Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/pSBQe5y7CwgZA5VjtUH-0UnTOj4.roa
File: pSBQe5y7CwgZA5VjtUH-0UnTOj4.roa (raw, json)
Hash identifier: iLEgeoQtr8YO7bJclfG+oJXKF95mRUaEaJJZk635kD8=
Subject key identifier: A5:20:50:7B:9C:BB:0B:08:19:03:95:63:B5:41:FE:D1:49:D3:3A:3E
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 018CC56EB4375B382B4FFDEAD4C0A151FC2F
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/pSBQe5y7CwgZA5VjtUH-0UnTOj4.roa
Signing time: Mon 01 Jan 2024 14:30:15 +0000
ROA not before: Mon 01 Jan 2024 14:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 37.19.64.0/22 maxlen: 24
37.19.68.0/22 maxlen: 24
185.145.52.0/24 maxlen: 24
5.249.176.0/22 maxlen: 24
5.249.184.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b4:37:5b:38:2b:4f:fd:ea:d4:c0:a1:51:fc:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Jan 1 14:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a520507b9cbb0b0819039563b541fed149d33a3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b3:0f:1d:5e:74:2b:7f:2c:52:fb:5e:0c:68:
ee:4b:5f:1b:5c:e2:fb:c3:91:88:7b:4e:1a:65:74:
a8:c7:ff:d2:5f:83:21:5b:50:e7:d3:9d:41:2e:fb:
de:ee:77:cc:e3:58:84:ff:be:ab:79:e6:ad:82:5f:
48:96:d7:6e:8b:75:19:a1:90:cb:99:dc:18:c5:29:
05:a0:17:be:f1:86:d2:0e:4d:58:8d:71:af:6a:2d:
19:03:7b:fe:37:0a:85:b8:36:6b:23:08:80:63:b2:
3d:ee:17:1b:16:f2:b0:aa:41:49:5f:d5:9c:49:ed:
a2:21:b4:66:a4:60:08:e7:76:ae:62:df:d9:20:5c:
c3:0e:35:98:c8:39:78:b6:d2:b3:e8:47:dc:82:db:
04:a1:e1:6d:b7:56:de:43:4d:64:ea:d9:32:eb:c7:
eb:d9:c2:77:0c:60:6f:02:93:f3:f6:d8:15:12:39:
22:9f:6c:af:9f:e1:4d:68:64:92:1e:8d:fb:07:9d:
2e:6f:f7:fe:67:e3:2e:0c:60:7b:3b:d6:16:6d:04:
a4:ca:ad:4e:96:01:3a:a4:45:d2:95:31:b0:80:5c:
6f:42:65:f7:cb:06:ab:ef:e6:f9:94:d8:81:d6:d8:
df:40:8b:6d:dc:5c:8f:74:0a:cb:2c:1d:c9:db:02:
28:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:20:50:7B:9C:BB:0B:08:19:03:95:63:B5:41:FE:D1:49:D3:3A:3E
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/pSBQe5y7CwgZA5VjtUH-0UnTOj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.176.0/22
5.249.184.0/22
37.19.64.0/21
185.145.52.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:0c:0b:05:28:71:29:2c:a3:54:75:16:1c:9d:7a:08:da:70:
b8:4e:ec:5c:66:15:82:3e:8f:fc:f3:26:04:e7:6c:d8:29:23:
a6:4e:54:a8:c4:10:0c:c2:14:dc:62:40:58:36:b0:45:a7:9d:
9a:c5:62:99:8c:aa:f3:f2:82:cc:5c:61:40:59:df:c8:a7:e7:
4c:a1:6d:90:49:f8:b4:bf:56:1e:37:16:7c:88:b3:19:5f:80:
dc:b0:b5:6e:4a:34:d3:99:10:82:c1:7a:7c:cf:0a:98:28:8c:
79:99:01:d2:37:dd:16:c6:6b:67:10:ff:a2:0d:ec:26:57:39:
22:97:cf:27:10:09:1b:cc:d1:52:aa:fa:25:13:37:36:e5:cb:
35:73:59:4b:a9:e1:62:22:f7:d4:8c:48:bb:81:f6:89:18:17:
06:c5:95:30:a7:61:34:dc:2d:f0:98:20:12:3b:59:55:99:e0:
b9:52:ad:c9:83:15:9b:81:f1:01:69:8d:9b:68:9a:32:8c:6b:
24:5a:0a:40:26:e4:e9:51:5e:a6:ec:14:f3:1a:b3:7b:f3:d5:
3f:7e:19:59:f3:be:fb:e6:e3:01:74:68:c7:d2:c3:3e:1b:a1:
f7:de:d9:f3:d8:59:8f:b3:3a:fb:c5:c6:5a:89:49:44:93:2b:
84:fd:c4:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbrQ3WzgrT/3q1MChUfwvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjQwMTAxMTQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTIwNTA3YjljYmIwYjA4MTkwMzk1NjNiNTQxZmVkMTQ5ZDMzYTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrMPHV50K38sUvteDGjuS18bXOL7
w5GIe04aZXSox//SX4MhW1Dn051BLvve7nfM41iE/76reeatgl9Iltdui3UZoZDL
mdwYxSkFoBe+8YbSDk1YjXGvai0ZA3v+NwqFuDZrIwiAY7I97hcbFvKwqkFJX9Wc
Se2iIbRmpGAI53auYt/ZIFzDDjWYyDl4ttKz6EfcgtsEoeFtt1beQ01k6tky68fr
2cJ3DGBvApPz9tgVEjkin2yvn+FNaGSSHo37B50ub/f+Z+MuDGB7O9YWbQSkyq1O
lgE6pEXSlTGwgFxvQmX3ywar7+b5lNiB1tjfQItt3FyPdArLLB3J2wIoFwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKUgUHucuwsIGQOVY7VB/tFJ0zo+MB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvcFNCUWU1eTdDd2daQTVWanRVSC0wVW5UT2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBfmwAwQC
Bfm4AwQDJRNAAwQAuZE0MA0GCSqGSIb3DQEBCwUAA4IBAQDPDAsFKHEpLKNUdRYc
nXoI2nC4TuxcZhWCPo/88yYE52zYKSOmTlSoxBAMwhTcYkBYNrBFp52axWKZjKrz
8oLMXGFAWd/Ip+dMoW2QSfi0v1YeNxZ8iLMZX4DcsLVuSjTTmRCCwXp8zwqYKIx5
mQHSN90WxmtnEP+iDewmVzkil88nEAkbzNFSqvolEzc25cs1c1lLqeFiIvfUjEi7
gfaJGBcGxZUwp2E03C3wmCASO1lVmeC5Uq3JgxWbgfEBaY2baJoyjGskWgpAJuTp
UV6m7BTzGrN789U/fhlZ87775uMBdGjH0sM+G6H33tnz2FmPszr7xcZaiUlEkyuE
/cRG
-----END CERTIFICATE-----
Generated at Mon May 6 06:46:07 2024 by rpki-client on console-ams.rpki-client.org