Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/5BzaG0HAsP-GMvTVVTxzCuT_TFw.roa
File: 5BzaG0HAsP-GMvTVVTxzCuT_TFw.roa (raw, json)
Hash identifier: 0HgW7Jy3bV5O044SKUIhgk5kuEwxGNfelVsToZgkoUc=
Subject key identifier: E4:1C:DA:1B:41:C0:B0:FF:86:32:F4:D5:55:3C:73:0A:E4:FF:4C:5C
Certificate issuer: /CN=b8d14227473e4b75c877274cf6c050f25c57721f
Certificate serial: 018CC5DC2458642B02B650F1EEC0AFE6C8C3
Authority key identifier: B8:D1:42:27:47:3E:4B:75:C8:77:27:4C:F6:C0:50:F2:5C:57:72:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uNFCJ0c-S3XIdydM9sBQ8lxXch8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/5BzaG0HAsP-GMvTVVTxzCuT_TFw.roa
Signing time: Mon 01 Jan 2024 16:29:47 +0000
ROA not before: Mon 01 Jan 2024 16:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60481
IP address blocks: 185.78.40.0/22 maxlen: 22
2001:67c:173c::/48 maxlen: 48
2a03:57e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/uNFCJ0c-S3XIdydM9sBQ8lxXch8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/uNFCJ0c-S3XIdydM9sBQ8lxXch8.mft
rsync://rpki.ripe.net/repository/DEFAULT/uNFCJ0c-S3XIdydM9sBQ8lxXch8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:24:58:64:2b:02:b6:50:f1:ee:c0:af:e6:c8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8d14227473e4b75c877274cf6c050f25c57721f
Validity
Not Before: Jan 1 16:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e41cda1b41c0b0ff8632f4d5553c730ae4ff4c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ef:fc:00:6e:f5:92:35:d9:84:81:0f:96:26:
b4:6f:a2:c2:17:23:b9:c4:ba:ef:e7:94:d4:7a:43:
c7:45:fb:04:2d:fb:fc:b7:2c:c2:b7:a1:a3:32:20:
56:fa:b3:f8:8d:48:a7:05:f2:5a:ce:cc:34:e6:af:
30:9d:b9:34:da:22:2f:0e:1e:cf:94:4a:06:a0:ea:
71:e9:90:2d:26:c3:db:8c:2b:3c:14:30:8a:99:35:
ae:e1:c1:04:28:c9:d5:6b:88:20:f8:ec:ed:a9:b1:
e9:66:8d:18:46:5e:e5:79:1c:ed:69:0d:0d:c2:c9:
46:5a:5c:fb:bf:c9:e9:79:5d:07:5d:f5:c0:99:53:
82:e6:1f:51:65:e5:0a:49:aa:4c:06:21:0f:9f:39:
04:c3:c2:98:bd:17:5e:04:0c:07:24:af:b5:2c:39:
2e:6f:3a:1f:18:32:f9:0d:35:b5:6c:bd:8e:5f:bc:
02:af:4e:c6:51:9f:99:40:04:7c:86:cb:d4:4a:1b:
85:5c:70:21:a8:0e:11:db:9b:ed:12:5e:4f:bc:ce:
7f:48:71:85:dd:8d:5c:f5:fa:e8:e4:7d:81:34:9d:
20:e4:98:57:a0:8b:d8:33:68:5b:d0:af:de:85:18:
22:4d:64:19:79:0d:0c:16:e3:86:01:15:e5:21:45:
1a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1C:DA:1B:41:C0:B0:FF:86:32:F4:D5:55:3C:73:0A:E4:FF:4C:5C
X509v3 Authority Key Identifier:
keyid:B8:D1:42:27:47:3E:4B:75:C8:77:27:4C:F6:C0:50:F2:5C:57:72:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNFCJ0c-S3XIdydM9sBQ8lxXch8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/5BzaG0HAsP-GMvTVVTxzCuT_TFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d74b80-40ea-4e34-b50d-114face1a571/1/uNFCJ0c-S3XIdydM9sBQ8lxXch8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.40.0/22
