Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/5qODak81RxA7GkRyInHrkjvRHuk.roa
File: 5qODak81RxA7GkRyInHrkjvRHuk.roa (raw, json)
Hash identifier: Mzj6I15Z7NceStfcQLJHVhAuDoXsnv4Ki8EditMHeUA=
Subject key identifier: E6:A3:83:6A:4F:35:47:10:3B:1A:44:72:22:71:EB:92:3B:D1:1E:E9
Certificate issuer: /CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
Certificate serial: 01932EB45330A44FA310BE2D01F0E45682BB
Authority key identifier: B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/5qODak81RxA7GkRyInHrkjvRHuk.roa
Signing time: Fri 15 Nov 2024 07:23:09 +0000
ROA not before: Fri 15 Nov 2024 07:23:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61213
IP address blocks: 185.206.4.0/22 maxlen: 23
2a02:d60::/48 maxlen: 48
2a02:d60:1::/48 maxlen: 48
2a02:d60:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/t4OAtB43tXV9PU4u7N8G2TCnC50.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/t4OAtB43tXV9PU4u7N8G2TCnC50.mft
rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2e:b4:53:30:a4:4f:a3:10:be:2d:01:f0:e4:56:82:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78380b41e37b5757d3d4e2eecdf06d930a70b9d
Validity
Not Before: Nov 15 07:23:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6a3836a4f3547103b1a44722271eb923bd11ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f7:e5:21:f2:e4:1d:d9:5c:2a:3c:77:4f:d7:
9c:02:db:0f:84:87:0a:f9:63:5d:05:ed:15:20:20:
62:bc:8d:05:69:62:2e:67:e0:55:98:31:32:1b:78:
39:a8:bf:dc:c0:ad:1d:dc:bc:08:c1:02:96:20:6b:
be:53:00:6f:09:b5:84:ba:3f:ce:a0:70:a6:89:52:
b7:00:a0:bf:fb:1f:f7:ce:21:d6:73:38:84:28:5c:
66:3a:16:a8:1e:16:ce:38:1e:13:7a:87:46:54:a8:
63:bf:57:d0:2d:d7:7f:41:28:5c:60:13:ba:26:b7:
7e:12:9b:3a:c7:43:b3:38:31:31:28:80:5c:29:d1:
b5:d3:58:2e:07:fc:b4:b3:2b:6d:bb:26:b1:9f:13:
ee:a1:4b:80:93:40:76:f0:b0:13:d9:b2:3f:46:c5:
c3:28:4d:77:e3:5a:21:ec:a1:b1:4b:12:d6:6b:be:
3b:3b:59:38:93:b7:16:ba:b0:1a:e5:2d:ad:9d:96:
3f:7e:37:9f:51:c0:47:66:9d:71:4e:b7:42:f1:aa:
6d:5d:9e:3f:64:19:43:f5:d0:eb:af:45:37:97:1c:
6c:dd:d2:04:b5:f2:e5:63:c5:10:6e:91:4d:72:ad:
d5:55:a9:2a:2f:18:04:8d:ad:81:d0:96:dc:b9:9b:
f3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A3:83:6A:4F:35:47:10:3B:1A:44:72:22:71:EB:92:3B:D1:1E:E9
X509v3 Authority Key Identifier:
keyid:B7:83:80:B4:1E:37:B5:75:7D:3D:4E:2E:EC:DF:06:D9:30:A7:0B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4OAtB43tXV9PU4u7N8G2TCnC50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/5qODak81RxA7GkRyInHrkjvRHuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/2e6613-4332-4c19-addf-dedaf79356ce/1/t4OAtB43tXV9PU4u7N8G2TCnC50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.4.0/22
