Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/1pLGaXmg9LwEIbcV8CloqRFmBmo.roa
File: 1pLGaXmg9LwEIbcV8CloqRFmBmo.roa (raw, json)
Hash identifier: AfehIJdCQVP+rnPOl3jTkdUypOGEtCf9OlXjYsP89aQ=
Subject key identifier: D6:92:C6:69:79:A0:F4:BC:04:21:B7:15:F0:29:68:A9:11:66:06:6A
Certificate issuer: /CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Certificate serial: 018CC94CD23BEE19F14E4A50179AA7F1B70B
Authority key identifier: 26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/1pLGaXmg9LwEIbcV8CloqRFmBmo.roa
Signing time: Tue 02 Jan 2024 08:31:44 +0000
ROA not before: Tue 02 Jan 2024 08:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34574
IP address blocks: 188.64.144.0/24 maxlen: 24
188.64.144.0/23 maxlen: 23
188.64.145.0/24 maxlen: 24
188.64.147.0/24 maxlen: 24
188.64.146.0/24 maxlen: 24
2a00:1120::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 11:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:d2:3b:ee:19:f1:4e:4a:50:17:9a:a7:f1:b7:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=269f4f7143b4067805cba9a40f639732ee7d42e5
Validity
Not Before: Jan 2 08:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d692c66979a0f4bc0421b715f02968a91166066a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7f:c2:c3:c5:26:c4:fb:20:f9:13:23:c2:95:
4a:8e:e5:c4:7f:f2:fa:29:19:02:24:0c:d8:f4:c4:
c9:fc:47:61:7d:3c:43:0c:30:85:19:c4:79:15:ef:
05:c2:f3:9c:de:42:b5:a2:86:af:dd:ed:a9:ef:f4:
80:2f:5a:f1:13:bf:30:39:ea:1d:1f:19:b8:3b:10:
7e:a0:da:85:ed:1b:58:c8:29:8e:60:f6:c7:75:e9:
8d:22:e1:d9:40:f8:18:d3:66:08:2a:46:12:7b:3a:
b1:20:68:f7:76:16:e6:a9:e1:91:7e:6d:bc:16:d6:
10:13:73:b1:f8:c8:4d:0f:20:f9:ff:56:e1:c1:5e:
53:37:b1:4c:f0:55:02:a7:76:3c:d9:dd:5b:14:32:
9e:0c:f7:91:8c:10:34:27:63:fa:80:e1:93:55:7d:
a2:65:52:85:9e:5b:36:a0:54:dd:3c:09:0b:e9:53:
a2:24:a4:80:ab:4d:2e:ba:65:68:c2:55:7e:a2:4b:
0a:6b:dd:96:13:d3:4e:8b:17:f1:3e:0d:3d:67:c2:
e0:20:ea:28:79:df:5c:42:02:f8:7a:ec:4f:39:b6:
8e:6f:19:75:43:b8:56:57:99:ce:b5:13:6f:26:bb:
6a:df:9b:95:e5:8b:08:a2:ab:7c:fd:d2:e8:a1:c2:
70:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:92:C6:69:79:A0:F4:BC:04:21:B7:15:F0:29:68:A9:11:66:06:6A
X509v3 Authority Key Identifier:
keyid:26:9F:4F:71:43:B4:06:78:05:CB:A9:A4:0F:63:97:32:EE:7D:42:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jp9PcUO0BngFy6mkD2OXMu59QuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/1pLGaXmg9LwEIbcV8CloqRFmBmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/c90860-8138-433c-b24f-92c780ca3260/1/Jp9PcUO0BngFy6mkD2OXMu59QuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.144.0/22
IPv6:
