Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/p2VaB0rWtVxoiIio1x05HW1LtrM.roa
File: p2VaB0rWtVxoiIio1x05HW1LtrM.roa (raw, json)
Hash identifier: ymyH8If0K727RJLEfbjCQd70DBvGYf8Mn0pA4eYeQMw=
Subject key identifier: A7:65:5A:07:4A:D6:B5:5C:68:88:88:A8:D7:1D:39:1D:6D:4B:B6:B3
Certificate issuer: /CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Certificate serial: 018CC870F291BE5892B778A45C02CB8F109B
Authority key identifier: 9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/p2VaB0rWtVxoiIio1x05HW1LtrM.roa
Signing time: Tue 02 Jan 2024 04:31:34 +0000
ROA not before: Tue 02 Jan 2024 04:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206483
IP address blocks: 185.185.76.0/24 maxlen: 24
5.180.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:f2:91:be:58:92:b7:78:a4:5c:02:cb:8f:10:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b89b8cf47f7c485d628d0a359a16a815cd004ab
Validity
Not Before: Jan 2 04:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7655a074ad6b55c688888a8d71d391d6d4bb6b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:dc:f4:04:d1:70:94:10:f5:46:c9:d9:9e:43:
fc:8d:c4:d4:72:f5:d8:c7:5c:0b:c3:92:ee:c8:07:
76:7e:85:43:ef:eb:44:de:80:ea:49:e5:f3:7f:7f:
26:11:d3:21:72:dc:4d:bf:fb:4d:cb:68:08:c1:ad:
cb:e7:fe:b0:b3:53:9f:32:b8:de:df:fe:51:62:41:
d9:5c:03:81:81:f6:14:3c:79:16:70:08:6c:7c:36:
ff:07:a8:e4:7b:28:e0:84:63:31:16:63:6d:07:0f:
0e:62:3f:8e:4a:f1:85:b0:5d:9c:fe:46:99:db:73:
1b:89:e5:9d:3e:c4:f9:0e:1a:41:dd:7e:9c:f6:37:
3c:13:ae:51:1d:23:18:e7:04:04:53:e2:80:5c:84:
04:e1:ec:12:d9:89:0c:b4:a8:d4:1e:0d:9e:0c:ac:
ea:a1:77:d3:5d:f5:58:e3:5b:c5:77:8f:e0:cf:18:
22:f3:00:9a:35:9c:57:74:3a:49:d0:6a:9f:fc:4a:
b2:0f:85:17:76:24:b2:76:28:39:80:92:d7:1b:26:
d9:43:8e:19:38:0a:f3:d6:51:75:ea:97:39:bc:25:
f2:45:17:12:43:3a:bb:88:53:67:73:49:87:5f:51:
75:a3:11:53:54:5f:83:c1:71:3e:c1:61:4a:d9:da:
9d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:65:5A:07:4A:D6:B5:5C:68:88:88:A8:D7:1D:39:1D:6D:4B:B6:B3
X509v3 Authority Key Identifier:
keyid:9B:89:B8:CF:47:F7:C4:85:D6:28:D0:A3:59:A1:6A:81:5C:D0:04:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4m4z0f3xIXWKNCjWaFqgVzQBKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/p2VaB0rWtVxoiIio1x05HW1LtrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/757fc5-8029-4828-8547-62e260313e4c/1/m4m4z0f3xIXWKNCjWaFqgVzQBKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.188.0/22
185.185.76.0/24
