Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/p5tBKUghHWsb19EdxY83uyIU0vQ.roa
File: p5tBKUghHWsb19EdxY83uyIU0vQ.roa (raw, json)
Hash identifier: sZOdOOXoaxGjPBR2e+GMIluORT1zfhqnYql2FgQLsfg=
Subject key identifier: A7:9B:41:29:48:21:1D:6B:1B:D7:D1:1D:C5:8F:37:BB:22:14:D2:F4
Certificate issuer: /CN=099da06b80fa749068028b597be3e50e8b118786
Certificate serial: 01905F2DD94FEB55773559D4903BF6CC0F1C
Authority key identifier: 09:9D:A0:6B:80:FA:74:90:68:02:8B:59:7B:E3:E5:0E:8B:11:87:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZ2ga4D6dJBoAotZe-PlDosRh4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/p5tBKUghHWsb19EdxY83uyIU0vQ.roa
Signing time: Fri 28 Jun 2024 14:09:18 +0000
ROA not before: Fri 28 Jun 2024 14:09:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42034
IP address blocks: 185.135.32.0/22 maxlen: 22
193.108.181.0/24 maxlen: 24
2001:67c:274c::/48 maxlen: 48
2a06:f140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/CZ2ga4D6dJBoAotZe-PlDosRh4Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/CZ2ga4D6dJBoAotZe-PlDosRh4Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZ2ga4D6dJBoAotZe-PlDosRh4Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5f:2d:d9:4f:eb:55:77:35:59:d4:90:3b:f6:cc:0f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099da06b80fa749068028b597be3e50e8b118786
Validity
Not Before: Jun 28 14:09:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a79b412948211d6b1bd7d11dc58f37bb2214d2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:ba:24:d6:c1:58:40:ed:7b:f9:a0:f6:a8:
e7:71:1d:e0:93:b8:2d:ee:4b:71:c5:51:5a:58:8a:
2e:6e:85:ae:36:c3:7f:4e:1d:66:d7:96:fc:85:b7:
e9:c1:40:21:82:13:88:5b:78:5d:c6:69:1a:1e:56:
af:72:4c:85:8d:9c:e1:3d:f3:e8:89:75:b9:de:fc:
73:d6:4f:33:ba:3b:fd:b7:78:f0:6a:96:17:1c:07:
4d:b1:8e:b1:50:97:9a:70:a3:4a:3f:00:8c:6e:f6:
75:0a:0a:6f:26:39:07:6e:d3:ee:1c:1d:bd:2c:6b:
8b:a3:95:e1:7f:1c:d3:98:3a:f6:08:8c:37:68:6d:
5a:3d:61:8d:7f:92:bb:fb:ef:ea:3d:a9:df:39:99:
da:66:2e:c3:0f:41:99:55:df:20:87:c9:83:b6:f7:
59:4e:90:a0:c9:1d:e4:40:a4:3e:43:d5:1f:68:b6:
4b:08:a1:fb:f1:6b:5e:0c:bf:97:18:3d:9e:33:21:
9f:bd:22:d0:94:8e:34:48:77:e1:b8:e1:be:f2:56:
2f:29:c1:5d:8c:1b:7b:c0:ba:ba:00:a9:65:1c:1b:
d4:e7:ec:7b:90:7b:b5:24:28:88:5b:25:3a:af:05:
66:84:3c:f6:46:b1:1e:46:ce:3c:e7:f2:8c:1d:23:
bc:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9B:41:29:48:21:1D:6B:1B:D7:D1:1D:C5:8F:37:BB:22:14:D2:F4
X509v3 Authority Key Identifier:
keyid:09:9D:A0:6B:80:FA:74:90:68:02:8B:59:7B:E3:E5:0E:8B:11:87:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZ2ga4D6dJBoAotZe-PlDosRh4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/p5tBKUghHWsb19EdxY83uyIU0vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b404c7-bd3d-4752-8ade-31fcc455575e/1/CZ2ga4D6dJBoAotZe-PlDosRh4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.32.0/22
