Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/5Pt2NN4TjG1ObQ7gbMwFin75nGU.roa
File: 5Pt2NN4TjG1ObQ7gbMwFin75nGU.roa (raw, json)
Hash identifier: SYC4JjB8iYvq1MPcQjRzJXbnTPipD6dZgTgza7z/dac=
Subject key identifier: E4:FB:76:34:DE:13:8C:6D:4E:6D:0E:E0:6C:CC:05:8A:7E:F9:9C:65
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 018CC801A5B28A0C1992DE924C0F7A53BE32
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/5Pt2NN4TjG1ObQ7gbMwFin75nGU.roa
Signing time: Tue 02 Jan 2024 02:30:00 +0000
ROA not before: Tue 02 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34863
IP address blocks: 85.204.24.0/23 maxlen: 24
85.204.21.0/24 maxlen: 24
85.204.20.0/23 maxlen: 24
85.204.25.0/24 maxlen: 24
81.23.34.0/24 maxlen: 24
81.23.33.0/24 maxlen: 24
81.23.32.0/20 maxlen: 24
89.35.96.0/20 maxlen: 24
185.63.48.0/22 maxlen: 24
185.252.195.0/24 maxlen: 24
46.226.128.0/21 maxlen: 24
185.2.252.0/22 maxlen: 24
188.94.202.0/23 maxlen: 23
188.94.201.0/24 maxlen: 24
188.94.200.0/24 maxlen: 24
188.94.200.0/21 maxlen: 24
188.94.206.0/24 maxlen: 24
188.94.204.0/22 maxlen: 22
2a00:fc8::/32 maxlen: 32
2a00:7820::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.mft
rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a5:b2:8a:0c:19:92:de:92:4c:0f:7a:53:be:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Jan 2 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4fb7634de138c6d4e6d0ee06ccc058a7ef99c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:57:73:e4:ef:09:43:c4:74:f6:18:84:b5:0d:
79:ea:fa:c4:46:e1:96:a0:be:b6:36:e7:ad:22:53:
7a:04:86:f6:9e:36:9a:94:86:e5:2f:c6:7d:d5:1a:
76:20:d1:e2:ed:f9:9e:35:c0:36:10:58:f0:48:4e:
d9:c9:e0:6d:26:2a:b0:b9:6d:28:4f:b3:94:33:2a:
ce:e1:d0:24:12:e0:53:c0:d4:11:e4:a7:a6:b2:ac:
f6:25:02:fd:f8:70:45:49:d7:24:50:1d:aa:0d:6b:
47:55:f2:2b:46:fe:46:14:08:ec:e7:bd:e2:ad:d7:
4b:83:e8:b4:04:f3:6c:b1:72:a5:65:e1:15:16:ed:
ca:09:2f:0f:3c:ac:bb:27:a7:0d:77:13:18:2d:29:
65:df:0d:27:23:7f:eb:93:e1:c5:f7:1a:96:77:a8:
da:ff:57:6d:c2:97:5d:8e:82:78:04:e9:cd:af:b9:
46:fd:18:bc:d5:85:f5:b2:dd:9f:ed:70:82:d3:ac:
31:da:49:0a:7d:fe:0f:a6:8f:5c:53:5b:f6:d6:c7:
ef:fa:ee:6f:63:e5:10:f1:9c:09:96:64:37:a2:5f:
45:b7:46:5a:ff:66:30:b2:16:fb:23:7e:6c:15:d8:
6f:1d:2b:21:76:7e:7c:5e:a7:ae:7c:4b:67:13:0b:
c8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:FB:76:34:DE:13:8C:6D:4E:6D:0E:E0:6C:CC:05:8A:7E:F9:9C:65
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/5Pt2NN4TjG1ObQ7gbMwFin75nGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.128.0/21
81.23.32.0/20
85.204.20.0/23
85.204.24.0/23
89.35.96.0/20
185.2.252.0/22
