Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/Pk7wbfXp-SfdAf1xH00mTfRkN7k.roa
File: Pk7wbfXp-SfdAf1xH00mTfRkN7k.roa (raw, json)
Hash identifier: OvkL8wy7+0lv3XrBY/BhjFdvdVo6UMqXmZrYyko2mhU=
Subject key identifier: 3E:4E:F0:6D:F5:E9:F9:27:DD:01:FD:71:1F:4D:26:4D:F4:64:37:B9
Certificate issuer: /CN=0cda5c874354d83826e43c2535b76e20d5b61b05
Certificate serial: 018F05F643EB53337C1D90C2721EA15EDE19
Authority key identifier: 0C:DA:5C:87:43:54:D8:38:26:E4:3C:25:35:B7:6E:20:D5:B6:1B:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/Pk7wbfXp-SfdAf1xH00mTfRkN7k.roa
Signing time: Mon 22 Apr 2024 13:19:36 +0000
ROA not before: Mon 22 Apr 2024 13:19:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48434
IP address blocks: 94.232.168.0/21 maxlen: 27
185.37.52.0/22 maxlen: 27
185.78.20.0/22 maxlen: 27
185.232.152.0/22 maxlen: 27
185.232.153.0/24 maxlen: 27
185.232.154.0/23 maxlen: 27
185.232.154.0/24 maxlen: 27
185.232.155.0/24 maxlen: 27
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 16:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:05:f6:43:eb:53:33:7c:1d:90:c2:72:1e:a1:5e:de:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cda5c874354d83826e43c2535b76e20d5b61b05
Validity
Not Before: Apr 22 13:19:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e4ef06df5e9f927dd01fd711f4d264df46437b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c1:7d:79:4e:36:3f:22:5c:bd:23:b9:f8:65:
32:79:78:d5:d0:21:5c:63:81:fb:f3:c8:f8:27:9b:
9e:52:96:96:de:e6:dd:62:47:d0:5d:5b:2f:0c:14:
3e:cf:a4:d3:26:4d:b9:f4:a3:38:65:bc:1a:f9:2c:
e9:48:9a:10:77:fa:0c:1b:82:d9:70:f6:f0:27:77:
b6:02:81:96:06:1e:2f:97:f7:99:b0:b5:0f:a4:e1:
bd:0f:bc:95:98:b0:4c:34:9e:96:92:cc:75:9b:50:
a5:bd:ec:e0:cb:fb:7f:77:d1:b2:75:cd:27:8c:71:
b6:fc:24:ef:23:0c:57:93:a7:66:53:8b:ae:fa:d6:
8d:ce:f8:69:85:3e:1a:6d:4f:11:29:38:00:71:3c:
c0:fa:a3:0d:77:31:93:9e:8f:7d:fe:6e:76:04:cf:
20:ff:e1:5e:7d:50:b6:72:bc:b7:ea:cf:c3:f8:ce:
d6:7f:ff:57:22:25:dc:fa:2c:4b:16:36:95:96:bd:
32:a7:ea:f0:35:fa:dd:1a:0f:0a:4b:a1:56:2e:27:
54:c7:ee:70:76:d8:f4:61:21:0b:f0:e7:6f:ea:b9:
57:7d:52:d3:e0:a1:0f:1a:7d:a2:b7:6e:58:ef:5a:
ee:f5:71:3b:8a:72:1d:09:3d:a3:ec:79:f4:31:cf:
45:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:4E:F0:6D:F5:E9:F9:27:DD:01:FD:71:1F:4D:26:4D:F4:64:37:B9
X509v3 Authority Key Identifier:
keyid:0C:DA:5C:87:43:54:D8:38:26:E4:3C:25:35:B7:6E:20:D5:B6:1B:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNpch0NU2Dgm5DwlNbduINW2GwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/Pk7wbfXp-SfdAf1xH00mTfRkN7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/92332f-03e0-4116-b6f3-c82f424b6d0d/1/DNpch0NU2Dgm5DwlNbduINW2GwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.232.168.0/21
