Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/ph4x20tlj1WavHK9DSPj5vThPuI.roa
File: ph4x20tlj1WavHK9DSPj5vThPuI.roa (raw, json)
Hash identifier: grAvED1JC9zQxZOBo8FdJyF0lCjXGZWkQNPlAInWh8Q=
Subject key identifier: A6:1E:31:DB:4B:65:8F:55:9A:BC:72:BD:0D:23:E3:E6:F4:E1:3E:E2
Certificate issuer: /CN=1a5be155037eb7e65c12ac9aa2a2c325038c3a9b
Certificate serial: 018CC56E935F9E87E323B7C845210E7FE53C
Authority key identifier: 1A:5B:E1:55:03:7E:B7:E6:5C:12:AC:9A:A2:A2:C3:25:03:8C:3A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GlvhVQN-t-ZcEqyaoqLDJQOMOps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/ph4x20tlj1WavHK9DSPj5vThPuI.roa
Signing time: Mon 01 Jan 2024 14:30:07 +0000
ROA not before: Mon 01 Jan 2024 14:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42387
IP address blocks: 212.109.0.0/20 maxlen: 20
94.143.240.0/21 maxlen: 21
212.109.16.0/20 maxlen: 20
212.109.29.0/24 maxlen: 24
185.9.80.0/22 maxlen: 22
212.109.30.0/24 maxlen: 24
212.109.28.0/24 maxlen: 24
217.77.48.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/GlvhVQN-t-ZcEqyaoqLDJQOMOps.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/GlvhVQN-t-ZcEqyaoqLDJQOMOps.mft
rsync://rpki.ripe.net/repository/DEFAULT/GlvhVQN-t-ZcEqyaoqLDJQOMOps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:93:5f:9e:87:e3:23:b7:c8:45:21:0e:7f:e5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a5be155037eb7e65c12ac9aa2a2c325038c3a9b
Validity
Not Before: Jan 1 14:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a61e31db4b658f559abc72bd0d23e3e6f4e13ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b3:67:5a:58:5c:71:d6:3e:73:c9:42:d1:4e:
db:4e:44:65:e0:35:fa:9d:51:aa:30:38:1a:ba:de:
c5:e4:02:cb:f6:f8:0e:98:7a:69:90:a1:59:88:ab:
7b:7f:05:45:6f:5d:ed:0d:b3:12:88:91:30:f7:ca:
75:34:e2:9c:df:99:38:c3:8c:1f:d0:71:59:e6:58:
21:b9:61:4b:40:20:ce:40:e8:c1:4b:0e:d4:f6:b2:
64:6b:05:ec:b4:bc:c2:51:4e:32:ff:d8:a4:46:f0:
7f:99:89:70:93:13:16:3c:6b:6d:5e:98:bc:d4:c6:
36:51:e0:06:a3:58:60:cc:0e:8c:11:5b:b0:46:c9:
9a:ff:06:fd:4e:1f:b3:b1:c6:f8:33:a6:c5:df:9f:
d4:30:53:4c:d7:1a:64:72:8f:df:96:c7:63:27:4f:
8d:b5:e5:9c:a0:c0:7d:1c:ae:cb:93:c7:3e:ce:1e:
e0:a0:0c:5c:f9:87:07:42:03:48:45:f3:60:51:b2:
f6:42:73:d7:4f:0d:e5:cb:fa:2c:e1:d3:80:24:d9:
66:7c:ea:f2:9d:27:dd:f3:95:aa:fd:c0:86:72:9f:
75:b5:92:7e:a6:d1:bb:f4:ad:fc:84:ba:3b:fc:3f:
86:f2:dd:b3:c9:ee:03:ca:d0:ba:22:85:fc:0f:36:
cc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1E:31:DB:4B:65:8F:55:9A:BC:72:BD:0D:23:E3:E6:F4:E1:3E:E2
X509v3 Authority Key Identifier:
keyid:1A:5B:E1:55:03:7E:B7:E6:5C:12:AC:9A:A2:A2:C3:25:03:8C:3A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GlvhVQN-t-ZcEqyaoqLDJQOMOps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/ph4x20tlj1WavHK9DSPj5vThPuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/151e05-7942-490d-ad19-2ec8717ee30a/1/GlvhVQN-t-ZcEqyaoqLDJQOMOps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.240.0/21
