Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/2G5SHmiyWYA6j5_iP7sEYbRGuIY.roa
File: 2G5SHmiyWYA6j5_iP7sEYbRGuIY.roa (raw, json)
Hash identifier: rN7OGOGMQW0WUejDMAnXjo2AEyZDJ46FZX053VqFdnA=
Subject key identifier: D8:6E:52:1E:68:B2:59:80:3A:8F:9F:E2:3F:BB:04:61:B4:46:B8:86
Certificate issuer: /CN=57e2b86a33c9f97214536d8ca2919d7f3c3800ce
Certificate serial: 018CC56EC85258479744CBFC5341D6724AFA
Authority key identifier: 57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V-K4ajPJ-XIUU22MopGdfzw4AM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/2G5SHmiyWYA6j5_iP7sEYbRGuIY.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28878
IP address blocks: 185.42.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/V-K4ajPJ-XIUU22MopGdfzw4AM4.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/V-K4ajPJ-XIUU22MopGdfzw4AM4.mft
rsync://rpki.ripe.net/repository/DEFAULT/V-K4ajPJ-XIUU22MopGdfzw4AM4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 14:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c8:52:58:47:97:44:cb:fc:53:41:d6:72:4a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57e2b86a33c9f97214536d8ca2919d7f3c3800ce
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d86e521e68b259803a8f9fe23fbb0461b446b886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:25:2a:b1:08:4a:1c:32:39:60:2f:dd:1d:57:
e0:de:7d:30:bc:ce:01:30:77:f3:cd:7b:4b:41:cc:
df:03:45:0e:94:e5:e5:cd:27:2f:93:16:e4:09:f4:
6e:37:20:a7:c7:8b:d5:d4:de:fc:86:a0:2e:7e:e5:
e2:b3:2b:b6:33:80:96:d3:82:4e:84:9f:de:55:a6:
76:06:ed:a9:3f:23:2f:5e:23:51:e4:ca:6f:03:9e:
96:06:f8:4d:92:13:39:1e:78:31:2b:a3:ea:5b:7d:
fe:9f:17:42:47:08:04:6b:13:05:89:cd:bc:52:76:
3c:27:c9:e2:39:70:d2:d8:0a:16:a5:5f:2f:92:ed:
9d:e1:d8:25:3c:a0:45:95:c6:00:fb:46:89:0d:99:
5b:31:f1:e8:9a:f8:20:7a:a7:e7:c0:9c:02:1c:28:
23:22:2d:cb:70:f8:21:73:0a:6f:89:af:79:c9:00:
04:ac:90:00:34:c1:b2:b5:3b:e4:60:e3:1e:08:cb:
3b:ef:d1:e7:34:dd:d4:34:8a:11:9c:f2:7c:9f:41:
5b:a3:69:88:6a:9d:6b:52:a5:f1:7b:8c:0d:89:d6:
d4:73:74:6f:c8:d6:03:83:0a:26:46:50:7f:d8:50:
c4:54:26:6c:7f:c6:c7:f4:a7:f6:39:e0:bf:9c:37:
fa:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6E:52:1E:68:B2:59:80:3A:8F:9F:E2:3F:BB:04:61:B4:46:B8:86
X509v3 Authority Key Identifier:
keyid:57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V-K4ajPJ-XIUU22MopGdfzw4AM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/2G5SHmiyWYA6j5_iP7sEYbRGuIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/V-K4ajPJ-XIUU22MopGdfzw4AM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.72.0/22
