Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/9ZlaeZ8pZds-5CpA71yRqkrtyLU.roa
File: 9ZlaeZ8pZds-5CpA71yRqkrtyLU.roa (raw, json)
Hash identifier: kJeIWkfd+pNnwww/boxBYq95v6cjPsUNset5IF8ag70=
Subject key identifier: F5:99:5A:79:9F:29:65:DB:3E:E4:2A:40:EF:5C:91:AA:4A:ED:C8:B5
Certificate issuer: /CN=36c7b44e7c5f29b9dea402ac805160b298cf0da6
Certificate serial: 018CC6B8EE27CE45B6874A8A56C83E2168CD
Authority key identifier: 36:C7:B4:4E:7C:5F:29:B9:DE:A4:02:AC:80:51:60:B2:98:CF:0D:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nse0TnxfKbnepAKsgFFgspjPDaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/9ZlaeZ8pZds-5CpA71yRqkrtyLU.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200941
IP address blocks: 185.90.172.0/24 maxlen: 24
185.90.173.0/24 maxlen: 24
185.90.175.0/24 maxlen: 24
185.90.174.0/24 maxlen: 24
2a05:e181::/32 maxlen: 32
2a05:e187::/32 maxlen: 32
2a05:e180::/32 maxlen: 32
2a05:e186::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/Nse0TnxfKbnepAKsgFFgspjPDaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/Nse0TnxfKbnepAKsgFFgspjPDaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nse0TnxfKbnepAKsgFFgspjPDaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ee:27:ce:45:b6:87:4a:8a:56:c8:3e:21:68:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c7b44e7c5f29b9dea402ac805160b298cf0da6
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5995a799f2965db3ee42a40ef5c91aa4aedc8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:48:5d:97:cd:71:3d:e9:b7:89:c0:13:eb:be:
38:2e:ab:0f:98:9b:f2:dc:d9:cf:e7:63:03:01:0e:
d6:d9:d3:df:9f:b4:cc:4b:7b:2e:d5:cc:53:5f:99:
0c:94:16:46:53:df:34:9f:e2:b3:31:27:1a:42:dc:
5e:1f:f5:db:82:8d:7d:c0:fb:4f:0f:3e:e7:12:fa:
c0:b9:01:1f:19:22:24:ce:08:c0:ee:cc:d1:9c:ee:
39:b3:2f:c2:47:00:f2:54:7a:d7:01:2a:21:fd:38:
77:06:93:c5:1d:33:a9:f5:72:24:59:df:8c:75:dc:
63:f2:a7:35:24:d6:3b:5e:f1:ea:c0:be:10:1f:f6:
9d:8c:03:8c:83:4d:f4:50:04:22:ec:f0:9c:be:1e:
a0:d5:d9:21:09:95:02:0d:65:d7:0d:14:15:15:68:
57:c6:5a:c6:eb:69:68:35:92:e0:44:1b:7e:6f:e9:
7a:c2:38:56:6f:d0:70:05:f3:46:b5:de:f5:c1:aa:
f8:02:4f:da:ee:05:cc:a5:cd:90:9d:ef:1d:e4:0b:
39:f7:37:a4:b8:1a:f7:22:f5:82:06:b1:50:b2:c9:
60:73:07:90:fe:21:06:75:fc:c8:32:eb:f9:23:65:
ff:bc:cb:39:cd:82:76:7c:26:2f:4f:34:89:b4:e4:
7d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:99:5A:79:9F:29:65:DB:3E:E4:2A:40:EF:5C:91:AA:4A:ED:C8:B5
X509v3 Authority Key Identifier:
keyid:36:C7:B4:4E:7C:5F:29:B9:DE:A4:02:AC:80:51:60:B2:98:CF:0D:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nse0TnxfKbnepAKsgFFgspjPDaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/9ZlaeZ8pZds-5CpA71yRqkrtyLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f7138-46d9-498b-af6d-6d6582b2b5b6/1/Nse0TnxfKbnepAKsgFFgspjPDaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.90.172.0/22
