Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/4oOEQee0fkbDVSgoMXZytyZ9te4.roa
File: 4oOEQee0fkbDVSgoMXZytyZ9te4.roa (raw, json)
Hash identifier: SQgl4G/bnyq9yZRiAgz9GFLvXzeOwXG/jLiFaraXAsc=
Subject key identifier: E2:83:84:41:E7:B4:7E:46:C3:55:28:28:31:76:72:B7:26:7D:B5:EE
Certificate issuer: /CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Certificate serial: 018CC3B6A944E1D9DF479BB41319F6A5A8FB
Authority key identifier: 2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/4oOEQee0fkbDVSgoMXZytyZ9te4.roa
Signing time: Mon 01 Jan 2024 06:29:37 +0000
ROA not before: Mon 01 Jan 2024 06:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.51.220.0/22 maxlen: 22
5.1.104.0/21 maxlen: 21
212.15.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a9:44:e1:d9:df:47:9b:b4:13:19:f6:a5:a8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d28cfa3fd2da9caaa659284758dee67099934f8
Validity
Not Before: Jan 1 06:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e2838441e7b47e46c3552828317672b7267db5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:27:64:73:ab:98:54:47:02:26:f5:88:43:48:
f3:73:53:c7:f0:35:ab:47:c1:ab:9b:1c:a2:67:63:
51:be:80:be:98:ca:bb:c0:b6:3f:cd:67:87:3a:94:
b8:d6:f0:9c:77:b8:cc:58:d1:4e:01:7f:f9:29:81:
3e:26:af:71:47:1e:22:f8:4f:b5:d6:c4:25:67:15:
58:75:b8:79:7b:92:5e:ab:8a:d5:fe:38:78:77:e1:
b1:3c:db:da:8d:0f:99:32:60:61:fc:43:68:f8:97:
e9:f0:03:84:23:d8:c2:97:20:31:d3:90:17:96:d2:
65:23:65:ee:ef:bd:09:c5:e1:ab:0a:18:9b:79:3a:
75:cc:20:c8:d5:61:ab:9b:a6:97:a3:a5:95:51:02:
d1:a7:4c:89:b4:6c:5b:40:e0:59:f0:4c:0f:d1:df:
10:ba:e6:bf:35:1d:80:a5:bc:bf:2e:31:22:d5:f9:
93:50:5e:e6:37:bd:8e:56:74:f2:6d:26:95:79:51:
2c:43:56:a9:71:1a:cb:c5:cb:40:01:5e:08:ef:53:
68:6f:a7:e5:15:9c:20:44:50:5b:59:dc:d9:fb:67:
7e:75:5c:a3:e9:7a:90:5c:b1:cd:ea:c5:1d:26:92:
31:fd:b5:c1:3b:15:62:99:57:c2:55:6a:49:98:3f:
c4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:83:84:41:E7:B4:7E:46:C3:55:28:28:31:76:72:B7:26:7D:B5:EE
X509v3 Authority Key Identifier:
keyid:2D:28:CF:A3:FD:2D:A9:CA:AA:65:92:84:75:8D:EE:67:09:99:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSjPo_0tqcqqZZKEdY3uZwmZNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/4oOEQee0fkbDVSgoMXZytyZ9te4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/febab0-d93a-4704-9a71-3ad52e8b9628/1/LSjPo_0tqcqqZZKEdY3uZwmZNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.104.0/21
185.51.220.0/22
212.15.80.0/21
