Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/5Pfq4cE13MRcv6LgeSU8SC-IkIs.roa
File: 5Pfq4cE13MRcv6LgeSU8SC-IkIs.roa (raw, json)
Hash identifier: nQNFy2JBXHDO7n/6CMjZj7B9klkRo3bo1eq4e5USUiE=
Subject key identifier: E4:F7:EA:E1:C1:35:DC:C4:5C:BF:A2:E0:79:25:3C:48:2F:88:90:8B
Certificate issuer: /CN=92ec295476ca1d934db04d00244fc5079b9c9748
Certificate serial: 018CCA2A81151BDCB79F05A37854A50B7E21
Authority key identifier: 92:EC:29:54:76:CA:1D:93:4D:B0:4D:00:24:4F:C5:07:9B:9C:97:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/5Pfq4cE13MRcv6LgeSU8SC-IkIs.roa
Signing time: Tue 02 Jan 2024 12:33:52 +0000
ROA not before: Tue 02 Jan 2024 12:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211997
IP address blocks: 185.233.32.0/24 maxlen: 24
2a10:d780:1::/48 maxlen: 48
2a10:d780:cccc::/48 maxlen: 48
2a10:d780:2::/48 maxlen: 48
2a10:d780::/32 maxlen: 32
2a10:d780::/48 maxlen: 48
2a10:d780:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/kuwpVHbKHZNNsE0AJE_FB5ucl0g.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/kuwpVHbKHZNNsE0AJE_FB5ucl0g.mft
rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:81:15:1b:dc:b7:9f:05:a3:78:54:a5:0b:7e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92ec295476ca1d934db04d00244fc5079b9c9748
Validity
Not Before: Jan 2 12:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4f7eae1c135dcc45cbfa2e079253c482f88908b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b3:69:bd:4c:79:30:8d:b9:50:d4:d0:4d:51:
05:e8:c1:87:be:ac:e6:92:2d:f7:cf:15:6f:ee:75:
cc:35:37:02:3a:63:e8:66:ae:4f:23:97:4e:cb:c0:
fe:78:d5:6c:d3:20:e4:c0:5a:c3:fd:9d:7c:bb:0b:
f8:7c:07:b6:0d:54:ef:aa:b4:14:12:2c:fc:6f:d9:
7e:42:49:44:b2:3d:b2:a0:5c:72:34:1b:4e:80:b4:
ad:12:ac:25:ff:c2:bf:34:d7:89:df:5f:c4:cf:04:
38:d3:0d:4c:c1:c3:00:ee:ab:76:ae:df:96:25:c1:
96:f6:2e:f7:fe:d4:a2:59:11:9d:4a:d2:21:2f:b5:
38:3d:4c:e6:dc:40:3d:9d:f5:18:dd:b7:55:5d:60:
89:fb:71:30:5e:5f:e0:29:02:c5:00:ef:c0:4e:d7:
64:6d:b1:f0:d1:27:ae:29:1d:4f:a7:70:22:2e:37:
f0:5e:0e:78:4f:85:e2:69:51:d7:97:21:be:14:8b:
70:2b:ff:7f:1d:82:36:b0:3f:34:de:5f:b7:81:ef:
ec:40:e1:a1:a6:c3:8d:4d:c7:92:99:6f:ff:a9:43:
92:e7:9c:2e:3b:47:78:1d:9f:56:83:eb:39:90:5f:
5d:da:c2:01:46:a6:28:07:92:fb:3f:59:e7:53:52:
43:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F7:EA:E1:C1:35:DC:C4:5C:BF:A2:E0:79:25:3C:48:2F:88:90:8B
X509v3 Authority Key Identifier:
keyid:92:EC:29:54:76:CA:1D:93:4D:B0:4D:00:24:4F:C5:07:9B:9C:97:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kuwpVHbKHZNNsE0AJE_FB5ucl0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/5Pfq4cE13MRcv6LgeSU8SC-IkIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/58394a-8cf6-4b11-becb-3ba69131458b/1/kuwpVHbKHZNNsE0AJE_FB5ucl0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.32.0/24
