Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/p5GM8jGbCjAOKFqtbRkpAcg1ECo.roa
File: p5GM8jGbCjAOKFqtbRkpAcg1ECo.roa (raw, json)
Hash identifier: 3cLKrbO3VuEmgCp2doKIJGdC6bx11i4qCHFidpG31/I=
Subject key identifier: A7:91:8C:F2:31:9B:0A:30:0E:28:5A:AD:6D:19:29:01:C8:35:10:2A
Certificate issuer: /CN=c33484590ccff09a3dd5dd8085beedb42fc4ad84
Certificate serial: 018CC49252F80C3E86494489A1F0D851D5CC
Authority key identifier: C3:34:84:59:0C:CF:F0:9A:3D:D5:DD:80:85:BE:ED:B4:2F:C4:AD:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/p5GM8jGbCjAOKFqtbRkpAcg1ECo.roa
Signing time: Mon 01 Jan 2024 10:29:32 +0000
ROA not before: Mon 01 Jan 2024 10:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205645
IP address blocks: 185.210.244.0/22 maxlen: 22
193.30.8.0/22 maxlen: 22
2a0a:3b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 22:03:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:52:f8:0c:3e:86:49:44:89:a1:f0:d8:51:d5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c33484590ccff09a3dd5dd8085beedb42fc4ad84
Validity
Not Before: Jan 1 10:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7918cf2319b0a300e285aad6d192901c835102a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4f:79:cb:2c:83:cf:30:68:fc:f3:bf:2c:7f:
61:af:94:ba:3f:3b:4b:3c:02:09:a6:88:cc:89:33:
db:dc:19:9b:cb:ad:03:c3:2a:dc:30:5f:d5:d0:d8:
5f:dc:20:33:a2:77:db:1a:37:26:2e:c3:2a:f3:8a:
de:a5:12:08:85:c1:42:b4:ca:d6:65:44:69:38:93:
dd:bc:4a:da:b9:a6:e2:02:44:b8:64:1e:22:90:68:
25:c2:2f:35:15:fa:23:c8:3f:e1:fe:04:62:21:c8:
ba:ce:8e:10:6a:c9:05:5c:72:d8:02:f2:dd:d7:a5:
73:16:f4:56:1b:60:b5:a6:6c:fc:3e:60:d8:2a:5b:
15:9e:ce:f3:ec:e2:41:d7:23:c3:a0:d6:05:95:c1:
d9:a1:c1:39:57:75:27:b9:a3:15:18:5e:3a:dd:fd:
47:83:b5:01:ca:1b:c2:33:01:9e:5f:13:7a:f7:08:
fa:f2:d5:0e:a8:4f:5c:67:d1:56:31:18:0f:78:ba:
03:2b:1b:e7:d2:6d:25:05:f7:ae:6e:b2:4c:66:8a:
9b:3d:e4:eb:4a:55:e0:88:a7:5b:e4:57:bb:e1:b6:
cf:cb:d1:c0:6f:42:aa:aa:35:55:31:6e:2f:48:f0:
d2:68:9c:2e:08:c1:8f:7d:74:cd:be:94:6c:03:03:
ab:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:91:8C:F2:31:9B:0A:30:0E:28:5A:AD:6D:19:29:01:C8:35:10:2A
X509v3 Authority Key Identifier:
keyid:C3:34:84:59:0C:CF:F0:9A:3D:D5:DD:80:85:BE:ED:B4:2F:C4:AD:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/p5GM8jGbCjAOKFqtbRkpAcg1ECo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b8a50a-86a0-4bf4-8eff-f647c50c21a5/1/wzSEWQzP8Jo91d2Ahb7ttC_ErYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.244.0/22
193.30.8.0/22
IPv6:
2a0a:3b80::/29
Signature Algorithm: sha256WithRSAEncryption
