Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/0c5f46-62b8-4af3-9b20-9f5f78352600/1/kR5d6x1WpiYphiWWUq9LVZCw7CU.roa
File: kR5d6x1WpiYphiWWUq9LVZCw7CU.roa (raw, json)
Hash identifier: uFaGCCjOQAFIZVMxtAfJaSnFxCt6cPe6fjjIYpxpKhY=
Subject key identifier: 91:1E:5D:EB:1D:56:A6:26:29:86:25:96:52:AF:4B:55:90:B0:EC:25
Certificate issuer: /CN=7ab74b01307f9c3fa756196384173115e66e6c55
Certificate serial: 018CC424F1F3B68C4341CE2E95B7799375D2
Authority key identifier: 7A:B7:4B:01:30:7F:9C:3F:A7:56:19:63:84:17:31:15:E6:6E:6C:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/erdLATB_nD-nVhljhBcxFeZubFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/0c5f46-62b8-4af3-9b20-9f5f78352600/1/kR5d6x1WpiYphiWWUq9LVZCw7CU.roa
Signing time: Mon 01 Jan 2024 08:30:04 +0000
ROA not before: Mon 01 Jan 2024 08:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25398
IP address blocks: 193.108.44.0/23 maxlen: 23
193.108.44.0/24 maxlen: 24
193.108.45.0/24 maxlen: 24
185.150.182.0/23 maxlen: 23
185.150.180.0/22 maxlen: 22
185.150.180.0/23 maxlen: 23
2a0d:7ec1::/32 maxlen: 32
2a0d:7ec0::/32 maxlen: 32
2a0d:7ec0::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/0c5f46-62b8-4af3-9b20-9f5f78352600/1/erdLATB_nD-nVhljhBcxFeZubFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/0c5f46-62b8-4af3-9b20-9f5f78352600/1/erdLATB_nD-nVhljhBcxFeZubFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/erdLATB_nD-nVhljhBcxFeZubFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f1:f3:b6:8c:43:41:ce:2e:95:b7:79:93:75:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ab74b01307f9c3fa756196384173115e66e6c55
Validity
Not Before: Jan 1 08:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=911e5deb1d56a6262986259652af4b5590b0ec25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:31:18:ee:e9:53:7f:69:dc:0b:a4:77:98:dd:
52:cb:c4:ae:25:8a:da:0b:ea:44:bb:40:04:e0:62:
2c:59:0e:1f:fe:1b:7c:a7:08:8b:da:af:6c:c1:c6:
53:16:0b:19:b1:29:9a:f9:67:61:8e:e9:d1:26:24:
9b:a5:35:c9:af:b5:55:0d:3c:c5:89:2b:c8:93:65:
71:cb:96:7d:c9:b5:d2:f2:5f:99:a9:22:fb:a5:92:
7d:28:f5:63:d1:d4:b6:dc:c4:56:21:11:bc:2b:a3:
a9:f2:1c:fa:93:9a:51:4c:ec:f3:74:a2:c3:5f:0b:
29:39:35:ef:bb:2f:bc:26:92:ab:ff:a6:a3:c1:26:
ed:35:5b:e8:8d:42:3c:55:4f:3c:00:39:7a:90:de:
ff:ab:63:3e:6e:ea:ae:b7:e2:d1:c1:6d:9a:fe:c3:
28:82:63:a1:56:05:d9:5e:57:2a:ec:ff:f8:22:43:
bd:fe:17:9e:d8:16:d8:d6:24:4e:3a:89:eb:ce:20:
e2:07:bb:c5:38:5b:dc:8c:ee:40:e4:4c:a9:e8:c6:
87:83:53:10:f8:7b:a1:d1:42:1c:d4:ef:31:86:9d:
77:61:87:28:b0:2c:12:c5:43:7c:e7:87:cd:98:6e:
9b:74:0f:3c:bb:9f:1c:b1:15:7d:b8:38:d4:79:3a:
cf:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1E:5D:EB:1D:56:A6:26:29:86:25:96:52:AF:4B:55:90:B0:EC:25
X509v3 Authority Key Identifier:
