Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/J45z5LMEFH9agYI1cjx7U42hhSI.roa
File: J45z5LMEFH9agYI1cjx7U42hhSI.roa (raw, json)
Hash identifier: 1IjeUVM4mWR2KlK5BVflB2pS1saOHOSFe/bnXpzaPyA=
Subject key identifier: 27:8E:73:E4:B3:04:14:7F:5A:81:82:35:72:3C:7B:53:8D:A1:85:22
Certificate issuer: /CN=757f9fdea350a766bb98c604d3b9c27916732209
Certificate serial: 018CC5DC9871F3571739251981E04EE594F6
Authority key identifier: 75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/J45z5LMEFH9agYI1cjx7U42hhSI.roa
Signing time: Mon 01 Jan 2024 16:30:17 +0000
ROA not before: Mon 01 Jan 2024 16:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 85.158.96.0/24 maxlen: 24
85.158.97.0/24 maxlen: 24
85.158.98.0/24 maxlen: 24
85.158.102.0/24 maxlen: 24
85.158.103.0/24 maxlen: 24
85.158.99.0/24 maxlen: 24
85.158.100.0/24 maxlen: 24
85.158.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:98:71:f3:57:17:39:25:19:81:e0:4e:e5:94:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757f9fdea350a766bb98c604d3b9c27916732209
Validity
Not Before: Jan 1 16:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=278e73e4b304147f5a818235723c7b538da18522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f7:ae:84:b6:ac:9b:69:08:ec:30:5a:77:34:
79:e4:6f:9b:92:76:1e:fb:9e:cd:69:d0:c9:d5:fa:
33:14:d8:a6:13:ca:a9:c0:0e:f2:42:71:27:85:65:
0b:1c:30:49:0b:76:f6:8e:ad:3b:67:6d:96:0a:ae:
be:c3:2a:29:5a:66:fb:4b:b3:a3:46:01:6f:44:b0:
b8:5b:42:cb:b1:b2:79:29:38:e3:3e:e0:c6:08:09:
3c:40:40:ee:de:6c:5e:72:db:4c:d8:df:71:1d:3a:
bc:a0:7b:b6:68:23:17:2d:f8:04:91:fa:06:2e:70:
d4:60:15:4d:9f:fd:6d:20:ea:b1:be:f3:e1:a4:3e:
a4:61:9e:62:4f:f1:8d:a1:5a:6f:78:5c:5e:98:5f:
fc:b3:00:bb:b6:c6:77:60:c4:62:9e:90:78:70:a3:
9d:17:07:82:65:5c:48:3a:02:44:61:c5:50:75:64:
db:35:ba:f7:a8:d9:52:a8:9d:3e:29:d5:b5:e0:e2:
bb:8a:6c:d8:4f:9b:bd:70:69:43:6b:98:32:08:eb:
cd:8f:ee:16:2f:54:a6:3a:d7:81:91:53:4f:5f:af:
9e:3e:99:b8:57:97:b8:8d:15:dc:fa:7a:8f:bb:87:
be:ed:c4:78:61:75:8d:ec:5c:a5:90:cc:34:a8:75:
82:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8E:73:E4:B3:04:14:7F:5A:81:82:35:72:3C:7B:53:8D:A1:85:22
X509v3 Authority Key Identifier:
keyid:75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/J45z5LMEFH9agYI1cjx7U42hhSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.96.0/21
Signature Algorithm: sha256WithRSAEncryption
a4:89:68:ac:13:ca:34:7b:b1:f0:f5:30:37:5a:10:a6:85:66:
