Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5QmoXo8T_Enop3a0zmbtbPx8xZU.roa
File: 5QmoXo8T_Enop3a0zmbtbPx8xZU.roa (raw, json)
Hash identifier: 4s8HEbitwruGyEceFSUS1K5zOKdlo1tNTZ4Dqn6PS/U=
Subject key identifier: E5:09:A8:5E:8F:13:FC:49:E8:A7:76:B4:CE:66:ED:6C:FC:7C:C5:95
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B57EB46D001F222EA55785BF888AC
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5QmoXo8T_Enop3a0zmbtbPx8xZU.roa
Signing time: Tue 02 Jan 2024 12:34:47 +0000
ROA not before: Tue 02 Jan 2024 12:34:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55081
IP address blocks: 185.114.226.0/24 maxlen: 32
87.239.51.0/24 maxlen: 32
185.166.236.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:57:eb:46:d0:01:f2:22:ea:55:78:5b:f8:88:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e509a85e8f13fc49e8a776b4ce66ed6cfc7cc595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:15:86:7a:f6:ac:b4:44:a3:aa:3d:ea:a9:6a:
f7:83:8c:a6:a5:d3:e6:28:59:c0:6e:79:b8:b4:de:
0c:e0:63:17:c6:71:f3:84:6e:d7:94:22:80:00:3d:
21:f6:6d:5c:4a:3b:34:d0:09:2b:74:fa:a9:0b:cc:
1d:a6:c7:be:52:2f:ed:7f:2d:65:4e:8c:57:c2:f5:
1a:37:30:66:ba:e9:30:6f:45:32:d4:97:10:04:0c:
f0:1c:18:8c:0f:cb:fb:d6:07:b8:2d:f2:a5:e2:c0:
53:0b:e9:17:11:1c:ee:6d:b5:f8:af:e9:48:8d:6f:
11:82:78:3f:3d:1b:3f:d6:d1:60:0f:a5:b5:97:d0:
84:68:66:be:4e:c3:3d:55:4b:1f:db:0a:af:af:22:
20:a9:88:38:24:42:5b:af:5b:f1:4f:21:ea:c8:91:
16:ca:a9:f3:d1:7d:bf:cd:d8:4b:58:5a:5d:ee:76:
33:78:89:00:d5:3a:a1:b0:7a:4c:95:f9:e5:1a:f5:
41:46:c9:e7:9a:b2:5e:5f:fb:de:1c:df:4e:7c:c6:
22:ce:0d:0b:e9:91:35:e2:74:e9:84:b8:0f:03:e8:
44:be:fd:32:6e:1b:93:e1:63:ef:47:3a:cc:e6:90:
ba:84:c7:7c:cc:19:ec:7a:4f:7e:d4:c9:7b:fa:d2:
0c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:09:A8:5E:8F:13:FC:49:E8:A7:76:B4:CE:66:ED:6C:FC:7C:C5:95
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5QmoXo8T_Enop3a0zmbtbPx8xZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.51.0/24
185.114.226.0/24
185.166.236.0/24
Signature Algorithm: sha256WithRSAEncryption
48:d5:3f:54:01:d8:7c:4b:6a:23:ca:37:fa:9b:6e:55:d0:97:
8c:12:93:d9:11:98:6e:78:ff:10:6b:fc:96:00:2f:82:09:41:
0f:fc:1f:74:31:34:21:71:cb:f7:d6:76:7a:3f:3a:96:0d:7d:
d4:0e:13:b6:b8:ec:9e:c3:0e:1e:a4:98:88:5c:d0:36:7b:8d:
7c:e5:d8:6a:32:50:b8:5f:1e:e8:10:76:5b:9d:19:bc:e7:c8:
4e:55:a6:91:61:f6:6c:aa:0a:15:3d:bc:b0:30:e7:fd:5b:fa:
59:d6:f9:e0:f3:be:9e:4f:9c:44:d6:1e:09:ab:94:72:ee:33:
ed:01:42:08:97:a1:41:c4:65:58:3e:2d:e7:3d:83:e9:36:b1:
f2:bc:4c:b7:88:16:c7:cc:97:65:b3:c8:64:95:2e:03:fa:ea:
17:a4:e6:ba:75:5c:4f:1e:38:c3:6e:bd:21:a6:eb:d2:74:48:
e6:44:ce:96:51:be:91:1d:4c:a3:ee:6b:a3:0d:ed:8e:21:ae:
a9:f1:fd:02:57:c4:e6:70:ed:9a:b1:2a:6a:d1:68:f9:07:b2:
2f:12:2c:1d:2c:0c:66:49:5a:c4:90:bc:79:53:96:d0:6a:d5:
e3:ac:84:49:29:ca:ef:ee:b0:a8:88:67:93:84:1e:97:34:c4:
48:27:5e:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKK1frRtAB8iLqVXhb+IisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA5YTg1ZThmMTNmYzQ5ZThhNzc2YjRjZTY2ZWQ2Y2ZjN2NjNTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBWGevastESjqj3qqWr3g4ympdPm
KFnAbnm4tN4M4GMXxnHzhG7XlCKAAD0h9m1cSjs00AkrdPqpC8wdpse+Ui/tfy1l
ToxXwvUaNzBmuukwb0Uy1JcQBAzwHBiMD8v71ge4LfKl4sBTC+kXERzubbX4r+lI
jW8Rgng/PRs/1tFgD6W1l9CEaGa+TsM9VUsf2wqvryIgqYg4JEJbr1vxTyHqyJEW
yqnz0X2/zdhLWFpd7nYzeIkA1TqhsHpMlfnlGvVBRsnnmrJeX/veHN9OfMYizg0L
6ZE14nTphLgPA+hEvv0ybhuT4WPvRzrM5pC6hMd8zBnsek9+1Ml7+tIMIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOUJqF6PE/xJ6Kd2tM5m7Wz8fMWVMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNVFtb1hvOFRfRW5vcDNhMHptYnRiUHg4eFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV+8zAwQA
uXLiAwQAuabsMA0GCSqGSIb3DQEBCwUAA4IBAQBI1T9UAdh8S2ojyjf6m25V0JeM
EpPZEZhueP8Qa/yWAC+CCUEP/B90MTQhccv31nZ6PzqWDX3UDhO2uOyeww4epJiI
XNA2e4185dhqMlC4Xx7oEHZbnRm858hOVaaRYfZsqgoVPbywMOf9W/pZ1vng876e
T5xE1h4Jq5Ry7jPtAUIIl6FBxGVYPi3nPYPpNrHyvEy3iBbHzJdls8hklS4D+uoX
pOa6dVxPHjjDbr0hpuvSdEjmRM6WUb6RHUyj7mujDe2OIa6p8f0CV8TmcO2asSpq
0Wj5B7IvEiwdLAxmSVrEkLx5U5bQatXjrIRJKcrv7rCoiGeThB6XNMRIJ17/
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:31:19 2024 by rpki-client on console-ams.rpki-client.org