Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/5Qe13A4vf3wC1CuWyDew7rTH9HM.roa
File: 5Qe13A4vf3wC1CuWyDew7rTH9HM.roa (raw, json)
Hash identifier: KR7UUHdRin0I+6ZiXzLyR+3JtPfGH0g7d0J2pwU7oPY=
Subject key identifier: E5:07:B5:DC:0E:2F:7F:7C:02:D4:2B:96:C8:37:B0:EE:B4:C7:F4:73
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018CCA2986E50563C5B3B78F9835D970A174
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/5Qe13A4vf3wC1CuWyDew7rTH9HM.roa
Signing time: Tue 02 Jan 2024 12:32:48 +0000
ROA not before: Tue 02 Jan 2024 12:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 85.203.15.0/24 maxlen: 24
85.203.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:86:e5:05:63:c5:b3:b7:8f:98:35:d9:70:a1:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 12:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e507b5dc0e2f7f7c02d42b96c837b0eeb4c7f473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1f:7e:ea:76:cc:a8:f8:db:9e:fb:e3:5b:00:
ac:12:dc:e4:7c:19:95:4e:3a:9f:f9:d1:13:d2:2a:
7c:65:56:78:79:43:af:7e:e9:4d:bd:46:95:96:bd:
91:9d:95:79:f2:d9:18:53:fd:57:f0:4a:9e:5c:1e:
19:16:8c:dc:9e:2d:53:5a:84:99:6f:8d:73:72:ef:
cc:bf:36:2c:b9:78:87:b9:9a:75:eb:1a:ae:59:24:
9c:25:30:89:99:68:6a:20:d2:7d:03:d7:b8:dd:62:
2a:13:ce:55:5d:b7:24:ac:99:0c:67:c8:b5:3b:73:
4d:af:00:12:c1:6c:ba:5c:86:4c:89:54:50:46:fe:
78:9c:68:e9:3a:cf:6a:f6:7c:70:2b:dd:2c:15:58:
fe:3e:d5:73:2f:aa:fc:3c:ab:df:f6:96:66:25:93:
fa:21:8f:05:96:b0:c9:d4:fe:a6:3d:21:25:31:ea:
5d:ba:8c:5a:30:c0:82:4d:c9:ce:79:7d:80:24:02:
50:85:a4:22:01:bb:3d:b3:92:71:8d:9e:ca:6e:83:
69:0c:ba:40:06:dc:38:75:51:7a:78:f8:1e:6b:9d:
02:c9:42:32:8a:b5:33:65:c0:84:ff:9a:ba:c0:d2:
8b:16:46:e6:43:81:32:ea:25:5e:00:5d:7d:89:41:
d2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:07:B5:DC:0E:2F:7F:7C:02:D4:2B:96:C8:37:B0:EE:B4:C7:F4:73
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/5Qe13A4vf3wC1CuWyDew7rTH9HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.15.0/24
85.203.36.0/24
Signature Algorithm: sha256WithRSAEncryption
36:81:66:45:35:8d:52:6a:96:6c:06:4b:12:a2:b2:16:e1:83:
ff:73:f3:db:b5:36:25:99:3e:91:86:b8:de:2a:c2:ff:00:58:
76:74:24:92:fa:7a:3d:93:d0:69:04:1f:71:a4:7b:ec:ea:d5:
7e:1e:fc:2a:4c:e5:8c:d1:c8:94:9c:57:31:ef:5d:88:1e:73:
61:0e:7f:3b:35:0c:5a:45:ad:2c:fe:8e:74:fb:35:bc:ac:fc:
0d:69:72:89:92:b7:f5:b4:9a:71:f4:56:f8:fa:7b:97:e5:23:
56:7a:66:97:df:81:42:0c:c7:ff:37:40:88:53:95:8b:6a:e7:
d4:aa:61:bb:a8:17:d8:02:e9:69:85:15:dc:d5:b8:e8:8f:b1:
f8:60:95:3e:75:ba:61:c1:cd:d8:28:e7:2a:0f:af:cf:a9:40:
cc:62:19:83:43:c8:f0:19:eb:dd:7a:d2:28:63:ce:fd:0f:e9:
36:3b:2b:43:49:4a:3a:2f:01:48:95:18:ac:74:d6:21:42:f6:
06:88:4e:0d:74:a0:e3:86:36:78:1a:69:eb:d2:21:3e:df:9c:
d7:8c:34:8b:18:1a:12:72:15:fc:b9:fc:ae:2c:b7:70:00:1c:
06:3a:25:59:53:f2:6b:d8:a3:38:90:c8:bf:72:b2:1e:10:78:
48:31:79:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKYblBWPFs7ePmDXZcKF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjQwMTAyMTIzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA3YjVkYzBlMmY3ZjdjMDJkNDJiOTZjODM3YjBlZWI0YzdmNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB9+6nbMqPjbnvvjWwCsEtzkfBmV
Tjqf+dET0ip8ZVZ4eUOvfulNvUaVlr2RnZV58tkYU/1X8EqeXB4ZFozcni1TWoSZ
b41zcu/MvzYsuXiHuZp16xquWSScJTCJmWhqINJ9A9e43WIqE85VXbckrJkMZ8i1
O3NNrwASwWy6XIZMiVRQRv54nGjpOs9q9nxwK90sFVj+PtVzL6r8PKvf9pZmJZP6
IY8FlrDJ1P6mPSElMepduoxaMMCCTcnOeX2AJAJQhaQiAbs9s5JxjZ7KboNpDLpA
Btw4dVF6ePgea50CyUIyirUzZcCE/5q6wNKLFkbmQ4Ey6iVeAF19iUHSQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOUHtdwOL398AtQrlsg3sO60x/RzMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvNVFlMTNBNHZmM3dDMUN1V3lEZXc3clRIOUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcsPAwQA
VcskMA0GCSqGSIb3DQEBCwUAA4IBAQA2gWZFNY1SapZsBksSorIW4YP/c/PbtTYl
mT6RhrjeKsL/AFh2dCSS+no9k9BpBB9xpHvs6tV+HvwqTOWM0ciUnFcx712IHnNh
Dn87NQxaRa0s/o50+zW8rPwNaXKJkrf1tJpx9Fb4+nuX5SNWemaX34FCDMf/N0CI
U5WLaufUqmG7qBfYAulphRXc1bjoj7H4YJU+dbphwc3YKOcqD6/PqUDMYhmDQ8jw
GevdetIoY879D+k2OytDSUo6LwFIlRisdNYhQvYGiE4NdKDjhjZ4Gmnr0iE+35zX
jDSLGBoSchX8ufyuLLdwABwGOiVZU/Jr2KM4kMi/crIeEHhIMXkG
-----END CERTIFICATE-----
Generated at Thu May 2 15:20:06 2024 by rpki-client on console-fra.rpki-client.org