Signature Algorithm: sha256WithRSAEncryption
01:af:e9:af:74:a4:41:84:db:ed:ab:61:87:5d:01:bc:05:bb:
42:a8:f0:e8:bc:21:9a:71:c7:cc:cb:63:3c:06:f6:09:73:6f:
c0:72:d9:ac:96:1f:19:69:ca:f3:7f:ca:14:16:9b:61:7d:42:
58:33:b1:95:a8:98:8b:ef:6b:e5:f3:8e:58:44:0b:7e:0b:d5:
8b:01:8e:40:8d:24:dc:04:76:2d:17:9e:49:99:35:42:f9:dd:
99:b5:ff:a5:4e:21:f6:c6:7b:62:11:41:18:5d:89:79:7e:db:
d6:6a:bb:ec:5f:70:6f:4f:ff:81:c1:54:cf:13:a3:0c:8d:a9:
e8:5e:97:2b:e4:28:af:59:4e:b5:52:9b:da:39:82:96:d6:09:
02:ad:da:18:9d:49:6b:aa:08:e6:fa:c2:8d:fc:d6:61:4c:e3:
ec:6b:01:75:ac:62:1e:7c:64:c4:80:79:40:01:79:fb:f3:ac:
6b:96:c8:eb:87:cf:2e:2b:cd:bc:60:f0:2d:95:c4:a7:75:d3:
19:65:ef:53:95:93:7e:7a:6e:93:bf:32:e9:e4:b2:16:07:17:
bd:64:20:d2:b8:9a:cb:06:27:b8:ad:8f:1c:f5:05:55:86:43:
0d:04:48:ae:32:b0:5a:d8:0b:dc:02:d3:25:9e:9c:2a:83:6c:
6d:fb:f8:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIcPKRvliSt3ikXALLjxCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODliOGNmNDdmN2M0ODVkNjI4ZDBhMzU5YTE2YTgxNWNk
MDA0YWIwHhcNMjQwMTAyMDQzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzY1NWEwNzRhZDZiNTVjNjg4ODg4YThkNzFkMzkxZDZkNGJiNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndz0BNFwlBD1RsnZnkP8jcTUcvXY
x1wLw5LuyAd2foVD7+tE3oDqSeXzf38mEdMhctxNv/tNy2gIwa3L5/6ws1OfMrje
3/5RYkHZXAOBgfYUPHkWcAhsfDb/B6jkeyjghGMxFmNtBw8OYj+OSvGFsF2c/kaZ
23MbieWdPsT5DhpB3X6c9jc8E65RHSMY5wQEU+KAXIQE4ewS2YkMtKjUHg2eDKzq
oXfTXfVY41vFd4/gzxgi8wCaNZxXdDpJ0Gqf/EqyD4UXdiSydig5gJLXGybZQ44Z
OArz1lF16pc5vCXyRRcSQzq7iFNnc0mHX1F1oxFTVF+DwXE+wWFK2dqdfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKdlWgdK1rVcaIiIqNcdOR1tS7azMB8GA1UdIwQY
MBaAFJuJuM9H98SF1ijQo1mhaoFc0ASrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDct
NjJlMjYwMzEzZTRjLzEvcDJWYUIwcld0VnhvaUlpbzF4MDVIVzFMdHJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83NTdmYzUtODAyOS00ODI4LTg1NDctNjJlMjYwMzEzZTRj
LzEvbTRtNHowZjN4SVhXS05DaldhRnFnVnpRQktzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbS8AwQA
ublMMA0GCSqGSIb3DQEBCwUAA4IBAQABr+mvdKRBhNvtq2GHXQG8BbtCqPDovCGa
ccfMy2M8BvYJc2/Actmslh8Zacrzf8oUFpthfUJYM7GVqJiL72vl845YRAt+C9WL
AY5AjSTcBHYtF55JmTVC+d2Ztf+lTiH2xntiEUEYXYl5ftvWarvsX3BvT/+BwVTP
E6MMjanoXpcr5CivWU61UpvaOYKW1gkCrdoYnUlrqgjm+sKN/NZhTOPsawF1rGIe
fGTEgHlAAXn786xrlsjrh88uK828YPAtlcSnddMZZe9TlZN+em6TvzLp5LIWBxe9
ZCDSuJrLBie4rY8c9QVVhkMNBEiuMrBa2AvcAtMlnpwqg2xt+/i7
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:13:43 2024 by rpki-client on console-ams.rpki-client.org