Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/Pr5icgp5i9wgKJ820epmj3xE3T4.roa
File: Pr5icgp5i9wgKJ820epmj3xE3T4.roa (raw, json)
Hash identifier: /ZeiV3/i3wuSWX6eWaTx8vsS1pf5LBeexOpmnSn6WCM=
Subject key identifier: 3E:BE:62:72:0A:79:8B:DC:20:28:9F:36:D1:EA:66:8F:7C:44:DD:3E
Certificate issuer: /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial: 018EC6E7A16FDFEBA2F35549FA8F04DD6B70
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/Pr5icgp5i9wgKJ820epmj3xE3T4.roa
Signing time: Wed 10 Apr 2024 07:27:32 +0000
ROA not before: Wed 10 Apr 2024 07:27:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 185.137.56.0/22 maxlen: 22
185.143.0.0/22 maxlen: 22
185.143.140.0/22 maxlen: 22
185.174.212.0/23 maxlen: 23
185.174.212.0/24 maxlen: 24
185.232.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c6:e7:a1:6f:df:eb:a2:f3:55:49:fa:8f:04:dd:6b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Validity
Not Before: Apr 10 07:27:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ebe62720a798bdc20289f36d1ea668f7c44dd3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:6c:44:20:6d:41:7d:cb:cf:9f:97:2a:73:f7:
ec:1c:93:07:76:bc:9f:9a:36:2c:22:d3:f9:a3:c5:
cb:6f:db:6a:58:57:07:f8:28:41:ee:0a:4c:e8:b9:
c1:a3:9a:71:99:ae:40:17:72:87:6a:f2:b1:e5:d4:
be:ed:25:d4:21:15:d1:13:0e:d1:2b:61:09:dd:90:
46:ca:d4:c9:ce:75:f0:57:3b:97:fd:b2:11:37:3a:
04:92:ce:2e:6c:02:0d:82:a0:4b:c5:f8:e7:c1:8d:
65:e9:68:15:33:d0:d1:11:c1:e6:7a:9e:bc:1c:0d:
bf:d8:f7:17:85:d1:54:60:ca:c4:d0:2b:4c:8b:09:
b9:f3:71:c7:a6:f2:9c:1b:c5:3d:90:81:74:b7:4d:
ba:d4:ed:75:64:3b:5f:75:ae:01:c3:81:80:1d:3d:
66:04:89:1f:32:ff:76:5a:14:fe:13:e0:f6:ed:c7:
99:2e:cc:1d:58:99:d5:87:e7:e3:6b:a6:19:a5:d0:
f9:71:41:d5:2c:ef:e5:42:69:0b:26:b9:e7:f3:cd:
57:ea:e3:b4:72:5d:23:b3:64:75:43:ba:8f:c2:af:
b8:0b:03:49:64:35:65:de:8f:4c:f9:9f:1d:47:01:
85:bf:88:d2:4c:ae:e4:1b:c3:21:89:76:01:c5:8b:
5f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BE:62:72:0A:79:8B:DC:20:28:9F:36:D1:EA:66:8F:7C:44:DD:3E
X509v3 Authority Key Identifier:
keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/Pr5icgp5i9wgKJ820epmj3xE3T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.56.0/22
185.143.0.0/22
185.143.140.0/22
185.174.212.0/23
185.232.172.0/22
Signature Algorithm: sha256WithRSAEncryption
80:d6:40:e2:ac:88:16:55:f1:f8:98:af:35:ff:44:08:f5:81:
53:c7:e8:ab:42:41:fa:f7:65:dd:06:c5:8b:c8:42:6f:76:f4:
68:7b:c7:2f:bb:d8:78:bd:56:76:92:33:8f:c1:0a:43:d1:41:
00:33:e6:c5:ca:b1:9e:dc:3a:5e:bf:13:e0:14:ff:9f:f5:7e:
5c:89:bf:58:50:73:70:ee:4f:fe:6d:06:2d:46:8f:7c:c8:f9:
e2:d7:37:4e:c6:81:d2:e4:66:1b:93:f4:32:97:ee:4d:71:fd:
b1:c7:31:7d:cb:95:ea:0c:58:f4:77:11:0b:01:8a:64:47:2a:
91:09:80:03:dc:91:c8:6b:96:68:ca:ba:ec:05:51:2c:8b:74:
ae:15:25:e9:47:1e:a4:46:5b:f0:bd:8e:10:28:36:4b:fa:7d:
3b:b1:50:34:2f:d0:05:72:57:c0:d1:02:a6:a1:ff:89:25:a7:
d6:ca:01:d3:5a:5f:fe:84:6f:3b:4c:e8:47:99:27:52:c5:86:
53:32:f6:f6:d5:7e:9e:0f:39:75:e3:ee:f5:d6:53:8f:c9:8f:
51:46:cb:10:f8:45:5d:9f:9d:1d:6f:16:85:85:dd:c1:53:00:
1c:9a:12:57:34:99:e4:95:48:28:f1:4e:52:b4:21:7e:6e:ed:
66:83:92:4d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7G56Fv3+ui81VJ+o8E3WtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjQwNDEwMDcyNzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWJlNjI3MjBhNzk4YmRjMjAyODlmMzZkMWVhNjY4ZjdjNDRkZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWxEIG1BfcvPn5cqc/fsHJMHdryf
mjYsItP5o8XLb9tqWFcH+ChB7gpM6LnBo5pxma5AF3KHavKx5dS+7SXUIRXREw7R
K2EJ3ZBGytTJznXwVzuX/bIRNzoEks4ubAINgqBLxfjnwY1l6WgVM9DREcHmep68
HA2/2PcXhdFUYMrE0CtMiwm583HHpvKcG8U9kIF0t0261O11ZDtfda4Bw4GAHT1m
BIkfMv92WhT+E+D27ceZLswdWJnVh+fja6YZpdD5cUHVLO/lQmkLJrnn881X6uO0
cl0js2R1Q7qPwq+4CwNJZDVl3o9M+Z8dRwGFv4jSTK7kG8MhiXYBxYtfTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD6+YnIKeYvcICifNtHqZo98RN0+MB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvUHI1aWNncDVpOXdnS0o4MjBlcG1qM3hFM1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuYk4AwQC
uY8AAwQCuY+MAwQBua7UAwQCueisMA0GCSqGSIb3DQEBCwUAA4IBAQCA1kDirIgW
VfH4mK81/0QI9YFTx+irQkH692XdBsWLyEJvdvRoe8cvu9h4vVZ2kjOPwQpD0UEA
M+bFyrGe3DpevxPgFP+f9X5cib9YUHNw7k/+bQYtRo98yPni1zdOxoHS5GYbk/Qy
l+5Ncf2xxzF9y5XqDFj0dxELAYpkRyqRCYAD3JHIa5ZoyrrsBVEsi3SuFSXpRx6k
RlvwvY4QKDZL+n07sVA0L9AFclfA0QKmof+JJafWygHTWl/+hG87TOhHmSdSxYZT
Mvb21X6eDzl14+711lOPyY9RRssQ+EVdn50dbxaFhd3BUwAcmhJXNJnklUgo8U5S
tCF+bu1mg5JN
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:08:11 2024 by rpki-client on console-ams.rpki-client.org