Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/OWmd45GybCgHS1V-IbpStP047aE.roa
File: OWmd45GybCgHS1V-IbpStP047aE.roa (raw, json)
Hash identifier: SDXYBAlLMQ8wnyWLRjvtBo2J59O8SG7gZny3g9n8l1I=
Subject key identifier: 39:69:9D:E3:91:B2:6C:28:07:4B:55:7E:21:BA:52:B4:FD:38:ED:A1
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DF9D8604F41A7B1C0865D9FC70CE15
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/OWmd45GybCgHS1V-IbpStP047aE.roa
Signing time: Tue 02 Jan 2024 06:32:27 +0000
ROA not before: Tue 02 Jan 2024 06:32:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56630
IP address blocks: 185.232.168.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
194.53.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:9d:86:04:f4:1a:7b:1c:08:65:d9:fc:70:ce:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39699de391b26c28074b557e21ba52b4fd38eda1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:03:2a:e1:4d:f7:d3:41:cc:9e:d0:a3:37:3d:
3d:a4:3b:19:44:5d:64:82:d4:6e:f7:37:9f:a7:7c:
da:09:3d:61:74:d7:48:be:51:c4:2b:92:98:16:86:
09:94:de:e0:09:40:06:fa:d9:80:18:de:ef:78:07:
85:00:30:bf:5f:90:2c:07:8b:a7:0c:20:b7:33:08:
69:90:4e:ee:1b:33:66:8d:d9:07:dd:80:09:9a:01:
90:fe:ab:5a:39:ab:0f:46:a4:be:de:c0:f8:0f:96:
cc:ec:9c:f7:5a:80:bf:da:c1:15:f6:3a:4c:a2:5b:
cd:7e:c7:74:b5:f2:3e:5a:0d:97:5b:66:90:0b:a4:
04:03:54:54:29:83:cb:ca:8a:5e:53:59:02:67:f9:
ae:a4:b5:64:6e:7c:78:4e:8d:82:93:43:c7:ce:00:
c6:f0:fa:d6:1b:32:da:f0:c0:65:d4:36:17:5e:9a:
97:6c:1d:28:af:0b:f3:34:f9:4b:0b:e2:34:90:4c:
cb:8b:9b:dc:79:22:a6:08:85:58:6a:2c:df:ff:62:
59:3b:ed:d7:07:21:00:32:da:7e:98:ee:fb:8d:7e:
7e:74:7d:be:25:0f:eb:35:b5:b0:ce:e5:0a:26:8c:
0a:dc:38:05:85:9d:02:b2:46:f4:f6:7a:c4:6d:2b:
81:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:69:9D:E3:91:B2:6C:28:07:4B:55:7E:21:BA:52:B4:FD:38:ED:A1
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/OWmd45GybCgHS1V-IbpStP047aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.5.0/24
185.117.117.0/24
185.232.168.0/24
194.53.55.0/24
Signature Algorithm: sha256WithRSAEncryption
09:92:e8:6e:c9:d6:80:2a:7b:91:2f:a3:73:15:70:91:fe:e2:
1c:a7:e0:a8:0b:8a:7f:16:bc:26:29:a1:25:0b:61:bd:5c:b0:
37:c1:8f:0d:49:3a:e5:57:e8:c2:b0:25:f8:77:e8:05:e2:66:
54:86:dd:94:ca:bf:cf:2c:ab:a0:76:cd:a4:00:43:dd:5d:d7:
33:c6:9f:13:8b:19:c6:c2:e6:1e:93:d1:1e:09:86:ff:91:58:
1a:2d:ba:08:75:bc:a8:00:23:31:28:ee:ce:d9:93:0c:87:73:
73:a4:e6:41:bc:e4:3a:57:29:b2:f9:50:6f:e3:d3:0f:2e:03:
4e:97:fb:8f:af:2f:0e:81:3c:05:f6:06:1f:f2:85:02:a6:8c:
69:5c:d8:62:b9:4b:5d:3c:93:bb:16:3a:8a:62:8d:69:2b:a0:
4f:1d:aa:3a:c9:1d:83:00:60:9e:4f:b0:b6:5d:b0:75:a1:85:
73:80:16:f6:d9:b4:79:15:ab:ee:ef:8b:d8:5c:f8:51:0c:af:
de:b5:ee:91:02:86:43:85:68:84:99:2f:20:46:4b:2e:d7:40:
b3:fe:9f:cf:15:62:62:a5:a7:f0:e7:25:54:82:1b:b4:c9:3e:
04:e0:12:e5:1d:55:b0:c7:2b:75:e3:bd:2e:9b:28:8b:d8:5a:
eb:49:84:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI352GBPQaexwIZdn8cM4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY5OWRlMzkxYjI2YzI4MDc0YjU1N2UyMWJhNTJiNGZkMzhlZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAMq4U3300HMntCjNz09pDsZRF1k
gtRu9zefp3zaCT1hdNdIvlHEK5KYFoYJlN7gCUAG+tmAGN7veAeFADC/X5AsB4un
DCC3MwhpkE7uGzNmjdkH3YAJmgGQ/qtaOasPRqS+3sD4D5bM7Jz3WoC/2sEV9jpM
olvNfsd0tfI+Wg2XW2aQC6QEA1RUKYPLyopeU1kCZ/mupLVkbnx4To2Ck0PHzgDG
8PrWGzLa8MBl1DYXXpqXbB0orwvzNPlLC+I0kEzLi5vceSKmCIVYaizf/2JZO+3X
ByEAMtp+mO77jX5+dH2+JQ/rNbWwzuUKJowK3DgFhZ0Cskb09nrEbSuBdQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDlpneORsmwoB0tVfiG6UrT9OO2hMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvT1dtZDQ1R3liQ2dIUzFWLUlicFN0UDA0N2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuSgFAwQA
uXV1AwQAueioAwQAwjU3MA0GCSqGSIb3DQEBCwUAA4IBAQAJkuhuydaAKnuRL6Nz
FXCR/uIcp+CoC4p/FrwmKaElC2G9XLA3wY8NSTrlV+jCsCX4d+gF4mZUht2Uyr/P
LKugds2kAEPdXdczxp8TixnGwuYek9EeCYb/kVgaLboIdbyoACMxKO7O2ZMMh3Nz
pOZBvOQ6Vymy+VBv49MPLgNOl/uPry8OgTwF9gYf8oUCpoxpXNhiuUtdPJO7FjqK
Yo1pK6BPHao6yR2DAGCeT7C2XbB1oYVzgBb22bR5Favu74vYXPhRDK/ete6RAoZD
hWiEmS8gRksu10Cz/p/PFWJipafw5yVUghu0yT4E4BLlHVWwxyt1470umyiL2Frr
SYQ8
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:03:03 2024 by rpki-client on console-ams.rpki-client.org