Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/gd27tVbGe-yAyIXZmobAoAMsexM.roa
File: gd27tVbGe-yAyIXZmobAoAMsexM.roa (raw, json)
Hash identifier: Ynya2/3KbG6CIntXGZccV3BJKcRGQM9vW4l8fnxkr2k=
Subject key identifier: 81:DD:BB:B5:56:C6:7B:EC:80:C8:85:D9:9A:86:C0:A0:03:2C:7B:13
Certificate issuer: /CN=5bb5f05f12b52076868eefcd14afcec192fe2cf2
Certificate serial: 018CC4253F56757B8534A71D8DCECDBB04F3
Authority key identifier: 5B:B5:F0:5F:12:B5:20:76:86:8E:EF:CD:14:AF:CE:C1:92:FE:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W7XwXxK1IHaGju_NFK_OwZL-LPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/gd27tVbGe-yAyIXZmobAoAMsexM.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57869
IP address blocks: 185.36.70.0/23 maxlen: 23
185.36.68.0/23 maxlen: 23
185.36.68.0/22 maxlen: 22
5.154.228.0/23 maxlen: 23
5.154.168.0/23 maxlen: 23
5.154.250.0/23 maxlen: 23
5.154.248.0/23 maxlen: 23
5.154.248.0/22 maxlen: 22
82.118.0.0/20 maxlen: 20
82.118.0.0/22 maxlen: 22
82.118.4.0/22 maxlen: 22
82.118.3.0/24 maxlen: 24
82.118.2.0/24 maxlen: 24
82.118.11.0/24 maxlen: 24
82.118.10.0/24 maxlen: 24
82.118.9.0/24 maxlen: 24
82.118.8.0/24 maxlen: 24
82.118.7.0/24 maxlen: 24
82.118.8.0/22 maxlen: 22
82.118.6.0/24 maxlen: 24
82.118.5.0/24 maxlen: 24
82.118.14.0/23 maxlen: 23
82.118.12.0/23 maxlen: 23
213.91.96.0/22 maxlen: 22
213.91.104.0/22 maxlen: 22
213.91.100.0/22 maxlen: 22
213.91.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/W7XwXxK1IHaGju_NFK_OwZL-LPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/W7XwXxK1IHaGju_NFK_OwZL-LPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/W7XwXxK1IHaGju_NFK_OwZL-LPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3f:56:75:7b:85:34:a7:1d:8d:ce:cd:bb:04:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bb5f05f12b52076868eefcd14afcec192fe2cf2
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81ddbbb556c67bec80c885d99a86c0a0032c7b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:18:02:8d:7e:ce:05:38:e2:a8:c1:14:b0:22:
37:ff:db:ac:62:ee:d4:aa:f3:10:aa:5b:73:08:db:
81:aa:1e:89:05:e9:27:4f:f7:90:4b:9c:5e:93:2a:
48:db:c8:81:3b:b6:ad:46:80:a5:b1:d7:dc:25:17:
cc:01:20:af:27:dc:ee:94:c5:1f:3a:ac:a6:0c:b1:
cc:42:5a:f3:ff:79:2b:3a:c1:da:ba:82:26:1d:27:
c3:06:19:11:45:02:0f:10:64:6d:dc:a5:87:06:9c:
9d:2c:66:4c:65:03:36:06:69:51:f7:f8:57:8c:1c:
0f:a4:89:0d:a3:e4:d4:21:61:af:fe:01:05:a1:08:
c3:4a:e9:d0:4d:73:83:c4:15:09:b8:74:cd:91:24:
39:96:2d:96:fa:24:fc:01:1a:59:e1:0b:25:01:9b:
fe:b1:5b:0a:47:77:0d:1d:97:90:cc:d3:f6:a0:81:
7f:2f:e2:cd:af:32:76:0c:fe:81:69:16:0d:11:41:
13:b8:e9:e8:9e:73:9e:a1:f7:0c:21:5c:10:d4:60:
15:c7:0d:3d:9b:53:3a:9d:d1:07:a7:04:ce:15:d6:
70:e7:50:c8:d4:7b:6d:92:1f:1f:6b:0a:62:c9:b4:
f7:56:f4:d2:66:05:7f:5a:98:9e:fc:31:0c:0c:fb:
fa:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:DD:BB:B5:56:C6:7B:EC:80:C8:85:D9:9A:86:C0:A0:03:2C:7B:13
X509v3 Authority Key Identifier:
