Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/5k053VRgaR-B9Fw14yhkd-ZuBqQ.roa
File: 5k053VRgaR-B9Fw14yhkd-ZuBqQ.roa (raw, json)
Hash identifier: 9OJWbi9XeRmElAXu0fLjcaYC4HqKTGy2ESP+ptLPPCo=
Subject key identifier: E6:4D:39:DD:54:60:69:1F:81:F4:5C:35:E3:28:64:77:E6:6E:06:A4
Certificate issuer: /CN=a5a1eabafe2de7038227a8593a7ac5cc392f374e
Certificate serial: 018CCA2BA1377392D87BD37B3A9722D03154
Authority key identifier: A5:A1:EA:BA:FE:2D:E7:03:82:27:A8:59:3A:7A:C5:CC:39:2F:37:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paHquv4t5wOCJ6hZOnrFzDkvN04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/5k053VRgaR-B9Fw14yhkd-ZuBqQ.roa
Signing time: Tue 02 Jan 2024 12:35:06 +0000
ROA not before: Tue 02 Jan 2024 12:35:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12952
IP address blocks: 185.118.129.0/24 maxlen: 24
185.118.128.0/24 maxlen: 24
185.118.131.0/24 maxlen: 24
185.118.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/paHquv4t5wOCJ6hZOnrFzDkvN04.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/paHquv4t5wOCJ6hZOnrFzDkvN04.mft
rsync://rpki.ripe.net/repository/DEFAULT/paHquv4t5wOCJ6hZOnrFzDkvN04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 Nov 2024 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:a1:37:73:92:d8:7b:d3:7b:3a:97:22:d0:31:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a1eabafe2de7038227a8593a7ac5cc392f374e
Validity
Not Before: Jan 2 12:35:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e64d39dd5460691f81f45c35e3286477e66e06a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:98:cc:95:8b:4f:8e:69:1e:c0:68:3d:f1:35:
18:9a:5c:b2:ca:38:8d:bb:0a:f2:c7:03:9d:0c:e6:
a4:cf:2c:e7:d4:54:4f:4c:72:52:37:3d:86:a7:28:
b6:da:b1:2f:5e:8c:e0:68:bc:7f:f3:54:c4:4d:7c:
bd:23:65:3e:2e:49:e3:27:d2:a4:d0:6f:62:ff:64:
4d:1c:2c:59:63:db:39:a2:9d:e5:d0:6f:ab:eb:39:
75:09:59:ac:e5:a1:dd:b8:69:ee:71:06:3e:5a:6f:
27:c4:08:8d:2c:0c:87:9b:ab:5b:eb:6d:e0:bb:c6:
66:00:3d:7a:e2:4f:88:08:f6:b4:ad:4b:85:b4:2a:
8d:c3:c2:28:5c:e3:4f:bc:cd:3a:76:f7:20:45:5a:
6e:76:ce:7e:35:d5:1c:35:ed:43:c2:87:07:65:25:
03:d1:41:e6:12:5c:75:2e:16:24:ed:11:73:34:80:
6b:0f:fc:37:98:02:63:be:41:25:33:b1:7b:ca:2d:
8d:39:b1:a6:87:9b:c0:d6:72:22:93:43:9c:84:74:
b4:dd:c4:73:2f:79:54:f8:d4:bf:26:ab:85:48:6b:
df:a0:9b:d3:d0:5c:7a:8b:a9:29:84:0f:c3:24:c1:
17:fa:f7:c1:b1:fc:75:d6:a6:5d:e1:f9:0e:2e:09:
2e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:4D:39:DD:54:60:69:1F:81:F4:5C:35:E3:28:64:77:E6:6E:06:A4
X509v3 Authority Key Identifier:
keyid:A5:A1:EA:BA:FE:2D:E7:03:82:27:A8:59:3A:7A:C5:CC:39:2F:37:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paHquv4t5wOCJ6hZOnrFzDkvN04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/5k053VRgaR-B9Fw14yhkd-ZuBqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/paHquv4t5wOCJ6hZOnrFzDkvN04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.128.0/22