keyid:7A:B7:4B:01:30:7F:9C:3F:A7:56:19:63:84:17:31:15:E6:6E:6C:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/erdLATB_nD-nVhljhBcxFeZubFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/0c5f46-62b8-4af3-9b20-9f5f78352600/1/kR5d6x1WpiYphiWWUq9LVZCw7CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/0c5f46-62b8-4af3-9b20-9f5f78352600/1/erdLATB_nD-nVhljhBcxFeZubFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.180.0/22
193.108.44.0/23
IPv6:
2a0d:7ec0::/31
Signature Algorithm: sha256WithRSAEncryption
b5:3d:18:04:4b:fb:3d:40:2f:94:03:f6:4c:67:31:65:f3:76:
71:27:88:f1:f3:fe:ce:ff:9e:63:38:3b:b0:31:8f:4e:26:10:
da:53:cd:fa:ee:59:c9:99:4c:41:64:c0:d3:71:2e:f1:b1:c4:
d9:b5:e9:7a:c4:95:78:1a:f0:ef:5e:34:8a:51:eb:70:08:4a:
eb:6b:a2:af:86:90:17:2b:2d:a8:0a:c1:bd:d8:92:cb:60:5f:
42:35:c4:05:1e:59:85:89:73:6e:a6:73:07:36:4c:6e:a9:02:
25:96:8e:94:12:e5:ea:7e:91:2e:86:7c:79:fa:29:f0:9c:b8:
8d:36:02:3e:43:3c:f6:b4:91:a1:a7:14:57:a5:06:f4:86:aa:
b7:d5:d8:53:d9:98:ea:8b:72:ae:4c:80:a3:ad:f8:09:f7:e2:
61:4e:40:79:67:1b:75:ea:ad:f3:0a:9a:c0:a3:92:3b:7a:39:
c9:77:de:dc:e8:53:a5:be:d2:5e:ee:80:53:dc:61:70:de:39:
42:6a:da:f5:5e:b5:57:49:7b:49:e5:54:b4:0c:80:6d:ea:93:
95:8f:42:5c:ee:60:a3:24:a6:9d:f2:02:21:c9:f9:3b:7c:2c:
32:3b:4f:fd:89:09:00:1d:5a:cb:5a:10:27:9b:bb:b4:ce:29:
a7:3a:7f:bd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEJPHztoxDQc4ulbd5k3XSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhYjc0YjAxMzA3ZjljM2ZhNzU2MTk2Mzg0MTczMTE1ZTY2
ZTZjNTUwHhcNMjQwMTAxMDgzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTFlNWRlYjFkNTZhNjI2Mjk4NjI1OTY1MmFmNGI1NTkwYjBlYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDEY7ulTf2ncC6R3mN1Sy8SuJYra
C+pEu0AE4GIsWQ4f/ht8pwiL2q9swcZTFgsZsSma+WdhjunRJiSbpTXJr7VVDTzF
iSvIk2Vxy5Z9ybXS8l+ZqSL7pZJ9KPVj0dS23MRWIRG8K6Op8hz6k5pRTOzzdKLD
XwspOTXvuy+8JpKr/6ajwSbtNVvojUI8VU88ADl6kN7/q2M+buqut+LRwW2a/sMo
gmOhVgXZXlcq7P/4IkO9/hee2BbY1iROOonrziDiB7vFOFvcjO5A5Eyp6MaHg1MQ
+Huh0UIc1O8xhp13YYcosCwSxUN854fNmG6bdA88u58csRV9uDjUeTrPswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJEeXesdVqYmKYYlllKvS1WQsOwlMB8GA1UdIwQY
MBaAFHq3SwEwf5w/p1YZY4QXMRXmbmxVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXJkTEFUQl9uRC1uVmhsamhCY3hGZVp1YkZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8wYzVmNDYtNjJiOC00YWYzLTliMjAt
OWY1Zjc4MzUyNjAwLzEva1I1ZDZ4MVdwaVlwaGlXV1VxOUxWWkN3N0NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8wYzVmNDYtNjJiOC00YWYzLTliMjAtOWY1Zjc4MzUyNjAw
LzEvZXJkTEFUQl9uRC1uVmhsamhCY3hGZVp1YkZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZa0AwQB
wWwsMA0EAgACMAcDBQEqDX7AMA0GCSqGSIb3DQEBCwUAA4IBAQC1PRgES/s9QC+U
A/ZMZzFl83ZxJ4jx8/7O/55jODuwMY9OJhDaU8367lnJmUxBZMDTcS7xscTZtel6
xJV4GvDvXjSKUetwCErra6KvhpAXKy2oCsG92JLLYF9CNcQFHlmFiXNupnMHNkxu
qQIllo6UEuXqfpEuhnx5+inwnLiNNgI+Qzz2tJGhpxRXpQb0hqq31dhT2Zjqi3Ku
TICjrfgJ9+JhTkB5Zxt16q3zCprAo5I7ejnJd97c6FOlvtJe7oBT3GFw3jlCatr1
XrVXSXtJ5VS0DIBt6pOVj0Jc7mCjJKad8gIhyfk7fCwyO0/9iQkAHVrLWhAnm7u0
zimnOn+9
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:28:58 2024 by rpki-client on console-ams.rpki-client.org