IPv6:
2a05:e180::/31
2a05:e186::/31
Signature Algorithm: sha256WithRSAEncryption
23:db:2e:9f:da:ab:92:e2:e7:f7:61:6e:0d:9a:8b:cf:ca:d8:
36:84:df:af:95:4e:1b:f1:e5:4a:6c:fb:62:ad:68:80:79:a3:
b5:e7:a6:11:9d:1a:d5:3b:4e:b3:ea:41:93:3e:8d:32:60:11:
87:ee:e7:6f:d9:c4:4e:1b:0f:b4:aa:ff:89:9c:2d:be:c7:c6:
10:3b:f0:08:2d:1e:4b:c1:0f:7c:1e:16:18:16:0e:b2:32:5a:
f1:f0:5f:9f:42:97:75:38:b7:22:33:6e:1e:5a:7b:7d:73:77:
32:16:3b:69:31:4b:04:c9:30:b3:42:37:38:44:a8:d0:ed:36:
ac:93:35:c2:26:59:33:44:14:93:db:84:31:3b:a4:6c:55:bb:
3c:be:17:f0:7e:11:77:29:bf:d8:bc:15:47:73:41:f6:fe:64:
0c:2e:b0:27:42:14:e8:f3:7f:08:b8:48:72:54:2a:ae:47:0a:
b2:07:0c:f0:09:c2:78:92:c1:65:0c:3d:7d:07:f1:f8:a7:8e:
fb:3b:8b:16:6e:15:4b:e1:11:cf:0e:97:76:92:39:73:03:de:
14:ff:85:db:89:ef:10:4f:1b:7b:33:99:cc:74:92:95:85:ac:
e0:ec:33:02:8a:34:df:6e:c0:d6:86:5d:c5:78:1d:7f:3a:78:
ca:e3:e3:ea
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzGuO4nzkW2h0qKVsg+IWjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzdiNDRlN2M1ZjI5YjlkZWE0MDJhYzgwNTE2MGIyOThj
ZjBkYTYwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTk5NWE3OTlmMjk2NWRiM2VlNDJhNDBlZjVjOTFhYTRhZWRjOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkhdl81xPem3icAT6744LqsPmJvy
3NnP52MDAQ7W2dPfn7TMS3su1cxTX5kMlBZGU980n+KzMScaQtxeH/Xbgo19wPtP
Dz7nEvrAuQEfGSIkzgjA7szRnO45sy/CRwDyVHrXASoh/Th3BpPFHTOp9XIkWd+M
ddxj8qc1JNY7XvHqwL4QH/adjAOMg030UAQi7PCcvh6g1dkhCZUCDWXXDRQVFWhX
xlrG62loNZLgRBt+b+l6wjhWb9BwBfNGtd71war4Ak/a7gXMpc2Qne8d5As59zek
uBr3IvWCBrFQsslgcweQ/iEGdfzIMuv5I2X/vMs5zYJ2fCYvTzSJtOR9wwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPWZWnmfKWXbPuQqQO9ckapK7ci1MB8GA1UdIwQY
MBaAFDbHtE58Xym53qQCrIBRYLKYzw2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNlMFRueGZLYm5lcEFLc2dGRmdzcGpQRGFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjcxMzgtNDZkOS00OThiLWFmNmQt
NmQ2NTgyYjJiNWI2LzEvOVpsYWVaOHBaZHMtNUNwQTcxeVJxa3J0eUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjcxMzgtNDZkOS00OThiLWFmNmQtNmQ2NTgyYjJiNWI2
LzEvTnNlMFRueGZLYm5lcEFLc2dGRmdzcGpQRGFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCuVqsMBQE
AgACMA4DBQEqBeGAAwUBKgXhhjANBgkqhkiG9w0BAQsFAAOCAQEAI9sun9qrkuLn
92FuDZqLz8rYNoTfr5VOG/HlSmz7Yq1ogHmjteemEZ0a1TtOs+pBkz6NMmARh+7n
b9nEThsPtKr/iZwtvsfGEDvwCC0eS8EPfB4WGBYOsjJa8fBfn0KXdTi3IjNuHlp7
fXN3MhY7aTFLBMkws0I3OESo0O02rJM1wiZZM0QUk9uEMTukbFW7PL4X8H4Rdym/
2LwVR3NB9v5kDC6wJ0IU6PN/CLhIclQqrkcKsgcM8AnCeJLBZQw9fQfx+KeO+zuL
Fm4VS+ERzw6XdpI5cwPeFP+F24nvEE8bezOZzHSSlYWs4OwzAoo0327A1oZdxXgd
fzp4yuPj6g==
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:41:19 2024 by rpki-client on console-fra.rpki-client.org