IPv6:
2a02:d60::-2a02:d60:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
88:57:66:85:ea:02:40:d6:12:d2:d6:df:f9:fa:87:47:c8:e2:
93:11:d8:23:3e:14:2c:54:06:61:9d:38:47:de:f8:bc:4c:a6:
2f:e9:ae:14:79:ca:de:b0:48:31:a0:f2:d2:04:e0:92:24:53:
09:46:74:34:ba:3a:17:6a:24:8d:a6:45:64:76:51:7f:c3:9f:
f3:11:03:37:aa:43:79:db:ba:21:07:b0:c4:4d:b5:d6:b0:85:
f0:48:a7:b2:24:a2:6a:29:48:10:75:77:89:2d:70:1f:e6:1c:
36:7f:ff:20:c4:f5:7f:d8:51:84:37:8c:0a:15:9f:2d:07:b9:
01:8b:86:65:9d:62:14:7e:3b:60:b0:90:8b:89:c7:fb:49:bf:
d1:fb:b4:fc:bd:ca:9a:bc:e9:db:41:47:48:85:3a:82:8e:e7:
c0:d1:69:20:2e:94:50:4a:88:8f:64:9b:4d:95:b9:4e:0b:50:
a8:49:df:42:52:0a:85:0b:10:3c:1c:c8:5e:85:53:6a:53:7d:
0a:5d:c8:71:12:35:b3:3d:3f:c4:26:f5:b9:dc:f9:64:39:d6:
bf:0a:5c:ed:eb:d0:9e:70:82:34:67:8a:d8:97:b7:d6:f3:27:
26:df:2b:fc:ef:f5:62:84:02:8a:20:11:3d:8f:9d:49:8c:33:
1c:8d:82:09
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZMutFMwpE+jEL4tAfDkVoK7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODM4MGI0MWUzN2I1NzU3ZDNkNGUyZWVjZGYwNmQ5MzBh
NzBiOWQwHhcNMjQxMTE1MDcyMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmEzODM2YTRmMzU0NzEwM2IxYTQ0NzIyMjcxZWI5MjNiZDExZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufflIfLkHdlcKjx3T9ecAtsPhIcK
+WNdBe0VICBivI0FaWIuZ+BVmDEyG3g5qL/cwK0d3LwIwQKWIGu+UwBvCbWEuj/O
oHCmiVK3AKC/+x/3ziHWcziEKFxmOhaoHhbOOB4TeodGVKhjv1fQLdd/QShcYBO6
Jrd+Eps6x0OzODExKIBcKdG101guB/y0syttuyaxnxPuoUuAk0B28LAT2bI/RsXD
KE1341oh7KGxSxLWa747O1k4k7cWurAa5S2tnZY/fjefUcBHZp1xTrdC8aptXZ4/
ZBlD9dDrr0U3lxxs3dIEtfLlY8UQbpFNcq3VVakqLxgEja2B0JbcuZvzIQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOajg2pPNUcQOxpEciJx65I70R7pMB8GA1UdIwQY
MBaAFLeDgLQeN7V1fT1OLuzfBtkwpwudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRPQXRCNDN0WFY5UFU0dTdOOEcyVENuQzUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8yZTY2MTMtNDMzMi00YzE5LWFkZGYt
ZGVkYWY3OTM1NmNlLzEvNXFPRGFrODFSeEE3R2tSeUluSHJranZSSHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8yZTY2MTMtNDMzMi00YzE5LWFkZGYtZGVkYWY3OTM1NmNl
LzEvdDRPQXRCNDN0WFY5UFU0dTdOOEcyVENuQzUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuc4EMBgE
AgACMBIwEAMFBSoCDWADBwAqAg1gAAIwDQYJKoZIhvcNAQELBQADggEBAIhXZoXq
AkDWEtLW3/n6h0fI4pMR2CM+FCxUBmGdOEfe+LxMpi/prhR5yt6wSDGg8tIE4JIk
UwlGdDS6OhdqJI2mRWR2UX/Dn/MRAzeqQ3nbuiEHsMRNtdawhfBIp7IkomopSBB1
d4ktcB/mHDZ//yDE9X/YUYQ3jAoVny0HuQGLhmWdYhR+O2CwkIuJx/tJv9H7tPy9
ypq86dtBR0iFOoKO58DRaSAulFBKiI9km02VuU4LUKhJ30JSCoULEDwcyF6FU2pT
fQpdyHESNbM9P8Qm9bnc+WQ51r8KXO3r0J5wgjRnitiXt9bzJybfK/zv9WKEAoog
ET2PnUmMMxyNggk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:29 2024 by rpki-client on console-ams.rpki-client.org