Signature Algorithm: sha256WithRSAEncryption
49:3a:10:6d:9c:55:ce:c8:5f:3a:14:03:db:2b:36:4a:82:ba:
1e:c2:6b:b4:bb:23:64:f9:93:d8:e4:9c:99:00:86:f0:01:84:
e7:ca:76:cc:b6:83:9b:1f:99:6b:1b:f8:39:03:6c:42:f6:85:
6d:58:a9:43:a7:3f:0e:62:b1:ce:42:ae:48:b3:2e:72:94:18:
c5:b6:b7:9e:93:6f:cb:f4:01:09:cb:f4:bc:c0:3f:bd:71:52:
b8:e4:8e:89:19:4e:cb:02:59:8b:3d:1e:d9:62:2b:57:a6:06:
5b:9c:fc:14:52:e2:64:33:5b:28:1e:67:8e:c0:c7:43:52:b0:
29:cb:89:23:65:6c:ba:04:7a:2c:ef:ba:d3:a9:3e:99:4c:26:
e0:dd:f8:92:cd:73:a1:bb:76:28:5a:3c:2e:3d:ce:7c:dd:7a:
e1:1b:6c:16:55:14:b0:bf:96:ad:e4:c3:ca:ac:27:de:ae:9a:
39:94:e8:e2:03:de:de:4d:54:70:70:46:77:d7:21:b2:05:ae:
68:5e:6b:5a:b3:3f:1d:f3:23:4b:ce:39:e7:94:36:f5:a5:0d:
d1:20:31:e9:df:b6:18:75:4b:c8:73:b8:5b:ff:2f:a8:36:2e:
eb:ed:a8:45:7d:09:73:7b:f0:10:55:b0:b0:78:36:86:51:8d:
08:dd:15:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbshSWEeXRMv8U0HWckr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ZTJiODZhMzNjOWY5NzIxNDUzNmQ4Y2EyOTE5ZDdmM2Mz
ODAwY2UwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZlNTIxZTY4YjI1OTgwM2E4ZjlmZTIzZmJiMDQ2MWI0NDZiODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliUqsQhKHDI5YC/dHVfg3n0wvM4B
MHfzzXtLQczfA0UOlOXlzScvkxbkCfRuNyCnx4vV1N78hqAufuXisyu2M4CW04JO
hJ/eVaZ2Bu2pPyMvXiNR5MpvA56WBvhNkhM5HngxK6PqW33+nxdCRwgEaxMFic28
UnY8J8niOXDS2AoWpV8vku2d4dglPKBFlcYA+0aJDZlbMfHomvggeqfnwJwCHCgj
Ii3LcPghcwpvia95yQAErJAANMGytTvkYOMeCMs779HnNN3UNIoRnPJ8n0Fbo2mI
ap1rUqXxe4wNidbUc3RvyNYDgwomRlB/2FDEVCZsf8bH9Kf2OeC/nDf6NwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhuUh5oslmAOo+f4j+7BGG0RriGMB8GA1UdIwQY
MBaAFFfiuGozyflyFFNtjKKRnX88OADOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVi1LNGFqUEotWElVVTIyTW9wR2Rmenc0QU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi82MTQ5YTUtYzhkZS00YzYxLWJlYjct
MjIwMTIwM2EwYmFiLzEvMkc1U0htaXlXWUE2ajVfaVA3c0VZYlJHdUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi82MTQ5YTUtYzhkZS00YzYxLWJlYjctMjIwMTIwM2EwYmFi
LzEvVi1LNGFqUEotWElVVTIyTW9wR2Rmenc0QU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSpIMA0G
CSqGSIb3DQEBCwUAA4IBAQBJOhBtnFXOyF86FAPbKzZKgroewmu0uyNk+ZPY5JyZ
AIbwAYTnynbMtoObH5lrG/g5A2xC9oVtWKlDpz8OYrHOQq5Isy5ylBjFtreek2/L
9AEJy/S8wD+9cVK45I6JGU7LAlmLPR7ZYitXpgZbnPwUUuJkM1soHmeOwMdDUrAp
y4kjZWy6BHos77rTqT6ZTCbg3fiSzXOhu3YoWjwuPc583XrhG2wWVRSwv5at5MPK
rCferpo5lOjiA97eTVRwcEZ31yGyBa5oXmtasz8d8yNLzjnnlDb1pQ3RIDHp37YY
dUvIc7hb/y+oNi7r7ahFfQlze/AQVbCweDaGUY0I3RVX
-----END CERTIFICATE-----
Generated at Wed Jun 26 20:50:29 2024 by rpki-client on console-ams.rpki-client.org