Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/eLgtPNOoCWERLKHaS265moBIwMc.roa
File: eLgtPNOoCWERLKHaS265moBIwMc.roa (raw, json)
Hash identifier: OGZp0apqZRDkyoy/UKZYqfPhi6Oo4/Cy/JD3PB4TY5Q=
Subject key identifier: 78:B8:2D:3C:D3:A8:09:61:11:2C:A1:DA:4B:6E:B9:9A:80:48:C0:C7
Certificate issuer: /CN=425bf4375f17a0357019690301f9419324ff7d44
Certificate serial: 018CC8713F400EA32DDF66492AA78D1CD41F
Authority key identifier: 42:5B:F4:37:5F:17:A0:35:70:19:69:03:01:F9:41:93:24:FF:7D:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qlv0N18XoDVwGWkDAflBkyT_fUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/eLgtPNOoCWERLKHaS265moBIwMc.roa
Signing time: Tue 02 Jan 2024 04:31:53 +0000
ROA not before: Tue 02 Jan 2024 04:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35435
IP address blocks: 185.6.64.0/24 maxlen: 24
185.6.66.0/24 maxlen: 24
185.6.67.0/24 maxlen: 24
185.183.132.0/24 maxlen: 24
185.183.134.0/24 maxlen: 24
185.183.135.0/24 maxlen: 24
185.183.133.0/24 maxlen: 24
185.169.201.0/24 maxlen: 24
185.169.202.0/24 maxlen: 24
185.169.200.0/24 maxlen: 24
185.164.192.0/24 maxlen: 24
185.169.203.0/24 maxlen: 24
185.164.195.0/24 maxlen: 24
185.164.193.0/24 maxlen: 24
185.164.194.0/24 maxlen: 24
2a02:cf80:3::/48 maxlen: 48
2a02:cf80:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/Qlv0N18XoDVwGWkDAflBkyT_fUQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/Qlv0N18XoDVwGWkDAflBkyT_fUQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qlv0N18XoDVwGWkDAflBkyT_fUQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 22:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:3f:40:0e:a3:2d:df:66:49:2a:a7:8d:1c:d4:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=425bf4375f17a0357019690301f9419324ff7d44
Validity
Not Before: Jan 2 04:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78b82d3cd3a80961112ca1da4b6eb99a8048c0c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5f:54:67:2f:73:a7:6a:4a:c8:e0:a2:18:a6:
78:9a:22:e5:d9:b7:9e:14:e3:d8:bc:96:66:b7:a3:
35:2c:83:44:2b:5c:09:eb:d4:09:58:eb:8a:a6:5d:
22:1e:06:92:05:72:c2:28:c2:b3:d0:6b:45:2f:61:
11:2f:91:d4:59:5c:95:f1:09:18:99:15:25:ee:d0:
f4:23:48:4f:2a:27:49:9c:31:32:cb:68:95:33:4d:
30:7b:b6:04:4a:4c:a7:1a:d0:75:a8:dc:d9:78:ea:
51:a2:1b:11:b3:cc:cc:5d:9b:08:21:b4:21:a4:1f:
5b:a5:99:e0:f4:fe:aa:6f:de:3d:d5:9f:01:b8:6f:
e5:3c:c9:44:ec:aa:ac:ff:4d:cb:fc:5a:b0:f5:ee:
d8:f7:72:5c:d3:a6:72:9b:00:ed:38:c2:da:23:89:
c8:29:77:19:2c:44:58:ec:a6:1d:db:14:85:12:54:
8c:fc:30:d4:0e:c5:98:3b:7f:95:f6:9c:4c:9d:b5:
dc:25:ac:5c:5e:2f:b1:92:53:29:b6:c7:06:0e:bf:
85:a2:1e:19:df:50:85:09:90:20:43:c5:c3:00:62:
ab:15:7b:7c:98:3b:e7:38:11:39:6e:d1:31:e2:ae:
df:df:1e:17:c4:6a:6d:64:7d:f7:2b:97:d5:c9:c3:
ce:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:B8:2D:3C:D3:A8:09:61:11:2C:A1:DA:4B:6E:B9:9A:80:48:C0:C7
X509v3 Authority Key Identifier:
keyid:42:5B:F4:37:5F:17:A0:35:70:19:69:03:01:F9:41:93:24:FF:7D:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qlv0N18XoDVwGWkDAflBkyT_fUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/eLgtPNOoCWERLKHaS265moBIwMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/Qlv0N18XoDVwGWkDAflBkyT_fUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.64.0/24
185.6.66.0/23
185.164.192.0/22
185.169.200.0/22
185.183.132.0/22
IPv6:
2a02:cf80:3::-2a02:cf80:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5b:6f:f7:8e:15:f4:2c:c4:fb:0c:7b:98:cc:2c:c9:c4:1d:fe:
02:d8:ca:e7:bd:f3:b8:75:a9:35:0e:69:bf:29:6a:a1:74:10:
de:db:d9:88:55:9b:47:08:aa:36:66:47:7a:ea:af:da:cb:bc:
25:a4:fb:ca:ef:2e:ce:d2:87:f9:3f:4b:c7:f0:60:cb:28:ce:
aa:6a:b2:a5:34:ca:c4:05:4a:08:e5:ea:c5:09:6a:bc:db:b0:
ba:5a:6d:b6:7f:05:f9:2f:04:ef:fc:3e:7f:1e:35:b7:cf:11:
2c:b8:38:3e:fc:06:4f:c3:eb:7c:c2:8e:88:f0:91:1c:d9:26:
e4:55:81:2d:4c:94:af:cf:17:ec:03:24:7c:17:0a:e0:6c:ca:
5d:fb:fd:96:0d:c6:dc:d8:6f:1e:20:11:93:ff:11:5e:b3:52:
1c:7a:73:13:cf:83:69:ec:b6:57:85:35:9e:ee:05:93:58:46:
84:00:ca:0d:72:15:86:e1:e6:3b:c6:f3:34:36:e0:b1:b3:70:
06:7e:41:ed:bf:13:3c:ae:b5:75:3b:fd:a4:7c:4b:3a:cd:e5:
5d:2b:9d:4e:c0:71:e8:e0:54:9e:82:3c:c4:9a:74:0e:35:97:
c9:e1:99:ae:5d:94:5c:10:3c:9a:0e:2e:e7:21:5d:64:25:d9:
01:87:d4:d9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzIcT9ADqMt32ZJKqeNHNQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNWJmNDM3NWYxN2EwMzU3MDE5NjkwMzAxZjk0MTkzMjRm
ZjdkNDQwHhcNMjQwMTAyMDQzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGI4MmQzY2QzYTgwOTYxMTEyY2ExZGE0YjZlYjk5YTgwNDhjMGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl9UZy9zp2pKyOCiGKZ4miLl2bee
FOPYvJZmt6M1LINEK1wJ69QJWOuKpl0iHgaSBXLCKMKz0GtFL2ERL5HUWVyV8QkY
mRUl7tD0I0hPKidJnDEyy2iVM00we7YESkynGtB1qNzZeOpRohsRs8zMXZsIIbQh
pB9bpZng9P6qb9491Z8BuG/lPMlE7Kqs/03L/Fqw9e7Y93Jc06ZymwDtOMLaI4nI
KXcZLERY7KYd2xSFElSM/DDUDsWYO3+V9pxMnbXcJaxcXi+xklMptscGDr+Foh4Z
31CFCZAgQ8XDAGKrFXt8mDvnOBE5btEx4q7f3x4XxGptZH33K5fVycPONQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFHi4LTzTqAlhESyh2ktuuZqASMDHMB8GA1UdIwQY
MBaAFEJb9DdfF6A1cBlpAwH5QZMk/31EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWx2ME4xOFhvRFZ3R1drREFmbEJreVRfZlVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMjhhNzUtZDUzZi00ZTlmLTgyZGQt
ZjBlZDhmZTgyYjk3LzEvZUxndFBOT29DV0VSTEtIYVMyNjVtb0JJd01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMjhhNzUtZDUzZi00ZTlmLTgyZGQtZjBlZDhmZTgyYjk3
LzEvUWx2ME4xOFhvRFZ3R1drREFmbEJreVRfZlVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAkBAIAATAeAwQAuQZAAwQB
uQZCAwQCuaTAAwQCuanIAwQCubeEMBoEAgACMBQwEgMHACoCz4AAAwMHACoCz4AA
BDANBgkqhkiG9w0BAQsFAAOCAQEAW2/3jhX0LMT7DHuYzCzJxB3+AtjK573zuHWp
NQ5pvylqoXQQ3tvZiFWbRwiqNmZHeuqv2su8JaT7yu8uztKH+T9Lx/BgyyjOqmqy
pTTKxAVKCOXqxQlqvNuwulpttn8F+S8E7/w+fx41t88RLLg4PvwGT8PrfMKOiPCR
HNkm5FWBLUyUr88X7AMkfBcK4GzKXfv9lg3G3NhvHiARk/8RXrNSHHpzE8+Daey2
V4U1nu4Fk1hGhADKDXIVhuHmO8bzNDbgsbNwBn5B7b8TPK61dTv9pHxLOs3lXSud
TsBx6OBUnoI8xJp0DjWXyeGZrl2UXBA8mg4u5yFdZCXZAYfU2Q==
-----END CERTIFICATE-----
Generated at Fri Jun 28 07:26:08 2024 by rpki-client on console-fra.rpki-client.org