Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/519k9f5y1H3bYrkrJB4BIzDKvbo.roa
File: 519k9f5y1H3bYrkrJB4BIzDKvbo.roa (raw, json)
Hash identifier: xJFxcxJ5Z/5MkOWiYdUe9xiWosCtYZ2+sg0BuK2I0NI=
Subject key identifier: E7:5F:64:F5:FE:72:D4:7D:DB:62:B9:2B:24:1E:01:23:30:CA:BD:BA
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 018E5DFDE9DC20060D572B4518CA6F658B2E
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/519k9f5y1H3bYrkrJB4BIzDKvbo.roa
Signing time: Wed 20 Mar 2024 22:31:45 +0000
ROA not before: Wed 20 Mar 2024 22:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 5.181.180.0/24 maxlen: 24
5.181.181.0/24 maxlen: 24
185.176.93.0/24 maxlen: 24
185.176.95.0/24 maxlen: 24
185.229.221.0/24 maxlen: 24
185.229.222.0/24 maxlen: 24
185.229.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5d:fd:e9:dc:20:06:0d:57:2b:45:18:ca:6f:65:8b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 20 22:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e75f64f5fe72d47ddb62b92b241e012330cabdba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:83:6d:b6:56:1e:c9:6d:8c:67:e7:89:84:0e:
f5:0d:30:5d:89:5f:1c:d3:f9:92:75:5d:9d:cf:01:
d1:97:20:8d:55:97:64:38:ae:36:bb:30:2e:98:77:
cd:68:82:4b:a4:df:f7:7b:9c:c6:e5:03:f9:e5:a0:
b8:53:d5:a2:94:b8:56:2e:c4:c1:97:ea:09:a1:c9:
9b:c3:a5:1c:ea:d1:2d:8f:51:f5:ea:f2:be:c4:fa:
47:0e:75:f7:7c:1a:eb:9b:bf:55:ac:28:0a:c1:8b:
56:b8:fb:08:8c:51:f5:2c:95:d7:b1:45:d7:ea:aa:
1e:7c:f8:9e:7b:ca:81:4f:1e:76:eb:f3:2d:96:6a:
74:54:00:45:d5:7d:21:b9:ee:f1:0a:c3:8e:3c:01:
dd:d9:95:07:1d:7c:5c:92:f6:53:2c:b7:5d:7e:00:
ab:16:da:7a:2a:e3:40:d3:0c:1c:67:a6:d2:09:ac:
48:be:12:96:49:6f:78:92:b5:12:7a:9a:d7:9a:49:
fc:03:fc:e2:27:0f:14:18:e3:d6:64:16:3e:3d:0c:
f2:30:62:7a:f4:95:ca:8d:91:f0:85:a5:01:00:d7:
71:65:18:7c:12:4e:bd:d1:a5:c5:5a:a4:8c:79:08:
d7:b0:e5:06:8c:0a:60:8c:03:af:8d:54:26:9e:9d:
58:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:5F:64:F5:FE:72:D4:7D:DB:62:B9:2B:24:1E:01:23:30:CA:BD:BA
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/519k9f5y1H3bYrkrJB4BIzDKvbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.180.0/23
185.176.93.0/24
185.176.95.0/24
185.229.221.0-185.229.223.255
Signature Algorithm: sha256WithRSAEncryption
aa:2a:16:40:8a:7b:c4:ef:72:ab:67:7d:7c:33:a3:cf:b3:d1:
cd:5e:c3:8f:0f:db:e8:15:01:f9:52:cf:cb:13:7b:80:ad:ce:
c0:6e:08:07:00:79:57:dd:ee:0b:a1:cc:79:6e:8c:a3:07:7b:
58:ed:75:88:9e:40:07:bf:90:8d:12:54:2a:40:73:52:f0:d2:
bc:07:62:9f:10:03:67:f5:32:fb:ca:2c:54:d0:a2:8a:7d:df:
24:5f:b5:2e:d0:c7:f1:5b:b8:9c:34:3a:8b:00:c0:38:9d:ef:
cf:16:f4:8e:fa:50:4b:24:b1:a5:c7:e7:91:69:30:0e:6d:4a:
a5:c6:58:e6:92:a9:9e:3c:18:91:7f:6b:23:83:26:f8:0b:49:
93:31:fa:53:ff:b1:a6:fb:4e:8a:f0:04:9d:3f:9b:36:64:55:
d9:f4:6a:bd:d5:f3:9c:99:74:16:3d:e0:64:2f:94:c4:92:4d:
97:ab:a9:90:53:d5:03:aa:88:5a:79:86:6c:3c:e6:ce:d6:02:
64:7d:51:2f:aa:18:24:ce:5b:f3:ea:f2:10:fa:a5:f3:73:24:
f3:b5:25:24:07:0b:ae:eb:13:31:e7:06:c9:dd:68:be:6a:e1:
05:63:33:4e:5d:6e:a9:2a:10:74:a8:ab:cd:03:d9:d5:92:57:
82:b8:cb:59
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY5d/encIAYNVytFGMpvZYsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQwMzIwMjIzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzVmNjRmNWZlNzJkNDdkZGI2MmI5MmIyNDFlMDEyMzMwY2FiZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyINttlYeyW2MZ+eJhA71DTBdiV8c
0/mSdV2dzwHRlyCNVZdkOK42uzAumHfNaIJLpN/3e5zG5QP55aC4U9WilLhWLsTB
l+oJocmbw6Uc6tEtj1H16vK+xPpHDnX3fBrrm79VrCgKwYtWuPsIjFH1LJXXsUXX
6qoefPiee8qBTx526/Mtlmp0VABF1X0hue7xCsOOPAHd2ZUHHXxckvZTLLddfgCr
Ftp6KuNA0wwcZ6bSCaxIvhKWSW94krUSeprXmkn8A/ziJw8UGOPWZBY+PQzyMGJ6
9JXKjZHwhaUBANdxZRh8Ek690aXFWqSMeQjXsOUGjApgjAOvjVQmnp1YfQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOdfZPX+ctR922K5KyQeASMwyr26MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNTE5azlmNXkxSDNiWXJrckpCNEJJekRLdmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBBbW0AwQA
ubBdAwQAubBfMAwDBAC55d0DBAW55cAwDQYJKoZIhvcNAQELBQADggEBAKoqFkCK
e8TvcqtnfXwzo8+z0c1ew48P2+gVAflSz8sTe4CtzsBuCAcAeVfd7guhzHlujKMH
e1jtdYieQAe/kI0SVCpAc1Lw0rwHYp8QA2f1MvvKLFTQoop93yRftS7Qx/FbuJw0
OosAwDid788W9I76UEsksaXH55FpMA5tSqXGWOaSqZ48GJF/ayODJvgLSZMx+lP/
sab7TorwBJ0/mzZkVdn0ar3V85yZdBY94GQvlMSSTZerqZBT1QOqiFp5hmw85s7W
AmR9US+qGCTOW/Pq8hD6pfNzJPO1JSQHC67rEzHnBsndaL5q4QVjM05dbqkqEHSo
q80D2dWSV4K4y1k=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:43:40 2024 by rpki-client on console-fra.rpki-client.org