Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/aipU2aJ-xErpDq0--OX7mht5tZk.roa
File: aipU2aJ-xErpDq0--OX7mht5tZk.roa (raw, json)
Hash identifier: XqrzIdU8jVd8ANK0ADQq8NxaDFRU8Niz9TkzQxoNsAk=
Subject key identifier: 6A:2A:54:D9:A2:7E:C4:4A:E9:0E:AD:3E:F8:E5:FB:9A:1B:79:B5:99
Certificate issuer: /CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Certificate serial: 018CC5009E4051549DC129030923E00795F1
Authority key identifier: DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/aipU2aJ-xErpDq0--OX7mht5tZk.roa
Signing time: Mon 01 Jan 2024 12:30:01 +0000
ROA not before: Mon 01 Jan 2024 12:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51074
IP address blocks: 185.115.148.0/22 maxlen: 24
37.130.204.0/23 maxlen: 23
37.130.200.0/21 maxlen: 24
37.130.202.0/23 maxlen: 23
178.252.128.0/18 maxlen: 24
5.221.0.0/16 maxlen: 16
178.252.178.0/24 maxlen: 24
178.252.179.0/24 maxlen: 24
31.184.128.0/18 maxlen: 24
2a02:2b58::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 06:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:9e:40:51:54:9d:c1:29:03:09:23:e0:07:95:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafb645f134f4fdada45e70bcfcd93b897dbd725
Validity
Not Before: Jan 1 12:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a2a54d9a27ec44ae90ead3ef8e5fb9a1b79b599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3b:1d:b2:a0:73:98:d2:e8:3a:0f:9f:d7:88:
bf:76:a4:c5:ac:1e:3b:fa:27:a7:8c:d8:9b:71:53:
cc:f8:d5:74:18:0e:59:54:7f:01:20:60:74:48:10:
c6:2c:b2:ed:b8:65:e7:69:82:de:25:ca:c3:16:6b:
3e:97:f3:17:90:4a:6d:30:5a:2c:56:4c:21:a3:fe:
1f:0f:20:61:74:8d:e6:2a:6e:34:54:69:c0:0f:8f:
15:0b:14:bb:7f:ea:da:56:b0:d2:bc:10:32:04:a6:
75:1a:53:45:b2:2b:dc:12:ef:42:a7:39:fa:70:ba:
87:f9:74:9c:de:72:09:72:95:3a:ee:b6:d6:7c:f6:
7b:00:5b:0f:8f:9a:40:e3:83:a0:73:ab:81:f4:bb:
79:da:60:a2:50:74:b2:ce:45:6d:02:77:f9:d0:e0:
db:4c:3f:29:54:45:3f:c6:2f:d5:53:e0:23:0c:d2:
c5:6f:b6:a4:92:1f:b1:20:65:17:0c:fa:b4:bd:41:
60:a0:74:9d:dc:24:ca:bb:6f:1b:0a:85:61:8a:0e:
43:94:3e:23:f5:4b:be:cc:e7:2d:6e:de:5e:ae:90:
27:c7:a8:66:07:cd:35:33:e6:92:86:38:b8:2d:30:
dc:91:fe:8e:36:91:5b:50:5f:af:17:2d:b9:38:52:
10:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:2A:54:D9:A2:7E:C4:4A:E9:0E:AD:3E:F8:E5:FB:9A:1B:79:B5:99
X509v3 Authority Key Identifier:
keyid:DA:FB:64:5F:13:4F:4F:DA:DA:45:E7:0B:CF:CD:93:B8:97:DB:D7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vtkXxNPT9raRecLz82TuJfb1yU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/aipU2aJ-xErpDq0--OX7mht5tZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/7a48f5-bd24-4dc4-8cca-6ba0a0ce01ed/1/2vtkXxNPT9raRecLz82TuJfb1yU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.221.0.0/16
