Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/5vFvxm7mqbwGuPGpAEcFyShkfqg.roa
File: 5vFvxm7mqbwGuPGpAEcFyShkfqg.roa (raw, json)
Hash identifier: BSm0XAqoC7jNkNqr2LGDFTxL6tzHUIO2q2QHoGMocTc=
Subject key identifier: E6:F1:6F:C6:6E:E6:A9:BC:06:B8:F1:A9:00:47:05:C9:28:64:7E:A8
Certificate issuer: /CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Certificate serial: 018CC79588706C93533341A6E933225534E4
Authority key identifier: 0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/5vFvxm7mqbwGuPGpAEcFyShkfqg.roa
Signing time: Tue 02 Jan 2024 00:31:54 +0000
ROA not before: Tue 02 Jan 2024 00:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209284
IP address blocks: 185.58.189.0/24 maxlen: 24
185.58.190.0/24 maxlen: 24
185.58.191.0/24 maxlen: 24
185.58.188.0/22 maxlen: 22
185.16.104.0/24 maxlen: 24
185.16.104.0/22 maxlen: 22
185.16.106.0/24 maxlen: 24
185.16.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 21:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:88:70:6c:93:53:33:41:a6:e9:33:22:55:34:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Validity
Not Before: Jan 2 00:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6f16fc66ee6a9bc06b8f1a9004705c928647ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:37:ad:c6:26:f1:78:1d:0a:0f:5f:ea:d7:b8:
1c:75:aa:fd:24:61:62:52:1c:fa:00:41:d2:7b:c7:
69:03:c5:c0:aa:72:15:87:2a:10:07:4d:2d:1a:6d:
61:bf:97:97:46:57:95:77:cb:86:b2:90:ae:10:91:
8a:8d:cf:02:76:27:76:71:73:22:74:65:6e:5a:bd:
ac:c6:53:03:93:e2:b0:6c:ee:61:2a:ab:00:92:f6:
d9:e7:2a:b5:3f:23:66:72:85:07:32:dd:19:1e:eb:
29:79:44:a4:6c:95:7a:b1:54:05:96:02:81:28:9c:
65:c6:cf:10:8d:5e:14:f1:71:7b:0c:07:3a:36:4d:
12:5f:0e:f1:01:8e:3f:73:65:05:a7:91:65:51:28:
2c:d3:8f:6b:f5:ee:bc:9d:b8:ad:e2:72:e2:7e:71:
70:aa:23:00:70:96:e9:8f:6c:6f:06:91:76:27:2e:
9f:f4:39:07:74:17:a3:b2:8a:09:fc:8d:a7:65:b6:
1c:f2:e0:9e:53:b7:b5:12:a4:80:95:0c:07:94:88:
30:b2:a2:3f:61:d1:a4:51:02:82:d9:e2:58:ab:12:
85:1d:25:28:38:be:13:c5:ce:b3:fd:13:ab:1e:e9:
d5:4c:7a:7e:e0:f3:13:05:d0:9a:cb:b7:11:27:66:
87:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:F1:6F:C6:6E:E6:A9:BC:06:B8:F1:A9:00:47:05:C9:28:64:7E:A8
X509v3 Authority Key Identifier:
keyid:0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/5vFvxm7mqbwGuPGpAEcFyShkfqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.16.104.0/22
185.58.188.0/22
