Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/evUofG1C5y0NlWVuq71v0dZUw_A.roa
File: evUofG1C5y0NlWVuq71v0dZUw_A.roa (raw, json)
Hash identifier: Mo7gFRJMzol0oyBUTjNTslmDK6QACTn/LsnG4Q+xQI0=
Subject key identifier: 7A:F5:28:7C:6D:42:E7:2D:0D:95:65:6E:AB:BD:6F:D1:D6:54:C3:F0
Certificate issuer: /CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Certificate serial: 018CCA9957F01014D387CB22A61C00783484
Authority key identifier: 96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/evUofG1C5y0NlWVuq71v0dZUw_A.roa
Signing time: Tue 02 Jan 2024 14:34:56 +0000
ROA not before: Tue 02 Jan 2024 14:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55002
IP address blocks: 87.239.122.0/24 maxlen: 24
87.239.123.0/24 maxlen: 24
87.239.124.0/24 maxlen: 24
87.239.121.0/24 maxlen: 24
87.239.125.0/24 maxlen: 24
87.239.126.0/24 maxlen: 24
87.239.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/lpztpb83kB_p5E9ztb-CtoezRXI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/lpztpb83kB_p5E9ztb-CtoezRXI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:57:f0:10:14:d3:87:cb:22:a6:1c:00:78:34:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Validity
Not Before: Jan 2 14:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7af5287c6d42e72d0d95656eabbd6fd1d654c3f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9a:a1:30:b4:6e:bc:ad:30:d0:61:6b:96:59:
62:ca:92:97:6e:b2:55:54:99:24:61:4a:d9:a4:44:
1b:6f:82:cb:c8:98:1c:e0:7b:2a:1f:b5:e9:7d:ba:
45:a3:c9:d9:94:5f:12:18:91:35:aa:31:61:ba:73:
56:3b:a6:92:32:53:53:27:b1:3f:72:7f:29:e1:9d:
43:80:97:b7:fb:7c:93:ef:61:33:38:8e:21:49:a0:
e7:a3:be:27:90:d5:c6:a1:04:f9:6f:11:b3:2b:31:
43:16:c0:fd:f4:ac:9a:2c:81:77:ec:0d:03:a9:5a:
b0:12:55:73:0a:9d:7a:01:50:4f:d3:3e:4c:d4:de:
06:69:92:a9:3d:3f:be:c0:be:4b:f6:84:f7:12:87:
36:cd:45:3d:24:62:7a:e9:ae:dd:69:a1:78:46:42:
d3:f9:f5:31:d2:97:2b:09:99:d4:35:26:a7:cf:03:
61:41:cc:7d:1a:49:28:53:2e:4b:bb:19:87:dd:76:
3a:26:ba:14:b3:ae:bd:21:ae:96:69:e8:0e:48:98:
0d:99:7e:11:fa:3c:6e:7a:43:1c:5b:c4:9d:43:02:
ad:3c:96:52:0f:8c:65:09:1d:f3:97:bd:a4:a0:7e:
d2:13:6e:92:8a:e2:36:5a:e3:ca:7e:3e:e9:0b:9c:
e5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F5:28:7C:6D:42:E7:2D:0D:95:65:6E:AB:BD:6F:D1:D6:54:C3:F0
X509v3 Authority Key Identifier:
keyid:96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/evUofG1C5y0NlWVuq71v0dZUw_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/lpztpb83kB_p5E9ztb-CtoezRXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.121.0-87.239.127.255
