Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/QmLMZCsEQDzUNSnDb-iee6EXSwM.roa
File: QmLMZCsEQDzUNSnDb-iee6EXSwM.roa (raw, json)
Hash identifier: bmaiJlZNJKXpD5agFrA9TYtr5pVxXPQcwwliW8g4YiQ=
Subject key identifier: 42:62:CC:64:2B:04:40:3C:D4:35:29:C3:6F:E8:9E:7B:A1:17:4B:03
Certificate issuer: /CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Certificate serial: 018EBE458C831118A32032763C3988144E55
Authority key identifier: 07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/QmLMZCsEQDzUNSnDb-iee6EXSwM.roa
Signing time: Mon 08 Apr 2024 15:13:32 +0000
ROA not before: Mon 08 Apr 2024 15:13:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205185
IP address blocks: 45.129.172.0/22 maxlen: 24
86.105.160.0/22 maxlen: 24
185.136.236.0/22 maxlen: 24
185.152.84.0/22 maxlen: 24
185.226.108.0/22 maxlen: 24
194.135.48.0/22 maxlen: 24
2a0d:8600::/29 maxlen: 48
2a0f:dc40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 09:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:45:8c:83:11:18:a3:20:32:76:3c:39:88:14:4e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Validity
Not Before: Apr 8 15:13:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4262cc642b04403cd43529c36fe89e7ba1174b03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:18:58:38:f8:53:8e:a6:22:d2:af:61:c7:2c:
d1:36:64:02:83:50:e3:c8:77:0f:bd:9b:bf:0f:40:
a3:b4:8d:24:00:7b:32:b4:e7:1b:b1:b6:6d:c4:0c:
27:a4:3e:54:ab:b2:f0:67:ce:2d:99:2f:69:22:57:
af:5f:67:97:eb:7c:48:5b:70:29:5b:51:27:ae:a6:
c3:af:7b:07:ad:05:36:b6:8e:03:52:82:7d:e3:b1:
f6:7b:28:e2:58:2c:b8:0e:ed:80:79:33:6f:6a:d3:
68:dd:d3:31:3c:b7:84:98:28:f1:92:cb:79:f7:cc:
df:3d:77:6f:28:7d:4f:62:4c:85:5c:8d:b5:0c:dd:
c9:4b:fc:94:87:2b:54:05:9f:23:e3:26:fd:cd:af:
24:8b:40:b2:8c:db:cf:70:49:80:a0:86:6d:c5:05:
67:5d:69:8e:46:40:3c:80:dc:d9:3b:d9:8f:1e:ea:
a6:9c:f3:d7:c8:8a:32:52:bd:24:6d:16:c6:d8:ff:
63:d5:3c:6c:8c:a6:46:b3:5b:d6:2b:7f:5e:d8:ae:
f5:37:ae:b8:fa:e7:08:d9:82:b5:4f:36:63:52:5c:
44:78:4e:2c:bb:33:d8:db:f6:ad:4c:20:23:9e:fc:
6a:df:d1:be:eb:26:be:66:99:6d:eb:58:e9:1e:6b:
d9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:62:CC:64:2B:04:40:3C:D4:35:29:C3:6F:E8:9E:7B:A1:17:4B:03
X509v3 Authority Key Identifier:
keyid:07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/QmLMZCsEQDzUNSnDb-iee6EXSwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.172.0/22
86.105.160.0/22
185.136.236.0/22
185.152.84.0/22
185.226.108.0/22
194.135.48.0/22
IPv6:
2a0d:8600::/29
