Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/5DsYsJQAGEI2o5IzOclNStRtnRU.roa
File: 5DsYsJQAGEI2o5IzOclNStRtnRU.roa (raw, json)
Hash identifier: kQxQHzBNnzYJ0Ccj+iK/r/ptihrgCTMFSm+O/t0Jj5o=
Subject key identifier: E4:3B:18:B0:94:00:18:42:36:A3:92:33:39:C9:4D:4A:D4:6D:9D:15
Certificate issuer: /CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Certificate serial: 018CC6B7962F56EBC1D93B0C64A7850D879C
Authority key identifier: BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/5DsYsJQAGEI2o5IzOclNStRtnRU.roa
Signing time: Mon 01 Jan 2024 20:29:29 +0000
ROA not before: Mon 01 Jan 2024 20:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 185.71.116.0/24 maxlen: 24
185.71.117.0/24 maxlen: 24
185.71.118.0/24 maxlen: 24
185.71.119.0/24 maxlen: 24
212.50.35.0/24 maxlen: 24
212.50.42.0/24 maxlen: 24
212.50.43.0/24 maxlen: 24
212.50.45.0/24 maxlen: 24
212.50.46.0/24 maxlen: 24
212.50.47.0/24 maxlen: 24
212.50.48.0/24 maxlen: 24
212.50.49.0/24 maxlen: 24
212.50.50.0/24 maxlen: 24
212.50.51.0/24 maxlen: 24
212.50.52.0/24 maxlen: 24
212.50.53.0/24 maxlen: 24
212.50.56.0/24 maxlen: 24
212.50.57.0/24 maxlen: 24
212.50.58.0/24 maxlen: 24
212.50.59.0/24 maxlen: 24
212.50.60.0/24 maxlen: 24
212.50.62.0/24 maxlen: 24
212.50.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.mft
rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 May 2024 04:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:96:2f:56:eb:c1:d9:3b:0c:64:a7:85:0d:87:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8d64a0dc21996b1c99e68cc951694e293edefe
Validity
Not Before: Jan 1 20:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e43b18b09400184236a3923339c94d4ad46d9d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:36:b4:99:33:7b:d0:bf:01:07:dc:52:7e:74:
b9:e5:24:4e:d9:86:72:b3:8e:1c:8f:4a:e6:c9:60:
fb:13:88:e2:3e:68:0e:ba:e5:12:12:1e:39:7d:a7:
65:d1:38:1a:72:c6:87:b0:77:6d:8e:3b:26:2f:d9:
d8:33:ef:3e:8d:b8:7a:62:53:76:b4:8f:5d:61:6a:
5c:a5:76:ae:79:54:65:f1:8f:d9:46:9a:4b:51:12:
b8:6a:22:bb:fe:7e:3e:5b:2c:91:b2:fe:09:ea:c7:
89:1e:85:f0:41:a1:58:d9:3c:a5:5a:89:8c:25:61:
2f:02:fc:41:1b:5f:94:ce:27:f2:34:e0:7a:0b:7f:
28:3d:d6:41:ad:64:f0:af:c3:68:e3:02:8e:92:df:
57:8e:cf:34:e0:78:78:a8:48:0b:3e:22:71:57:8e:
48:3a:70:3e:db:46:9d:6f:e8:c2:98:f8:66:c7:a3:
c8:f4:9c:1e:88:77:5a:b2:34:91:7e:94:99:56:70:
df:d7:b3:3f:bb:b9:a3:45:b7:1d:55:4c:f3:90:90:
f5:e3:cf:65:20:93:a6:05:9c:8c:54:af:9f:fc:57:
63:b4:05:db:ab:ba:31:00:ac:c3:5f:ba:3d:1d:5a:
c1:74:7b:2f:49:c6:7c:e3:c2:0d:3c:86:20:af:2c:
89:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3B:18:B0:94:00:18:42:36:A3:92:33:39:C9:4D:4A:D4:6D:9D:15
X509v3 Authority Key Identifier:
keyid:BB:8D:64:A0:DC:21:99:6B:1C:99:E6:8C:C9:51:69:4E:29:3E:DE:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u41koNwhmWscmeaMyVFpTik-3v4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/5DsYsJQAGEI2o5IzOclNStRtnRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/220318-46f1-4ebf-a795-dd4a217d606b/1/u41koNwhmWscmeaMyVFpTik-3v4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.116.0/22
212.50.35.0/24
212.50.42.0/23
212.50.45.0-212.50.53.255
212.50.56.0-212.50.60.255
212.50.62.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:6f:9e:e3:c4:97:83:5d:62:ff:ba:7b:26:34:72:8b:8e:b0:
f8:b4:e6:a7:31:f5:1c:25:1b:dc:9d:e8:8d:11:55:af:e9:08:
eb:10:80:4f:06:da:6e:91:62:11:6d:f3:0f:11:64:fc:97:84:
38:c5:a6:d4:6f:b3:ba:59:8f:31:93:3f:aa:d6:60:3c:c6:3f:
03:0a:4f:64:5a:1a:74:bd:d6:2f:93:d6:0f:4b:40:7c:9c:d4:
d0:24:e7:58:24:26:76:46:13:d1:d6:24:53:97:9b:81:7b:d8:
f7:2e:d1:d9:af:de:a5:e9:2f:52:b8:14:91:ad:ba:6b:10:6c:
aa:4d:05:30:92:4d:5b:e8:9b:7f:0d:17:f0:fc:3f:0e:fe:f5:
28:9a:78:08:4f:fb:42:05:15:21:d5:23:d2:74:51:68:0d:72:
b8:16:f5:1e:c1:5a:71:ce:c9:be:7e:47:99:ab:8a:5e:c4:18:
bd:e5:c1:38:df:12:02:5c:3d:a6:2d:9f:52:80:7f:53:b7:dd:
7f:35:f3:f1:05:37:f5:a2:1d:6e:cf:87:7b:29:25:07:84:76:
81:aa:6b:60:3e:47:d6:e8:42:9d:49:23:91:1e:f2:53:9a:bc:
01:9c:26:aa:dc:5a:6b:27:59:69:91:5e:ae:c5:bb:17:26:da:
d6:20:a3:67
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzGt5YvVuvB2TsMZKeFDYecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiOGQ2NGEwZGMyMTk5NmIxYzk5ZTY4Y2M5NTE2OTRlMjkz
ZWRlZmUwHhcNMjQwMTAxMjAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDNiMThiMDk0MDAxODQyMzZhMzkyMzMzOWM5NGQ0YWQ0NmQ5ZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ja0mTN70L8BB9xSfnS55SRO2YZy
s44cj0rmyWD7E4jiPmgOuuUSEh45fadl0TgacsaHsHdtjjsmL9nYM+8+jbh6YlN2
tI9dYWpcpXaueVRl8Y/ZRppLURK4aiK7/n4+WyyRsv4J6seJHoXwQaFY2TylWomM
JWEvAvxBG1+UzifyNOB6C38oPdZBrWTwr8No4wKOkt9Xjs804Hh4qEgLPiJxV45I
OnA+20adb+jCmPhmx6PI9JweiHdasjSRfpSZVnDf17M/u7mjRbcdVUzzkJD1489l
IJOmBZyMVK+f/FdjtAXbq7oxAKzDX7o9HVrBdHsvScZ848INPIYgryyJ1QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFOQ7GLCUABhCNqOSMznJTUrUbZ0VMB8GA1UdIwQY
MBaAFLuNZKDcIZlrHJnmjMlRaU4pPt7+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUt
ZGQ0YTIxN2Q2MDZiLzEvNURzWXNKUUFHRUkybzVJek9jbE5TdFJ0blJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8yMjAzMTgtNDZmMS00ZWJmLWE3OTUtZGQ0YTIxN2Q2MDZi
LzEvdTQxa29Od2htV3NjbWVhTXlWRnBUaWstM3Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQCuUd0AwQA
1DIjAwQB1DIqMAwDBADUMi0DBAHUMjQwDAMEA9QyOAMEANQyPAMEAdQyPjANBgkq
hkiG9w0BAQsFAAOCAQEAb2+e48SXg11i/7p7JjRyi46w+LTmpzH1HCUb3J3ojRFV
r+kI6xCATwbabpFiEW3zDxFk/JeEOMWm1G+zulmPMZM/qtZgPMY/AwpPZFoadL3W
L5PWD0tAfJzU0CTnWCQmdkYT0dYkU5ebgXvY9y7R2a/epekvUrgUka26axBsqk0F
MJJNW+ibfw0X8Pw/Dv71KJp4CE/7QgUVIdUj0nRRaA1yuBb1HsFacc7Jvn5HmauK
XsQYveXBON8SAlw9pi2fUoB/U7fdfzXz8QU39aIdbs+HeyklB4R2gaprYD5H1uhC
nUkjkR7yU5q8AZwmqtxaaydZaZFersW7Fyba1iCjZw==
-----END CERTIFICATE-----
Generated at Mon May 13 14:36:29 2024 by rpki-client on console-fra.rpki-client.org