Signature Algorithm: sha256WithRSAEncryption
25:f6:5c:be:03:dd:92:0c:9f:af:86:0e:a6:cc:1c:8c:66:0c:
3e:83:db:9a:d7:af:3c:5a:b5:4f:50:11:31:0e:2e:0e:0a:4a:
f7:03:b0:54:93:54:ef:f2:16:f1:c3:4c:46:fb:7f:08:14:ff:
1a:eb:23:e1:4a:a1:1f:f4:e2:a9:c0:7c:da:af:87:06:f1:72:
fd:e2:3c:5b:69:ac:f0:93:1f:ab:b9:b9:7f:72:cc:72:0e:d3:
cc:37:4d:dd:3c:90:28:77:c3:e1:48:65:ba:a0:21:95:0c:8f:
6d:e0:9f:02:e3:8a:07:d2:57:ff:49:b1:49:ca:af:6a:20:7e:
1a:6c:ce:b4:1f:27:ef:8f:12:6d:e7:c0:ba:4f:66:ca:a1:4c:
a0:15:2b:3b:68:cc:e9:17:5b:6a:9d:e1:93:c1:e1:d2:5a:e5:
94:42:2c:b7:d8:60:41:d2:8a:9f:1f:29:ea:12:8a:6d:85:28:
51:3e:9b:00:14:8f:39:27:54:06:0f:ac:54:5a:97:63:52:4c:
7e:43:9c:3e:ab:5a:32:0f:07:6d:c0:7f:b1:90:84:d1:7f:7c:
08:ed:e7:25:78:5c:96:61:54:8f:ba:aa:85:e5:6c:49:be:a6:
59:ac:7a:3d:a6:f0:f2:5f:f8:6a:83:e5:f5:58:45:d0:0f:65:
b8:a1:62:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK6E3c5LYe9N7Opci0DFUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YTFlYWJhZmUyZGU3MDM4MjI3YTg1OTNhN2FjNWNjMzky
ZjM3NGUwHhcNMjQwMTAyMTIzNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjRkMzlkZDU0NjA2OTFmODFmNDVjMzVlMzI4NjQ3N2U2NmUwNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4JjMlYtPjmkewGg98TUYmlyyyjiN
uwryxwOdDOakzyzn1FRPTHJSNz2Gpyi22rEvXozgaLx/81TETXy9I2U+LknjJ9Kk
0G9i/2RNHCxZY9s5op3l0G+r6zl1CVms5aHduGnucQY+Wm8nxAiNLAyHm6tb623g
u8ZmAD164k+ICPa0rUuFtCqNw8IoXONPvM06dvcgRVpuds5+NdUcNe1DwocHZSUD
0UHmElx1LhYk7RFzNIBrD/w3mAJjvkElM7F7yi2NObGmh5vA1nIik0OchHS03cRz
L3lU+NS/JquFSGvfoJvT0Fx6i6kphA/DJMEX+vfBsfx11qZd4fkOLgkuPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZNOd1UYGkfgfRcNeMoZHfmbgakMB8GA1UdIwQY
MBaAFKWh6rr+LecDgieoWTp6xcw5LzdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGFIcXV2NHQ1d09DSjZoWk9uckZ6RGt2TjA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80ZjRiNGUtMjNjYy00YzNhLTkwYWYt
NGVmMzk1MTRhYTQzLzEvNWswNTNWUmdhUi1COUZ3MTR5aGtkLVp1QnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC80ZjRiNGUtMjNjYy00YzNhLTkwYWYtNGVmMzk1MTRhYTQz
LzEvcGFIcXV2NHQ1d09DSjZoWk9uckZ6RGt2TjA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXaAMA0G
CSqGSIb3DQEBCwUAA4IBAQAl9ly+A92SDJ+vhg6mzByMZgw+g9ua1688WrVPUBEx
Di4OCkr3A7BUk1Tv8hbxw0xG+38IFP8a6yPhSqEf9OKpwHzar4cG8XL94jxbaazw
kx+rubl/csxyDtPMN03dPJAod8PhSGW6oCGVDI9t4J8C44oH0lf/SbFJyq9qIH4a
bM60HyfvjxJt58C6T2bKoUygFSs7aMzpF1tqneGTweHSWuWUQiy32GBB0oqfHynq
EopthShRPpsAFI85J1QGD6xUWpdjUkx+Q5w+q1oyDwdtwH+xkITRf3wI7ecleFyW
YVSPuqqF5WxJvqZZrHo9pvDyX/hqg+X1WEXQD2W4oWIl
-----END CERTIFICATE-----
Generated at Wed Nov 27 08:57:01 2024 by rpki-client on console-fra.rpki-client.org