Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/094c50-2c86-4a55-8eb0-1cf722517baf/1/S6Ps6oKHKyyIijvjPBlAFRDKPWM.roa
File: S6Ps6oKHKyyIijvjPBlAFRDKPWM.roa (raw, json)
Hash identifier: /u/F92zZCcyLdQKUJlLtFyDsDUV0o84iIfWhX/xbwPQ=
Subject key identifier: 4B:A3:EC:EA:82:87:2B:2C:88:8A:3B:E3:3C:19:40:15:10:CA:3D:63
Certificate issuer: /CN=5bf7d0e47122aefefb62cea21674a81025559b1a
Certificate serial: 018D3A89CBAF6AA91FB076FA88460FB1D728
Authority key identifier: 5B:F7:D0:E4:71:22:AE:FE:FB:62:CE:A2:16:74:A8:10:25:55:9B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_fQ5HEirv77Ys6iFnSoECVVmxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/094c50-2c86-4a55-8eb0-1cf722517baf/1/S6Ps6oKHKyyIijvjPBlAFRDKPWM.roa
Signing time: Wed 24 Jan 2024 08:15:25 +0000
ROA not before: Wed 24 Jan 2024 08:15:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49223
IP address blocks: 185.86.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/094c50-2c86-4a55-8eb0-1cf722517baf/1/W_fQ5HEirv77Ys6iFnSoECVVmxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/094c50-2c86-4a55-8eb0-1cf722517baf/1/W_fQ5HEirv77Ys6iFnSoECVVmxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/W_fQ5HEirv77Ys6iFnSoECVVmxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3a:89:cb:af:6a:a9:1f:b0:76:fa:88:46:0f:b1:d7:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf7d0e47122aefefb62cea21674a81025559b1a
Validity
Not Before: Jan 24 08:15:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ba3ecea82872b2c888a3be33c19401510ca3d63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ec:ce:63:bc:38:b5:fd:6c:dd:3e:fc:1e:34:
42:78:dd:ae:d9:ac:d3:02:34:e2:43:b3:f1:ba:18:
74:89:73:38:be:1f:b0:6f:5e:34:25:5e:c2:d5:ec:
2d:2b:d5:fc:56:37:22:a7:23:7a:66:88:9b:31:a0:
b4:b7:69:9e:d5:39:9d:8a:56:50:b1:8c:c7:43:40:
11:b1:a7:b1:e9:cd:5b:1f:ff:de:17:a0:f2:74:eb:
3c:2e:b5:96:8c:c9:e3:d1:c6:d0:42:42:c2:46:2c:
c7:62:3b:0f:a3:33:1c:95:e9:7f:24:de:bc:a6:f5:
b0:7d:57:5a:c7:ad:51:3f:2c:bb:09:b2:6f:14:74:
ee:59:93:fe:7f:45:50:be:b1:8f:f1:ea:f2:a4:ac:
e5:03:b0:d1:88:e9:59:41:01:c9:ba:ac:55:5f:22:
05:59:ac:95:85:3f:e0:78:44:e5:8e:c0:4d:6c:b1:
5e:a6:42:d2:fb:84:78:d9:5a:10:df:8c:f7:ac:c0:
04:81:6e:e7:78:f2:94:f6:93:4f:aa:52:90:c7:d0:
f7:5d:18:cf:ed:3e:ee:fa:3e:16:1b:13:6f:89:ce:
06:43:4f:b7:1d:ac:58:1f:b0:0b:32:c6:71:e3:54:
66:29:47:38:46:e5:51:6f:e1:f7:08:e6:51:aa:81:
63:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A3:EC:EA:82:87:2B:2C:88:8A:3B:E3:3C:19:40:15:10:CA:3D:63
X509v3 Authority Key Identifier:
keyid:5B:F7:D0:E4:71:22:AE:FE:FB:62:CE:A2:16:74:A8:10:25:55:9B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_fQ5HEirv77Ys6iFnSoECVVmxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/094c50-2c86-4a55-8eb0-1cf722517baf/1/S6Ps6oKHKyyIijvjPBlAFRDKPWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/094c50-2c86-4a55-8eb0-1cf722517baf/1/W_fQ5HEirv77Ys6iFnSoECVVmxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.0.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:ff:c1:c2:ae:0d:a5:45:e3:c1:3a:17:1c:89:a4:ec:2e:15:
37:cc:6b:6c:7b:d3:22:9c:df:2f:75:01:b3:24:8f:d1:33:ba:
76:49:b3:b2:bc:dc:1b:9d:f9:e9:25:7a:28:64:d8:17:d9:5a:
72:62:27:0e:f1:f9:c9:a5:04:0b:a1:87:21:48:6c:70:f9:dc:
70:9a:32:79:08:8e:46:96:bb:90:de:c9:2a:41:0a:f7:3f:c7:
34:4b:29:fc:31:21:e1:82:11:7c:e9:c7:b7:97:81:3e:48:27:
a2:db:9c:39:6a:02:a8:ee:4a:d6:92:99:96:c3:b6:fb:b5:fd:
29:6a:76:35:f4:d6:80:6f:a6:20:0b:62:f0:9f:53:bb:00:71:
c8:b6:19:db:ab:80:2f:4d:40:49:d1:5f:66:ba:aa:15:60:31:
34:13:f8:2f:f0:41:03:5c:34:fb:28:27:22:8c:20:8f:a4:db:
4a:0a:2f:7c:1a:26:32:0a:b3:3f:a0:bd:c6:b2:96:e0:fe:a2:
40:df:d8:0d:7c:4f:b6:66:be:05:74:f7:8c:34:5d:3b:22:bf:
32:18:2e:7e:60:0f:38:c8:47:e3:bd:5b:20:a8:c8:1e:70:b6:
ff:4e:d7:50:17:d9:81:cd:01:d9:55:75:eb:f7:24:28:2c:e0:
12:c7:32:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY06icuvaqkfsHb6iEYPsdcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjdkMGU0NzEyMmFlZmVmYjYyY2VhMjE2NzRhODEwMjU1
NTliMWEwHhcNMjQwMTI0MDgxNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmEzZWNlYTgyODcyYjJjODg4YTNiZTMzYzE5NDAxNTEwY2EzZDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlezOY7w4tf1s3T78HjRCeN2u2azT
AjTiQ7Pxuhh0iXM4vh+wb140JV7C1ewtK9X8VjcipyN6ZoibMaC0t2me1TmdilZQ
sYzHQ0ARsaex6c1bH//eF6DydOs8LrWWjMnj0cbQQkLCRizHYjsPozMclel/JN68
pvWwfVdax61RPyy7CbJvFHTuWZP+f0VQvrGP8erypKzlA7DRiOlZQQHJuqxVXyIF
WayVhT/geETljsBNbLFepkLS+4R42VoQ34z3rMAEgW7nePKU9pNPqlKQx9D3XRjP
7T7u+j4WGxNvic4GQ0+3HaxYH7ALMsZx41RmKUc4RuVRb+H3COZRqoFjPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuj7OqChyssiIo74zwZQBUQyj1jMB8GA1UdIwQY
MBaAFFv30ORxIq7++2LOohZ0qBAlVZsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19mUTVIRWlydjc3WXM2aUZuU29FQ1ZWbXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wOTRjNTAtMmM4Ni00YTU1LThlYjAt
MWNmNzIyNTE3YmFmLzEvUzZQczZvS0hLeXlJaWp2alBCbEFGUkRLUFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wOTRjNTAtMmM4Ni00YTU1LThlYjAtMWNmNzIyNTE3YmFm
LzEvV19mUTVIRWlydjc3WXM2aUZuU29FQ1ZWbXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVYAMA0G
CSqGSIb3DQEBCwUAA4IBAQC0/8HCrg2lRePBOhcciaTsLhU3zGtse9MinN8vdQGz
JI/RM7p2SbOyvNwbnfnpJXooZNgX2VpyYicO8fnJpQQLoYchSGxw+dxwmjJ5CI5G
lruQ3skqQQr3P8c0Syn8MSHhghF86ce3l4E+SCei25w5agKo7krWkpmWw7b7tf0p
anY19NaAb6YgC2Lwn1O7AHHIthnbq4AvTUBJ0V9muqoVYDE0E/gv8EEDXDT7KCci
jCCPpNtKCi98GiYyCrM/oL3Gspbg/qJA39gNfE+2Zr4FdPeMNF07Ir8yGC5+YA84
yEfjvVsgqMgecLb/TtdQF9mBzQHZVXXr9yQoLOASxzKv
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:01:01 2024 by rpki-client on console-fra.rpki-client.org