Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/2d0b47-f026-4f98-9fe9-1bb716427ca9/1/iujXlx3NG7uK79vV1ix0J6cZZak.roa
File: iujXlx3NG7uK79vV1ix0J6cZZak.roa (raw, json)
Hash identifier: fqyUWDYie4zsXrXs9EaGbdVGvjdTu8lHQZwtOfUIoiQ=
Subject key identifier: 8A:E8:D7:97:1D:CD:1B:BB:8A:EF:DB:D5:D6:2C:74:27:A7:19:65:A9
Certificate issuer: /CN=d392f8fc986e9f1d3e4bf05fca9659a0881d7003
Certificate serial: 018CC26D51C70D4B21B023EE403D3B69FD5E
Authority key identifier: D3:92:F8:FC:98:6E:9F:1D:3E:4B:F0:5F:CA:96:59:A0:88:1D:70:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05L4_Jhunx0-S_BfypZZoIgdcAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/2d0b47-f026-4f98-9fe9-1bb716427ca9/1/iujXlx3NG7uK79vV1ix0J6cZZak.roa
Signing time: Mon 01 Jan 2024 00:29:53 +0000
ROA not before: Mon 01 Jan 2024 00:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200487
IP address blocks: 5.188.28.0/22 maxlen: 32
5.183.188.0/22 maxlen: 32
185.105.224.0/22 maxlen: 32
2a01:5a60::/32 maxlen: 128
2a0e:1600::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/2d0b47-f026-4f98-9fe9-1bb716427ca9/1/05L4_Jhunx0-S_BfypZZoIgdcAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/2d0b47-f026-4f98-9fe9-1bb716427ca9/1/05L4_Jhunx0-S_BfypZZoIgdcAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/05L4_Jhunx0-S_BfypZZoIgdcAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:51:c7:0d:4b:21:b0:23:ee:40:3d:3b:69:fd:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d392f8fc986e9f1d3e4bf05fca9659a0881d7003
Validity
Not Before: Jan 1 00:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ae8d7971dcd1bbb8aefdbd5d62c7427a71965a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ca:9a:cf:67:c4:50:e0:0a:df:a2:de:a6:cf:
d8:95:05:be:b0:aa:e6:7d:07:85:e0:49:8b:29:3a:
ea:0d:8d:ce:20:28:c4:d9:97:9e:83:2f:0f:0a:e1:
e8:1a:a5:0c:b6:ad:0a:60:cd:dd:b5:b5:a0:9d:f3:
36:27:16:08:d7:e9:b1:e6:81:ba:63:1e:3e:18:e5:
a7:00:7e:39:cc:0d:d2:02:d5:9c:da:1b:6c:38:57:
c8:bf:c2:f9:f6:df:ee:10:f3:82:82:8a:45:78:ff:
21:1a:dc:5a:5f:a0:82:2f:99:78:11:d5:b6:9f:63:
69:db:87:38:9b:ff:8a:61:98:64:4d:f5:17:eb:43:
e5:b9:2f:db:28:b7:dd:94:f2:7c:82:f1:23:9e:7b:
e8:38:11:ad:8d:e3:94:03:6a:7e:dc:42:91:cb:75:
14:23:56:bd:f6:35:db:16:ec:41:82:d2:2a:31:36:
a8:1e:d8:fb:c7:1a:41:6e:1a:e6:8e:d2:57:0d:f8:
8f:ea:46:fc:d6:ac:f0:17:5c:bb:01:d6:0f:20:9a:
6b:00:ef:0a:a9:16:e1:62:38:52:d6:a3:26:48:4a:
29:23:66:1b:85:f1:71:02:c2:84:fb:8a:45:39:f8:
70:ac:69:db:8b:7a:b4:5a:ff:d6:8c:d9:47:5a:32:
23:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E8:D7:97:1D:CD:1B:BB:8A:EF:DB:D5:D6:2C:74:27:A7:19:65:A9
X509v3 Authority Key Identifier:
keyid:D3:92:F8:FC:98:6E:9F:1D:3E:4B:F0:5F:CA:96:59:A0:88:1D:70:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05L4_Jhunx0-S_BfypZZoIgdcAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2d0b47-f026-4f98-9fe9-1bb716427ca9/1/iujXlx3NG7uK79vV1ix0J6cZZak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/2d0b47-f026-4f98-9fe9-1bb716427ca9/1/05L4_Jhunx0-S_BfypZZoIgdcAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.188.0/22
