Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/oIbJFriBrSSOjwFS0_6u2lwABX8.roa
File: oIbJFriBrSSOjwFS0_6u2lwABX8.roa (raw, json)
Hash identifier: bUbuszpP1bMwPbXoFiSpz3aQN49Lk7eQ/626J4GbKe8=
Subject key identifier: A0:86:C9:16:B8:81:AD:24:8E:8F:01:52:D3:FE:AE:DA:5C:00:05:7F
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 018CC3B692DE0B9C61D7F7A199C030CBB43C
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/oIbJFriBrSSOjwFS0_6u2lwABX8.roa
Signing time: Mon 01 Jan 2024 06:29:31 +0000
ROA not before: Mon 01 Jan 2024 06:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209968
IP address blocks: 185.23.5.0/24 maxlen: 24
2a09:be44::/30 maxlen: 48
2a09:be41::/32 maxlen: 48
2a12:49c0::/29 maxlen: 48
2a0e:ec00::/30 maxlen: 48
2a09:be42::/31 maxlen: 48
2a0e:ec04::/31 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.mft
rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:92:de:0b:9c:61:d7:f7:a1:99:c0:30:cb:b4:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Jan 1 06:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a086c916b881ad248e8f0152d3feaeda5c00057f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ee:64:43:84:33:0c:1d:f4:d7:98:12:a1:7a:
3d:d2:d9:cd:46:91:7a:97:3e:ae:7e:47:f2:8e:dd:
8c:da:97:a4:e1:81:42:3c:43:e4:c9:c1:ae:c6:3a:
86:a7:53:49:5e:c3:85:d2:85:1e:59:fa:e3:eb:7c:
3d:b4:b4:cd:10:2d:62:21:25:9c:31:dd:0e:3d:01:
7d:61:ca:8a:d7:7f:fb:81:8f:ee:00:17:b1:98:b1:
7e:80:30:0a:21:8b:5e:d8:85:f0:50:09:21:cf:6c:
03:0c:84:a3:b2:51:44:6c:57:f4:a2:09:63:b3:7b:
07:d9:b5:a5:d8:f6:9a:50:eb:79:81:3f:e2:4b:4e:
cb:24:12:dc:9b:d0:ac:ff:50:3b:f1:74:b0:c6:e7:
86:a4:d1:8e:e8:ce:c9:7b:3c:30:fe:ff:88:c4:ad:
b7:54:00:74:2e:85:56:db:f5:5f:8d:3d:25:48:45:
b9:fe:8d:48:82:81:04:7f:4c:24:f4:94:8a:9b:3d:
53:bc:ed:ea:ea:24:03:d9:ec:80:d1:ff:63:08:ff:
5f:66:46:41:ad:74:ba:71:94:88:c4:cd:17:b8:a5:
71:bb:7f:2b:70:25:5d:84:dc:90:13:ac:58:05:5e:
82:42:ba:45:63:c9:6f:0c:33:ef:b3:c0:0e:26:cf:
62:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:86:C9:16:B8:81:AD:24:8E:8F:01:52:D3:FE:AE:DA:5C:00:05:7F
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/oIbJFriBrSSOjwFS0_6u2lwABX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.5.0/24
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:ec00::-2a0e:ec05:ffff:ffff:ffff:ffff:ffff:ffff
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
21:05:80:fc:6c:5a:b7:32:f0:9d:40:3b:fc:2e:10:70:7a:4b:
5e:86:cc:66:6c:9d:c9:80:25:6c:81:fb:63:d9:0c:ed:06:e7:
93:d9:46:63:2a:a7:a1:2c:3d:4f:4c:33:02:9f:27:e4:5e:69:
50:17:41:0e:57:ba:f1:c0:7b:0b:de:84:b3:ef:b4:c0:1e:71:
f2:c3:43:13:c8:d9:86:58:f4:6d:e9:c1:4b:54:92:7c:e8:d1:
4a:3a:95:d2:cc:90:f7:52:71:8c:91:a9:60:50:af:f1:1e:a7:
8c:a9:2d:14:13:74:66:f8:90:d2:2b:87:83:07:f7:49:b6:ef:
52:d6:d8:86:c2:fa:76:85:4a:47:0d:70:0a:61:9c:e2:0e:17:
88:c4:5b:5a:84:47:c9:f2:53:f3:eb:17:1d:cd:fe:cb:78:23:
a6:1c:23:cc:b5:fa:74:af:33:23:44:aa:2e:de:a6:34:d0:65:
7f:04:fa:3f:f0:81:c6:3d:f5:63:a8:f7:5f:66:4d:85:80:98:
80:9f:95:03:bc:4a:e5:59:90:d6:81:61:f3:c4:5c:d0:bf:22:
23:f6:fa:8d:35:b4:2a:36:41:64:e2:54:18:67:f2:a5:2e:85:
99:c7:46:e9:02:c3:05:40:08:11:96:6d:fc:82:5f:9a:fb:6c:
a1:9a:0b:4f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzDtpLeC5xh1/ehmcAwy7Q8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjQwMTAxMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg2YzkxNmI4ODFhZDI0OGU4ZjAxNTJkM2ZlYWVkYTVjMDAwNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2u5kQ4QzDB3015gSoXo90tnNRpF6
lz6ufkfyjt2M2pek4YFCPEPkycGuxjqGp1NJXsOF0oUeWfrj63w9tLTNEC1iISWc
Md0OPQF9YcqK13/7gY/uABexmLF+gDAKIYte2IXwUAkhz2wDDISjslFEbFf0oglj
s3sH2bWl2PaaUOt5gT/iS07LJBLcm9Cs/1A78XSwxueGpNGO6M7Jezww/v+IxK23
VAB0LoVW2/VfjT0lSEW5/o1IgoEEf0wk9JSKmz1TvO3q6iQD2eyA0f9jCP9fZkZB
rXS6cZSIxM0XuKVxu38rcCVdhNyQE6xYBV6CQrpFY8lvDDPvs8AOJs9ipQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFKCGyRa4ga0kjo8BUtP+rtpcAAV/MB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvb0liSkZyaUJyU1NPandGUzBfNnUybHdBQlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQAuRcFMCwE
AgACMCYwDgMFACoJvkEDBQMqCb5AMA0DBAIqDuwDBQEqDuwEAwUDKhJJwDANBgkq
hkiG9w0BAQsFAAOCAQEAIQWA/GxatzLwnUA7/C4QcHpLXobMZmydyYAlbIH7Y9kM
7Qbnk9lGYyqnoSw9T0wzAp8n5F5pUBdBDle68cB7C96Es++0wB5x8sNDE8jZhlj0
benBS1SSfOjRSjqV0syQ91JxjJGpYFCv8R6njKktFBN0ZviQ0iuHgwf3SbbvUtbY
hsL6doVKRw1wCmGc4g4XiMRbWoRHyfJT8+sXHc3+y3gjphwjzLX6dK8zI0SqLt6m
NNBlfwT6P/CBxj31Y6j3X2ZNhYCYgJ+VA7xK5VmQ1oFh88Rc0L8iI/b6jTW0KjZB
ZOJUGGfypS6FmcdG6QLDBUAIEZZt/IJfmvtsoZoLTw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:40:33 2024 by rpki-client on console-ams.rpki-client.org