27:7e:6e:2b:af:a6:a0:0c:9e:a2:b4:0c:72:80:ad:6a:e9:9a:
87:35:f9:29:79:60:45:ab:63:5f:6c:e7:62:08:7b:f5:e4:4f:
24:61:b8:3d:d8:f3:4a:c2:52:c6:3e:7e:5a:86:6f:1e:ff:65:
e1:5b:bd:c3:fe:97:a5:91:56:0d:61:bc:c4:3d:0d:48:ea:a7:
11:1c:91:37:68:75:27:07:85:af:47:9c:8a:a6:65:54:52:55:
7f:e2:4f:73:90:41:8c:48:5d:5e:fe:c2:17:1b:3b:2c:66:03:
ea:8f:f6:4b:4f:22:5a:12:6e:a1:3a:79:e4:45:c4:0e:7c:56:
da:70:4f:9d:1e:35:c1:ae:3c:fe:c7:0c:a3:ed:53:e2:4a:fe:
45:4f:92:86:46:89:2f:7e:5d:f9:f6:d0:bd:ba:d6:cc:2a:5b:
0b:4b:1e:13:f2:2a:a4:dd:22:b3:5f:c0:c2:63:48:09:2f:d6:
c9:0d:81:6b:1b:81:23:22:da:6a:af:1d:f1:9c:21:f0:23:78:
a7:2b:06:15:01:d2:cb:f8:27:ca:74:f6:2f:8b:59:1f:74:55:
f1:bd:8b:74:87:f1:a5:5f:f5:0c:ba:ef:4d:4d:a1:6e:14:0f:
50:fc:0e:57:10:b5:ac:f8:5f:5b:33:68:09:f1:a4:7d:fa:85:
dc:fe:66:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEklL4DD6GSUSJofDYUdXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMzQ4NDU5MGNjZmYwOWEzZGQ1ZGQ4MDg1YmVlZGI0MmZj
NGFkODQwHhcNMjQwMTAxMTAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzkxOGNmMjMxOWIwYTMwMGUyODVhYWQ2ZDE5MjkwMWM4MzUxMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1U95yyyDzzBo/PO/LH9hr5S6PztL
PAIJpojMiTPb3Bmby60DwyrcMF/V0Nhf3CAzonfbGjcmLsMq84repRIIhcFCtMrW
ZURpOJPdvErauabiAkS4ZB4ikGglwi81FfojyD/h/gRiIci6zo4QaskFXHLYAvLd
16VzFvRWG2C1pmz8PmDYKlsVns7z7OJB1yPDoNYFlcHZocE5V3UnuaMVGF463f1H
g7UByhvCMwGeXxN69wj68tUOqE9cZ9FWMRgPeLoDKxvn0m0lBfeubrJMZoqbPeTr
SlXgiKdb5Fe74bbPy9HAb0KqqjVVMW4vSPDSaJwuCMGPfXTNvpRsAwOryQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKeRjPIxmwowDiharW0ZKQHINRAqMB8GA1UdIwQY
MBaAFMM0hFkMz/CaPdXdgIW+7bQvxK2EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3pTRVdRelA4Sm85MWQyQWhiN3R0Q19FcllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iOGE1MGEtODZhMC00YmY0LThlZmYt
ZjY0N2M1MGMyMWE1LzEvcDVHTThqR2JDakFPS0ZxdGJSa3BBY2cxRUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iOGE1MGEtODZhMC00YmY0LThlZmYtZjY0N2M1MGMyMWE1
LzEvd3pTRVdRelA4Sm85MWQyQWhiN3R0Q19FcllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCudL0AwQC
wR4IMA0EAgACMAcDBQMqCjuAMA0GCSqGSIb3DQEBCwUAA4IBAQAnfm4rr6agDJ6i
tAxygK1q6ZqHNfkpeWBFq2NfbOdiCHv15E8kYbg92PNKwlLGPn5ahm8e/2XhW73D
/pelkVYNYbzEPQ1I6qcRHJE3aHUnB4WvR5yKpmVUUlV/4k9zkEGMSF1e/sIXGzss
ZgPqj/ZLTyJaEm6hOnnkRcQOfFbacE+dHjXBrjz+xwyj7VPiSv5FT5KGRokvfl35
9tC9utbMKlsLSx4T8iqk3SKzX8DCY0gJL9bJDYFrG4EjItpqrx3xnCHwI3inKwYV
AdLL+CfKdPYvi1kfdFXxvYt0h/GlX/UMuu9NTaFuFA9Q/A5XELWs+F9bM2gJ8aR9
+oXc/mah
-----END CERTIFICATE-----
Generated at Wed May 29 07:59:09 2024 by rpki-client on console-ams.rpki-client.org