185.37.52.0/22
185.78.20.0/22
185.232.152.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:b8:e3:e4:0d:f5:08:3b:c6:b1:0c:b1:91:d9:b4:ee:8a:48:
7f:70:34:60:82:d5:f1:b7:2e:05:09:6a:85:89:71:66:bc:07:
db:06:40:fd:fb:54:fb:34:8c:5d:a2:3e:db:58:e5:55:d2:1c:
c0:72:1b:47:f3:93:0d:79:d5:3c:ef:22:c8:c2:ad:91:55:01:
8e:3c:3f:22:08:6c:69:8b:51:36:c5:b3:b3:bb:f7:33:de:9d:
94:46:fc:cf:a8:d5:1c:37:0d:e2:cb:17:45:79:1a:96:03:78:
0b:08:82:b2:04:25:4d:2d:49:22:08:7b:08:40:59:a1:45:0f:
8c:82:94:56:6c:f8:c7:82:7f:6d:1b:91:03:d6:ea:6d:40:e0:
0a:3c:2d:ea:b0:d8:eb:db:89:4e:f8:e0:95:10:a6:56:32:3d:
68:39:92:11:4e:82:57:57:e9:43:e7:a4:33:52:5a:fc:49:5b:
03:88:41:ff:43:d7:e2:8b:3a:ed:81:61:90:91:3c:16:ba:f9:
53:b8:ed:93:04:ad:84:7c:cc:99:da:3f:b8:9f:ee:ce:40:71:
40:20:32:fc:9e:c4:c0:4f:64:0c:1b:4c:8e:85:9c:44:23:f5:
5f:e6:b9:aa:ae:19:14:11:2e:1f:94:a8:83:73:92:e2:17:74:
aa:f0:53:62
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8F9kPrUzN8HZDCch6hXt4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZGE1Yzg3NDM1NGQ4MzgyNmU0M2MyNTM1Yjc2ZTIwZDVi
NjFiMDUwHhcNMjQwNDIyMTMxOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTRlZjA2ZGY1ZTlmOTI3ZGQwMWZkNzExZjRkMjY0ZGY0NjQzN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsF9eU42PyJcvSO5+GUyeXjV0CFc
Y4H788j4J5ueUpaW3ubdYkfQXVsvDBQ+z6TTJk259KM4Zbwa+SzpSJoQd/oMG4LZ
cPbwJ3e2AoGWBh4vl/eZsLUPpOG9D7yVmLBMNJ6Wksx1m1Clvezgy/t/d9Gydc0n
jHG2/CTvIwxXk6dmU4uu+taNzvhphT4abU8RKTgAcTzA+qMNdzGTno99/m52BM8g
/+FefVC2cry36s/D+M7Wf/9XIiXc+ixLFjaVlr0yp+rwNfrdGg8KS6FWLidUx+5w
dtj0YSEL8Odv6rlXfVLT4KEPGn2it25Y71ru9XE7inIdCT2j7Hn0Mc9F7QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD5O8G316fkn3QH9cR9NJk30ZDe5MB8GA1UdIwQY
MBaAFAzaXIdDVNg4JuQ8JTW3biDVthsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5wY2gwTlUyRGdtNUR3bE5iZHVJTlcyR3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi85MjMzMmYtMDNlMC00MTE2LWI2ZjMt
YzgyZjQyNGI2ZDBkLzEvUGs3d2JmWHAtU2ZkQWYxeEgwMG1UZlJrTjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi85MjMzMmYtMDNlMC00MTE2LWI2ZjMtYzgyZjQyNGI2ZDBk
LzEvRE5wY2gwTlUyRGdtNUR3bE5iZHVJTlcyR3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDXuioAwQC
uSU0AwQCuU4UAwQCueiYMA0GCSqGSIb3DQEBCwUAA4IBAQCmuOPkDfUIO8axDLGR
2bTuikh/cDRggtXxty4FCWqFiXFmvAfbBkD9+1T7NIxdoj7bWOVV0hzAchtH85MN
edU87yLIwq2RVQGOPD8iCGxpi1E2xbOzu/cz3p2URvzPqNUcNw3iyxdFeRqWA3gL
CIKyBCVNLUkiCHsIQFmhRQ+MgpRWbPjHgn9tG5ED1uptQOAKPC3qsNjr24lO+OCV
EKZWMj1oOZIRToJXV+lD56QzUlr8SVsDiEH/Q9fiizrtgWGQkTwWuvlTuO2TBK2E
fMyZ2j+4n+7OQHFAIDL8nsTAT2QMG0yOhZxEI/Vf5rmqrhkUES4flKiDc5LiF3Sq
8FNi
-----END CERTIFICATE-----
Generated at Sat Jun 29 00:57:47 2024 by rpki-client on console-ams.rpki-client.org