Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/5CQStpCUSk0ZfZpfFcrWgicKBt8.roa
File: 5CQStpCUSk0ZfZpfFcrWgicKBt8.roa (raw, json)
Hash identifier: fECfcykV0j3rVFPF433Y4LD2pnpbCe0Q8dT3lDc1NPc=
Subject key identifier: E4:24:12:B6:90:94:4A:4D:19:7D:9A:5F:15:CA:D6:82:27:0A:06:DF
Certificate issuer: /CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Certificate serial: 018CC9BBDBD3C7A19475DDEC563B77EA6309
Authority key identifier: B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/5CQStpCUSk0ZfZpfFcrWgicKBt8.roa
Signing time: Tue 02 Jan 2024 10:33:01 +0000
ROA not before: Tue 02 Jan 2024 10:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60422
IP address blocks: 188.116.39.0/24 maxlen: 24
185.31.76.0/22 maxlen: 22
2a00:b920::/40 maxlen: 40
2a00:b920::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:db:d3:c7:a1:94:75:dd:ec:56:3b:77:ea:63:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Validity
Not Before: Jan 2 10:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e42412b690944a4d197d9a5f15cad682270a06df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c9:b5:e5:4c:60:11:d8:18:90:8a:91:e6:86:
84:36:b3:b1:dc:af:0b:34:ce:37:81:3f:c9:e1:1a:
3b:58:69:3a:17:1b:f0:67:fa:0f:5b:b9:88:d6:a3:
ff:6d:b4:e0:06:08:81:8d:6d:91:fd:c3:5a:1b:b6:
fd:ae:76:4c:56:dd:16:31:9a:b1:4d:51:a9:3e:bc:
e4:8f:07:85:ea:dc:36:f9:bb:44:67:14:d6:17:0b:
7c:c1:bb:fd:dc:98:a7:0f:1c:19:c9:75:74:51:66:
91:cb:67:72:9a:f4:30:62:02:a1:00:5f:d7:51:2d:
0d:9c:42:f6:22:8f:9e:84:8c:0f:0d:5b:f5:ec:da:
4d:19:50:f3:42:b7:83:e2:a2:36:43:b0:28:bb:e2:
05:d8:29:be:b2:f4:94:46:8e:40:91:36:69:95:f9:
45:b8:51:11:5b:c7:46:57:76:cb:2b:1d:01:ed:3b:
cb:19:20:a5:4d:0b:eb:94:39:9f:e1:c7:e1:62:a9:
00:0f:91:04:41:e7:7d:05:2b:da:6c:88:1d:d2:09:
bc:c0:e2:b3:a8:1e:6c:eb:ff:f2:3f:66:dd:32:c8:
5e:2f:be:d7:ee:90:bd:a6:7c:ca:27:86:76:89:9c:
b9:86:53:95:fb:24:df:f4:ec:1b:07:5f:ff:5e:24:
6d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:24:12:B6:90:94:4A:4D:19:7D:9A:5F:15:CA:D6:82:27:0A:06:DF
X509v3 Authority Key Identifier:
keyid:B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/5CQStpCUSk0ZfZpfFcrWgicKBt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.76.0/22
188.116.39.0/24
IPv6:
2a00:b920::/32
Signature Algorithm: sha256WithRSAEncryption
18:f5:22:f2:c0:4b:45:90:87:f2:c7:1a:03:c5:6e:4f:d9:a5:
99:86:64:63:af:4e:4b:ea:60:2a:18:06:e7:38:83:7b:5a:dd:
32:45:39:d9:df:45:2b:eb:4c:63:6b:af:bf:d5:e0:82:16:b0:
44:1f:a4:cf:41:73:47:aa:68:c8:83:ff:92:17:eb:23:bd:4f:
06:5b:35:b4:09:a9:a5:99:ee:3b:3a:17:59:75:16:42:12:4e:
b8:04:32:5e:ba:44:fa:e9:e4:96:b1:bc:a0:34:cd:c4:8f:55:
42:67:3e:22:e9:bb:90:9f:ec:ef:57:33:66:38:9e:50:2c:01:
c6:1c:8e:c5:87:be:eb:cc:12:95:3c:28:fd:65:74:af:ae:47:
c3:56:26:24:e0:8d:35:7b:4e:58:10:6e:42:19:a1:38:52:11:
91:ba:bf:9d:06:3a:f1:58:58:29:bb:44:32:d3:b3:ba:7d:78:
0c:60:b1:16:c8:f0:da:b2:18:b4:e9:d3:5c:a1:47:b6:9f:7d:
c7:fc:f7:46:01:aa:3b:0f:a1:c0:64:1c:8f:4b:0b:b4:8c:12:
d2:2e:f8:b9:98:c5:c5:1d:fb:f1:56:21:f2:54:5e:7b:17:ed:
78:bc:a2:41:98:5e:2f:8e:09:20:3f:ce:6b:3e:cc:a3:f5:42:
c4:1f:11:3d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJu9vTx6GUdd3sVjt36mMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyODdmZjJhNzMzZTMzYmVhZjUzNDk0YTkwZWVjMTUyYmJj
NzU4YmMwHhcNMjQwMTAyMTAzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDI0MTJiNjkwOTQ0YTRkMTk3ZDlhNWYxNWNhZDY4MjI3MGEwNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksm15UxgEdgYkIqR5oaENrOx3K8L
NM43gT/J4Ro7WGk6FxvwZ/oPW7mI1qP/bbTgBgiBjW2R/cNaG7b9rnZMVt0WMZqx
TVGpPrzkjweF6tw2+btEZxTWFwt8wbv93JinDxwZyXV0UWaRy2dymvQwYgKhAF/X
US0NnEL2Io+ehIwPDVv17NpNGVDzQreD4qI2Q7Aou+IF2Cm+svSURo5AkTZplflF
uFERW8dGV3bLKx0B7TvLGSClTQvrlDmf4cfhYqkAD5EEQed9BSvabIgd0gm8wOKz
qB5s6//yP2bdMsheL77X7pC9pnzKJ4Z2iZy5hlOV+yTf9OwbB1//XiRtZQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOQkEraQlEpNGX2aXxXK1oInCgbfMB8GA1UdIwQY
MBaAFLKH/ypzPjO+r1NJSpDuwVK7x1i8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYt
NGY1ZWMwYTdlMDA2LzEvNUNRU3RwQ1VTazBaZlpwZkZjcldnaWNLQnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9jYjIxNTEtMDVjYS00YTc2LTg1OWYtNGY1ZWMwYTdlMDA2
LzEvc29mX0tuTS1NNzZ2VTBsS2tPN0JVcnZIV0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuR9MAwQA
vHQnMA0EAgACMAcDBQAqALkgMA0GCSqGSIb3DQEBCwUAA4IBAQAY9SLywEtFkIfy
xxoDxW5P2aWZhmRjr05L6mAqGAbnOIN7Wt0yRTnZ30Ur60xja6+/1eCCFrBEH6TP
QXNHqmjIg/+SF+sjvU8GWzW0Camlme47OhdZdRZCEk64BDJeukT66eSWsbygNM3E
j1VCZz4i6buQn+zvVzNmOJ5QLAHGHI7Fh77rzBKVPCj9ZXSvrkfDViYk4I01e05Y
EG5CGaE4UhGRur+dBjrxWFgpu0Qy07O6fXgMYLEWyPDashi06dNcoUe2n33H/PdG
Aao7D6HAZByPSwu0jBLSLvi5mMXFHfvxViHyVF57F+14vKJBmF4vjgkgP85rPsyj
9ULEHxE9
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:49:36 2024 by rpki-client on console-fra.rpki-client.org