Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5ipITQ9yjECj99Qy0pDKPNUHXQI.roa
File: 5ipITQ9yjECj99Qy0pDKPNUHXQI.roa (raw, json)
Hash identifier: 0u39H6b7LIL/vbRPOxGI2yWi7wIHTVQAdLf2vAt9LEM=
Subject key identifier: E6:2A:48:4D:0F:72:8C:40:A3:F7:D4:32:D2:90:CA:3C:D5:07:5D:02
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B51E8B8BE07B28E1FAA24BDD4DEC5
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5ipITQ9yjECj99Qy0pDKPNUHXQI.roa
Signing time: Tue 02 Jan 2024 12:34:45 +0000
ROA not before: Tue 02 Jan 2024 12:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42198
IP address blocks: 185.115.125.0/24 maxlen: 24
2a06:7246:1::/48 maxlen: 48
2a06:7246:4::/48 maxlen: 48
2a06:7246:3::/48 maxlen: 48
2a06:7246:6::/48 maxlen: 48
2a06:7246:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:51:e8:b8:be:07:b2:8e:1f:aa:24:bd:d4:de:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e62a484d0f728c40a3f7d432d290ca3cd5075d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:87:d6:7d:10:01:1b:ee:3b:81:d9:a1:48:25:
3e:66:50:22:e7:09:bf:7c:9c:5a:06:a2:b4:1c:34:
55:7b:af:57:35:32:fa:5c:30:4d:2b:86:1e:ce:52:
60:88:73:ad:fc:c9:e5:a9:0e:eb:fe:73:84:23:3f:
c4:d8:15:b6:98:67:73:30:c5:00:fb:a8:2f:71:fb:
6e:f8:53:8d:e9:0b:eb:3a:c0:d8:67:e2:bd:2a:cd:
fe:7d:57:45:c8:23:93:0a:cb:e1:ff:fc:b2:92:a0:
d4:24:42:97:e6:2f:84:19:9b:8a:e3:b5:29:d2:df:
3c:2b:02:fd:d7:1b:ff:50:df:37:35:31:92:0f:68:
6e:5f:c7:e0:24:49:33:45:cb:92:0c:f4:e5:59:a2:
ad:47:d4:52:17:c6:38:3e:27:f7:52:7d:46:ba:ee:
5e:60:73:b7:6f:76:e1:65:4d:f8:29:9f:88:30:76:
c9:27:f5:3a:65:59:a1:e9:a2:b2:60:4a:3f:69:df:
ab:d4:ea:4e:8c:90:e5:3b:f1:33:34:19:a3:ca:20:
d5:0f:2d:20:a2:aa:d1:3e:f7:dc:72:59:45:5a:b2:
46:03:5e:f0:c2:f8:00:78:31:ee:32:82:6b:42:ed:
a3:8c:96:31:5f:16:e1:dd:18:56:e3:a2:f4:c7:1a:
38:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2A:48:4D:0F:72:8C:40:A3:F7:D4:32:D2:90:CA:3C:D5:07:5D:02
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/5ipITQ9yjECj99Qy0pDKPNUHXQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.125.0/24
IPv6:
2a06:7246:1::-2a06:7246:4:ffff:ffff:ffff:ffff:ffff
2a06:7246:6::/48
Signature Algorithm: sha256WithRSAEncryption
8e:33:56:a8:7d:d4:9b:cf:0a:4c:ed:57:a0:0d:ff:2b:d8:20:
fe:3a:8a:3d:3c:6c:a0:bc:a6:6c:5d:e5:91:b3:df:f0:52:6b:
52:9d:40:8f:88:47:2e:7c:92:a2:15:ea:b1:df:3a:89:c0:0e:
eb:0b:41:bb:24:14:37:43:49:66:ac:2c:16:44:78:a0:17:c3:
62:2e:69:97:26:30:07:cc:f2:00:04:29:68:42:6c:b9:9a:66:
c1:6a:26:b0:1d:66:61:75:0f:78:ce:f9:d5:89:75:1b:c9:bf:
ef:3f:4d:5e:44:c3:5e:33:03:8d:ca:3a:60:35:72:27:ef:75:
47:b7:69:0f:d5:a8:4a:d4:da:f0:ee:4a:7d:93:6c:1b:8d:2d:
98:f3:1b:0f:f5:21:ea:5d:54:2d:1d:f4:c3:1f:6f:48:c7:4c:
f0:17:a8:78:38:f2:de:de:2e:00:6c:ba:00:f0:e2:fb:3b:c3:
26:f7:01:21:27:8e:16:2d:4e:66:1f:27:89:cd:66:af:9b:1f:
c8:14:11:01:fd:00:e2:fc:4c:6f:d0:84:b6:de:79:c6:b0:cb:
a1:c5:5c:1c:e3:c4:b4:cf:42:1d:f0:96:a3:2d:ff:4e:57:5c:
4f:e0:9f:95:67:e0:b7:75:36:d2:da:91:46:cf:e4:ce:39:1b:
93:e4:16:6f
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzKK1HouL4Hso4fqiS91N7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjJhNDg0ZDBmNzI4YzQwYTNmN2Q0MzJkMjkwY2EzY2Q1MDc1ZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYfWfRABG+47gdmhSCU+ZlAi5wm/
fJxaBqK0HDRVe69XNTL6XDBNK4YezlJgiHOt/MnlqQ7r/nOEIz/E2BW2mGdzMMUA
+6gvcftu+FON6QvrOsDYZ+K9Ks3+fVdFyCOTCsvh//yykqDUJEKX5i+EGZuK47Up
0t88KwL91xv/UN83NTGSD2huX8fgJEkzRcuSDPTlWaKtR9RSF8Y4Pif3Un1Guu5e
YHO3b3bhZU34KZ+IMHbJJ/U6ZVmh6aKyYEo/ad+r1OpOjJDlO/EzNBmjyiDVDy0g
oqrRPvfccllFWrJGA17wwvgAeDHuMoJrQu2jjJYxXxbh3RhW46L0xxo4hwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFOYqSE0PcoxAo/fUMtKQyjzVB10CMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvNWlwSVRROXlqRUNqOTlReTBwREtQTlVIWFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQAuXN9MCME
AgACMB0wEgMHACoGckYAAQMHACoGckYABAMHACoGckYABjANBgkqhkiG9w0BAQsF
AAOCAQEAjjNWqH3Um88KTO1XoA3/K9gg/jqKPTxsoLymbF3lkbPf8FJrUp1Aj4hH
LnySohXqsd86icAO6wtBuyQUN0NJZqwsFkR4oBfDYi5plyYwB8zyAAQpaEJsuZpm
wWomsB1mYXUPeM751Yl1G8m/7z9NXkTDXjMDjco6YDVyJ+91R7dpD9WoStTa8O5K
fZNsG40tmPMbD/Uh6l1ULR30wx9vSMdM8BeoeDjy3t4uAGy6APDi+zvDJvcBISeO
Fi1OZh8nic1mr5sfyBQRAf0A4vxMb9CEtt55xrDLocVcHOPEtM9CHfCWoy3/Tldc
T+CflWfgt3U20tqRRs/kzjkbk+QWbw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:50:05 2024 by rpki-client on console-ams.rpki-client.org