Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/5a4gBLOD001NgDyxLG2he_xwtJ4.roa
File: 5a4gBLOD001NgDyxLG2he_xwtJ4.roa (raw, json)
Hash identifier: eDAVUVf6FpIvugJevfiGfMbytsJ+v1oaBnZAwfxOW4w=
Subject key identifier: E5:AE:20:04:B3:83:D3:4D:4D:80:3C:B1:2C:6D:A1:7B:FC:70:B4:9E
Certificate issuer: /CN=1474b6fc67b6b90db311c61fc0e3a9c752833c56
Certificate serial: 018CC42560AB4B6DF116CD58D0AB8A408719
Authority key identifier: 14:74:B6:FC:67:B6:B9:0D:B3:11:C6:1F:C0:E3:A9:C7:52:83:3C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/5a4gBLOD001NgDyxLG2he_xwtJ4.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203615
IP address blocks: 185.127.181.0/24 maxlen: 24
185.127.180.0/24 maxlen: 24
185.127.180.0/22 maxlen: 24
2a06:cb00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 10:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:60:ab:4b:6d:f1:16:cd:58:d0:ab:8a:40:87:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1474b6fc67b6b90db311c61fc0e3a9c752833c56
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5ae2004b383d34d4d803cb12c6da17bfc70b49e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bc:63:90:9d:25:75:ca:83:ec:c9:23:d4:99:
a3:cb:ad:21:80:2d:d8:3d:5a:bc:a2:18:d6:6e:ef:
88:46:be:e7:2e:30:ba:74:0c:69:59:0c:2c:96:64:
69:ff:9b:c4:0d:a3:0e:d2:53:37:6c:8f:c5:bf:1e:
13:44:94:08:2e:86:f3:cd:63:a0:22:19:35:53:9d:
3f:84:c0:60:d8:40:47:3d:9b:57:1e:cd:9c:6a:27:
19:34:73:08:1f:6d:aa:77:44:e6:f9:ce:b0:d3:21:
9c:9d:5d:00:4c:a2:26:bf:8d:44:d3:02:9c:69:a1:
50:72:69:c8:5e:c4:17:da:5f:36:bc:d2:85:b2:bd:
cf:ab:fb:e5:42:c3:73:9b:c3:d4:d4:f6:3d:2d:5d:
5c:65:17:3e:7c:5a:8f:51:7f:00:c2:8f:4d:8f:7a:
a6:af:cb:cf:aa:6d:2a:75:0d:7b:ff:dc:23:35:ec:
e4:43:7a:a1:e3:73:44:02:36:35:d0:03:ed:d2:ce:
13:a1:0c:c5:df:a7:de:cc:b1:39:64:f9:1a:f1:86:
41:fb:e5:6e:88:af:71:d7:1d:fb:48:c6:61:49:51:
2e:d5:5e:7c:c0:52:c5:e9:f9:bf:99:8b:09:94:67:
58:63:1d:47:ce:5b:2d:82:ad:7e:7e:34:26:9f:9f:
13:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AE:20:04:B3:83:D3:4D:4D:80:3C:B1:2C:6D:A1:7B:FC:70:B4:9E
X509v3 Authority Key Identifier:
keyid:14:74:B6:FC:67:B6:B9:0D:B3:11:C6:1F:C0:E3:A9:C7:52:83:3C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/5a4gBLOD001NgDyxLG2he_xwtJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/b1b41d-d886-442a-9524-8c56d8fe17b5/1/FHS2_Ge2uQ2zEcYfwOOpx1KDPFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.180.0/22
IPv6:
2a06:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
9c:fd:38:a2:b6:7e:5f:ac:be:46:76:26:9b:4c:23:6a:23:d6:
