Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/ortJgJetUsVkgfmcbU9JV0W3HMM.roa
File: ortJgJetUsVkgfmcbU9JV0W3HMM.roa (raw, json)
Hash identifier: CAZla01NSJYd2Tu3mOxHyTiyKw77i0iqcRvx4W+WaFA=
Subject key identifier: A2:BB:49:80:97:AD:52:C5:64:81:F9:9C:6D:4F:49:57:45:B7:1C:C3
Certificate issuer: /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial: 018CC3B6E599F0A2D93AC4CACE9BFF529D23
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/ortJgJetUsVkgfmcbU9JV0W3HMM.roa
Signing time: Mon 01 Jan 2024 06:29:52 +0000
ROA not before: Mon 01 Jan 2024 06:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201019
IP address blocks: 188.33.128.0/17 maxlen: 17
5.173.224.0/19 maxlen: 19
5.173.224.0/20 maxlen: 20
188.33.64.0/18 maxlen: 18
185.89.184.0/22 maxlen: 22
5.173.240.0/20 maxlen: 20
188.33.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 14:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e5:99:f0:a2:d9:3a:c4:ca:ce:9b:ff:52:9d:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Validity
Not Before: Jan 1 06:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2bb498097ad52c56481f99c6d4f495745b71cc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:24:46:d1:01:24:45:3b:aa:5d:72:69:73:35:
af:62:90:aa:6e:53:5e:0a:ec:47:3d:14:4f:82:4a:
de:f3:31:94:c3:5f:fd:30:d5:55:1d:62:de:c7:ae:
f0:14:75:dd:44:92:2c:6c:e0:20:15:bf:f7:b0:73:
2c:18:ac:65:53:db:67:ab:2d:2a:71:39:d2:9a:19:
1b:60:16:14:24:7b:b2:81:b1:85:f6:65:05:90:d2:
2b:b1:71:7c:94:64:a5:34:fe:4a:83:bb:65:30:ae:
8a:06:3c:93:71:90:e7:f6:a3:aa:4e:1b:44:c1:ce:
66:bb:87:1a:7f:c4:a0:1a:33:6f:1b:9e:cc:aa:8e:
c2:21:ad:78:5c:11:81:15:ef:f8:66:2b:59:bf:99:
8c:88:6c:a2:e4:c1:a1:85:7b:4b:75:a0:7f:38:46:
40:b2:22:86:be:62:fb:a1:8b:b1:d9:db:de:d3:20:
01:b4:f9:c9:73:bf:b2:d3:2f:aa:11:83:af:4d:c5:
45:b4:d7:6e:30:ab:7b:65:b6:fc:73:fc:9f:41:30:
7d:78:0c:d8:3e:1f:35:96:a9:ad:20:5b:c6:86:7c:
08:b0:31:8e:97:a6:02:29:50:44:9a:86:07:ed:db:
34:b0:77:46:e7:2d:7e:22:d2:b4:80:00:e2:f2:63:
4c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BB:49:80:97:AD:52:C5:64:81:F9:9C:6D:4F:49:57:45:B7:1C:C3
X509v3 Authority Key Identifier:
keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/ortJgJetUsVkgfmcbU9JV0W3HMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.173.224.0/19
185.89.184.0/22
188.33.0.0/16
Signature Algorithm: sha256WithRSAEncryption
82:0c:5c:4e:be:3a:f0:ba:22:a0:06:46:89:f8:f3:2c:3e:bc:
51:36:ee:2a:57:ee:36:e9:eb:27:f0:b6:6e:84:78:73:d2:fa:
dc:6e:f0:45:3d:02:57:b7:0d:c3:c1:f0:00:73:f7:8e:c0:12:
ff:87:4f:b2:9a:64:b3:1f:19:80:04:90:88:47:b8:d8:29:41:
22:70:26:ec:2b:65:ef:5a:09:26:02:61:5c:41:f1:31:63:32:
b4:bb:cd:1d:2a:52:6c:e4:28:81:5e:49:9e:9e:f5:8e:5a:26:
96:af:02:a8:2a:0c:73:7d:91:53:2b:3c:8f:8c:99:86:b1:37:
0e:58:30:25:37:97:48:b0:85:65:8d:8b:29:e1:7a:d6:61:9e:
c0:83:82:86:bb:57:f4:31:37:37:76:5a:05:2c:3d:9c:cb:b4:
c2:ea:75:fe:38:5c:21:ab:67:65:b9:58:f0:d7:b0:97:7b:8b:
f7:ad:eb:19:95:0b:63:fc:69:ce:4d:56:4c:31:40:0c:a9:14:
f9:ac:06:e7:a5:75:1b:35:ff:49:b8:ec:5e:54:a2:8d:22:03:
f9:96:4c:08:d3:c9:00:0f:b8:fe:aa:13:68:b9:e0:68:b8:3f:
d3:c8:23:d1:dc:d9:e9:69:18:15:10:21:66:6a:1b:49:45:a6:
a6:12:a6:a4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzDtuWZ8KLZOsTKzpv/Up0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWMwN2M5NTE0ODhmMDRjYjNiMGZkMzM4YWY4NGQ3N2U0
NmJmNTIwHhcNMjQwMTAxMDYyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJiNDk4MDk3YWQ1MmM1NjQ4MWY5OWM2ZDRmNDk1NzQ1YjcxY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyRG0QEkRTuqXXJpczWvYpCqblNe
CuxHPRRPgkre8zGUw1/9MNVVHWLex67wFHXdRJIsbOAgFb/3sHMsGKxlU9tnqy0q
cTnSmhkbYBYUJHuygbGF9mUFkNIrsXF8lGSlNP5Kg7tlMK6KBjyTcZDn9qOqThtE
wc5mu4caf8SgGjNvG57Mqo7CIa14XBGBFe/4ZitZv5mMiGyi5MGhhXtLdaB/OEZA
siKGvmL7oYux2dve0yABtPnJc7+y0y+qEYOvTcVFtNduMKt7Zbb8c/yfQTB9eAzY
Ph81lqmtIFvGhnwIsDGOl6YCKVBEmoYH7ds0sHdG5y1+ItK0gADi8mNMFQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFKK7SYCXrVLFZIH5nG1PSVdFtxzDMB8GA1UdIwQY
MBaAFOYcB8lRSI8EyzsP0zivhNd+Rr9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWIt
NmE4NDc3Y2I2YzJhLzEvb3J0SmdKZXRVc1ZrZ2ZtY2JVOUpWMFczSE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWItNmE4NDc3Y2I2YzJh
LzEvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQFBa3gAwQC
uVm4AwMAvCEwDQYJKoZIhvcNAQELBQADggEBAIIMXE6+OvC6IqAGRon48yw+vFE2
7ipX7jbp6yfwtm6EeHPS+txu8EU9Ale3DcPB8ABz947AEv+HT7KaZLMfGYAEkIhH
uNgpQSJwJuwrZe9aCSYCYVxB8TFjMrS7zR0qUmzkKIFeSZ6e9Y5aJpavAqgqDHN9
kVMrPI+MmYaxNw5YMCU3l0iwhWWNiynhetZhnsCDgoa7V/QxNzd2WgUsPZzLtMLq
df44XCGrZ2W5WPDXsJd7i/et6xmVC2P8ac5NVkwxQAypFPmsBueldRs1/0m47F5U
oo0iA/mWTAjTyQAPuP6qE2i54Gi4P9PII9Hc2elpGBUQIWZqG0lFpqYSpqQ=
-----END CERTIFICATE-----
Generated at Wed May 15 17:02:23 2024 by rpki-client on console-ams.rpki-client.org