Signature Algorithm: sha256WithRSAEncryption
86:2f:ff:b7:0b:ea:bf:ab:99:e5:db:9a:95:f6:13:4f:58:dd:
c2:b0:c7:b7:70:fc:f4:5c:42:b3:3c:52:3a:2e:d6:21:78:d4:
8d:85:c5:a6:29:f2:53:84:2a:95:7d:9a:d8:32:7c:4a:f6:75:
47:0d:ed:53:0b:48:f5:64:18:b8:96:7c:db:9f:68:8a:76:ee:
30:4c:1e:da:71:e9:25:1f:cc:24:4f:47:eb:f0:fb:05:a7:f7:
cd:d2:4b:63:6f:8a:77:78:0f:24:a7:bc:72:48:07:86:87:6b:
4f:51:3d:e0:cd:0a:e5:a6:86:29:23:6c:2d:2c:2a:26:db:76:
3b:5a:ab:c1:d7:e5:4d:3d:2f:d5:61:1a:fd:04:1b:ce:e4:d4:
0e:93:a3:e1:4b:a1:28:94:fa:0a:a1:b6:aa:e4:69:38:53:19:
b2:5a:14:ab:93:78:85:6f:71:45:ab:eb:55:7f:91:64:f4:10:
df:91:a0:38:a2:05:86:ce:62:47:94:0c:80:99:3b:ee:b8:49:
13:2c:48:b0:e7:e0:13:aa:43:3d:10:13:0e:3b:8d:1d:f6:9c:
2c:fa:e6:5a:9d:d2:21:a2:57:54:c0:f3:50:37:76:18:4d:86:
9e:8d:8f:6f:2e:75:29:0a:8d:69:db:1e:87:81:0b:1f:38:33:
74:33:58:f7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlYhwbJNTM0Gm6TMiVTTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjgxZDllODllMmM0NzEzMjFkOTY3ZjcwOTIwOTRkYWRm
ZTJhYTgwHhcNMjQwMTAyMDAzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmYxNmZjNjZlZTZhOWJjMDZiOGYxYTkwMDQ3MDVjOTI4NjQ3ZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjetxibxeB0KD1/q17gcdar9JGFi
Uhz6AEHSe8dpA8XAqnIVhyoQB00tGm1hv5eXRleVd8uGspCuEJGKjc8Cdid2cXMi
dGVuWr2sxlMDk+KwbO5hKqsAkvbZ5yq1PyNmcoUHMt0ZHuspeUSkbJV6sVQFlgKB
KJxlxs8QjV4U8XF7DAc6Nk0SXw7xAY4/c2UFp5FlUSgs049r9e68nbit4nLifnFw
qiMAcJbpj2xvBpF2Jy6f9DkHdBejsooJ/I2nZbYc8uCeU7e1EqSAlQwHlIgwsqI/
YdGkUQKC2eJYqxKFHSUoOL4Txc6z/ROrHunVTHp+4PMTBdCay7cRJ2aHJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFObxb8Zu5qm8BrjxqQBHBckoZH6oMB8GA1UdIwQY
MBaAFA74HZ6J4sRxMh2Wf3CSCU2t/iqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUt
MDc1ZjI0ZTRiZTcxLzEvNXZGdnhtN21xYndHdVBHcEFFY0Z5U2hrZnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUtMDc1ZjI0ZTRiZTcx
LzEvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRBoAwQC
uTq8MA0GCSqGSIb3DQEBCwUAA4IBAQCGL/+3C+q/q5nl25qV9hNPWN3CsMe3cPz0
XEKzPFI6LtYheNSNhcWmKfJThCqVfZrYMnxK9nVHDe1TC0j1ZBi4lnzbn2iKdu4w
TB7aceklH8wkT0fr8PsFp/fN0ktjb4p3eA8kp7xySAeGh2tPUT3gzQrlpoYpI2wt
LCom23Y7WqvB1+VNPS/VYRr9BBvO5NQOk6PhS6EolPoKobaq5Gk4UxmyWhSrk3iF
b3FFq+tVf5Fk9BDfkaA4ogWGzmJHlAyAmTvuuEkTLEiw5+ATqkM9EBMOO40d9pws
+uZandIholdUwPNQN3YYTYaejY9vLnUpCo1p2x6HgQsfODN0M1j3
-----END CERTIFICATE-----
Generated at Thu May 30 03:59:41 2024 by rpki-client on console-fra.rpki-client.org