Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/5QqXFX4YfawLZm2P_fekxXCfsJg.roa
File: 5QqXFX4YfawLZm2P_fekxXCfsJg.roa (raw, json)
Hash identifier: +XIf6ne78wEnnSnlU+NQjKB7coPXtvm0RpNOERgBEZ0=
Subject key identifier: E5:0A:97:15:7E:18:7D:AC:0B:66:6D:8F:FD:F7:A4:C5:70:9F:B0:98
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 018CC6B944273591D080638FD64403163153
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/5QqXFX4YfawLZm2P_fekxXCfsJg.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205129
IP address blocks: 85.187.48.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:44:27:35:91:d0:80:63:8f:d6:44:03:16:31:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e50a97157e187dac0b666d8ffdf7a4c5709fb098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:78:51:2c:21:96:8b:06:51:43:8d:4b:1d:09:
cc:67:36:b9:be:f6:6c:79:b2:95:c6:32:7b:86:65:
c3:0c:cd:e9:ba:fe:07:81:e1:e3:50:90:42:a8:60:
4d:3f:f9:cc:ce:65:ea:e8:d9:e0:0a:a3:af:b5:a5:
8e:3b:a2:88:5f:6d:5b:c3:5e:19:42:4b:99:38:c5:
0a:35:32:78:2b:17:f6:64:1f:17:44:1c:4d:85:a6:
93:0a:8b:f3:83:91:76:45:06:4c:b1:26:63:22:b8:
22:b5:b7:1a:a0:f3:1a:3f:50:b8:1f:ce:c5:88:40:
35:da:7f:22:76:63:ca:83:49:33:48:86:9c:b9:86:
c4:38:17:8a:44:41:e2:39:9a:22:0c:96:1a:02:f6:
95:65:77:12:14:25:5e:ab:4e:19:61:7d:43:45:d6:
d3:a9:31:43:f2:44:b3:62:ee:c9:05:0d:84:d0:70:
14:cd:a6:ec:52:d6:8d:ab:b6:2d:a7:50:ab:55:6a:
3d:31:f7:a1:60:c3:27:aa:39:44:05:b2:8e:15:ed:
85:04:ef:ae:cc:8a:78:0b:d1:83:44:fd:cd:0d:d2:
9d:36:c4:2a:3a:3b:f3:e9:2b:15:07:ac:76:d5:55:
4f:11:bb:4c:bd:30:69:2c:99:33:a2:7e:a0:c9:a3:
52:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:0A:97:15:7E:18:7D:AC:0B:66:6D:8F:FD:F7:A4:C5:70:9F:B0:98
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/5QqXFX4YfawLZm2P_fekxXCfsJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.48.0/23
Signature Algorithm: sha256WithRSAEncryption
45:d6:1d:5e:0f:e2:44:94:e4:d8:11:38:11:aa:44:2c:04:0b:
96:1d:26:94:af:e7:8b:af:1c:fc:46:7a:7c:3c:d5:4b:f5:7e:
dc:ff:c4:64:78:84:59:4b:38:f2:63:65:83:72:6a:58:63:28:
4e:6a:f5:34:9f:5f:d7:14:c1:80:1a:df:ac:c0:c3:f8:24:bb:
1a:04:fa:82:0d:95:4e:56:a1:c1:6f:74:27:63:89:42:6f:62:
8e:db:2c:d2:a4:f5:6e:03:15:3e:41:64:b3:4c:62:b5:97:60:
6a:56:50:14:83:86:51:fc:80:f8:c7:27:43:e1:a9:f4:2e:23:
59:0d:68:37:3a:55:79:33:1d:6b:97:20:75:df:40:d7:1c:25:
0a:2b:61:ae:2a:d8:f4:b6:4e:56:40:7a:1d:4d:85:52:db:62:
09:79:39:a9:f1:f7:cc:69:f8:a3:4a:a8:02:35:56:b2:9e:1d:
92:24:44:22:e6:f6:02:9b:bf:d2:42:05:b6:a0:84:8a:b9:40:
b1:f6:b9:1d:e2:b8:69:f1:ad:ed:8d:ee:12:51:48:86:c0:e0:
38:30:9a:b7:c5:ac:06:46:af:cb:e5:78:ca:28:4c:6e:9a:b6:
a7:c9:e9:29:81:17:11:43:65:f7:dc:f9:dd:70:75:02:57:96:
88:36:d4:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuUQnNZHQgGOP1kQDFjFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYmYzMDIwMWYxMmEwNDBkMzg2ZDJiNGVlZDQ0ODQ2MjNl
NGQxMWIwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTBhOTcxNTdlMTg3ZGFjMGI2NjZkOGZmZGY3YTRjNTcwOWZiMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHhRLCGWiwZRQ41LHQnMZza5vvZs
ebKVxjJ7hmXDDM3puv4HgeHjUJBCqGBNP/nMzmXq6NngCqOvtaWOO6KIX21bw14Z
QkuZOMUKNTJ4Kxf2ZB8XRBxNhaaTCovzg5F2RQZMsSZjIrgitbcaoPMaP1C4H87F
iEA12n8idmPKg0kzSIacuYbEOBeKREHiOZoiDJYaAvaVZXcSFCVeq04ZYX1DRdbT
qTFD8kSzYu7JBQ2E0HAUzabsUtaNq7Ytp1CrVWo9MfehYMMnqjlEBbKOFe2FBO+u
zIp4C9GDRP3NDdKdNsQqOjvz6SsVB6x21VVPEbtMvTBpLJkzon6gyaNS6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOUKlxV+GH2sC2Ztj/33pMVwn7CYMB8GA1UdIwQY
MBaAFP6/MCAfEqBA04bStO7USEYj5NEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUt
YTk3YzBkYzBhNzQ5LzEvNVFxWEZYNFlmYXdMWm0yUF9mZWt4WENmc0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9mOGM0YTItOTZhYy00YjRlLWExOTUtYTk3YzBkYzBhNzQ5
LzEvX3I4d0lCOFNvRURUaHRLMDd0UklSaVBrMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVbswMA0G
CSqGSIb3DQEBCwUAA4IBAQBF1h1eD+JElOTYETgRqkQsBAuWHSaUr+eLrxz8Rnp8
PNVL9X7c/8RkeIRZSzjyY2WDcmpYYyhOavU0n1/XFMGAGt+swMP4JLsaBPqCDZVO
VqHBb3QnY4lCb2KO2yzSpPVuAxU+QWSzTGK1l2BqVlAUg4ZR/ID4xydD4an0LiNZ
DWg3OlV5Mx1rlyB130DXHCUKK2GuKtj0tk5WQHodTYVS22IJeTmp8ffMafijSqgC
NVaynh2SJEQi5vYCm7/SQgW2oISKuUCx9rkd4rhp8a3tje4SUUiGwOA4MJq3xawG
Rq/L5XjKKExumranyekpgRcRQ2X33PndcHUCV5aINtSs
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:58:42 2024 by rpki-client on console-ams.rpki-client.org