Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/L5V2OadTxfY_FNcI0967EGfq2_g.roa
File: L5V2OadTxfY_FNcI0967EGfq2_g.roa (raw, json)
Hash identifier: EoMPFZImvfe7Q3FXRguMb7lutK5CndKBOIhUNmmr7qA=
Subject key identifier: 2F:95:76:39:A7:53:C5:F6:3F:14:D7:08:D3:DE:BB:10:67:EA:DB:F8
Certificate issuer: /CN=892d21566ccfc3bb079ec5854b044ab809804157
Certificate serial: 018CC6B79D121905580855BBCD62BF578A4B
Authority key identifier: 89:2D:21:56:6C:CF:C3:BB:07:9E:C5:85:4B:04:4A:B8:09:80:41:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iS0hVmzPw7sHnsWFSwRKuAmAQVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/L5V2OadTxfY_FNcI0967EGfq2_g.roa
Signing time: Mon 01 Jan 2024 20:29:31 +0000
ROA not before: Mon 01 Jan 2024 20:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205836
IP address blocks: 85.255.94.0/23 maxlen: 23
85.255.94.0/24 maxlen: 24
85.255.92.0/24 maxlen: 24
85.255.92.0/23 maxlen: 23
85.255.95.0/24 maxlen: 24
85.255.92.0/22 maxlen: 22
85.255.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/iS0hVmzPw7sHnsWFSwRKuAmAQVc.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/iS0hVmzPw7sHnsWFSwRKuAmAQVc.mft
rsync://rpki.ripe.net/repository/DEFAULT/iS0hVmzPw7sHnsWFSwRKuAmAQVc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:9d:12:19:05:58:08:55:bb:cd:62:bf:57:8a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=892d21566ccfc3bb079ec5854b044ab809804157
Validity
Not Before: Jan 1 20:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f957639a753c5f63f14d708d3debb1067eadbf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:41:ae:6c:cb:3a:6a:76:60:3a:34:ca:ad:73:
64:69:a3:bd:90:0e:00:27:80:cd:48:33:68:3a:58:
52:3b:e7:93:d4:cb:10:4f:8d:e8:c0:21:20:f6:9c:
b0:8e:31:7c:10:2d:99:7b:75:57:48:a9:93:b8:8e:
1f:e1:5c:2c:76:ce:56:76:5f:bc:37:8e:2f:ee:3c:
9b:92:e8:a7:61:f1:47:0c:00:1b:2b:aa:26:63:20:
6a:ae:51:23:1e:03:05:20:6a:93:58:24:9e:60:e2:
1e:11:c1:d7:64:38:4d:0b:7f:b2:26:30:97:49:cf:
b1:d4:90:d3:af:f2:89:3d:5e:c2:14:4c:95:83:42:
07:ec:22:0f:ab:a7:ad:ec:9a:5a:c1:6f:54:81:ad:
de:7e:e5:0d:73:fa:a3:9a:75:7b:8e:64:c2:0a:fa:
96:2d:29:64:a8:5c:86:0d:2e:86:60:3e:86:42:1c:
5c:2e:ee:28:26:09:b8:73:7d:56:9f:05:7c:24:6a:
33:37:fd:a4:14:e6:4a:48:c2:fd:50:82:f0:58:3c:
fe:62:3c:5b:cc:0c:96:78:ae:19:30:4e:19:df:83:
d5:77:db:62:57:25:a8:ea:1d:27:d1:bb:3b:1e:cf:
4c:2b:b7:48:7c:16:c4:77:fa:5e:e5:70:5a:72:34:
ce:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:95:76:39:A7:53:C5:F6:3F:14:D7:08:D3:DE:BB:10:67:EA:DB:F8
X509v3 Authority Key Identifier:
keyid:89:2D:21:56:6C:CF:C3:BB:07:9E:C5:85:4B:04:4A:B8:09:80:41:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iS0hVmzPw7sHnsWFSwRKuAmAQVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/L5V2OadTxfY_FNcI0967EGfq2_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/d597b0-6425-425f-b723-4eb8b0b49c4a/1/iS0hVmzPw7sHnsWFSwRKuAmAQVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.92.0/22
