Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/5RviYhhjGXXBkLmnn0Kj2D4lWqE.roa
File: 5RviYhhjGXXBkLmnn0Kj2D4lWqE.roa (raw, json)
Hash identifier: Vn+okYnGpBWq+2ltlZseCKzLBsMUPh2f39Q3xKlskLw=
Subject key identifier: E5:1B:E2:62:18:63:19:75:C1:90:B9:A7:9F:42:A3:D8:3E:25:5A:A1
Certificate issuer: /CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Certificate serial: 0190E068BE057F3968CC387B1D32ED1D7943
Authority key identifier: 76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/5RviYhhjGXXBkLmnn0Kj2D4lWqE.roa
Signing time: Tue 23 Jul 2024 16:24:39 +0000
ROA not before: Tue 23 Jul 2024 16:24:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207227
IP address blocks: 95.128.154.0/24 maxlen: 24
185.74.36.0/22 maxlen: 22
185.74.36.0/24 maxlen: 24
185.74.37.0/24 maxlen: 24
185.74.38.0/24 maxlen: 24
185.74.39.0/24 maxlen: 24
2a05:48c0::/29 maxlen: 29
2a13:1f40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.mft
rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e0:68:be:05:7f:39:68:cc:38:7b:1d:32:ed:1d:79:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762238a33c550cc5df0244f3fc6e3dbd91e4c39e
Validity
Not Before: Jul 23 16:24:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e51be26218631975c190b9a79f42a3d83e255aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d5:20:0c:17:da:37:b1:ca:71:89:9b:71:10:
e1:51:84:1c:d9:28:35:43:f2:ac:a8:a5:24:49:2f:
79:e5:f2:a3:17:a4:ef:40:24:13:26:36:2a:f6:e2:
1e:7f:72:ef:1e:55:12:26:6c:24:39:66:68:6a:ed:
98:4a:52:78:f0:f4:08:fd:aa:6b:c4:aa:0e:02:4e:
ec:80:3d:7b:2d:3c:e1:65:83:74:4b:3d:c8:70:0e:
b2:41:89:e1:70:35:67:d5:e7:21:11:f2:a4:ba:43:
a0:ee:af:74:66:ea:d8:1f:0a:e7:5b:21:37:2d:d1:
31:2b:48:c3:5e:a9:a2:3f:08:6c:dd:20:8b:b8:d8:
44:0e:1c:4f:08:e6:11:a7:d8:31:bc:df:12:17:08:
f7:4a:6b:5a:4f:13:8e:13:61:61:b5:a3:7b:a6:32:
35:a1:d0:9a:a1:41:e0:75:48:87:93:20:b4:60:97:
0f:71:2c:67:4a:6e:d9:9f:cb:fa:6f:a3:8a:5c:0a:
9a:0a:28:59:9a:7f:14:0d:c8:af:ac:60:44:0e:d3:
d5:ea:21:df:79:b1:ab:95:d9:9f:6b:bb:8e:04:25:
eb:2f:c1:92:46:72:d9:e3:5c:cc:7e:8f:a8:17:dd:
5e:f7:18:a7:85:7c:52:1b:54:3d:4f:48:89:5b:6c:
47:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1B:E2:62:18:63:19:75:C1:90:B9:A7:9F:42:A3:D8:3E:25:5A:A1
X509v3 Authority Key Identifier:
keyid:76:22:38:A3:3C:55:0C:C5:DF:02:44:F3:FC:6E:3D:BD:91:E4:C3:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diI4ozxVDMXfAkTz_G49vZHkw54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/5RviYhhjGXXBkLmnn0Kj2D4lWqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/5e3249-bebf-4070-9fcd-1b1fc79d0551/1/diI4ozxVDMXfAkTz_G49vZHkw54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.154.0/24