22:13:44:56:93:df:cf:a9:d5:0a:7e:b9:c1:60:66:c1:a9:e9:
7f:de:17:7b:13:0c:02:d9:5c:43:c4:41:e7:25:6f:57:d2:e8:
bc:5a:c6:48:b5:ba:08:76:d2:f4:d3:3b:96:58:ff:66:6a:12:
8e:eb:66:16:70:5c:51:c0:90:ab:c1:05:9b:71:6f:bd:70:87:
4d:54:e8:fd:ad:bb:d5:96:61:7a:17:17:c1:27:95:ec:bd:04:
e1:5f:af:92:c0:8d:4d:69:ce:4e:b1:55:5a:51:c7:a4:2b:cc:
b8:40:f2:86:83:a5:91:39:c8:25:69:ec:f7:fc:40:e3:f3:24:
0b:15:c5:13:33:30:e1:8c:1b:b8:b2:fc:aa:f0:19:72:6b:5a:
5b:a2:78:34:3a:5b:70:7d:fb:27:6f:76:73:d2:1c:87:89:8a:
45:5d:09:6c:b4:95:db:cb:54:d8:b2:3a:e8:92:ba:b9:b8:2f:
cd:56:cd:c9:ba:02:76:6e:b6:1e:2f:99:4f:61:44:4b:e4:88:
d7:af:b3:ad:d1:26:07:1e:1a:ba:44:1a:4f:ec:47:87:45:a6:
b3:66:48:98:f7:e8:5c:f9:87:7c:5d:bd:d2:b6:02:a4:56:38:
7b:4b:71:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Jhx81cXOSUZgeBO5ZT2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1N2Y5ZmRlYTM1MGE3NjZiYjk4YzYwNGQzYjljMjc5MTY3
MzIyMDkwHhcNMjQwMTAxMTYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzhlNzNlNGIzMDQxNDdmNWE4MTgyMzU3MjNjN2I1MzhkYTE4NTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPeuhLasm2kI7DBadzR55G+bknYe
+57NadDJ1fozFNimE8qpwA7yQnEnhWULHDBJC3b2jq07Z22WCq6+wyopWmb7S7Oj
RgFvRLC4W0LLsbJ5KTjjPuDGCAk8QEDu3mxecttM2N9xHTq8oHu2aCMXLfgEkfoG
LnDUYBVNn/1tIOqxvvPhpD6kYZ5iT/GNoVpveFxemF/8swC7tsZ3YMRinpB4cKOd
FweCZVxIOgJEYcVQdWTbNbr3qNlSqJ0+KdW14OK7imzYT5u9cGlDa5gyCOvNj+4W
L1SmOteBkVNPX6+ePpm4V5e4jRXc+nqPu4e+7cR4YXWN7FylkMw0qHWCkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCeOc+SzBBR/WoGCNXI8e1ONoYUiMB8GA1UdIwQY
MBaAFHV/n96jUKdmu5jGBNO5wnkWcyIJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYt
YzI1YWJhNmI1NWFmLzEvSjQ1ejVMTUVGSDlhZ1lJMWNqeDdVNDJoaFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi81YTNiNmItOWE2MS00NTU3LWEzZDYtYzI1YWJhNmI1NWFm
LzEvZFgtZjNxTlFwMmE3bU1ZRTA3bkNlUlp6SWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ5gMA0G
CSqGSIb3DQEBCwUAA4IBAQCkiWisE8o0e7Hw9TA3WhCmhWYiE0RWk9/PqdUKfrnB
YGbBqel/3hd7EwwC2VxDxEHnJW9X0ui8WsZItboIdtL00zuWWP9mahKO62YWcFxR
wJCrwQWbcW+9cIdNVOj9rbvVlmF6FxfBJ5XsvQThX6+SwI1Nac5OsVVaUcekK8y4
QPKGg6WROcglaez3/EDj8yQLFcUTMzDhjBu4svyq8Blya1pbong0Oltwffsnb3Zz
0hyHiYpFXQlstJXby1TYsjrokrq5uC/NVs3JugJ2brYeL5lPYURL5IjXr7Ot0SYH
Hhq6RBpP7EeHRaazZkiY9+hc+Yd8Xb3StgKkVjh7S3HF
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:29:02 2024 by rpki-client on console-ams.rpki-client.org