Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/KOi4x8IHdJ5Stu1MNoVaZQJnYe4.roa
File: KOi4x8IHdJ5Stu1MNoVaZQJnYe4.roa (raw, json)
Hash identifier: Z1ibA9L04LunQH4TGEiiDR8FqkoMLgZODKH0HPzLH6Q=
Subject key identifier: 28:E8:B8:C7:C2:07:74:9E:52:B6:ED:4C:36:85:5A:65:02:67:61:EE
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 018CC2DAEA16D33BF604329BF1C87BFC4776
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/KOi4x8IHdJ5Stu1MNoVaZQJnYe4.roa
Signing time: Mon 01 Jan 2024 02:29:35 +0000
ROA not before: Mon 01 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.85.78.0/24 maxlen: 24
185.85.79.0/24 maxlen: 24
91.190.168.0/24 maxlen: 24
91.190.169.0/24 maxlen: 24
91.190.171.0/24 maxlen: 24
91.190.172.0/24 maxlen: 24
91.190.173.0/24 maxlen: 24
91.190.174.0/24 maxlen: 24
91.190.175.0/24 maxlen: 24
5.63.24.0/24 maxlen: 24
5.63.25.0/24 maxlen: 24
5.63.26.0/24 maxlen: 24
5.63.28.0/24 maxlen: 24
5.63.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:46:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ea:16:d3:3b:f6:04:32:9b:f1:c8:7b:fc:47:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 1 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28e8b8c7c207749e52b6ed4c36855a65026761ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c8:8d:3b:10:23:81:d9:b7:e9:ee:72:68:95:
97:ad:92:82:4a:2f:a1:c2:07:ba:40:15:8a:0c:3a:
c2:58:90:b6:7d:e1:30:bd:0e:e7:2e:2d:aa:24:db:
6a:55:d8:45:4c:19:a4:14:44:7b:84:72:ea:32:e0:
6d:17:69:eb:77:e2:cc:11:77:9a:fd:4c:1c:0e:99:
86:d9:ef:23:a6:e4:0e:20:b9:cd:cf:74:75:1c:b6:
55:b7:42:c1:82:9b:c4:fb:5f:ed:8e:9d:13:f0:89:
6d:4d:e9:3a:2f:b7:40:ce:f1:d4:5e:9b:fc:42:8f:
e6:6a:3e:90:82:8e:40:3d:a8:90:65:8b:a2:ab:2c:
02:cb:46:4a:f5:1f:5b:1a:da:90:03:9b:66:e8:04:
bb:8b:d0:5f:34:b5:b8:e9:eb:1c:34:a2:73:63:b8:
dd:a0:fe:96:52:e4:76:40:ad:0f:a1:69:51:f0:90:
63:32:2c:c8:da:90:91:8b:d8:42:e6:7a:5b:ee:09:
54:d2:c5:71:1f:09:7a:f3:2f:ce:58:9f:7c:de:d7:
56:28:9f:b6:44:1f:31:61:4e:7a:d0:d4:e8:da:3f:
d6:a3:2d:d9:81:9d:c2:c3:38:05:77:71:1f:b5:92:
6b:48:0c:5b:e5:f8:86:d3:bb:eb:a6:5e:92:fc:19:
1f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E8:B8:C7:C2:07:74:9E:52:B6:ED:4C:36:85:5A:65:02:67:61:EE
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/KOi4x8IHdJ5Stu1MNoVaZQJnYe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0-5.63.28.255
91.190.168.0/23
91.190.171.0-91.190.175.255
185.85.78.0/23
Signature Algorithm: sha256WithRSAEncryption
07:2e:96:dd:93:08:44:22:a5:7a:b7:59:a5:f7:64:0a:34:77:
68:07:a5:58:bf:46:9e:d3:02:48:10:01:11:51:c3:73:f8:bc:
59:8b:78:47:40:65:67:49:73:8f:4a:6e:1d:74:a5:04:c1:6d:
79:d7:9d:cd:84:4b:76:e7:f3:f4:d9:53:80:51:eb:a8:86:69:
75:ae:fd:36:cc:38:2f:66:d1:02:b0:fa:31:ab:62:78:cc:28:
84:78:67:1c:41:1d:94:b8:1b:53:68:06:ce:d7:e8:4c:2f:3a:
cc:eb:0f:b5:d3:0f:61:32:90:9a:1a:07:33:47:f5:d2:e9:2e:
cf:bd:86:d4:e1:fa:ae:4c:65:8f:77:14:2f:43:e7:c7:7b:74:
54:64:4e:c4:65:8e:26:85:15:40:48:ac:37:7b:81:a8:7c:17:
59:d2:e6:19:d2:99:1d:d6:3f:a6:30:eb:0d:c1:cd:b0:3f:69:
30:2a:5d:d1:08:ec:79:c8:b1:ff:d1:f0:c7:a9:a5:ed:c6:b4:
1b:0b:06:78:c1:a5:6e:5c:4d:cb:1a:de:22:88:38:24:33:68:
9c:3a:b4:fe:48:c6:23:84:f0:00:da:d4:47:ca:e9:16:87:af:
a0:61:6b:1b:6d:99:dd:81:c3:ac:29:ec:1b:59:80:04:9b:56:
95:27:00:d2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzC2uoW0zv2BDKb8ch7/Ed2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGU4YjhjN2MyMDc3NDllNTJiNmVkNGMzNjg1NWE2NTAyNjc2MWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkciNOxAjgdm36e5yaJWXrZKCSi+h
wge6QBWKDDrCWJC2feEwvQ7nLi2qJNtqVdhFTBmkFER7hHLqMuBtF2nrd+LMEXea
/UwcDpmG2e8jpuQOILnNz3R1HLZVt0LBgpvE+1/tjp0T8IltTek6L7dAzvHUXpv8
Qo/maj6Qgo5APaiQZYuiqywCy0ZK9R9bGtqQA5tm6AS7i9BfNLW46escNKJzY7jd
oP6WUuR2QK0PoWlR8JBjMizI2pCRi9hC5npb7glU0sVxHwl68y/OWJ983tdWKJ+2
RB8xYU560NTo2j/Woy3ZgZ3CwzgFd3EftZJrSAxb5fiG07vrpl6S/BkfTwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCjouMfCB3SeUrbtTDaFWmUCZ2HuMB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvS09pNHg4SUhkSjVTdHUxTU5vVmFaUUpuWWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAMFPxgD
BAAFPxwDBAFbvqgwDAMEAFu+qwMEBFu+oAMEAblVTjANBgkqhkiG9w0BAQsFAAOC
AQEABy6W3ZMIRCKlerdZpfdkCjR3aAelWL9GntMCSBABEVHDc/i8WYt4R0BlZ0lz
j0puHXSlBMFtededzYRLdufz9NlTgFHrqIZpda79Nsw4L2bRArD6MatieMwohHhn
HEEdlLgbU2gGztfoTC86zOsPtdMPYTKQmhoHM0f10ukuz72G1OH6rkxlj3cUL0Pn
x3t0VGROxGWOJoUVQEisN3uBqHwXWdLmGdKZHdY/pjDrDcHNsD9pMCpd0Qjsecix
/9Hwx6ml7ca0GwsGeMGlblxNyxreIog4JDNonDq0/kjGI4TwANrUR8rpFoevoGFr
G22Z3YHDrCnsG1mABJtWlScA0g==
-----END CERTIFICATE-----
Generated at Wed May 1 23:22:01 2024 by rpki-client on console-ams.rpki-client.org