31.184.128.0/18
37.130.200.0/21
178.252.128.0/18
185.115.148.0/22
IPv6:
2a02:2b58::/29
Signature Algorithm: sha256WithRSAEncryption
3d:ad:1b:21:09:1c:d1:c2:40:93:c2:e6:e6:be:36:d8:d5:47:
be:59:b2:4c:65:47:ad:55:33:fc:59:29:fc:dc:3f:84:77:5c:
43:a4:12:9c:5b:e7:4d:5a:5d:4c:ac:96:c2:d3:ba:85:79:26:
1a:84:71:36:d0:ad:f6:86:a2:c1:6e:14:80:52:55:31:d6:3b:
c9:ba:7c:55:64:0b:e0:6b:c8:d8:11:b0:3d:c7:ae:b4:a1:3d:
53:11:98:1c:37:75:e0:e6:00:a4:16:44:41:dd:44:24:8e:c4:
10:96:57:dd:fb:8d:f6:b3:00:54:10:87:b8:f8:e2:7a:70:a4:
5e:b3:8f:1c:05:23:7d:ee:f1:5c:43:92:87:ce:55:73:86:2b:
e1:12:8c:de:4e:4f:c0:18:f1:90:00:70:a7:ae:ef:79:73:60:
40:2c:6f:7f:38:36:8c:a8:4e:64:d7:07:e3:fb:5c:cd:70:39:
c8:d2:53:e3:f8:39:d9:84:37:88:bd:fb:0a:f1:1c:39:c2:7d:
a3:83:73:1c:54:57:9b:5f:bc:fc:68:38:be:da:aa:40:a3:be:
34:48:6c:d5:28:b8:1a:25:d0:74:7f:ef:a9:1b:f8:ff:f5:7c:
25:94:4c:65:aa:43:e6:18:20:c4:e2:87:f2:7a:e4:c0:36:33:
b5:84:06:a5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzFAJ5AUVSdwSkDCSPgB5XxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmI2NDVmMTM0ZjRmZGFkYTQ1ZTcwYmNmY2Q5M2I4OTdk
YmQ3MjUwHhcNMjQwMTAxMTIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTJhNTRkOWEyN2VjNDRhZTkwZWFkM2VmOGU1ZmI5YTFiNzliNTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjsdsqBzmNLoOg+f14i/dqTFrB47
+ienjNibcVPM+NV0GA5ZVH8BIGB0SBDGLLLtuGXnaYLeJcrDFms+l/MXkEptMFos
Vkwho/4fDyBhdI3mKm40VGnAD48VCxS7f+raVrDSvBAyBKZ1GlNFsivcEu9Cpzn6
cLqH+XSc3nIJcpU67rbWfPZ7AFsPj5pA44Ogc6uB9Lt52mCiUHSyzkVtAnf50ODb
TD8pVEU/xi/VU+AjDNLFb7akkh+xIGUXDPq0vUFgoHSd3CTKu28bCoVhig5DlD4j
9Uu+zOctbt5erpAnx6hmB801M+aShji4LTDckf6ONpFbUF+vFy25OFIQVQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGoqVNmifsRK6Q6tPvjl+5obebWZMB8GA1UdIwQY
MBaAFNr7ZF8TT0/a2kXnC8/Nk7iX29clMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2Et
NmJhMGEwY2UwMWVkLzEvYWlwVTJhSi14RXJwRHEwLS1PWDdtaHQ1dFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi83YTQ4ZjUtYmQyNC00ZGM0LThjY2EtNmJhMGEwY2UwMWVk
LzEvMnZ0a1h4TlBUOXJhUmVjTHo4MlR1SmZiMXlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMABd0DBAYf
uIADBAMlgsgDBAay/IADBAK5c5QwDQQCAAIwBwMFAyoCK1gwDQYJKoZIhvcNAQEL
BQADggEBAD2tGyEJHNHCQJPC5ua+NtjVR75ZskxlR61VM/xZKfzcP4R3XEOkEpxb
501aXUyslsLTuoV5JhqEcTbQrfaGosFuFIBSVTHWO8m6fFVkC+BryNgRsD3HrrSh
PVMRmBw3deDmAKQWREHdRCSOxBCWV937jfazAFQQh7j44npwpF6zjxwFI33u8VxD
kofOVXOGK+ESjN5OT8AY8ZAAcKeu73lzYEAsb384NoyoTmTXB+P7XM1wOcjSU+P4
OdmEN4i9+wrxHDnCfaODcxxUV5tfvPxoOL7aqkCjvjRIbNUouBol0HR/76kb+P/1
fCWUTGWqQ+YYIMTih/J65MA2M7WEBqU=
-----END CERTIFICATE-----
Generated at Wed May 22 12:58:31 2024 by rpki-client on console-fra.rpki-client.org