Signature Algorithm: sha256WithRSAEncryption
7b:d2:bc:36:e5:f0:f3:6c:d6:4d:65:5e:c2:4f:84:a8:91:1a:
7b:af:9e:91:0c:28:ac:e5:7a:54:99:46:b7:41:5d:7e:77:32:
56:85:0e:ee:c5:85:0b:cf:e1:1e:f9:79:7c:ed:0a:dc:ae:d6:
44:bb:9f:13:87:8b:3b:37:7d:d3:7c:50:7c:58:64:86:0c:69:
cd:4f:05:d0:28:f1:6a:93:7e:b3:8a:5e:fb:91:4c:4b:e6:b8:
ba:e1:90:09:90:17:a3:bd:06:52:f5:c1:28:3e:e5:57:8a:2c:
91:a5:2e:d2:99:08:60:00:51:11:5d:2f:26:5c:2f:cc:f6:6a:
c2:da:36:fd:cc:c4:87:3c:7e:2d:f3:51:06:bd:a4:b6:e9:f7:
06:e1:fb:64:6f:7a:35:1b:7a:be:db:68:a5:b9:db:b4:b9:f9:
61:4e:b7:51:29:2d:fc:d0:a8:9e:e8:12:80:06:15:aa:51:99:
db:14:57:1e:e1:bc:f4:03:59:86:33:9b:d4:3a:c6:1a:60:58:
ed:63:d3:03:a9:05:19:40:9a:b8:1f:78:51:24:57:df:b4:09:
99:4d:34:56:b4:16:c5:f4:29:b0:77:73:51:7f:ed:cc:4e:04:
f5:d3:9c:7f:0b:88:10:68:33:88:89:46:9e:ea:61:f4:d6:9b:
ff:5b:95:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtqlE4dnfR5u0Exn2paj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMjhjZmEzZmQyZGE5Y2FhYTY1OTI4NDc1OGRlZTY3MDk5
OTM0ZjgwHhcNMjQwMTAxMDYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjgzODQ0MWU3YjQ3ZTQ2YzM1NTI4MjgzMTc2NzJiNzI2N2RiNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSdkc6uYVEcCJvWIQ0jzc1PH8DWr
R8GrmxyiZ2NRvoC+mMq7wLY/zWeHOpS41vCcd7jMWNFOAX/5KYE+Jq9xRx4i+E+1
1sQlZxVYdbh5e5Jeq4rV/jh4d+GxPNvajQ+ZMmBh/ENo+Jfp8AOEI9jClyAx05AX
ltJlI2Xu770JxeGrChibeTp1zCDI1WGrm6aXo6WVUQLRp0yJtGxbQOBZ8EwP0d8Q
uua/NR2Apby/LjEi1fmTUF7mN72OVnTybSaVeVEsQ1apcRrLxctAAV4I71Nob6fl
FZwgRFBbWdzZ+2d+dVyj6XqQXLHN6sUdJpIx/bXBOxVimVfCVWpJmD/E4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOKDhEHntH5Gw1UoKDF2crcmfbXuMB8GA1UdIwQY
MBaAFC0oz6P9LanKqmWShHWN7mcJmTT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEt
M2FkNTJlOGI5NjI4LzEvNG9PRVFlZTBma2JEVlNnb01YWnl0eVo5dGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZWJhYjAtZDkzYS00NzA0LTlhNzEtM2FkNTJlOGI5NjI4
LzEvTFNqUG9fMHRxY3FxWlpLRWRZM3Vad21aTlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBQFoAwQC
uTPcAwQD1A9QMA0GCSqGSIb3DQEBCwUAA4IBAQB70rw25fDzbNZNZV7CT4SokRp7
r56RDCis5XpUmUa3QV1+dzJWhQ7uxYULz+Ee+Xl87QrcrtZEu58Th4s7N33TfFB8
WGSGDGnNTwXQKPFqk36zil77kUxL5ri64ZAJkBejvQZS9cEoPuVXiiyRpS7SmQhg
AFERXS8mXC/M9mrC2jb9zMSHPH4t81EGvaS26fcG4ftkb3o1G3q+22iludu0uflh
TrdRKS380Kie6BKABhWqUZnbFFce4bz0A1mGM5vUOsYaYFjtY9MDqQUZQJq4H3hR
JFfftAmZTTRWtBbF9Cmwd3NRf+3MTgT105x/C4gQaDOIiUae6mH01pv/W5WI
-----END CERTIFICATE-----
Generated at Fri May 3 01:28:43 2024 by rpki-client on console-ams.rpki-client.org