e7:65:0d:52:c1:cf:61:e8:83:ff:5b:65:7e:a7:e5:22:bc:a0:
05:e2:17:d3:5d:0e:a8:e9:28:54:5a:d6:84:9b:39:da:0a:f5:
d8:03:a5:8a:15:00:3e:a5:b8:ce:3e:06:d4:72:a0:c2:ef:37:
b3:3f:a9:ab:28:77:62:a5:33:4d:cb:5e:b3:35:67:bc:21:21:
59:d8:3e:3a:1e:8d:07:4c:3e:88:10:d9:a0:a3:b5:98:f7:51:
9b:0b:9e:5b:fc:94:d5:9f:6a:60:d8:0a:29:b5:f1:2a:cc:a0:
45:24:13:0a:68:f2:7e:4d:62:30:09:ea:23:5b:19:31:b6:1e:
a5:95:77:80:2a:37:f0:32:28:1e:3d:7c:53:e2:92:0a:4c:a4:
9a:f1:a4:f5:3e:01:a6:1b:0d:eb:5e:6a:55:be:74:af:d8:45:
a0:65:6a:bc:77:56:0c:58:45:a0:e0:f3:78:40:30:6a:1e:d1:
77:7d:ad:d6:54:30:44:0f:a8:f9:b2:76:21:f8:f4:a5:bc:ba:
46:a6:3c:2c:cf:28:99:77:fe:77:b1:85:30:e3:23:ff:0d:5f:
bd:44:93:cd:9e:40:69:ff:75:5a:70:12:76:74:ba:74:b9:16:
0c:b6:a2:8e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJWCrS23xFs1Y0KuKQIcZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NzRiNmZjNjdiNmI5MGRiMzExYzYxZmMwZTNhOWM3NTI4
MzNjNTYwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWFlMjAwNGIzODNkMzRkNGQ4MDNjYjEyYzZkYTE3YmZjNzBiNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbxjkJ0ldcqD7Mkj1Jmjy60hgC3Y
PVq8ohjWbu+IRr7nLjC6dAxpWQwslmRp/5vEDaMO0lM3bI/Fvx4TRJQILobzzWOg
Ihk1U50/hMBg2EBHPZtXHs2caicZNHMIH22qd0Tm+c6w0yGcnV0ATKImv41E0wKc
aaFQcmnIXsQX2l82vNKFsr3Pq/vlQsNzm8PU1PY9LV1cZRc+fFqPUX8Awo9Nj3qm
r8vPqm0qdQ17/9wjNezkQ3qh43NEAjY10APt0s4ToQzF36fezLE5ZPka8YZB++Vu
iK9x1x37SMZhSVEu1V58wFLF6fm/mYsJlGdYYx1Hzlstgq1+fjQmn58TQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOWuIASzg9NNTYA8sSxtoXv8cLSeMB8GA1UdIwQY
MBaAFBR0tvxntrkNsxHGH8DjqcdSgzxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkhTMl9HZTJ1UTJ6RWNZZndPT3B4MUtEUEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9iMWI0MWQtZDg4Ni00NDJhLTk1MjQt
OGM1NmQ4ZmUxN2I1LzEvNWE0Z0JMT0QwMDFOZ0R5eExHMmhlX3h3dEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9iMWI0MWQtZDg4Ni00NDJhLTk1MjQtOGM1NmQ4ZmUxN2I1
LzEvRkhTMl9HZTJ1UTJ6RWNZZndPT3B4MUtEUEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX+0MA0E
AgACMAcDBQMqBssAMA0GCSqGSIb3DQEBCwUAA4IBAQCc/Tiitn5frL5GdiabTCNq
I9bnZQ1Swc9h6IP/W2V+p+UivKAF4hfTXQ6o6ShUWtaEmznaCvXYA6WKFQA+pbjO
PgbUcqDC7zezP6mrKHdipTNNy16zNWe8ISFZ2D46Ho0HTD6IENmgo7WY91GbC55b
/JTVn2pg2AoptfEqzKBFJBMKaPJ+TWIwCeojWxkxth6llXeAKjfwMigePXxT4pIK
TKSa8aT1PgGmGw3rXmpVvnSv2EWgZWq8d1YMWEWg4PN4QDBqHtF3fa3WVDBED6j5
snYh+PSlvLpGpjwszyiZd/53sYUw4yP/DV+9RJPNnkBp/3VacBJ2dLp0uRYMtqKO
-----END CERTIFICATE-----
Generated at Thu May 9 18:16:21 2024 by rpki-client on console-ams.rpki-client.org