5.188.28.0/22
185.105.224.0/22
IPv6:
2a01:5a60::/32
2a0e:1600::/32
Signature Algorithm: sha256WithRSAEncryption
6c:d2:97:ef:7a:df:30:92:f6:ff:86:a2:b8:30:77:d5:7c:98:
4f:19:ca:52:a4:89:54:ae:77:f4:2a:0b:d9:fc:27:cc:c5:01:
6b:38:17:8c:92:83:f3:d3:0d:4a:06:47:ae:0c:03:c2:7a:7b:
4b:ff:ef:c3:6e:81:ad:99:67:2b:35:61:10:6d:b4:b6:d5:3b:
08:9a:ba:ca:1a:5d:0a:b1:3c:ce:18:e6:b4:67:e5:6f:d0:99:
69:48:bc:5c:e9:65:22:db:37:44:c3:8f:d4:9b:51:ae:ef:cb:
01:da:5b:a3:31:98:90:14:64:69:ef:0b:4a:d8:5a:2b:a6:67:
b5:ea:87:3d:d6:59:a0:26:ca:ca:5d:a2:62:1e:15:9e:d3:ef:
e0:34:45:b1:3b:1e:55:9d:bd:6d:d4:04:51:8b:e2:2c:e1:06:
6c:63:2a:4b:9d:db:2a:c2:dd:8b:c0:44:20:41:16:ed:e7:b7:
81:ca:08:9a:13:cf:d9:9e:16:47:61:ee:b7:9a:66:48:ea:8c:
b6:65:b5:1d:96:f0:83:0b:76:92:c6:ae:da:66:42:22:77:f7:
f6:08:63:fa:d5:b6:ca:aa:f1:e7:97:22:75:70:84:69:db:0b:
fd:ba:c6:1b:f3:e4:73:31:d7:26:b2:bd:7c:a0:ca:bf:0e:a0:
3a:67:2f:82
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzCbVHHDUshsCPuQD07af1eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzOTJmOGZjOTg2ZTlmMWQzZTRiZjA1ZmNhOTY1OWEwODgx
ZDcwMDMwHhcNMjQwMTAxMDAyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWU4ZDc5NzFkY2QxYmJiOGFlZmRiZDVkNjJjNzQyN2E3MTk2NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8qaz2fEUOAK36Leps/YlQW+sKrm
fQeF4EmLKTrqDY3OICjE2Zeegy8PCuHoGqUMtq0KYM3dtbWgnfM2JxYI1+mx5oG6
Yx4+GOWnAH45zA3SAtWc2htsOFfIv8L59t/uEPOCgopFeP8hGtxaX6CCL5l4EdW2
n2Np24c4m/+KYZhkTfUX60PluS/bKLfdlPJ8gvEjnnvoOBGtjeOUA2p+3EKRy3UU
I1a99jXbFuxBgtIqMTaoHtj7xxpBbhrmjtJXDfiP6kb81qzwF1y7AdYPIJprAO8K
qRbhYjhS1qMmSEopI2YbhfFxAsKE+4pFOfhwrGnbi3q0Wv/WjNlHWjIj1QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIro15cdzRu7iu/b1dYsdCenGWWpMB8GA1UdIwQY
MBaAFNOS+PyYbp8dPkvwX8qWWaCIHXADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDVMNF9KaHVueDAtU19CZnlwWlpvSWdkY0FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8yZDBiNDctZjAyNi00Zjk4LTlmZTkt
MWJiNzE2NDI3Y2E5LzEvaXVqWGx4M05HN3VLNzl2VjFpeDBKNmNaWmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8yZDBiNDctZjAyNi00Zjk4LTlmZTktMWJiNzE2NDI3Y2E5
LzEvMDVMNF9KaHVueDAtU19CZnlwWlpvSWdkY0FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCBbe8AwQC
BbwcAwQCuWngMBQEAgACMA4DBQAqAVpgAwUAKg4WADANBgkqhkiG9w0BAQsFAAOC
AQEAbNKX73rfMJL2/4aiuDB31XyYTxnKUqSJVK539CoL2fwnzMUBazgXjJKD89MN
SgZHrgwDwnp7S//vw26BrZlnKzVhEG20ttU7CJq6yhpdCrE8zhjmtGflb9CZaUi8
XOllIts3RMOP1JtRru/LAdpbozGYkBRkae8LSthaK6ZnteqHPdZZoCbKyl2iYh4V
ntPv4DRFsTseVZ29bdQEUYviLOEGbGMqS53bKsLdi8BEIEEW7ee3gcoImhPP2Z4W
R2Hut5pmSOqMtmW1HZbwgwt2ksau2mZCInf39ghj+tW2yqrx55cidXCEadsL/brG
G/PkczHXJrK9fKDKvw6gOmcvgg==
-----END CERTIFICATE-----
Generated at Sat Dec 28 03:00:24 2024 by rpki-client on console-ams.rpki-client.org