Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/5ozpL5w8_gRCY-B3fG0KOcdTeNY.roa
File: 5ozpL5w8_gRCY-B3fG0KOcdTeNY.roa (raw, json)
Hash identifier: HbDKKgAteCGQaTBgu4bbxW34llukleqLb8U6qsEp8ck=
Subject key identifier: E6:8C:E9:2F:9C:3C:FE:04:42:63:E0:77:7C:6D:0A:39:C7:53:78:D6
Certificate issuer: /CN=3595c7bc7e5fcd769ed6e53111f3c5e4891f9da1
Certificate serial: 018CC64B6A6E3A8F57205527E951D1920CBF
Authority key identifier: 35:95:C7:BC:7E:5F:CD:76:9E:D6:E5:31:11:F3:C5:E4:89:1F:9D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZXHvH5fzXae1uUxEfPF5IkfnaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/5ozpL5w8_gRCY-B3fG0KOcdTeNY.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201500
IP address blocks: 185.72.213.0/24 maxlen: 24
185.72.212.0/24 maxlen: 24
185.72.212.0/22 maxlen: 22
185.72.212.0/23 maxlen: 23
185.72.214.0/24 maxlen: 24
185.72.214.0/23 maxlen: 23
185.72.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/NZXHvH5fzXae1uUxEfPF5IkfnaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/NZXHvH5fzXae1uUxEfPF5IkfnaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZXHvH5fzXae1uUxEfPF5IkfnaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6a:6e:3a:8f:57:20:55:27:e9:51:d1:92:0c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3595c7bc7e5fcd769ed6e53111f3c5e4891f9da1
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e68ce92f9c3cfe044263e0777c6d0a39c75378d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7e:f5:09:95:c5:ff:d4:36:d1:e6:9a:9e:14:
0d:1e:b1:9c:56:8e:54:1e:70:e5:67:1e:a4:db:be:
5f:bc:fa:33:61:c5:86:9c:ea:11:25:07:4f:10:ff:
d6:a2:28:d6:c1:74:96:a7:bb:c9:84:78:92:a3:8f:
c7:fc:32:8f:fc:dc:b8:ea:e5:8a:2a:b8:98:4b:38:
c9:d0:e7:ff:a0:2e:9c:2d:a0:f0:80:5e:79:23:93:
e1:45:a5:09:09:1e:c8:4d:47:15:fc:99:0e:0f:ef:
5d:1e:12:65:2a:60:f5:bb:6c:24:42:3f:20:b3:6e:
ed:ae:61:3b:c0:0e:50:f9:4f:e2:69:a0:25:10:ed:
17:ed:8e:e2:8c:3a:06:71:f4:46:01:30:da:e2:b3:
bf:6c:6f:bc:6c:f1:4a:f9:dd:59:a3:fe:6d:71:ed:
63:5d:e0:61:fe:3e:6d:41:d8:30:af:18:84:70:12:
30:ca:90:9b:ce:64:e0:53:2a:57:be:72:87:4c:45:
cc:f7:e0:58:24:06:74:21:c1:27:ef:40:c7:f6:43:
03:5c:01:1d:28:f7:ab:32:7c:95:8d:7b:7e:53:65:
91:58:20:3d:56:7c:82:01:25:1d:a9:a0:6c:4e:e3:
99:16:24:f5:b1:11:a7:27:7a:05:72:63:f4:84:a0:
df:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:8C:E9:2F:9C:3C:FE:04:42:63:E0:77:7C:6D:0A:39:C7:53:78:D6
X509v3 Authority Key Identifier:
keyid:35:95:C7:BC:7E:5F:CD:76:9E:D6:E5:31:11:F3:C5:E4:89:1F:9D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZXHvH5fzXae1uUxEfPF5IkfnaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/5ozpL5w8_gRCY-B3fG0KOcdTeNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/01dc3c-d926-4cdf-9787-be044a4df3a0/1/NZXHvH5fzXae1uUxEfPF5IkfnaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.212.0/22