185.74.36.0/22
IPv6:
2a05:48c0::/29
2a13:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
65:84:66:00:30:bb:dd:3e:13:b9:ae:ca:cf:1b:8e:9c:a4:6b:
2b:75:f2:2b:93:67:dc:c6:16:37:7c:b1:cf:99:c0:46:a9:fd:
24:65:20:49:26:ef:ef:81:44:58:4c:74:97:20:e5:b8:79:4f:
af:d3:d6:15:40:cf:55:22:5a:ed:fa:b4:ea:34:af:d0:e1:ec:
7e:41:22:c9:c6:2e:0d:9d:bd:c4:d7:b3:dc:54:58:41:bf:d0:
e1:1f:1f:80:e6:61:00:02:fc:21:ee:df:57:cf:0f:25:28:c9:
1d:27:7d:fc:5d:42:6e:1e:ce:19:13:ab:fe:cb:18:00:d9:72:
5d:47:95:cb:ac:0f:e1:70:ea:96:68:11:06:09:ec:c9:09:c2:
06:e0:d6:02:10:98:ec:53:ce:f8:d9:fe:16:ec:ec:eb:bb:42:
a7:b2:c6:84:16:d5:95:4c:8b:f6:1c:43:39:8d:43:db:48:e0:
31:a2:52:92:83:cb:77:b6:06:18:9a:2a:59:aa:4b:6a:9e:80:
bf:5e:2c:18:dc:80:15:38:ce:33:7c:73:75:8d:64:c2:a0:bc:
d4:5e:34:a8:4d:89:46:f5:21:5b:0f:3d:79:92:ee:31:42:fe:
9f:3c:14:bb:d8:30:46:c2:75:5f:63:71:c2:b4:c4:66:cd:2d:
7a:4e:59:3b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZDgaL4FfzlozDh7HTLtHXlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MjIzOGEzM2M1NTBjYzVkZjAyNDRmM2ZjNmUzZGJkOTFl
NGMzOWUwHhcNMjQwNzIzMTYyNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTFiZTI2MjE4NjMxOTc1YzE5MGI5YTc5ZjQyYTNkODNlMjU1YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9UgDBfaN7HKcYmbcRDhUYQc2Sg1
Q/KsqKUkSS955fKjF6TvQCQTJjYq9uIef3LvHlUSJmwkOWZoau2YSlJ48PQI/apr
xKoOAk7sgD17LTzhZYN0Sz3IcA6yQYnhcDVn1echEfKkukOg7q90ZurYHwrnWyE3
LdExK0jDXqmiPwhs3SCLuNhEDhxPCOYRp9gxvN8SFwj3SmtaTxOOE2FhtaN7pjI1
odCaoUHgdUiHkyC0YJcPcSxnSm7Zn8v6b6OKXAqaCihZmn8UDcivrGBEDtPV6iHf
ebGrldmfa7uOBCXrL8GSRnLZ41zMfo+oF91e9xinhXxSG1Q9T0iJW2xHrwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOUb4mIYYxl1wZC5p59Co9g+JVqhMB8GA1UdIwQY
MBaAFHYiOKM8VQzF3wJE8/xuPb2R5MOeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2Qt
MWIxZmM3OWQwNTUxLzEvNVJ2aVloaGpHWFhCa0xtbm4wS2oyRDRsV3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS81ZTMyNDktYmViZi00MDcwLTlmY2QtMWIxZmM3OWQwNTUx
LzEvZGlJNG96eFZETVhmQWtUel9HNDl2WkhrdzU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAX4CaAwQC
uUokMBQEAgACMA4DBQMqBUjAAwUDKhMfQDANBgkqhkiG9w0BAQsFAAOCAQEAZYRm
ADC73T4Tua7KzxuOnKRrK3XyK5Nn3MYWN3yxz5nARqn9JGUgSSbv74FEWEx0lyDl
uHlPr9PWFUDPVSJa7fq06jSv0OHsfkEiycYuDZ29xNez3FRYQb/Q4R8fgOZhAAL8
Ie7fV88PJSjJHSd9/F1Cbh7OGROr/ssYANlyXUeVy6wP4XDqlmgRBgnsyQnCBuDW
AhCY7FPO+Nn+Fuzs67tCp7LGhBbVlUyL9hxDOY1D20jgMaJSkoPLd7YGGJoqWapL
ap6Av14sGNyAFTjOM3xzdY1kwqC81F40qE2JRvUhWw89eZLuMUL+nzwUu9gwRsJ1
X2NxwrTEZs0tek5ZOw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:01:21 2024 by rpki-client on console-ams.rpki-client.org