Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/x5JbNotrbkr5hhHJoT2_YLitzqk.roa
File: x5JbNotrbkr5hhHJoT2_YLitzqk.roa (raw, json)
Hash identifier: b0YmIvRU8l/oy0dxcjDd57S5pjVsCHquGFEGofQ8KhU=
Subject key identifier: C7:92:5B:36:8B:6B:6E:4A:F9:86:11:C9:A1:3D:BF:60:B8:AD:CE:A9
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 01931587CCD667306A2393129C87A01B626D
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/x5JbNotrbkr5hhHJoT2_YLitzqk.roa
Signing time: Sun 10 Nov 2024 10:04:01 +0000
ROA not before: Sun 10 Nov 2024 10:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205585
IP address blocks: 185.143.232.0/22 maxlen: 24
185.220.226.0/24 maxlen: 24
2a0c:a7c0::/29 maxlen: 48
2a0c:a7c6:17::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:15:87:cc:d6:67:30:6a:23:93:12:9c:87:a0:1b:62:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Nov 10 10:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7925b368b6b6e4af98611c9a13dbf60b8adcea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b7:94:96:b7:c6:4b:4c:f3:6e:49:c0:7a:6a:
84:be:43:83:e4:fb:1f:c5:75:a1:8d:d0:bc:0b:10:
aa:d1:eb:c5:1f:bb:ee:64:64:7d:78:c5:5b:f2:15:
93:46:98:0a:94:9b:83:ae:12:82:c9:27:3d:0e:a6:
72:7f:7a:e3:ae:a0:12:ed:f8:cb:85:48:7e:1f:ca:
5b:26:0f:3c:68:8d:8b:fd:6a:a0:7c:6c:56:ed:1a:
7e:c4:c9:22:a9:77:61:64:cc:8e:87:37:08:50:80:
cc:6a:d5:4c:89:f5:26:20:d7:31:b6:f7:34:ea:e9:
f6:e9:24:79:27:ba:69:ac:a8:6f:de:25:56:82:bd:
66:df:79:4b:04:1a:ec:5e:fe:e7:04:43:0e:b0:b0:
c8:d7:a0:85:ab:e4:3c:20:45:96:43:3f:54:8b:0d:
d0:7d:d2:f7:b7:8c:6d:8b:c8:9d:5d:d1:1e:50:e1:
94:2a:de:32:b7:f1:0b:60:60:1f:ee:53:bc:03:26:
3c:fb:d0:ef:4c:0a:31:8c:bc:b6:31:83:d1:26:79:
09:a4:67:81:1f:8d:ab:b4:2b:4d:db:d3:d3:f7:a9:
68:fe:2c:e6:a7:f4:57:39:b1:3b:0f:fb:b8:24:93:
5e:be:bc:13:3d:d0:44:57:13:c6:dc:fd:72:24:01:
c8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:92:5B:36:8B:6B:6E:4A:F9:86:11:C9:A1:3D:BF:60:B8:AD:CE:A9
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/x5JbNotrbkr5hhHJoT2_YLitzqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.232.0/22
185.220.226.0/24
IPv6:
2a0c:a7c0::/29
Signature Algorithm: sha256WithRSAEncryption
08:ec:4d:11:05:90:4f:cb:15:04:49:bd:82:d5:81:d9:65:f1:
f7:3d:5c:45:7c:0a:59:2a:59:a1:d5:67:98:dc:4c:bb:5d:2b:
f4:4f:db:1c:96:73:3d:80:c3:58:2d:12:77:c4:3f:7b:b0:3f:
75:4b:73:f6:00:3a:94:ae:0d:53:0b:1e:1d:ff:4a:72:80:ef:
fc:18:ab:81:e2:af:d2:f0:bb:53:52:ee:31:23:a0:22:8b:25:
1c:78:ec:b0:65:f0:72:9a:14:e0:27:d3:7b:ac:09:b3:ea:8b:
c0:c3:50:38:c7:65:77:de:b9:33:18:ae:7f:c4:4d:1a:94:15:
58:ce:2c:d4:76:98:90:ba:c5:c8:77:f9:08:d6:3c:f2:8f:1b:
a4:62:95:f2:a1:63:6e:b6:b9:db:b9:3b:05:06:0d:fe:b0:84:
8e:f3:00:f9:89:84:0e:e0:cf:cd:65:b1:4a:ab:37:58:20:0f:
e7:7f:ad:f7:7c:1c:4e:ed:ed:be:30:7d:b8:71:05:27:03:e2:
d1:b1:ff:3b:a2:83:53:f3:52:34:7a:ba:9b:17:70:99:96:eb:
7a:7d:dc:58:f9:50:bd:9d:e2:34:89:a5:ce:df:f9:1a:9a:1f:
60:59:35:c2:e6:a7:30:02:63:3f:f6:3a:92:84:94:35:19:3c:
45:95:5a:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMVh8zWZzBqI5MSnIegG2JtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjQxMTEwMTAwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzkyNWIzNjhiNmI2ZTRhZjk4NjExYzlhMTNkYmY2MGI4YWRjZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07eUlrfGS0zzbknAemqEvkOD5Psf
xXWhjdC8CxCq0evFH7vuZGR9eMVb8hWTRpgKlJuDrhKCySc9DqZyf3rjrqAS7fjL
hUh+H8pbJg88aI2L/WqgfGxW7Rp+xMkiqXdhZMyOhzcIUIDMatVMifUmINcxtvc0
6un26SR5J7pprKhv3iVWgr1m33lLBBrsXv7nBEMOsLDI16CFq+Q8IEWWQz9Uiw3Q
fdL3t4xti8idXdEeUOGUKt4yt/ELYGAf7lO8AyY8+9DvTAoxjLy2MYPRJnkJpGeB
H42rtCtN29PT96lo/izmp/RXObE7D/u4JJNevrwTPdBEVxPG3P1yJAHIGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMeSWzaLa25K+YYRyaE9v2C4rc6pMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEveDVKYk5vdHJia3I1aGhISm9UMl9ZTGl0enFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuY/oAwQA
udziMA0EAgACMAcDBQMqDKfAMA0GCSqGSIb3DQEBCwUAA4IBAQAI7E0RBZBPyxUE
Sb2C1YHZZfH3PVxFfApZKlmh1WeY3Ey7XSv0T9sclnM9gMNYLRJ3xD97sD91S3P2
ADqUrg1TCx4d/0pygO/8GKuB4q/S8LtTUu4xI6AiiyUceOywZfBymhTgJ9N7rAmz
6ovAw1A4x2V33rkzGK5/xE0alBVYzizUdpiQusXId/kI1jzyjxukYpXyoWNutrnb
uTsFBg3+sISO8wD5iYQO4M/NZbFKqzdYIA/nf633fBxO7e2+MH24cQUnA+LRsf87
ooNT81I0erqbF3CZlut6fdxY+VC9neI0iaXO3/kamh9gWTXC5qcwAmM/9jqShJQ1
GTxFlVrV
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:41:08 2024 by rpki-client on console-fra.rpki-client.org