Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/5ZSGzpXPFOuPVlyNev1OnPRH0cs.roa
File: 5ZSGzpXPFOuPVlyNev1OnPRH0cs.roa (raw, json)
Hash identifier: p9+fT1oHYRiemVzddRdhgYV7cZrU9cRlBu0w3OkICxA=
Subject key identifier: E5:94:86:CE:95:CF:14:EB:8F:56:5C:8D:7A:FD:4E:9C:F4:47:D1:CB
Certificate issuer: /CN=3664e4462a2902a52f826dae38565731efc5bdd3
Certificate serial: 018CC3B687DBD97FE6CFDCF78FBC6D492172
Authority key identifier: 36:64:E4:46:2A:29:02:A5:2F:82:6D:AE:38:56:57:31:EF:C5:BD:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/5ZSGzpXPFOuPVlyNev1OnPRH0cs.roa
Signing time: Mon 01 Jan 2024 06:29:28 +0000
ROA not before: Mon 01 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199265
IP address blocks: 193.17.14.0/24 maxlen: 25
185.69.196.0/22 maxlen: 23
128.0.37.0/24 maxlen: 25
2001:67c:155c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:87:db:d9:7f:e6:cf:dc:f7:8f:bc:6d:49:21:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3664e4462a2902a52f826dae38565731efc5bdd3
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e59486ce95cf14eb8f565c8d7afd4e9cf447d1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:4a:30:34:13:ec:d7:9e:59:b7:94:5e:d3:8b:
05:c6:4f:21:47:59:92:1f:6c:4b:f3:fd:ec:1c:17:
89:13:d3:af:de:d2:61:3e:70:ee:74:d5:7a:d9:d7:
c8:b2:30:42:da:12:82:cd:03:7e:97:45:1f:4e:52:
a2:39:79:5f:80:db:77:4c:ed:7a:bc:72:f0:e9:95:
6c:c0:2b:c3:51:36:34:4e:06:a9:e3:89:36:ec:c9:
3c:d0:28:e4:25:81:53:ef:3c:58:fd:b5:96:23:a0:
43:b8:c8:4e:90:b1:a9:db:3a:44:22:ba:32:f8:ef:
e6:ac:44:f4:dc:88:b4:fa:82:ca:c1:8e:67:a6:4c:
db:01:8b:30:e1:52:ef:00:f2:b4:a0:b8:8a:5d:e0:
7b:d8:f9:58:2c:09:cf:aa:52:d7:7b:89:62:eb:ba:
9e:8f:bb:7a:30:5d:d1:6e:05:8d:57:98:43:c0:43:
ec:e1:ab:32:9e:1a:60:12:42:99:59:2f:4b:9f:cf:
59:97:4d:fb:99:98:48:a8:7b:e8:00:db:02:c9:d7:
0f:36:db:6d:8c:00:b3:54:48:53:47:a6:ba:7b:7c:
38:b6:a3:8e:07:95:b5:43:24:2e:89:8a:23:3e:04:
93:c9:72:db:03:8f:44:ce:8f:c1:03:8e:88:c2:10:
fe:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:94:86:CE:95:CF:14:EB:8F:56:5C:8D:7A:FD:4E:9C:F4:47:D1:CB
X509v3 Authority Key Identifier:
keyid:36:64:E4:46:2A:29:02:A5:2F:82:6D:AE:38:56:57:31:EF:C5:BD:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NmTkRiopAqUvgm2uOFZXMe_FvdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/5ZSGzpXPFOuPVlyNev1OnPRH0cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/ba0085-3060-4c96-90da-a45b1a4ace56/1/NmTkRiopAqUvgm2uOFZXMe_FvdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.37.0/24
185.69.196.0/22
193.17.14.0/24
IPv6:
2001:67c:155c::/48
Signature Algorithm: sha256WithRSAEncryption