185.9.80.0/22
212.109.0.0/19
217.77.48.0/20
Signature Algorithm: sha256WithRSAEncryption
07:19:b5:46:d1:c1:e4:a2:a2:d0:53:2c:5b:fa:6e:d2:55:c6:
20:94:b2:c5:b5:1f:73:9f:a4:06:b6:f4:fa:67:43:c3:e9:cc:
37:15:0f:20:72:c4:e8:1f:9d:4a:69:da:ea:08:4a:38:a7:17:
78:cc:f2:ea:84:93:1b:a1:33:17:57:ab:74:5a:83:a7:3b:8d:
e4:9a:06:6e:c0:f0:55:63:88:7b:eb:d9:6c:e5:7d:08:26:91:
8d:74:3f:8b:30:f7:e0:e3:a4:e2:2c:74:b0:66:15:32:9b:12:
90:79:fd:49:f1:3b:c3:d2:78:33:cb:70:85:a9:7a:ce:99:18:
99:30:94:e0:62:58:ed:9b:69:e1:72:77:af:f5:39:27:75:06:
14:a9:35:93:27:55:04:b1:76:e2:52:32:60:99:37:75:67:48:
76:84:7e:70:d3:47:16:33:e3:ad:2c:b0:05:86:f2:bd:64:f9:
e1:ec:ef:1f:b4:cb:43:e0:68:51:34:7e:ba:82:a6:ec:1d:bc:
ca:af:1f:37:73:49:0a:cd:52:1a:c3:0d:34:7f:c0:47:53:e6:
50:d9:fb:db:32:6e:66:b6:b9:55:92:b3:6e:6f:97:53:d9:24:
c7:8f:2d:c7:9e:0d:e9:6b:6a:22:37:70:ec:2b:29:e7:f3:a1:
12:7d:cc:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFbpNfnofjI7fIRSEOf+U8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNWJlMTU1MDM3ZWI3ZTY1YzEyYWM5YWEyYTJjMzI1MDM4
YzNhOWIwHhcNMjQwMTAxMTQzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjFlMzFkYjRiNjU4ZjU1OWFiYzcyYmQwZDIzZTNlNmY0ZTEzZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLNnWlhccdY+c8lC0U7bTkRl4DX6
nVGqMDgaut7F5ALL9vgOmHppkKFZiKt7fwVFb13tDbMSiJEw98p1NOKc35k4w4wf
0HFZ5lghuWFLQCDOQOjBSw7U9rJkawXstLzCUU4y/9ikRvB/mYlwkxMWPGttXpi8
1MY2UeAGo1hgzA6MEVuwRsma/wb9Th+zscb4M6bF35/UMFNM1xpkco/flsdjJ0+N
teWcoMB9HK7Lk8c+zh7goAxc+YcHQgNIRfNgUbL2QnPXTw3ly/os4dOAJNlmfOry
nSfd85Wq/cCGcp91tZJ+ptG79K38hLo7/D+G8t2zye4DytC6IoX8DzbMewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKYeMdtLZY9VmrxyvQ0j4+b04T7iMB8GA1UdIwQY
MBaAFBpb4VUDfrfmXBKsmqKiwyUDjDqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2x2aFZRTi10LVpjRXF5YW9xTERKUU9NT3BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xNTFlMDUtNzk0Mi00OTBkLWFkMTkt
MmVjODcxN2VlMzBhLzEvcGg0eDIwdGxqMVdhdkhLOURTUGo1dlRoUHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xNTFlMDUtNzk0Mi00OTBkLWFkMTktMmVjODcxN2VlMzBh
LzEvR2x2aFZRTi10LVpjRXF5YW9xTERKUU9NT3BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDXo/wAwQC
uQlQAwQF1G0AAwQE2U0wMA0GCSqGSIb3DQEBCwUAA4IBAQAHGbVG0cHkoqLQUyxb
+m7SVcYglLLFtR9zn6QGtvT6Z0PD6cw3FQ8gcsToH51KadrqCEo4pxd4zPLqhJMb
oTMXV6t0WoOnO43kmgZuwPBVY4h769ls5X0IJpGNdD+LMPfg46TiLHSwZhUymxKQ
ef1J8TvD0ngzy3CFqXrOmRiZMJTgYljtm2nhcnev9TkndQYUqTWTJ1UEsXbiUjJg
mTd1Z0h2hH5w00cWM+OtLLAFhvK9ZPnh7O8ftMtD4GhRNH66gqbsHbzKrx83c0kK
zVIaww00f8BHU+ZQ2fvbMm5mtrlVkrNub5dT2STHjy3Hng3pa2oiN3DsKynn86ES
fcyz
-----END CERTIFICATE-----
Generated at Fri May 17 21:03:34 2024 by rpki-client on console-fra.rpki-client.org