Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/5LSfJS95La-elYsRiHdxSEFEGpc.roa
File: 5LSfJS95La-elYsRiHdxSEFEGpc.roa (raw, json)
Hash identifier: myzvUgjHPH0DHizHLkaq8Q0TBR/BQzto/Fjm1pWKiGw=
Subject key identifier: E4:B4:9F:25:2F:79:2D:AF:9E:95:8B:11:88:77:71:48:41:44:1A:97
Certificate issuer: /CN=64b31dcd6bb5308029c4273230514f726b1b86ba
Certificate serial: 018CC56EB779F4911080E21BB685BDC2DE45
Authority key identifier: 64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/5LSfJS95La-elYsRiHdxSEFEGpc.roa
Signing time: Mon 01 Jan 2024 14:30:16 +0000
ROA not before: Mon 01 Jan 2024 14:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135391
IP address blocks: 185.232.56.0/24 maxlen: 24
185.232.58.0/24 maxlen: 24
185.232.57.0/24 maxlen: 24
185.232.59.0/24 maxlen: 24
2a0d:5300:300::/40 maxlen: 40
2a0d:5300::/40 maxlen: 40
2a0d:5300:100::/40 maxlen: 40
2a0d:5300:200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 20:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b7:79:f4:91:10:80:e2:1b:b6:85:bd:c2:de:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64b31dcd6bb5308029c4273230514f726b1b86ba
Validity
Not Before: Jan 1 14:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4b49f252f792daf9e958b118877714841441a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:16:3e:85:7c:5d:c9:d6:05:e9:77:4c:0b:fd:
09:1b:4a:69:e4:06:8f:e9:2b:f3:4f:bf:b1:15:a1:
cd:ae:36:d2:50:06:60:b2:92:09:6f:da:1e:01:2b:
2c:85:f2:87:52:e9:4a:32:42:2e:9a:9a:13:1e:27:
bd:67:44:35:f4:7f:84:83:37:0d:72:76:7e:fe:59:
34:9f:79:ac:05:25:6e:cb:ca:09:bd:ec:38:06:9f:
ad:b8:d7:bf:94:bc:88:ab:73:5f:4c:6f:49:7d:7c:
8f:3b:c6:54:79:2e:70:10:4e:59:74:23:ab:9d:15:
7a:b6:26:97:2c:b3:23:f5:18:8e:ed:a0:6d:44:de:
5a:eb:99:ee:a8:21:fd:04:b1:e0:13:b5:a2:f4:bb:
8d:48:20:27:22:43:0c:7e:54:57:e4:b5:2a:22:d8:
00:61:8d:fe:99:2e:78:e6:00:69:9e:d1:be:6e:28:
92:de:18:b1:4c:68:2e:bf:b3:b9:0d:08:d9:f3:c5:
1a:73:63:0f:ba:b3:19:0d:a6:c9:f9:c8:01:a2:06:
63:1f:4d:bf:8d:cd:51:40:59:da:84:5b:45:0f:88:
99:d4:36:55:1b:1a:d2:c8:58:32:da:48:7d:3d:92:
de:58:82:84:f8:e8:b9:81:9d:74:e6:39:22:1f:41:
f4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B4:9F:25:2F:79:2D:AF:9E:95:8B:11:88:77:71:48:41:44:1A:97
X509v3 Authority Key Identifier:
keyid:64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/5LSfJS95La-elYsRiHdxSEFEGpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.56.0/22
IPv6:
2a0d:5300::/38
Signature Algorithm: sha256WithRSAEncryption
ca:6b:a7:0e:af:dd:d9:85:fe:40:0c:ac:bf:2b:cf:e3:5f:5e:
40:ff:7e:f1:4a:37:80:34:d5:ed:54:c4:c0:ce:93:0e:42:c1:
1f:af:3d:3d:0c:d6:d9:ef:f9:3f:b0:8a:f8:41:f2:e3:a7:b4:
58:1f:58:d3:b2:59:54:58:a8:56:dd:34:b1:ef:c7:14:4c:70:
3b:db:e6:05:67:71:ae:ed:7d:97:3f:e0:5c:71:28:e3:b2:a7:
8a:93:f8:04:5a:74:af:33:6c:a4:bb:4a:ed:de:ba:f9:20:4b:
5e:8e:64:e1:75:46:43:e2:3b:b3:fb:9b:ea:7f:d1:0f:ef:d1:
dc:44:57:0d:23:26:1f:c5:92:1b:44:0a:12:c3:92:72:90:53:
0d:9e:7b:d3:17:c7:7c:49:37:59:8f:d7:5c:f4:2b:f8:a1:cc:
25:30:53:4f:78:19:e6:3f:c6:9a:80:cf:6e:ab:1d:26:b0:b5:
1c:a7:75:e9:e8:75:fa:65:53:e4:d7:f6:f9:bc:85:6c:94:98:
e6:a1:c5:30:f0:ab:49:07:a5:e7:c2:78:66:9c:ca:49:ad:41:
75:f2:25:dd:6b:d8:b0:9f:37:51:f6:bd:40:40:8b:e3:4e:2e:
4e:49:47:ce:8f:97:49:02:19:0c:da:38:27:59:5a:d0:ae:7d:
eb:46:ee:65
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzFbrd59JEQgOIbtoW9wt5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YjMxZGNkNmJiNTMwODAyOWM0MjczMjMwNTE0ZjcyNmIx
Yjg2YmEwHhcNMjQwMTAxMTQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI0OWYyNTJmNzkyZGFmOWU5NThiMTE4ODc3NzE0ODQxNDQxYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRY+hXxdydYF6XdMC/0JG0pp5AaP
6SvzT7+xFaHNrjbSUAZgspIJb9oeASsshfKHUulKMkIumpoTHie9Z0Q19H+EgzcN
cnZ+/lk0n3msBSVuy8oJvew4Bp+tuNe/lLyIq3NfTG9JfXyPO8ZUeS5wEE5ZdCOr
nRV6tiaXLLMj9RiO7aBtRN5a65nuqCH9BLHgE7Wi9LuNSCAnIkMMflRX5LUqItgA
YY3+mS545gBpntG+biiS3hixTGguv7O5DQjZ88Uac2MPurMZDabJ+cgBogZjH02/
jc1RQFnahFtFD4iZ1DZVGxrSyFgy2kh9PZLeWIKE+Oi5gZ105jkiH0H0mQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFOS0nyUveS2vnpWLEYh3cUhBRBqXMB8GA1UdIwQY
MBaAFGSzHc1rtTCAKcQnMjBRT3JrG4a6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkxNZHpXdTFNSUFweENjeU1GRlBjbXNiaHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny85ODBkNmUtOGE5OS00MjYwLTgwNjQt
NDRhYjY4OWUxZDRkLzEvNUxTZkpTOTVMYS1lbFlzUmlIZHhTRUZFR3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny85ODBkNmUtOGE5OS00MjYwLTgwNjQtNDRhYjY4OWUxZDRk
LzEvWkxNZHpXdTFNSUFweENjeU1GRlBjbXNiaHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCueg4MA4E
AgACMAgDBgIqDVMAADANBgkqhkiG9w0BAQsFAAOCAQEAymunDq/d2YX+QAysvyvP
419eQP9+8Uo3gDTV7VTEwM6TDkLBH689PQzW2e/5P7CK+EHy46e0WB9Y07JZVFio
Vt00se/HFExwO9vmBWdxru19lz/gXHEo47KnipP4BFp0rzNspLtK7d66+SBLXo5k
4XVGQ+I7s/ub6n/RD+/R3ERXDSMmH8WSG0QKEsOScpBTDZ570xfHfEk3WY/XXPQr
+KHMJTBTT3gZ5j/GmoDPbqsdJrC1HKd16eh1+mVT5Nf2+byFbJSY5qHFMPCrSQel
58J4ZpzKSa1BdfIl3WvYsJ83Ufa9QECL404uTklHzo+XSQIZDNo4J1la0K5960bu
ZQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:13:50 2024 by rpki-client on console-fra.rpki-client.org