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/5QiU4KjHe6rURZgDdGTMl8Zyezw.roa
Signing time: Tue 02 Jan 2024 08:33:01 +0000
ROA not before: Tue 02 Jan 2024 08:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35267
IP address blocks: 86.105.253.0/24 maxlen: 24
93.114.232.0/23 maxlen: 24
89.36.150.0/23 maxlen: 24
188.212.192.0/21 maxlen: 24
89.35.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ff:5d:67:7e:f3:78:ec:af:e2:78:83:87:70:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 2 08:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e50894e0a8c77baad44598037464cc97c6727b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:17:2d:81:df:07:e2:b3:94:f0:be:69:79:3b:
d3:5c:66:5f:49:4d:7f:de:67:9d:9c:fb:c3:ba:56:
a2:13:02:03:c5:5f:9b:b1:8b:06:f5:c0:e5:ca:f8:
da:3e:ee:96:40:b2:e6:e0:49:f0:13:4e:79:07:3b:
ae:50:f6:b1:67:e6:01:45:fa:b5:b8:3d:69:e4:61:
d3:ac:a1:b4:a8:0f:f4:76:11:3b:02:2e:d1:a2:1c:
fa:e5:28:72:ae:c6:ff:65:4d:a7:dc:75:11:c6:3d:
54:9c:46:2f:87:b1:eb:17:35:59:c8:21:83:d1:99:
f3:1d:62:76:ab:10:35:bc:e3:03:6b:06:75:b7:66:
0b:a1:3d:c3:22:1b:cb:76:98:f6:e2:24:ce:4e:29:
da:d5:d0:5a:90:e6:b2:be:10:ea:55:53:0a:dc:c4:
78:c3:30:34:ca:c5:aa:be:e2:56:c8:b3:8f:33:7e:
75:16:82:ad:4a:1f:bc:22:f4:6e:2e:39:74:6f:86:
c6:41:83:43:04:a2:ad:5f:7b:84:e7:93:ba:ab:65:
e5:ce:cc:5d:ff:49:d2:5f:8b:18:17:3b:c7:6d:68:
c3:74:2d:63:62:47:e6:dd:25:00:f4:02:ab:49:1b:
34:6f:61:72:ec:48:63:97:42:0a:f1:af:05:77:97:
53:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:08:94:E0:A8:C7:7B:AA:D4:45:98:03:74:64:CC:97:C6:72:7B:3C
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/5QiU4KjHe6rURZgDdGTMl8Zyezw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.253.0/24
89.35.38.0/24
89.36.150.0/23
93.114.232.0/23
188.212.192.0/21
Signature Algorithm: sha256WithRSAEncryption
27:65:5e:af:dc:59:e8:91:ad:5a:28:d0:50:19:be:50:93:41:
20:58:a9:c3:f9:7a:86:f6:76:8f:7c:c9:27:9f:fc:0e:3f:c4:
6c:e0:0e:f7:8c:90:9a:83:dd:ea:0f:b3:a3:93:c0:a3:9e:de:
cf:b3:74:d0:e1:ce:f8:f1:97:9e:ed:1c:ae:cd:ef:f2:93:1f:
5a:3b:44:b1:6f:fa:57:fe:2f:e5:61:3f:06:a2:05:9e:fa:8e:
b0:ef:cc:5c:4f:34:8f:e6:24:4f:13:6c:cf:d3:1c:ab:c2:0a:
94:33:88:cd:74:ef:32:96:58:6a:83:b2:d2:e5:c8:25:24:07:
2c:d6:10:4d:d7:ac:70:72:34:40:f4:ae:cb:30:5b:44:88:5d:
96:0b:53:36:1d:3b:9e:8e:24:92:79:d7:f4:c0:e2:f7:6c:d1:
aa:63:d0:cb:90:2c:c2:b7:a5:45:e7:f1:a2:3c:be:5c:59:a9:
98:7a:de:58:a0:11:d5:5a:9a:07:7a:c4:d7:a0:44:c3:d1:16:
10:95:9a:7e:39:87:8a:3c:3b:d2:a5:b1:be:08:82:72:bb:7c:
84:c9:e3:da:d2:53:58:e1:82:b9:a8:bb:95:47:ad:68:2b:01:
78:ec:89:2a:c2:8e:43:97:94:13:a4:9a:f6:4c:21:5d:1c:87:
e2:c9:1e:97
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJTf9dZ37zeOyv4niDh3CRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTAyMDgzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA4OTRlMGE4Yzc3YmFhZDQ0NTk4MDM3NDY0Y2M5N2M2NzI3YjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxctgd8H4rOU8L5peTvTXGZfSU1/
3mednPvDulaiEwIDxV+bsYsG9cDlyvjaPu6WQLLm4EnwE055BzuuUPaxZ+YBRfq1
uD1p5GHTrKG0qA/0dhE7Ai7Rohz65Shyrsb/ZU2n3HURxj1UnEYvh7HrFzVZyCGD
0ZnzHWJ2qxA1vOMDawZ1t2YLoT3DIhvLdpj24iTOTina1dBakOayvhDqVVMK3MR4
wzA0ysWqvuJWyLOPM351FoKtSh+8IvRuLjl0b4bGQYNDBKKtX3uE55O6q2Xlzsxd
/0nSX4sYFzvHbWjDdC1jYkfm3SUA9AKrSRs0b2Fy7Ehjl0IK8a8Fd5dTLQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOUIlOCox3uq1EWYA3RkzJfGcns8MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvNVFpVTRLakhlNnJVUlpnRGRHVE1sOFp5ZXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVmn9AwQA
WSMmAwQBWSSWAwQBXXLoAwQDvNTAMA0GCSqGSIb3DQEBCwUAA4IBAQAnZV6v3Fno
ka1aKNBQGb5Qk0EgWKnD+XqG9naPfMknn/wOP8Rs4A73jJCag93qD7Ojk8Cjnt7P
s3TQ4c748Zee7Ryuze/ykx9aO0Sxb/pX/i/lYT8GogWe+o6w78xcTzSP5iRPE2zP
0xyrwgqUM4jNdO8yllhqg7LS5cglJAcs1hBN16xwcjRA9K7LMFtEiF2WC1M2HTue
jiSSedf0wOL3bNGqY9DLkCzCt6VF5/GiPL5cWamYet5YoBHVWpoHesTXoETD0RYQ
lZp+OYeKPDvSpbG+CIJyu3yEyePa0lNY4YK5qLuVR61oKwF47Ikqwo5Dl5QTpJr2
TCFdHIfiyR6X
-----END CERTIFICATE-----
Generated at Mon May 20 13:21:30 2024 by rpki-client on console-fra.rpki-client.org