Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LejT6uDOYXSHFNfGHvicKAsiqh8.roa
File: LejT6uDOYXSHFNfGHvicKAsiqh8.roa (raw, json)
Hash identifier: n1SvIoG7nk13Z2qJuqUtXr0qa3EZQMvbcnxDb67TWck=
Subject key identifier: 2D:E8:D3:EA:E0:CE:61:74:87:14:D7:C6:1E:F8:9C:28:0B:22:AA:1F
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 018F76C7542B10761DA2903E70AA92CC84E6
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LejT6uDOYXSHFNfGHvicKAsiqh8.roa
Signing time: Tue 14 May 2024 11:05:25 +0000
ROA not before: Tue 14 May 2024 11:05:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35761
IP address blocks: 185.58.20.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:c7:54:2b:10:76:1d:a2:90:3e:70:aa:92:cc:84:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: May 14 11:05:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2de8d3eae0ce61748714d7c61ef89c280b22aa1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:82:fa:e4:93:7a:1c:c8:0f:cc:8f:c8:bb:b4:
74:27:19:53:14:51:1e:28:e1:f6:2b:a8:70:d5:cc:
84:2c:a5:1a:fa:59:74:ae:bb:f5:79:2f:5e:4f:41:
70:4b:26:63:38:02:66:6f:a8:00:2a:c5:a3:94:9f:
6a:8a:a4:b7:14:4a:67:4a:1a:a8:26:8e:35:41:34:
88:6d:01:bd:86:82:5e:08:c3:de:10:e0:19:67:4a:
a5:29:8c:c0:86:a2:0b:39:48:24:ea:c7:9d:60:98:
cc:8b:05:c0:c3:4f:4f:e3:29:64:b7:80:1c:d3:2b:
b4:2f:01:b9:c6:2e:39:6c:16:b2:9f:5b:eb:64:e3:
62:16:a3:88:47:44:fb:47:4e:65:d7:82:74:3d:1d:
09:b2:1e:90:fd:98:d6:9b:fe:bd:b0:50:19:21:9f:
fa:2d:68:a2:c6:da:47:85:3f:bf:ad:c6:6b:d8:9c:
ae:00:4d:4c:66:89:b9:26:49:f1:81:d4:e7:24:d5:
a9:a5:41:e1:02:0e:db:73:31:10:69:f1:dc:72:30:
d4:8c:27:0f:56:47:1b:d0:fe:87:78:40:05:cf:a9:
ea:60:da:16:ab:e2:53:da:07:08:76:56:f1:1b:3c:
1f:16:7a:b4:f9:02:7e:63:06:b5:54:47:3c:9d:f8:
30:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E8:D3:EA:E0:CE:61:74:87:14:D7:C6:1E:F8:9C:28:0B:22:AA:1F
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LejT6uDOYXSHFNfGHvicKAsiqh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.20.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:ba:cc:1e:ae:a3:0d:82:b6:8e:33:be:f4:51:d7:cf:4d:68:
98:f0:c3:4d:1a:60:4c:18:6e:c0:95:5d:ea:12:fb:61:90:e5:
b5:c2:75:b6:78:92:76:2c:3f:41:4a:a0:72:4b:88:89:14:45:
01:37:6c:d0:c4:fe:c3:06:d8:48:cf:f2:d9:19:75:bd:21:d2:
36:db:62:d6:51:8a:db:9e:1f:be:00:c6:db:6f:46:ba:8c:90:
74:f6:20:4e:04:bf:61:83:c6:12:03:f5:62:88:95:12:db:43:
58:90:bb:a3:ee:0c:7a:7a:fe:c7:4c:95:3d:e9:88:2a:e5:c7:
fd:97:33:c2:8c:99:0c:26:2c:bd:55:3d:c5:28:95:70:18:64:
b1:95:3a:ed:3b:22:c3:01:1c:9c:1d:cf:73:9b:4f:20:e5:21:
25:06:a7:e2:53:61:95:2e:cc:a0:09:c6:4a:a7:70:37:b1:39:
7c:69:de:88:21:0e:3b:05:cd:ae:8b:7b:2b:3e:7c:63:8c:13:
d6:f4:b2:ae:87:b5:56:f7:3b:e1:7a:86:12:90:63:b7:7a:4b:
2e:f0:6f:96:ce:bd:69:ad:8c:23:df:46:89:09:33:43:2a:19:
07:53:5c:f9:78:62:8e:b0:f2:6e:b0:01:8e:e8:53:97:f8:54:
f0:8c:18:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY92x1QrEHYdopA+cKqSzITmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwNTE0MTEwNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU4ZDNlYWUwY2U2MTc0ODcxNGQ3YzYxZWY4OWMyODBiMjJhYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIL65JN6HMgPzI/Iu7R0JxlTFFEe
KOH2K6hw1cyELKUa+ll0rrv1eS9eT0FwSyZjOAJmb6gAKsWjlJ9qiqS3FEpnShqo
Jo41QTSIbQG9hoJeCMPeEOAZZ0qlKYzAhqILOUgk6sedYJjMiwXAw09P4ylkt4Ac
0yu0LwG5xi45bBayn1vrZONiFqOIR0T7R05l14J0PR0Jsh6Q/ZjWm/69sFAZIZ/6
LWiixtpHhT+/rcZr2JyuAE1MZom5JknxgdTnJNWppUHhAg7bczEQafHccjDUjCcP
Vkcb0P6HeEAFz6nqYNoWq+JT2gcIdlbxGzwfFnq0+QJ+Ywa1VEc8nfgwBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3o0+rgzmF0hxTXxh74nCgLIqofMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvTGVqVDZ1RE9ZWFNIRk5mR0h2aWNLQXNpcWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuToUMA0G
CSqGSIb3DQEBCwUAA4IBAQCNuswerqMNgraOM770UdfPTWiY8MNNGmBMGG7AlV3q
EvthkOW1wnW2eJJ2LD9BSqByS4iJFEUBN2zQxP7DBthIz/LZGXW9IdI222LWUYrb
nh++AMbbb0a6jJB09iBOBL9hg8YSA/ViiJUS20NYkLuj7gx6ev7HTJU96Ygq5cf9
lzPCjJkMJiy9VT3FKJVwGGSxlTrtOyLDARycHc9zm08g5SElBqfiU2GVLsygCcZK
p3A3sTl8ad6IIQ47Bc2ui3srPnxjjBPW9LKuh7VW9zvheoYSkGO3eksu8G+Wzr1p
rYwj30aJCTNDKhkHU1z5eGKOsPJusAGO6FOX+FTwjBhI
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:04:07 2024 by rpki-client on console-fra.rpki-client.org