Signature Algorithm: sha256WithRSAEncryption
98:2a:ee:c4:61:fa:43:a5:99:19:2d:5d:ba:6d:24:a0:31:b5:
70:5f:2a:0b:6c:80:45:2f:11:24:6d:98:e2:70:af:ca:e8:91:
01:25:00:4c:9c:c2:ce:08:80:a5:27:75:87:e9:24:18:56:ce:
82:15:d2:69:4d:46:ed:9b:f8:27:5c:6e:9b:7b:f5:e3:b1:87:
ad:8f:65:39:97:1a:aa:a3:46:b1:6a:ce:fb:14:3a:d0:9c:bd:
89:53:c6:3c:17:74:f9:92:78:86:c3:7f:6b:a1:e5:c8:a7:a2:
ba:a0:2f:19:4c:e6:3a:bf:00:b9:86:1b:38:68:20:87:2e:14:
81:0f:3a:68:12:4e:55:d5:9c:c8:a4:ae:f4:e2:b8:1e:fa:86:
f9:d4:cc:d9:62:ae:c7:e3:95:54:b0:48:26:da:84:4b:81:0f:
e9:1d:a1:80:14:35:70:a8:96:18:dd:1e:93:08:44:38:2a:b1:
1d:d1:ba:6a:c3:a2:5a:59:ca:37:d1:4e:65:36:d0:0e:d8:41:
01:c5:0c:71:8d:e9:e6:82:11:f4:ed:e9:63:6e:42:2d:60:e4:
71:4d:7e:d2:6a:b7:7b:a8:0c:42:dd:91:2e:84:84:8c:24:b7:
a1:f9:ab:fb:b5:81:21:58:d4:e8:34:bd:bd:62:53:9c:56:9b:
52:39:42:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS2puOo9XIFUn6VHRkgy/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OTVjN2JjN2U1ZmNkNzY5ZWQ2ZTUzMTExZjNjNWU0ODkx
ZjlkYTEwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjhjZTkyZjljM2NmZTA0NDI2M2UwNzc3YzZkMGEzOWM3NTM3OGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn71CZXF/9Q20eaanhQNHrGcVo5U
HnDlZx6k275fvPozYcWGnOoRJQdPEP/WoijWwXSWp7vJhHiSo4/H/DKP/Ny46uWK
KriYSzjJ0Of/oC6cLaDwgF55I5PhRaUJCR7ITUcV/JkOD+9dHhJlKmD1u2wkQj8g
s27trmE7wA5Q+U/iaaAlEO0X7Y7ijDoGcfRGATDa4rO/bG+8bPFK+d1Zo/5tce1j
XeBh/j5tQdgwrxiEcBIwypCbzmTgUypXvnKHTEXM9+BYJAZ0IcEn70DH9kMDXAEd
KPerMnyVjXt+U2WRWCA9VnyCASUdqaBsTuOZFiT1sRGnJ3oFcmP0hKDfzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOaM6S+cPP4EQmPgd3xtCjnHU3jWMB8GA1UdIwQY
MBaAFDWVx7x+X812ntblMRHzxeSJH52hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlpYSHZINWZ6WGFlMXVVeEVmUEY1SWtmbmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8wMWRjM2MtZDkyNi00Y2RmLTk3ODct
YmUwNDRhNGRmM2EwLzEvNW96cEw1dzhfZ1JDWS1CM2ZHMEtPY2RUZU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8wMWRjM2MtZDkyNi00Y2RmLTk3ODctYmUwNDRhNGRmM2Ew
LzEvTlpYSHZINWZ6WGFlMXVVeEVmUEY1SWtmbmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUjUMA0G
CSqGSIb3DQEBCwUAA4IBAQCYKu7EYfpDpZkZLV26bSSgMbVwXyoLbIBFLxEkbZji
cK/K6JEBJQBMnMLOCIClJ3WH6SQYVs6CFdJpTUbtm/gnXG6be/XjsYetj2U5lxqq
o0axas77FDrQnL2JU8Y8F3T5kniGw39roeXIp6K6oC8ZTOY6vwC5hhs4aCCHLhSB
DzpoEk5V1ZzIpK704rge+ob51MzZYq7H45VUsEgm2oRLgQ/pHaGAFDVwqJYY3R6T
CEQ4KrEd0bpqw6JaWco30U5lNtAO2EEBxQxxjenmghH07eljbkItYORxTX7Sard7
qAxC3ZEuhISMJLeh+av7tYEhWNToNL29YlOcVptSOUJU
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:11:14 2024 by rpki-client on console-fra.rpki-client.org