Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/pss5HYZdpDN4k9rTEeDGA5BAnFk.roa
File: pss5HYZdpDN4k9rTEeDGA5BAnFk.roa (raw, json)
Hash identifier: /DEkHNBluODjbtav9Ip4F9AkCMhXOGxyg0XJ+vjtOdg=
Subject key identifier: A6:CB:39:1D:86:5D:A4:33:78:93:DA:D3:11:E0:C6:03:90:40:9C:59
Certificate issuer: /CN=1902391799337601331f5a12af11e9f4f6421159
Certificate serial: 018CC5002107D26C23085EDC14CD60B01405
Authority key identifier: 19:02:39:17:99:33:76:01:33:1F:5A:12:AF:11:E9:F4:F6:42:11:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GQI5F5kzdgEzH1oSrxHp9PZCEVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/pss5HYZdpDN4k9rTEeDGA5BAnFk.roa
Signing time: Mon 01 Jan 2024 12:29:29 +0000
ROA not before: Mon 01 Jan 2024 12:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60427
IP address blocks: 185.87.236.0/24 maxlen: 24
194.5.183.0/24 maxlen: 24
80.240.107.0/24 maxlen: 24
185.64.131.0/24 maxlen: 24
185.64.129.0/24 maxlen: 24
185.64.130.0/24 maxlen: 24
185.64.128.0/24 maxlen: 24
185.64.128.0/22 maxlen: 22
2a03:14a0:2::/48 maxlen: 48
2a03:14a0:3::/48 maxlen: 48
2a03:14a0:1::/48 maxlen: 48
2a03:14a0:1301::/48 maxlen: 48
2a03:14a0:5::/48 maxlen: 48
2a03:14a0::/32 maxlen: 32
2a03:14a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/GQI5F5kzdgEzH1oSrxHp9PZCEVk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/GQI5F5kzdgEzH1oSrxHp9PZCEVk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GQI5F5kzdgEzH1oSrxHp9PZCEVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 12:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:21:07:d2:6c:23:08:5e:dc:14:cd:60:b0:14:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1902391799337601331f5a12af11e9f4f6421159
Validity
Not Before: Jan 1 12:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6cb391d865da4337893dad311e0c60390409c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8c:ae:c9:14:25:e7:6a:11:c5:cd:71:46:04:
4f:71:7b:86:1b:35:5e:eb:6b:c4:49:b2:a3:ad:fd:
f3:d4:c2:a2:c1:06:be:af:2b:e7:5e:95:bf:97:a7:
22:85:2a:7c:23:9f:2c:73:96:25:5e:8a:03:6f:f2:
cd:bc:cc:0c:34:f3:a0:c8:77:4c:d6:75:b3:f8:b8:
96:84:f1:d0:97:6d:c1:9f:c2:fc:18:02:37:05:1a:
bb:05:83:39:52:0d:79:61:cf:7d:76:3e:b8:42:ec:
86:a8:03:1b:b6:49:b7:83:77:b0:9e:76:0b:5c:88:
ce:50:3f:89:39:ff:c5:15:b1:c7:fc:e1:b0:46:38:
5a:db:53:68:30:81:ff:14:30:33:90:0e:2f:00:15:
3a:53:3d:a6:a9:2f:e9:28:81:b7:df:4f:be:63:12:
ea:97:de:87:a6:75:1c:5d:14:35:b5:a3:2d:2f:65:
c8:43:6e:7f:a9:4f:7b:b1:86:39:10:49:d1:bf:76:
74:c5:79:22:66:3f:c2:aa:7a:fd:86:d5:a7:3f:e1:
06:b1:6d:2c:5d:14:68:04:18:86:ed:57:d2:d9:89:
31:89:aa:24:17:e8:eb:06:38:29:e9:0c:8d:33:fd:
bc:89:a2:32:56:d6:e6:ce:d3:59:a6:0a:7a:22:1b:
0f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:CB:39:1D:86:5D:A4:33:78:93:DA:D3:11:E0:C6:03:90:40:9C:59
X509v3 Authority Key Identifier:
keyid:19:02:39:17:99:33:76:01:33:1F:5A:12:AF:11:E9:F4:F6:42:11:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GQI5F5kzdgEzH1oSrxHp9PZCEVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/pss5HYZdpDN4k9rTEeDGA5BAnFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/a9ff1a-d580-4b42-bd87-5597260f65ee/1/GQI5F5kzdgEzH1oSrxHp9PZCEVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.107.0/24
185.64.128.0/22
185.87.236.0/24
194.5.183.0/24
IPv6:
2a03:14a0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:32:7c:dc:67:86:82:d6:31:8f:05:f5:a0:16:cc:75:84:b3:
65:a5:d6:b0:ad:dd:b3:fb:af:59:12:84:e8:2f:bd:33:ac:62:
8a:ef:c0:97:a1:89:10:69:d4:c0:c8:ce:78:b3:d7:78:65:bb:
9c:82:3a:0b:f3:bd:42:ba:95:44:d2:d1:32:cb:e5:bc:a7:5b:
83:d8:61:2f:c5:aa:62:dc:9b:61:18:f9:ea:4f:db:6c:49:a5:
43:b7:a6:28:56:76:99:8f:08:40:04:0e:d9:a2:74:cd:d6:40:
fc:cd:52:39:70:fc:51:65:e1:7d:ac:9f:d0:7f:11:f2:2c:01:
64:10:7c:88:02:1c:0a:e1:0e:21:ad:43:1a:72:ae:5d:60:2d:
e3:0b:c3:5e:f9:83:cc:da:15:d9:22:fc:7b:db:0e:59:99:98:
8f:14:13:66:b4:2a:87:39:f0:cf:6d:e5:65:09:19:b6:4c:17:
d1:e4:85:e7:1e:0b:76:04:7d:62:84:3e:68:aa:24:ce:78:64:
24:33:83:2a:3a:c0:20:b8:60:d9:c9:38:ce:7b:86:f6:8d:70:
6b:95:9e:3f:11:36:e5:d7:32:a9:49:ca:0e:26:2f:b9:9c:03:
30:5c:30:82:1f:cd:9a:9a:ba:79:ca:b6:84:d3:30:e7:80:b4:
36:e2:60:66
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFACEH0mwjCF7cFM1gsBQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MDIzOTE3OTkzMzc2MDEzMzFmNWExMmFmMTFlOWY0ZjY0
MjExNTkwHhcNMjQwMTAxMTIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmNiMzkxZDg2NWRhNDMzNzg5M2RhZDMxMWUwYzYwMzkwNDA5YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIyuyRQl52oRxc1xRgRPcXuGGzVe
62vESbKjrf3z1MKiwQa+ryvnXpW/l6cihSp8I58sc5YlXooDb/LNvMwMNPOgyHdM
1nWz+LiWhPHQl23Bn8L8GAI3BRq7BYM5Ug15Yc99dj64QuyGqAMbtkm3g3ewnnYL
XIjOUD+JOf/FFbHH/OGwRjha21NoMIH/FDAzkA4vABU6Uz2mqS/pKIG330++YxLq
l96HpnUcXRQ1taMtL2XIQ25/qU97sYY5EEnRv3Z0xXkiZj/Cqnr9htWnP+EGsW0s
XRRoBBiG7VfS2YkxiaokF+jrBjgp6QyNM/28iaIyVtbmztNZpgp6IhsPKQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKbLOR2GXaQzeJPa0xHgxgOQQJxZMB8GA1UdIwQY
MBaAFBkCOReZM3YBMx9aEq8R6fT2QhFZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1FJNUY1a3pkZ0V6SDFvU3J4SHA5UFpDRVZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9hOWZmMWEtZDU4MC00YjQyLWJkODct
NTU5NzI2MGY2NWVlLzEvcHNzNUhZWmRwRE40azlyVEVlREdBNUJBbkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9hOWZmMWEtZDU4MC00YjQyLWJkODctNTU5NzI2MGY2NWVl
LzEvR1FJNUY1a3pkZ0V6SDFvU3J4SHA5UFpDRVZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAUPBrAwQC
uUCAAwQAuVfsAwQAwgW3MA0EAgACMAcDBQAqAxSgMA0GCSqGSIb3DQEBCwUAA4IB
AQBvMnzcZ4aC1jGPBfWgFsx1hLNlpdawrd2z+69ZEoToL70zrGKK78CXoYkQadTA
yM54s9d4ZbucgjoL871CupVE0tEyy+W8p1uD2GEvxapi3JthGPnqT9tsSaVDt6Yo
VnaZjwhABA7ZonTN1kD8zVI5cPxRZeF9rJ/QfxHyLAFkEHyIAhwK4Q4hrUMacq5d
YC3jC8Ne+YPM2hXZIvx72w5ZmZiPFBNmtCqHOfDPbeVlCRm2TBfR5IXnHgt2BH1i
hD5oqiTOeGQkM4MqOsAguGDZyTjOe4b2jXBrlZ4/ETbl1zKpScoOJi+5nAMwXDCC
H82amrp5yraE0zDngLQ24mBm
-----END CERTIFICATE-----
Generated at Tue May 21 15:58:32 2024 by rpki-client on console-fra.rpki-client.org