keyid:5B:B5:F0:5F:12:B5:20:76:86:8E:EF:CD:14:AF:CE:C1:92:FE:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W7XwXxK1IHaGju_NFK_OwZL-LPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/gd27tVbGe-yAyIXZmobAoAMsexM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/W7XwXxK1IHaGju_NFK_OwZL-LPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.168.0/23
5.154.228.0/23
5.154.248.0/22
82.118.0.0/20
185.36.68.0/22
213.91.96.0/20
Signature Algorithm: sha256WithRSAEncryption
1d:19:a3:2a:a8:3e:e5:f5:d9:5b:a7:4d:f8:9b:f9:ec:b6:99:
bf:6a:41:d5:67:8b:3d:f4:2c:1a:9e:eb:0e:1b:66:24:ef:6f:
65:59:2b:bd:1b:48:9d:61:a9:4e:ec:8e:f1:1f:b1:07:87:9b:
2a:7e:c4:5e:2d:2f:9c:b7:79:43:c0:0a:eb:dc:c6:e9:9d:43:
c5:38:fd:dc:49:6b:1b:5a:ca:c3:23:0f:6f:94:a4:0f:50:23:
fd:e2:a9:6c:45:15:ee:75:e5:f8:0b:37:81:af:e3:ad:c5:3b:
e3:19:c0:52:e1:3f:93:ab:75:24:cd:3e:95:bb:ac:cd:e4:7d:
5a:3e:da:14:f0:d8:71:03:8e:85:43:0f:4e:8a:21:02:04:c2:
e2:6c:12:19:93:48:b2:18:5d:e1:cc:f9:03:4e:af:ad:b5:f8:
13:f7:fa:81:38:ae:17:11:40:6c:cf:4e:e4:a9:13:a1:52:e7:
9f:3b:49:a2:77:e5:99:38:74:1d:f6:de:2d:4a:bd:9e:6f:da:
b4:86:c0:be:6c:fd:54:4a:ae:3e:e5:8b:05:69:6b:b7:c5:03:
ab:43:14:03:72:a8:22:de:04:01:d1:17:fe:8c:3d:44:65:f8:
3e:c3:7b:d4:5c:26:89:4c:92:92:ba:e5:8d:84:a2:85:90:58:
f4:b9:64:f0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEJT9WdXuFNKcdjc7NuwTzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYjVmMDVmMTJiNTIwNzY4NjhlZWZjZDE0YWZjZWMxOTJm
ZTJjZjIwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWRkYmJiNTU2YzY3YmVjODBjODg1ZDk5YTg2YzBhMDAzMmM3YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxgCjX7OBTjiqMEUsCI3/9usYu7U
qvMQqltzCNuBqh6JBeknT/eQS5xekypI28iBO7atRoClsdfcJRfMASCvJ9zulMUf
OqymDLHMQlrz/3krOsHauoImHSfDBhkRRQIPEGRt3KWHBpydLGZMZQM2BmlR9/hX
jBwPpIkNo+TUIWGv/gEFoQjDSunQTXODxBUJuHTNkSQ5li2W+iT8ARpZ4QslAZv+
sVsKR3cNHZeQzNP2oIF/L+LNrzJ2DP6BaRYNEUETuOnonnOeofcMIVwQ1GAVxw09
m1M6ndEHpwTOFdZw51DI1Httkh8fawpiybT3VvTSZgV/Wpie/DEMDPv6LQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIHdu7VWxnvsgMiF2ZqGwKADLHsTMB8GA1UdIwQY
MBaAFFu18F8StSB2ho7vzRSvzsGS/izyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzdYd1h4SzFJSGFHanVfTkZLX093WkwtTFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS85OGFkYzEtNmZmOC00OTU5LWEzNDQt
ZGI2Y2E2ZTRkNGEzLzEvZ2QyN3RWYkdlLXlBeUlYWm1vYkFvQU1zZXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS85OGFkYzEtNmZmOC00OTU5LWEzNDQtZGI2Y2E2ZTRkNGEz
LzEvVzdYd1h4SzFJSGFHanVfTkZLX093WkwtTFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBBZqoAwQB
BZrkAwQCBZr4AwQEUnYAAwQCuSREAwQE1VtgMA0GCSqGSIb3DQEBCwUAA4IBAQAd
GaMqqD7l9dlbp034m/nstpm/akHVZ4s99CwanusOG2Yk729lWSu9G0idYalO7I7x
H7EHh5sqfsReLS+ct3lDwArr3MbpnUPFOP3cSWsbWsrDIw9vlKQPUCP94qlsRRXu
deX4CzeBr+OtxTvjGcBS4T+Tq3UkzT6Vu6zN5H1aPtoU8NhxA46FQw9OiiECBMLi
bBIZk0iyGF3hzPkDTq+ttfgT9/qBOK4XEUBsz07kqROhUuefO0mid+WZOHQd9t4t
Sr2eb9q0hsC+bP1USq4+5YsFaWu3xQOrQxQDcqgi3gQB0Rf+jD1EZfg+w3vUXCaJ
TJKSuuWNhKKFkFj0uWTw
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:12:33 2024 by rpki-client on console-ams.rpki-client.org