185.63.48.0/22
185.252.195.0/24
188.94.200.0/21
IPv6:
2a00:fc8::/32
2a00:7820::/32
Signature Algorithm: sha256WithRSAEncryption
32:4d:f1:cc:96:b1:a5:6e:2f:e4:c4:b9:36:35:25:8d:bf:b3:
ac:42:2d:69:cf:5b:69:26:20:f4:22:dc:8e:1d:2f:12:d3:0e:
be:aa:5c:6c:11:d0:fd:93:70:26:dc:29:84:75:30:b0:fd:89:
b7:01:3b:5d:86:1a:0f:9d:9d:a1:e1:8d:30:37:e5:0f:39:96:
97:d8:cb:8a:df:a7:ae:79:70:8c:ae:e8:d3:b0:f5:9f:80:5e:
6c:41:12:72:22:22:a2:d2:af:6f:05:7e:78:06:09:22:ea:a5:
20:8b:9a:6a:04:97:b3:ec:34:dc:0d:36:fa:ac:da:3b:bc:4c:
54:23:24:17:86:33:f6:e4:96:44:21:84:93:b0:1b:c0:b5:b3:
f6:91:8e:ab:e9:c7:5f:9c:54:d3:f2:e6:da:16:81:85:ae:d2:
7b:18:ae:da:98:c1:a4:6f:84:07:4b:3a:32:47:b3:f9:82:27:
e0:0e:d3:45:40:40:4d:6d:aa:ed:e9:d2:26:95:47:8c:c1:22:
eb:14:f6:fa:09:09:b5:33:29:3b:50:0b:17:dd:59:ba:18:ec:
06:87:ac:cf:58:b2:05:c7:a3:9b:1e:4b:99:68:87:6b:fb:eb:
a6:9d:d3:e0:fb:6e:19:fa:8d:bb:cf:cb:1b:5d:20:67:7b:d3:
8b:ce:cd:9f
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYzIAaWyigwZkt6STA96U74yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjMzMzg4YTdhNWNmZTlhN2NhMTlmZDc0YzkyMmRjYjEy
NTY5ZDMwHhcNMjQwMTAyMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGZiNzYzNGRlMTM4YzZkNGU2ZDBlZTA2Y2NjMDU4YTdlZjk5YzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1dz5O8JQ8R09hiEtQ156vrERuGW
oL62NuetIlN6BIb2njaalIblL8Z91Rp2INHi7fmeNcA2EFjwSE7ZyeBtJiqwuW0o
T7OUMyrO4dAkEuBTwNQR5Kemsqz2JQL9+HBFSdckUB2qDWtHVfIrRv5GFAjs573i
rddLg+i0BPNssXKlZeEVFu3KCS8PPKy7J6cNdxMYLSll3w0nI3/rk+HF9xqWd6ja
/1dtwpddjoJ4BOnNr7lG/Ri81YX1st2f7XCC06wx2kkKff4Ppo9cU1v21sfv+u5v
Y+UQ8ZwJlmQ3ol9Ft0Za/2Ywshb7I35sFdhvHSshdn58XqeufEtnEwvIyQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFOT7djTeE4xtTm0O4GzMBYp++ZxlMB8GA1UdIwQY
MBaAFHJjM4inpc/pp8oZ/XTJItyxJWnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5Yzct
MTM4Yzg0MTdhZTkzLzEvNVB0Mk5ONFRqRzFPYlE3Z2JNd0Zpbjc1bkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5YzctMTM4Yzg0MTdhZTkz
LzEvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQDLuKAAwQE
URcgAwQBVcwUAwQBVcwYAwQEWSNgAwQCuQL8AwQCuT8wAwQAufzDAwQDvF7IMBQE
AgACMA4DBQAqAA/IAwUAKgB4IDANBgkqhkiG9w0BAQsFAAOCAQEAMk3xzJaxpW4v
5MS5NjUljb+zrEItac9baSYg9CLcjh0vEtMOvqpcbBHQ/ZNwJtwphHUwsP2JtwE7
XYYaD52doeGNMDflDzmWl9jLit+nrnlwjK7o07D1n4BebEESciIiotKvbwV+eAYJ
IuqlIIuaagSXs+w03A02+qzaO7xMVCMkF4Yz9uSWRCGEk7AbwLWz9pGOq+nHX5xU
0/Lm2haBha7Sexiu2pjBpG+EB0s6Mkez+YIn4A7TRUBATW2q7enSJpVHjMEi6xT2
+gkJtTMpO1ALF91ZuhjsBoesz1iyBcejmx5LmWiHa/vrpp3T4PtuGfqNu8/LG10g
Z3vTi87Nnw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:42:22 2024 by rpki-client on console-ams.rpki-client.org