3e:76:39:c3:96:c8:48:69:8c:c2:02:5c:75:45:ca:15:24:53:
04:41:de:8a:50:6f:c5:f3:8c:4e:2e:10:dd:6c:da:f1:6d:ea:
d9:9b:f4:59:c1:3e:ea:57:05:1f:0b:5f:f3:8f:a3:d2:d6:13:
1f:59:23:52:b6:5c:7e:31:bd:60:17:52:3d:28:2a:01:8f:45:
0c:8f:b6:1f:46:82:50:ef:c8:0a:4e:af:3c:ac:84:8f:b8:cf:
ad:22:89:f1:b6:e5:5d:ac:09:df:39:8d:b3:7d:99:90:1f:8d:
61:86:33:f8:e4:22:e7:5c:19:65:fe:3a:b0:7e:3e:90:55:98:
80:8c:50:b0:f6:9c:0e:3a:a3:3d:f4:99:6f:e8:64:db:20:d8:
af:05:7b:e9:23:7e:76:01:22:86:e6:a1:b6:93:a7:3f:65:74:
29:61:74:6c:c5:c0:d7:5c:f8:3c:59:ed:38:8a:31:8c:6a:2d:
a1:c6:df:ba:f1:56:31:2f:a0:9f:db:7c:b4:bc:b7:31:39:90:
e4:14:ec:6f:65:59:32:36:39:e5:a6:02:9a:42:6c:c9:49:8e:
c9:8b:12:61:95:c9:2a:2e:ac:d7:27:ed:fd:7d:06:c7:6f:64:
7c:81:c2:75:3a:ac:92:9d:65:20:23:39:cf:1f:e8:ea:cb:8f:
c7:0f:64:15
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzDtofb2X/mz9z3j7xtSSFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2NjRlNDQ2MmEyOTAyYTUyZjgyNmRhZTM4NTY1NzMxZWZj
NWJkZDMwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTk0ODZjZTk1Y2YxNGViOGY1NjVjOGQ3YWZkNGU5Y2Y0NDdkMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUowNBPs155Zt5Re04sFxk8hR1mS
H2xL8/3sHBeJE9Ov3tJhPnDudNV62dfIsjBC2hKCzQN+l0UfTlKiOXlfgNt3TO16
vHLw6ZVswCvDUTY0Tgap44k27Mk80CjkJYFT7zxY/bWWI6BDuMhOkLGp2zpEIroy
+O/mrET03Ii0+oLKwY5npkzbAYsw4VLvAPK0oLiKXeB72PlYLAnPqlLXe4li67qe
j7t6MF3RbgWNV5hDwEPs4asynhpgEkKZWS9Ln89Zl037mZhIqHvoANsCydcPNttt
jACzVEhTR6a6e3w4tqOOB5W1QyQuiYojPgSTyXLbA49Ezo/BA46IwhD+nQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOWUhs6VzxTrj1ZcjXr9Tpz0R9HLMB8GA1UdIwQY
MBaAFDZk5EYqKQKlL4JtrjhWVzHvxb3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm1Ua1Jpb3BBcVV2Z20ydU9GWlhNZV9GdmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9iYTAwODUtMzA2MC00Yzk2LTkwZGEt
YTQ1YjFhNGFjZTU2LzEvNVpTR3pwWFBGT3VQVmx5TmV2MU9uUFJIMGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9iYTAwODUtMzA2MC00Yzk2LTkwZGEtYTQ1YjFhNGFjZTU2
LzEvTm1Ua1Jpb3BBcVV2Z20ydU9GWlhNZV9GdmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAgAAlAwQC
uUXEAwQAwREOMA8EAgACMAkDBwAgAQZ8FVwwDQYJKoZIhvcNAQELBQADggEBAD52
OcOWyEhpjMICXHVFyhUkUwRB3opQb8XzjE4uEN1s2vFt6tmb9FnBPupXBR8LX/OP
o9LWEx9ZI1K2XH4xvWAXUj0oKgGPRQyPth9GglDvyApOrzyshI+4z60iifG25V2s
Cd85jbN9mZAfjWGGM/jkIudcGWX+OrB+PpBVmICMULD2nA46oz30mW/oZNsg2K8F
e+kjfnYBIobmobaTpz9ldClhdGzFwNdc+DxZ7TiKMYxqLaHG37rxVjEvoJ/bfLS8
tzE5kOQU7G9lWTI2OeWmAppCbMlJjsmLEmGVySourNcn7f19BsdvZHyBwnU6rJKd
ZSAjOc8f6OrLj8cPZBU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:54 2024 by rpki-client on console-fra.rpki-client.org