2a0f:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
52:88:ac:cb:00:fa:5e:44:e5:54:c4:10:c0:ca:c9:ab:00:f4:
e1:71:86:b9:ce:de:22:1b:14:89:85:fe:5e:de:fe:4b:e9:31:
03:d1:8a:f3:2e:de:d4:cd:8d:bd:60:26:bd:0c:e5:83:90:41:
2c:43:06:f0:64:1b:e1:dd:75:f5:cc:e8:55:03:96:aa:2e:34:
01:72:74:4b:28:dc:a8:5f:eb:d1:3a:c9:82:05:a9:5e:a1:a5:
70:cc:b7:ab:42:ad:24:e2:2c:bb:be:05:03:0d:89:e0:e3:e3:
87:1e:de:3c:cc:9d:e6:be:3e:ef:93:51:ca:04:09:1a:00:ea:
19:77:9a:31:19:14:6f:e9:a2:4f:f7:f2:5d:ae:4f:4a:87:e7:
33:7f:69:54:33:05:6d:4a:0c:38:b1:7a:e9:da:f9:09:93:d1:
2c:bf:63:c9:ec:5d:b3:1c:57:b4:c8:2b:60:fd:6d:d6:45:94:
f9:2c:52:44:3c:ff:9e:eb:04:18:12:e5:73:33:78:50:ae:67:
ea:c6:5c:19:a4:c2:e8:f0:0f:bf:f4:de:1f:ea:92:23:5d:5f:
4c:73:73:51:9c:ad:d8:84:a8:12:a5:12:be:a8:56:c3:66:d4:
20:96:c1:59:24:99:2f:39:d8:9d:f1:46:96:25:fb:3f:df:55:
ff:08:97:25
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY6+RYyDERijIDJ2PDmIFE5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTlmNmFjMTczZjc1ZWQ5ZTU4NWVjN2Q4NzJhNTg2NWNl
ZjI4MzUwHhcNMjQwNDA4MTUxMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjYyY2M2NDJiMDQ0MDNjZDQzNTI5YzM2ZmU4OWU3YmExMTc0YjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBhYOPhTjqYi0q9hxyzRNmQCg1Dj
yHcPvZu/D0CjtI0kAHsytOcbsbZtxAwnpD5Uq7LwZ84tmS9pIlevX2eX63xIW3Ap
W1EnrqbDr3sHrQU2to4DUoJ947H2eyjiWCy4Du2AeTNvatNo3dMxPLeEmCjxkst5
98zfPXdvKH1PYkyFXI21DN3JS/yUhytUBZ8j4yb9za8ki0CyjNvPcEmAoIZtxQVn
XWmORkA8gNzZO9mPHuqmnPPXyIoyUr0kbRbG2P9j1TxsjKZGs1vWK39e2K71N664
+ucI2YK1TzZjUlxEeE4suzPY2/atTCAjnvxq39G+6ya+Zplt61jpHmvZtQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFEJizGQrBEA81DUpw2/onnuhF0sDMB8GA1UdIwQY
MBaAFAdZ9qwXP3Xtnlhex9hypYZc7yg1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUt
N2JlM2JkYTA1OTI3LzEvUW1MTVpDc0VRRHpVTlNuRGItaWVlNkVYU3dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUtN2JlM2JkYTA1OTI3
LzEvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLYGsAwQC
VmmgAwQCuYjsAwQCuZhUAwQCueJsAwQCwocwMBQEAgACMA4DBQMqDYYAAwUDKg/c
QDANBgkqhkiG9w0BAQsFAAOCAQEAUoisywD6XkTlVMQQwMrJqwD04XGGuc7eIhsU
iYX+Xt7+S+kxA9GK8y7e1M2NvWAmvQzlg5BBLEMG8GQb4d119czoVQOWqi40AXJ0
SyjcqF/r0TrJggWpXqGlcMy3q0KtJOIsu74FAw2J4OPjhx7ePMyd5r4+75NRygQJ
GgDqGXeaMRkUb+miT/fyXa5PSofnM39pVDMFbUoMOLF66dr5CZPRLL9jyexdsxxX
tMgrYP1t1kWU+SxSRDz/nusEGBLlczN4UK5n6sZcGaTC6PAPv/TeH+qSI11fTHNz
UZyt2ISoEqUSvqhWw2bUIJbBWSSZLznYnfFGliX7P99V/wiXJQ==
-----END CERTIFICATE-----
Generated at Sat May 18 13:51:36 2024 by rpki-client on console-fra.rpki-client.org