2a00:1120::/32
Signature Algorithm: sha256WithRSAEncryption
49:43:08:93:c7:bb:5f:00:30:4e:bc:42:1a:23:49:b1:f8:d0:
da:d1:6e:6e:c2:e0:f8:8f:fd:03:e4:fd:2c:e8:7e:27:11:bf:
2a:3c:49:81:5c:3d:27:03:ea:44:d1:4d:32:c0:34:55:42:db:
7e:9c:1d:cb:d3:80:d7:dd:63:ec:4e:13:2d:8b:6d:4e:54:d3:
7e:51:25:81:01:dc:47:6b:d4:e0:d4:7c:3b:63:cc:93:ea:a7:
35:b8:ca:74:d8:83:72:25:cd:ae:8a:b0:9d:7e:dc:57:00:30:
8d:af:6e:8c:95:a8:4c:7d:ac:77:e1:24:fe:71:88:36:0a:90:
24:91:5d:e9:bc:ea:4a:81:01:1d:9d:b2:8d:c4:93:66:13:66:
9b:79:eb:32:51:5b:82:05:03:8a:20:e4:e0:86:7a:0f:aa:6e:
49:f0:57:c2:a1:26:3d:93:e0:05:84:f3:b7:d7:68:96:8c:9b:
b8:33:a8:15:7f:54:89:a2:9d:ce:2d:20:26:02:84:3b:c2:e7:
77:90:ba:12:63:95:9e:96:6d:83:af:8c:c7:8d:1c:1f:6e:76:
1f:9d:34:10:e7:36:f7:4c:4a:7a:9e:1c:1a:53:be:94:66:68:
97:f1:6b:f3:f4:12:91:c3:08:f1:db:83:c8:06:42:07:a6:c3:
d2:88:f0:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTNI77hnxTkpQF5qn8bcLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OWY0ZjcxNDNiNDA2NzgwNWNiYTlhNDBmNjM5NzMyZWU3
ZDQyZTUwHhcNMjQwMTAyMDgzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjkyYzY2OTc5YTBmNGJjMDQyMWI3MTVmMDI5NjhhOTExNjYwNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH/Cw8UmxPsg+RMjwpVKjuXEf/L6
KRkCJAzY9MTJ/EdhfTxDDDCFGcR5Fe8FwvOc3kK1ooav3e2p7/SAL1rxE78wOeod
Hxm4OxB+oNqF7RtYyCmOYPbHdemNIuHZQPgY02YIKkYSezqxIGj3dhbmqeGRfm28
FtYQE3Ox+MhNDyD5/1bhwV5TN7FM8FUCp3Y82d1bFDKeDPeRjBA0J2P6gOGTVX2i
ZVKFnls2oFTdPAkL6VOiJKSAq00uumVowlV+oksKa92WE9NOixfxPg09Z8LgIOoo
ed9cQgL4euxPObaObxl1Q7hWV5nOtRNvJrtq35uV5YsIoqt8/dLoocJwiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNaSxml5oPS8BCG3FfApaKkRZgZqMB8GA1UdIwQY
MBaAFCafT3FDtAZ4BcuppA9jlzLufULlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnA5UGNVTzBCbmdGeTZta0QyT1hNdTU5UXVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9jOTA4NjAtODEzOC00MzNjLWIyNGYt
OTJjNzgwY2EzMjYwLzEvMXBMR2FYbWc5THdFSWJjVjhDbG9xUkZtQm1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9jOTA4NjAtODEzOC00MzNjLWIyNGYtOTJjNzgwY2EzMjYw
LzEvSnA5UGNVTzBCbmdGeTZta0QyT1hNdTU5UXVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCvECQMA0E
AgACMAcDBQAqABEgMA0GCSqGSIb3DQEBCwUAA4IBAQBJQwiTx7tfADBOvEIaI0mx
+NDa0W5uwuD4j/0D5P0s6H4nEb8qPEmBXD0nA+pE0U0ywDRVQtt+nB3L04DX3WPs
ThMti21OVNN+USWBAdxHa9Tg1Hw7Y8yT6qc1uMp02INyJc2uirCdftxXADCNr26M
lahMfax34ST+cYg2CpAkkV3pvOpKgQEdnbKNxJNmE2abeesyUVuCBQOKIOTghnoP
qm5J8FfCoSY9k+AFhPO312iWjJu4M6gVf1SJop3OLSAmAoQ7wud3kLoSY5Welm2D
r4zHjRwfbnYfnTQQ5zb3TEp6nhwaU76UZmiX8Wvz9BKRwwjx24PIBkIHpsPSiPBJ
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:28:53 2024 by rpki-client on console-ams.rpki-client.org