Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/5L-qrw7xy2P-ZT1WJNM9wHecmDI.roa
File: 5L-qrw7xy2P-ZT1WJNM9wHecmDI.roa (raw, json)
Hash identifier: UciTnwJYBjdS1BPN/0Zj47qIjpXbaBH79fEo+25pfBI=
Subject key identifier: E4:BF:AA:AF:0E:F1:CB:63:FE:65:3D:56:24:D3:3D:C0:77:9C:98:32
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018CC6B817C3442252D3C13003078301B903
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/5L-qrw7xy2P-ZT1WJNM9wHecmDI.roa
Signing time: Mon 01 Jan 2024 20:30:02 +0000
ROA not before: Mon 01 Jan 2024 20:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48123
IP address blocks: 85.140.57.0/24 maxlen: 24
85.140.56.0/24 maxlen: 24
85.140.58.0/24 maxlen: 24
85.140.59.0/24 maxlen: 24
85.140.72.0/24 maxlen: 24
85.140.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:17:c3:44:22:52:d3:c1:30:03:07:83:01:b9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jan 1 20:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4bfaaaf0ef1cb63fe653d5624d33dc0779c9832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8f:0c:d2:85:b4:f5:3d:b1:52:63:4d:15:79:
4b:74:d4:c1:18:7f:3b:a0:7f:ea:f6:2e:0f:e2:93:
17:0d:b1:c3:19:e2:ea:89:1e:0c:81:38:e1:e8:03:
73:1f:c8:15:ce:57:db:52:ff:f0:a5:70:a9:b0:ad:
2c:f6:3d:ce:45:d8:23:93:22:0c:25:3b:dc:99:24:
88:74:6c:25:f0:20:ab:34:f7:de:f4:da:4e:11:54:
41:ab:3f:79:37:36:fd:ac:86:10:a6:7a:6c:39:21:
46:6f:61:bf:56:90:2f:ca:28:9d:69:8f:a4:ea:cd:
92:fc:f1:c9:64:41:6d:2a:44:57:57:4d:17:2b:67:
d0:09:88:29:d4:4c:26:c8:db:56:93:47:d9:f1:db:
3d:a5:4f:8c:62:e1:99:12:13:e9:69:5c:e2:fd:4c:
3d:fc:f2:3f:6b:57:ef:81:36:4a:27:34:ea:8b:36:
9e:7c:44:35:21:96:59:d2:dc:b9:9f:a8:7a:31:32:
cb:e9:4d:04:0c:4c:0d:34:88:1f:ef:47:e4:22:8a:
70:08:1e:41:8d:81:ef:58:0d:0d:aa:59:07:7a:6a:
54:cd:d9:ea:41:ce:f1:02:68:8c:67:bd:4a:31:c5:
79:3c:4f:fd:ed:70:3e:4e:50:87:ee:25:2a:c3:d5:
d6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:BF:AA:AF:0E:F1:CB:63:FE:65:3D:56:24:D3:3D:C0:77:9C:98:32
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/5L-qrw7xy2P-ZT1WJNM9wHecmDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.140.56.0/22
85.140.72.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:a4:27:08:68:4e:a0:d6:7a:1c:d9:da:8f:ff:c7:5c:c8:00:
c3:6b:a4:50:d5:7f:6f:fe:3a:d1:a4:9a:26:3d:e9:0e:15:87:
4e:46:c3:8f:a6:d5:42:f7:fb:d5:7d:77:e7:47:78:e8:8b:30:
65:9a:57:a5:bd:68:49:c9:e6:17:3f:e3:11:27:ef:2f:2f:42:
b5:3c:d2:b4:ac:ef:e5:b9:e4:75:e5:33:ba:49:21:7d:5e:8f:
e6:d2:e4:14:53:c9:cd:05:60:3a:af:69:48:36:e7:0e:29:df:
01:68:bd:a1:06:00:cc:0b:d1:9a:12:5c:ab:3d:43:60:28:4d:
0e:48:81:81:bc:3a:2f:7d:c9:50:a5:39:f7:91:d6:29:ea:9d:
75:68:ed:91:e4:1b:b9:46:2d:da:a2:0d:f2:5b:78:76:47:f8:
67:1f:ed:ed:44:2d:7f:c2:4b:c9:66:55:c1:e6:2e:ff:c9:9d:
4d:1d:24:c5:45:c3:fa:9f:9c:1d:1a:de:f2:75:7e:3a:4d:88:
2d:e7:c2:5d:fd:d2:7e:09:eb:f9:a8:8e:e1:8f:d6:e5:a1:a5:
16:6f:69:a3:32:5b:a2:97:91:b3:62:9e:77:8d:8f:31:8f:46:
7d:43:35:94:48:8b:45:55:11:ef:d0:78:12:ff:ef:0b:ea:40:
fc:70:87:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuBfDRCJS08EwAweDAbkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjQwMTAxMjAzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGJmYWFhZjBlZjFjYjYzZmU2NTNkNTYyNGQzM2RjMDc3OWM5ODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo8M0oW09T2xUmNNFXlLdNTBGH87
oH/q9i4P4pMXDbHDGeLqiR4MgTjh6ANzH8gVzlfbUv/wpXCpsK0s9j3ORdgjkyIM
JTvcmSSIdGwl8CCrNPfe9NpOEVRBqz95Nzb9rIYQpnpsOSFGb2G/VpAvyiidaY+k
6s2S/PHJZEFtKkRXV00XK2fQCYgp1EwmyNtWk0fZ8ds9pU+MYuGZEhPpaVzi/Uw9
/PI/a1fvgTZKJzTqizaefEQ1IZZZ0ty5n6h6MTLL6U0EDEwNNIgf70fkIopwCB5B
jYHvWA0NqlkHempUzdnqQc7xAmiMZ71KMcV5PE/97XA+TlCH7iUqw9XWMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOS/qq8O8ctj/mU9ViTTPcB3nJgyMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvNUwtcXJ3N3h5MlAtWlQxV0pOTTl3SGVjbURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVYw4AwQB
VYxIMA0GCSqGSIb3DQEBCwUAA4IBAQBtpCcIaE6g1noc2dqP/8dcyADDa6RQ1X9v
/jrRpJomPekOFYdORsOPptVC9/vVfXfnR3joizBlmlelvWhJyeYXP+MRJ+8vL0K1
PNK0rO/lueR15TO6SSF9Xo/m0uQUU8nNBWA6r2lINucOKd8BaL2hBgDMC9GaElyr
PUNgKE0OSIGBvDovfclQpTn3kdYp6p11aO2R5Bu5Ri3aog3yW3h2R/hnH+3tRC1/
wkvJZlXB5i7/yZ1NHSTFRcP6n5wdGt7ydX46TYgt58Jd/dJ+Cev5qI7hj9bloaUW
b2mjMluil5GzYp53jY8xj0Z9QzWUSItFVRHv0HgS/+8L6kD8cIfS
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:52 2024 by rpki-client on console-fra.rpki-client.org