IPv6:
2001:67c:173c::/48
2a03:57e0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:56:c6:c7:1e:9d:e1:81:56:51:f2:6c:5f:b2:4b:30:af:dd:
5c:16:bc:0c:aa:8d:52:e9:c5:ef:99:15:71:6d:e0:c7:b0:21:
c3:0e:f8:82:58:0c:dd:05:33:a7:8e:da:28:f8:bd:0b:06:e6:
81:6e:4e:c3:81:fd:26:bf:53:e2:30:8b:22:ed:95:be:e5:91:
36:f8:65:a7:98:e5:2c:f5:75:09:bb:57:ca:e7:84:ae:52:da:
20:ba:ad:2c:16:52:31:24:74:24:0e:d0:9a:1b:94:ab:0b:98:
83:26:a2:b2:97:e8:e2:5f:b7:c6:e0:b6:75:38:b5:05:aa:d1:
97:f5:61:41:49:b3:0d:2f:41:c4:f3:35:8b:13:c0:e3:66:1e:
70:f2:98:37:3b:c5:91:84:3a:a4:ae:4f:ae:82:84:5f:7d:9f:
2e:c6:ec:6f:47:dc:cb:34:bf:61:68:96:a2:ff:f0:e8:b8:df:
a5:d3:bd:03:2f:98:43:f2:d3:4e:df:16:d6:89:c5:4b:73:5e:
08:7d:2e:4e:ed:37:2a:29:be:f9:2d:91:84:3d:76:9b:13:d0:
81:3d:3a:b1:d8:37:4c:73:5b:73:0f:da:dc:8d:26:0d:49:86:
b4:44:88:08:8e:88:f8:b6:dc:71:fc:0d:be:15:55:77:ab:e5:
31:f1:c2:eb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzF3CRYZCsCtlDx7sCv5sjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDE0MjI3NDczZTRiNzVjODc3Mjc0Y2Y2YzA1MGYyNWM1
NzcyMWYwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDFjZGExYjQxYzBiMGZmODYzMmY0ZDU1NTNjNzMwYWU0ZmY0YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgu/8AG71kjXZhIEPlia0b6LCFyO5
xLrv55TUekPHRfsELfv8tyzCt6GjMiBW+rP4jUinBfJazsw05q8wnbk02iIvDh7P
lEoGoOpx6ZAtJsPbjCs8FDCKmTWu4cEEKMnVa4gg+OztqbHpZo0YRl7leRztaQ0N
wslGWlz7v8npeV0HXfXAmVOC5h9RZeUKSapMBiEPnzkEw8KYvRdeBAwHJK+1LDku
bzofGDL5DTW1bL2OX7wCr07GUZ+ZQAR8hsvUShuFXHAhqA4R25vtEl5PvM5/SHGF
3Y1c9fro5H2BNJ0g5JhXoIvYM2hb0K/ehRgiTWQZeQ0MFuOGARXlIUUavQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOQc2htBwLD/hjL01VU8cwrk/0xcMB8GA1UdIwQY
MBaAFLjRQidHPkt1yHcnTPbAUPJcV3IfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5GQ0owYy1TM1hJZHlkTTlzQlE4bHhYY2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNzRiODAtNDBlYS00ZTM0LWI1MGQt
MTE0ZmFjZTFhNTcxLzEvNUJ6YUcwSEFzUC1HTXZUVlZUeHpDdVRfVEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNzRiODAtNDBlYS00ZTM0LWI1MGQtMTE0ZmFjZTFhNTcx
LzEvdU5GQ0owYy1TM1hJZHlkTTlzQlE4bHhYY2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuU4oMBYE
AgACMBADBwAgAQZ8FzwDBQAqA1fgMA0GCSqGSIb3DQEBCwUAA4IBAQAMVsbHHp3h
gVZR8mxfskswr91cFrwMqo1S6cXvmRVxbeDHsCHDDviCWAzdBTOnjtoo+L0LBuaB
bk7Dgf0mv1PiMIsi7ZW+5ZE2+GWnmOUs9XUJu1fK54SuUtoguq0sFlIxJHQkDtCa
G5SrC5iDJqKyl+jiX7fG4LZ1OLUFqtGX9WFBSbMNL0HE8zWLE8DjZh5w8pg3O8WR
hDqkrk+ugoRffZ8uxuxvR9zLNL9haJai//DouN+l070DL5hD8tNO3xbWicVLc14I
fS5O7TcqKb75LZGEPXabE9CBPTqx2DdMc1tzD9rcjSYNSYa0RIgIjoj4ttxx/A2+
FVV3q+Ux8cLr
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:38 2024 by rpki-client on console-fra.rpki-client.org