Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/k0wnme1XgR52Xps-D65viQkFwLs.roa
File: k0wnme1XgR52Xps-D65viQkFwLs.roa (raw, json)
Hash identifier: b9NjRu+j1K7IWksDOPF6GLzOMkkmsO6WTTxT9raxWlw=
Subject key identifier: 93:4C:27:99:ED:57:81:1E:76:5E:9B:3E:0F:AE:6F:89:09:05:C0:BB
Certificate issuer: /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Certificate serial: 018FBF5D22017EC139AC42C3E11C0C5DBA9C
Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/k0wnme1XgR52Xps-D65viQkFwLs.roa
Signing time: Tue 28 May 2024 13:21:42 +0000
ROA not before: Tue 28 May 2024 13:21:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32787
IP address blocks: 185.69.116.0/24 maxlen: 24
185.69.118.0/24 maxlen: 24
194.35.1.0/24 maxlen: 24
194.35.5.0/24 maxlen: 24
194.35.8.0/24 maxlen: 24
194.35.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:5d:22:01:7e:c1:39:ac:42:c3:e1:1c:0c:5d:ba:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Validity
Not Before: May 28 13:21:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=934c2799ed57811e765e9b3e0fae6f890905c0bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d5:51:26:ae:a9:de:ee:3d:dc:24:03:7e:06:
5b:c1:7d:26:9c:b2:84:b8:ab:c6:a2:5b:c4:72:24:
02:da:55:9a:42:04:9a:a5:81:b8:64:48:d9:2a:e5:
ae:ba:11:fe:64:0c:8f:d7:44:d8:95:1f:6c:06:76:
1f:4c:48:62:98:07:05:35:9d:01:1a:f8:c0:e4:f3:
62:a9:7c:b4:21:15:23:3d:48:ad:dd:87:e4:b2:4c:
00:e8:7d:ad:75:68:ae:fb:0f:13:a7:76:75:b6:67:
d0:3f:3c:e4:78:cd:c0:c0:9b:f2:a2:b9:97:e2:6e:
f5:f4:3c:c1:74:fb:3a:d5:57:62:93:5d:d5:f4:e6:
92:8b:7d:85:56:8b:0c:b5:33:15:56:e1:cc:ba:2e:
04:d3:a9:50:12:55:27:1f:fd:01:17:be:16:f8:81:
ac:9c:d4:23:3c:aa:44:61:e6:14:73:5c:d7:75:2c:
40:59:02:5e:88:f4:0c:d3:89:64:77:87:06:01:eb:
89:18:ab:20:67:bf:5f:b6:db:ea:70:4f:af:09:e3:
1a:9a:7d:c7:30:14:a4:f3:be:cd:01:8c:27:ec:51:
b9:ab:82:fb:9d:ca:7d:ef:80:3c:96:01:ee:ef:7b:
76:c4:1f:f2:c4:e4:b3:41:cd:52:dd:54:90:c4:b4:
c6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4C:27:99:ED:57:81:1E:76:5E:9B:3E:0F:AE:6F:89:09:05:C0:BB
X509v3 Authority Key Identifier:
keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/k0wnme1XgR52Xps-D65viQkFwLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.116.0/24
185.69.118.0/24
194.35.1.0/24
194.35.5.0/24
194.35.8.0/23
Signature Algorithm: sha256WithRSAEncryption
18:17:08:a5:f3:67:87:00:85:d2:0a:47:8a:db:3c:3d:0c:b3:
0f:97:4d:a1:85:38:dc:0c:c0:bc:4a:dc:63:98:17:8d:75:97:
3c:91:e3:ec:cc:31:bb:8d:12:ae:9c:03:97:af:c1:f6:ba:b6:
a5:6f:8f:53:ef:0a:e8:3a:9f:d4:2d:48:dc:4b:72:29:5b:eb:
80:8e:c2:f0:b6:82:d7:c4:c5:95:d5:50:57:be:7f:4d:73:4e:
e5:06:31:de:5e:a7:95:7d:68:ea:b5:6d:17:b5:81:d9:8e:78:
ed:6b:ed:f2:04:2c:1c:c2:04:78:27:26:f4:8a:0f:92:26:13:
d6:e1:fa:38:46:29:1a:e3:14:4c:07:b0:66:29:23:09:e8:23:
9e:df:22:c4:e9:5b:bf:8d:77:11:c7:90:9d:f4:7f:b0:d0:2b:
3e:66:fa:14:e4:c1:bf:10:7d:30:7d:a2:d9:74:3d:9f:f1:b6:
f8:b8:2e:0c:b7:0a:6e:3a:a9:3e:a7:77:2a:ce:45:48:09:4a:
3e:58:41:34:a9:f4:d5:8f:dd:97:ba:a2:27:ba:34:61:84:7e:
42:9f:ed:b4:49:cc:1a:6b:96:51:bf:35:b0:18:7b:ae:06:e0:
0e:97:cf:13:a6:6d:47:a7:65:48:fb:aa:62:9b:fd:4b:3f:21:
b3:e7:1b:44
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+/XSIBfsE5rELD4RwMXbqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5
NWIyNjgwHhcNMjQwNTI4MTMyMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRjMjc5OWVkNTc4MTFlNzY1ZTliM2UwZmFlNmY4OTA5MDVjMGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNVRJq6p3u493CQDfgZbwX0mnLKE
uKvGolvEciQC2lWaQgSapYG4ZEjZKuWuuhH+ZAyP10TYlR9sBnYfTEhimAcFNZ0B
GvjA5PNiqXy0IRUjPUit3YfkskwA6H2tdWiu+w8Tp3Z1tmfQPzzkeM3AwJvyormX
4m719DzBdPs61Vdik13V9OaSi32FVosMtTMVVuHMui4E06lQElUnH/0BF74W+IGs
nNQjPKpEYeYUc1zXdSxAWQJeiPQM04lkd4cGAeuJGKsgZ79fttvqcE+vCeMamn3H
MBSk877NAYwn7FG5q4L7ncp974A8lgHu73t2xB/yxOSzQc1S3VSQxLTG5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJNMJ5ntV4Eedl6bPg+ub4kJBcC7MB8GA1UdIwQY
MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt
YmNjZDMyYWY5N2ZlLzEvazB3bm1lMVhnUjUyWHBzLUQ2NXZpUWtGd0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl
LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUV0AwQA
uUV2AwQAwiMBAwQAwiMFAwQBwiMIMA0GCSqGSIb3DQEBCwUAA4IBAQAYFwil82eH
AIXSCkeK2zw9DLMPl02hhTjcDMC8StxjmBeNdZc8kePszDG7jRKunAOXr8H2ural
b49T7wroOp/ULUjcS3IpW+uAjsLwtoLXxMWV1VBXvn9Nc07lBjHeXqeVfWjqtW0X
tYHZjnjta+3yBCwcwgR4Jyb0ig+SJhPW4fo4Rika4xRMB7BmKSMJ6COe3yLE6Vu/
jXcRx5Cd9H+w0Cs+ZvoU5MG/EH0wfaLZdD2f8bb4uC4MtwpuOqk+p3cqzkVICUo+
WEE0qfTVj92XuqInujRhhH5Cn+20Scwaa5ZRvzWwGHuuBuAOl88Tpm1Hp2VI+6pi
m/1LPyGz5xtE
-----END CERTIFICATE-----
Generated at Mon Jul 1 15:52:51 2024 by rpki-client on console-fra.rpki-client.org