193.108.181.0/24
IPv6:
2001:67c:274c::/48
2a06:f140::/29
Signature Algorithm: sha256WithRSAEncryption
31:f0:a8:f2:e6:b5:ba:6e:41:00:78:81:6a:bc:1c:0c:00:77:
e1:c6:ff:61:c0:56:c9:65:df:b9:b6:4f:26:d7:f3:e4:48:2e:
1e:ea:46:f4:20:9a:ce:5c:0a:89:37:a3:11:a6:15:bb:e7:4c:
c3:46:38:d9:bb:8e:56:11:a9:5b:a6:a5:ae:c3:b3:75:c3:07:
16:e8:fa:37:14:38:ab:09:62:64:b7:ab:2a:7a:8d:1d:11:15:
6d:e8:56:9d:15:69:be:c4:38:4a:08:7d:3a:54:1f:b3:f8:10:
b3:bd:4c:c2:22:f7:ac:a2:e9:7d:08:9c:32:46:0d:bd:d6:6f:
4f:a7:46:d0:f4:6b:68:d9:db:99:38:36:e8:b7:f2:22:4b:59:
b9:91:3b:24:91:c9:bf:ed:dd:24:62:7d:04:28:3a:fc:df:67:
19:76:b5:df:cd:e6:ce:36:73:82:6a:a1:7c:6f:c5:e4:31:d1:
99:c2:21:e9:fe:ac:a7:04:7d:8c:11:ba:79:dc:81:62:d8:fb:
f9:f7:f2:c1:57:db:6a:2a:d8:85:30:08:f9:65:29:ba:41:1f:
13:27:6e:4d:73:62:ff:4e:05:51:f0:b9:2b:84:5a:6a:3c:a6:
68:6c:08:b6:d3:e4:35:53:b6:75:cd:32:9f:37:c9:27:96:1d:
4e:ba:04:af
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZBfLdlP61V3NVnUkDv2zA8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWRhMDZiODBmYTc0OTA2ODAyOGI1OTdiZTNlNTBlOGIx
MTg3ODYwHhcNMjQwNjI4MTQwOTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzliNDEyOTQ4MjExZDZiMWJkN2QxMWRjNThmMzdiYjIyMTRkMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqS6JNbBWEDte/mg9qjncR3gk7gt
7ktxxVFaWIouboWuNsN/Th1m15b8hbfpwUAhghOIW3hdxmkaHlavckyFjZzhPfPo
iXW53vxz1k8zujv9t3jwapYXHAdNsY6xUJeacKNKPwCMbvZ1CgpvJjkHbtPuHB29
LGuLo5XhfxzTmDr2CIw3aG1aPWGNf5K7++/qPanfOZnaZi7DD0GZVd8gh8mDtvdZ
TpCgyR3kQKQ+Q9UfaLZLCKH78WteDL+XGD2eMyGfvSLQlI40SHfhuOG+8lYvKcFd
jBt7wLq6AKllHBvU5+x7kHu1JCiIWyU6rwVmhDz2RrEeRs485/KMHSO8xwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKebQSlIIR1rG9fRHcWPN7siFNL0MB8GA1UdIwQY
MBaAFAmdoGuA+nSQaAKLWXvj5Q6LEYeGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1oyZ2E0RDZkSkJvQW90WmUtUGxEb3NSaDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9iNDA0YzctYmQzZC00NzUyLThhZGUt
MzFmY2M0NTU1NzVlLzEvcDV0QktVZ2hIV3NiMTlFZHhZODN1eUlVMHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9iNDA0YzctYmQzZC00NzUyLThhZGUtMzFmY2M0NTU1NzVl
LzEvQ1oyZ2E0RDZkSkJvQW90WmUtUGxEb3NSaDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuYcgAwQA
wWy1MBYEAgACMBADBwAgAQZ8J0wDBQMqBvFAMA0GCSqGSIb3DQEBCwUAA4IBAQAx
8Kjy5rW6bkEAeIFqvBwMAHfhxv9hwFbJZd+5tk8m1/PkSC4e6kb0IJrOXAqJN6MR
phW750zDRjjZu45WEalbpqWuw7N1wwcW6Po3FDirCWJkt6sqeo0dERVt6FadFWm+
xDhKCH06VB+z+BCzvUzCIvesoul9CJwyRg291m9Pp0bQ9Gto2duZODbot/IiS1m5
kTskkcm/7d0kYn0EKDr832cZdrXfzebONnOCaqF8b8XkMdGZwiHp/qynBH2MEbp5
3IFi2Pv59/LBV9tqKtiFMAj5ZSm6QR8TJ25Nc2L/TgVR8LkrhFpqPKZobAi20+Q1
U7Z1zTKfN8knlh1OugSv
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:40:50 2024 by rpki-client on console-ams.rpki-client.org