Signature Algorithm: sha256WithRSAEncryption
5b:d3:40:97:81:dd:d3:f9:d3:22:c9:87:7d:0d:5d:a4:ad:8e:
4b:d8:5e:1a:89:50:83:02:95:91:0b:db:74:51:3d:e0:05:cc:
7f:7e:ae:32:81:b8:20:5e:a8:d5:e0:87:ec:95:f7:f0:69:ee:
1e:88:bf:76:f7:c0:3b:13:90:fd:8f:3b:9c:7b:2d:ae:30:ea:
db:b8:db:91:0a:27:55:a8:15:3f:fe:57:ed:f9:cb:ad:08:51:
86:1d:40:0d:cf:d1:24:88:82:fd:6e:e7:6f:76:ff:81:3a:fd:
83:37:d0:ae:fc:b0:90:1e:b0:8c:b5:f9:00:47:2a:4d:33:13:
82:53:6a:a4:2a:3c:ae:95:bd:5f:1f:dd:5e:cc:88:b8:80:96:
df:04:60:d2:c5:95:16:b1:bf:21:95:30:83:65:50:c6:e7:ac:
ac:42:0c:8c:ed:ab:c8:e4:d3:0c:29:5a:58:b9:48:aa:a6:52:
83:dc:2d:58:f7:9f:74:f1:c8:f8:4b:a2:1c:f2:d4:05:83:db:
07:3f:d1:5e:72:da:1d:dc:d0:09:3a:61:91:c7:7b:32:2c:bb:
1e:ef:e0:eb:5c:3f:ea:87:56:62:49:83:3c:32:99:ee:14:6b:
96:53:1e:03:89:7f:b1:5e:37:d4:1e:92:a0:c9:b9:ef:41:c8:
4f:8c:47:7c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKmVfwEBTTh8siphwAeDSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWNlZGE1YmYzNzkwMWZlOWU0NGY3M2I1YmY4MmI2ODdi
MzQ1NzIwHhcNMjQwMTAyMTQzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWY1Mjg3YzZkNDJlNzJkMGQ5NTY1NmVhYmJkNmZkMWQ2NTRjM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJqhMLRuvK0w0GFrllliypKXbrJV
VJkkYUrZpEQbb4LLyJgc4HsqH7XpfbpFo8nZlF8SGJE1qjFhunNWO6aSMlNTJ7E/
cn8p4Z1DgJe3+3yT72EzOI4hSaDno74nkNXGoQT5bxGzKzFDFsD99KyaLIF37A0D
qVqwElVzCp16AVBP0z5M1N4GaZKpPT++wL5L9oT3Eoc2zUU9JGJ66a7daaF4RkLT
+fUx0pcrCZnUNSanzwNhQcx9GkkoUy5LuxmH3XY6JroUs669Ia6WaegOSJgNmX4R
+jxuekMcW8SdQwKtPJZSD4xlCR3zl72koH7SE26SiuI2WuPKfj7pC5zl8QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHr1KHxtQuctDZVlbqu9b9HWVMPwMB8GA1UdIwQY
MBaAFJac7aW/N5Af6eRPc7W/graHs0VyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQt
MjFmYzlhZmM4YWMxLzEvZXZVb2ZHMUM1eTBObFdWdXE3MXYwZFpVd19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQtMjFmYzlhZmM4YWMx
LzEvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABX73kD
BAdX7wAwDQYJKoZIhvcNAQELBQADggEBAFvTQJeB3dP50yLJh30NXaStjkvYXhqJ
UIMClZEL23RRPeAFzH9+rjKBuCBeqNXgh+yV9/Bp7h6Iv3b3wDsTkP2PO5x7La4w
6tu425EKJ1WoFT/+V+35y60IUYYdQA3P0SSIgv1u5292/4E6/YM30K78sJAesIy1
+QBHKk0zE4JTaqQqPK6VvV8f3V7MiLiAlt8EYNLFlRaxvyGVMINlUMbnrKxCDIzt
q8jk0wwpWli5SKqmUoPcLVj3n3TxyPhLohzy1AWD2wc/0V5y2h3c0Ak6YZHHezIs
ux7v4OtcP+qHVmJJgzwyme4Ua5ZTHgOJf7FeN9QekqDJue9ByE+MR3w=
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:21:03 2024 by rpki-client on console-ams.rpki-client.org