Signature Algorithm: sha256WithRSAEncryption
77:80:25:37:69:a7:fd:23:17:66:ed:75:80:3f:23:04:8e:72:
0d:d5:56:bf:87:dd:87:5e:3b:88:45:5c:6d:ac:5b:41:ed:66:
6e:5e:41:dc:cf:2e:01:ca:64:37:86:34:81:49:b3:e4:2b:ba:
bb:3c:39:ff:b5:cf:26:12:26:0a:97:6b:31:9d:39:dd:97:72:
2f:2a:cd:1c:74:d4:40:c3:97:4b:1f:d1:84:9e:da:14:cb:03:
27:b1:01:d8:79:5f:17:c0:f1:f8:b3:eb:2b:1b:91:cf:9c:f8:
93:98:fd:8c:06:10:4a:5e:6f:f7:9b:f1:74:40:da:b1:38:31:
e0:44:d6:25:c3:df:1c:91:c8:c5:73:48:51:c2:44:53:4d:f6:
af:4a:5e:af:4b:cc:28:17:df:6d:e3:5e:8a:9e:c9:80:ed:14:
1f:69:30:5b:31:4f:c6:95:39:74:a0:bb:55:6c:2a:c9:c7:6a:
37:ed:77:06:59:29:aa:29:24:a6:08:cf:f3:62:7c:79:1c:ab:
d1:b0:4e:9f:33:be:dc:a2:da:12:88:44:eb:26:87:29:81:f3:
cf:f8:25:60:57:c6:0c:a3:e6:b8:13:37:9f:e5:b4:6d:9c:09:
e1:20:26:ba:2a:11:4b:7f:74:36:fb:62:c5:58:db:f1:7a:c5:
ef:95:a8:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt50SGQVYCFW7zWK/V4pLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MmQyMTU2NmNjZmMzYmIwNzllYzU4NTRiMDQ0YWI4MDk4
MDQxNTcwHhcNMjQwMTAxMjAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjk1NzYzOWE3NTNjNWY2M2YxNGQ3MDhkM2RlYmIxMDY3ZWFkYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0GubMs6anZgOjTKrXNkaaO9kA4A
J4DNSDNoOlhSO+eT1MsQT43owCEg9pywjjF8EC2Ze3VXSKmTuI4f4Vwsds5Wdl+8
N44v7jybkuinYfFHDAAbK6omYyBqrlEjHgMFIGqTWCSeYOIeEcHXZDhNC3+yJjCX
Sc+x1JDTr/KJPV7CFEyVg0IH7CIPq6et7JpawW9Uga3efuUNc/qjmnV7jmTCCvqW
LSlkqFyGDS6GYD6GQhxcLu4oJgm4c31WnwV8JGozN/2kFOZKSML9UILwWDz+Yjxb
zAyWeK4ZME4Z34PVd9tiVyWo6h0n0bs7Hs9MK7dIfBbEd/pe5XBacjTOKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC+VdjmnU8X2PxTXCNPeuxBn6tv4MB8GA1UdIwQY
MBaAFIktIVZsz8O7B57FhUsESrgJgEFXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVMwaFZtelB3N3NIbnNXRlN3Ukt1QW1BUVZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9kNTk3YjAtNjQyNS00MjVmLWI3MjMt
NGViOGIwYjQ5YzRhLzEvTDVWMk9hZFR4ZllfRk5jSTA5NjdFR2ZxMl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9kNTk3YjAtNjQyNS00MjVmLWI3MjMtNGViOGIwYjQ5YzRh
LzEvaVMwaFZtelB3N3NIbnNXRlN3Ukt1QW1BUVZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVf9cMA0G
CSqGSIb3DQEBCwUAA4IBAQB3gCU3aaf9Ixdm7XWAPyMEjnIN1Va/h92HXjuIRVxt
rFtB7WZuXkHczy4BymQ3hjSBSbPkK7q7PDn/tc8mEiYKl2sxnTndl3IvKs0cdNRA
w5dLH9GEntoUywMnsQHYeV8XwPH4s+srG5HPnPiTmP2MBhBKXm/3m/F0QNqxODHg
RNYlw98ckcjFc0hRwkRTTfavSl6vS8woF99t416KnsmA7RQfaTBbMU/GlTl0oLtV
bCrJx2o37XcGWSmqKSSmCM/zYnx5HKvRsE6fM77cotoSiETrJocpgfPP+CVgV8YM
o+a4Ezef5bRtnAnhICa6KhFLf3Q2+2LFWNvxesXvlajH
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:50:29 2024 by rpki-client on console-ams.rpki-client.org