IPv6:
2a10:d780::/32
Signature Algorithm: sha256WithRSAEncryption
32:4e:ab:23:58:48:03:b7:08:79:17:e3:29:ff:93:a5:ff:09:
53:17:7c:2f:06:b3:9c:f6:65:0b:1e:f9:cb:cd:dc:79:d1:d6:
ad:96:30:f6:b9:a8:8d:b9:b9:24:7b:95:a1:54:5d:9a:dc:5f:
16:8f:23:7b:9b:75:65:b4:34:7f:7a:ad:f3:0a:48:89:80:2f:
d1:1f:b4:15:12:2d:6d:5d:d7:1a:ff:24:27:83:0d:e0:ca:b2:
51:f5:63:29:d8:ee:56:89:49:32:29:b5:90:43:b0:a7:f3:cc:
dc:eb:d7:a1:b7:7f:be:c8:18:e4:ce:87:de:55:dd:7d:6d:56:
ff:35:c1:d6:59:38:00:18:49:3b:51:e8:e8:05:82:ec:63:3d:
21:23:16:4e:e9:53:2d:94:ac:e8:c8:bf:ff:f0:ba:98:04:ea:
1b:e9:8e:36:03:37:37:c2:67:48:a7:6c:39:33:6f:36:eb:90:
cf:01:11:11:f2:5e:41:58:98:30:06:cf:46:14:6f:55:58:16:
e8:46:ec:c9:ef:f0:66:21:c3:ed:50:cd:2f:91:53:74:09:ff:
8b:e6:03:f4:bf:d9:e3:b0:19:61:e2:14:47:91:7b:da:c6:45:
27:1d:b4:30:87:9f:34:15:e5:24:6a:a5:52:42:bf:db:09:93:
a2:8e:ac:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKoEVG9y3nwWjeFSlC34hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZWMyOTU0NzZjYTFkOTM0ZGIwNGQwMDI0NGZjNTA3OWI5
Yzk3NDgwHhcNMjQwMTAyMTIzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGY3ZWFlMWMxMzVkY2M0NWNiZmEyZTA3OTI1M2M0ODJmODg5MDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLNpvUx5MI25UNTQTVEF6MGHvqzm
ki33zxVv7nXMNTcCOmPoZq5PI5dOy8D+eNVs0yDkwFrD/Z18uwv4fAe2DVTvqrQU
Eiz8b9l+QklEsj2yoFxyNBtOgLStEqwl/8K/NNeJ31/EzwQ40w1MwcMA7qt2rt+W
JcGW9i73/tSiWRGdStIhL7U4PUzm3EA9nfUY3bdVXWCJ+3EwXl/gKQLFAO/ATtdk
bbHw0SeuKR1Pp3AiLjfwXg54T4XiaVHXlyG+FItwK/9/HYI2sD803l+3ge/sQOGh
psONTceSmW//qUOS55wuO0d4HZ9Wg+s5kF9d2sIBRqYoB5L7P1nnU1JDyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOT36uHBNdzEXL+i4HklPEgviJCLMB8GA1UdIwQY
MBaAFJLsKVR2yh2TTbBNACRPxQebnJdIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3V3cFZIYktIWk5Oc0UwQUpFX0ZCNXVjbDBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy81ODM5NGEtOGNmNi00YjExLWJlY2It
M2JhNjkxMzE0NThiLzEvNVBmcTRjRTEzTVJjdjZMZ2VTVThTQy1Ja0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy81ODM5NGEtOGNmNi00YjExLWJlY2ItM2JhNjkxMzE0NThi
LzEva3V3cFZIYktIWk5Oc0UwQUpFX0ZCNXVjbDBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuekgMA0E
AgACMAcDBQAqENeAMA0GCSqGSIb3DQEBCwUAA4IBAQAyTqsjWEgDtwh5F+Mp/5Ol
/wlTF3wvBrOc9mULHvnLzdx50datljD2uaiNubkke5WhVF2a3F8WjyN7m3VltDR/
eq3zCkiJgC/RH7QVEi1tXdca/yQngw3gyrJR9WMp2O5WiUkyKbWQQ7Cn88zc69eh
t3++yBjkzofeVd19bVb/NcHWWTgAGEk7UejoBYLsYz0hIxZO6VMtlKzoyL//8LqY
BOob6Y42Azc3wmdIp2w5M28265DPARER8l5BWJgwBs9GFG9VWBboRuzJ7/BmIcPt
UM0vkVN0Cf+L5gP0v9njsBlh4hRHkXvaxkUnHbQwh580FeUkaqVSQr/bCZOijqz+
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:57:23 2024 by rpki-client on console-ams.rpki-client.org