Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/0b39r6v8ARm43xqhjsGLk7Ffeok.roa
File: 0b39r6v8ARm43xqhjsGLk7Ffeok.roa (raw, json)
Hash identifier: 1Bhf7n8JSLyfCjz2jS5F0WEtHpu6q4cEunlniGEd1K4=
Subject key identifier: D1:BD:FD:AF:AB:FC:01:19:B8:DF:1A:A1:8E:C1:8B:93:B1:5F:7A:89
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 018CC64B0786357458B1B589EB1F7D68A71B
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/0b39r6v8ARm43xqhjsGLk7Ffeok.roa
Signing time: Mon 01 Jan 2024 18:30:55 +0000
ROA not before: Mon 01 Jan 2024 18:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39120
IP address blocks: 5.56.8.0/22 maxlen: 22
5.56.12.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
5.83.120.0/22 maxlen: 22
5.83.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:07:86:35:74:58:b1:b5:89:eb:1f:7d:68:a7:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Jan 1 18:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1bdfdafabfc0119b8df1aa18ec18b93b15f7a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cc:8a:78:4a:8b:96:55:82:5f:85:7c:b8:fb:
33:19:48:1c:d3:ae:de:9b:ee:b8:1d:37:cf:b2:ed:
02:37:30:c6:2b:3f:ff:8d:78:08:93:cd:9f:e7:c2:
c1:d9:a8:81:c4:bf:9f:a4:a9:62:e3:3c:fd:61:dd:
50:ce:8e:88:e3:21:12:7a:c0:73:f0:ad:7b:e3:d9:
49:81:19:5a:8c:32:d8:2a:d7:f6:9a:a6:0b:bf:3f:
7d:a2:22:1e:f9:76:6e:20:1b:f3:5f:b8:98:be:00:
9c:c7:46:f1:89:71:d6:70:20:0c:71:f1:94:d4:b8:
0a:a0:94:06:09:eb:81:bd:f3:95:a4:4b:7e:37:a8:
00:26:9b:0e:de:b3:8a:9a:f1:d4:84:f3:92:bb:82:
e1:48:4c:81:38:d0:ad:a8:50:5c:3e:1e:ca:e9:5f:
8b:f4:ee:86:eb:1b:07:3d:87:d1:dc:7d:7b:6f:b8:
24:6b:d3:4a:ca:c6:b4:1f:97:35:29:3d:66:c3:7b:
45:72:6b:98:ed:9a:a7:00:00:14:69:9c:51:46:59:
f7:cc:3f:a1:79:a2:a2:9b:40:19:ad:31:9b:b6:bd:
67:c6:88:c9:75:80:10:99:6c:75:48:75:ff:a3:f6:
f5:20:2a:3a:22:d8:38:9a:b6:3d:3a:aa:06:23:e3:
d0:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:BD:FD:AF:AB:FC:01:19:B8:DF:1A:A1:8E:C1:8B:93:B1:5F:7A:89
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/0b39r6v8ARm43xqhjsGLk7Ffeok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.8.0/21
5.83.120.0/21
185.29.248.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:c8:1b:a7:b9:9f:71:c6:8a:50:80:01:ea:a6:b8:2f:29:7f:
ce:5a:e2:61:02:21:01:ee:d8:16:92:3a:2b:f1:80:af:bd:78:
66:f8:54:a6:25:f5:16:db:83:ca:a1:2c:88:9b:75:17:fe:26:
b9:cb:18:e1:a4:87:22:1a:14:89:0b:59:02:49:dd:49:90:89:
c4:f7:d5:65:be:2f:31:f6:19:28:34:df:86:ca:7a:aa:6e:32:
60:3d:0a:ae:04:78:4b:46:26:59:68:d1:27:d2:c2:2e:9a:ed:
f9:01:a2:b3:73:76:ef:a9:c2:ad:c5:53:8b:34:4e:14:b6:ab:
78:3c:f5:af:c0:ed:10:34:05:37:20:bd:31:11:e3:ba:d9:f7:
c4:d8:7f:c9:0c:4b:ad:1f:4b:fe:a4:30:72:a1:7b:19:4e:df:
77:e4:36:e0:9a:98:16:15:20:53:17:76:f8:65:c6:55:2e:9d:
43:e1:bc:e6:7d:50:5d:88:25:13:38:63:44:64:e9:32:78:99:
01:04:32:99:b4:10:c0:15:4f:d2:5a:b0:45:3c:34:79:32:3b:
61:97:f9:7d:fc:87:b7:b0:7a:a7:1a:d2:a5:8f:64:fc:35:dd:
69:23:00:e6:10:70:82:ba:c5:47:fc:10:af:67:cf:06:0a:7b:
28:3f:7e:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGSweGNXRYsbWJ6x99aKcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjQwMTAxMTgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWJkZmRhZmFiZmMwMTE5YjhkZjFhYTE4ZWMxOGI5M2IxNWY3YTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8yKeEqLllWCX4V8uPszGUgc067e
m+64HTfPsu0CNzDGKz//jXgIk82f58LB2aiBxL+fpKli4zz9Yd1Qzo6I4yESesBz
8K1749lJgRlajDLYKtf2mqYLvz99oiIe+XZuIBvzX7iYvgCcx0bxiXHWcCAMcfGU
1LgKoJQGCeuBvfOVpEt+N6gAJpsO3rOKmvHUhPOSu4LhSEyBONCtqFBcPh7K6V+L
9O6G6xsHPYfR3H17b7gka9NKysa0H5c1KT1mw3tFcmuY7ZqnAAAUaZxRRln3zD+h
eaKim0AZrTGbtr1nxojJdYAQmWx1SHX/o/b1ICo6Itg4mrY9OqoGI+PQWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNG9/a+r/AEZuN8aoY7Bi5OxX3qJMB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvMGIzOXI2djhBUm00M3hxaGpzR0xrN0ZmZW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBTgIAwQD
BVN4AwQCuR34MA0GCSqGSIb3DQEBCwUAA4IBAQBLyBunuZ9xxopQgAHqprgvKX/O
WuJhAiEB7tgWkjor8YCvvXhm+FSmJfUW24PKoSyIm3UX/ia5yxjhpIciGhSJC1kC
Sd1JkInE99Vlvi8x9hkoNN+GynqqbjJgPQquBHhLRiZZaNEn0sIumu35AaKzc3bv
qcKtxVOLNE4Utqt4PPWvwO0QNAU3IL0xEeO62ffE2H/JDEutH0v+pDByoXsZTt93
5DbgmpgWFSBTF3b4ZcZVLp1D4bzmfVBdiCUTOGNEZOkyeJkBBDKZtBDAFU/SWrBF
PDR5Mjthl/l9/Ie3sHqnGtKlj2T8Nd1pIwDmEHCCusVH/BCvZ88GCnsoP34O
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:55:58 2024 by rpki-client on console-ams.rpki-client.org