Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zjvtdoKnxRJ-X1ZfIwqHEjnH4GU.roa
File: zjvtdoKnxRJ-X1ZfIwqHEjnH4GU.roa (raw, json)
Hash identifier: LxgIyAstEBb4SufEuyoF/ypmvgU3WvIhVPpDB0gMhCI=
Subject key identifier: CE:3B:ED:76:82:A7:C5:12:7E:5F:56:5F:23:0A:87:12:39:C7:E0:65
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018DF5BE582895E7AA88A542FCB8C2BF24BA
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zjvtdoKnxRJ-X1ZfIwqHEjnH4GU.roa
Signing time: Thu 29 Feb 2024 16:41:48 +0000
ROA not before: Thu 29 Feb 2024 16:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.34.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:54:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:be:58:28:95:e7:aa:88:a5:42:fc:b8:c2:bf:24:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 29 16:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce3bed7682a7c5127e5f565f230a871239c7e065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:eb:55:5c:ab:16:43:b6:a1:40:d8:27:83:8c:
1d:39:02:a8:f8:92:6f:0a:31:24:52:1c:15:ee:07:
12:ab:74:9a:23:a2:ef:61:b6:55:38:0c:3f:c2:2e:
fc:80:98:55:74:f8:e2:ba:bc:a2:2c:3d:52:b7:76:
e6:67:1f:09:35:c8:7e:2c:09:9d:b8:40:2e:64:a5:
c8:c7:d6:ed:17:50:c1:fc:69:63:ef:3f:2f:6a:b6:
ce:f1:4b:19:95:d7:e5:0b:70:54:9c:95:e3:6a:f2:
be:ad:b4:45:e7:40:c1:8e:d3:86:0d:b4:8d:4c:c6:
e8:36:37:f8:31:e8:48:1c:73:ae:18:c4:1e:bb:f4:
2c:ba:00:df:09:6c:9d:f8:2b:2d:5b:6d:6e:04:1f:
88:d6:fd:17:72:7d:24:6a:53:78:14:82:68:d3:60:
27:a3:d0:98:01:14:ef:86:39:21:67:4e:7e:93:94:
79:67:ed:f1:64:2f:70:6f:af:1e:21:12:7d:47:d7:
4f:fd:c8:9b:7e:cf:0b:de:5d:1c:60:38:11:de:43:
eb:bb:4d:fe:ab:7e:85:5f:f9:7f:27:69:ba:94:e7:
d7:dc:92:c2:d6:a8:0a:62:c8:9b:eb:8f:22:2f:65:
ed:ac:b0:69:f9:e9:e7:44:7a:4d:f4:7d:55:8d:2d:
13:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:3B:ED:76:82:A7:C5:12:7E:5F:56:5F:23:0A:87:12:39:C7:E0:65
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/zjvtdoKnxRJ-X1ZfIwqHEjnH4GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.118.0/24
163.5.153.0/24
163.5.177.0/24
163.5.185.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:2e:1f:50:2a:e0:76:b3:50:4e:87:c0:08:b6:d3:93:e5:14:
c9:c9:e1:c7:44:f3:92:d0:2d:ec:bb:79:96:be:6d:b6:5f:65:
98:3d:19:f5:de:9e:0f:7c:01:ad:e6:74:90:37:b0:61:b3:8f:
db:91:3e:6e:fd:b0:2a:8d:6e:54:01:52:a2:be:58:6e:75:70:
10:1c:b8:df:bb:d0:f0:3a:a4:e8:75:e1:b8:27:9c:1d:88:80:
b5:26:dd:80:3a:48:1e:51:da:06:29:65:23:89:53:e4:50:b3:
30:ed:66:d1:4c:b1:60:d2:da:24:07:fa:35:77:9b:fc:cf:e1:
ab:38:a3:b7:ee:0e:03:63:88:5d:c9:7b:73:aa:a5:83:02:90:
93:c0:d9:23:46:dd:32:3f:a4:f8:36:17:1e:45:f1:0a:0c:0a:
a4:43:24:f1:d7:06:b5:10:6e:18:35:63:c2:b1:1e:1b:40:0a:
3a:f8:d3:be:33:3f:3a:1d:17:fe:d2:20:f2:d6:6c:5f:61:60:
36:1a:37:4e:98:bb:26:61:32:f9:a7:60:b7:eb:6c:04:40:cb:
26:b7:e7:39:73:45:9d:a1:cf:e1:b7:ad:42:f5:88:a6:c9:b6:
7f:90:d6:41:f6:2f:15:c9:cd:44:32:be:16:34:01:43:db:1c:
27:cf:12:c4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY31vlgoleeqiKVC/LjCvyS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjI5MTY0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTNiZWQ3NjgyYTdjNTEyN2U1ZjU2NWYyMzBhODcxMjM5YzdlMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOtVXKsWQ7ahQNgng4wdOQKo+JJv
CjEkUhwV7gcSq3SaI6LvYbZVOAw/wi78gJhVdPjiuryiLD1St3bmZx8JNch+LAmd
uEAuZKXIx9btF1DB/Glj7z8varbO8UsZldflC3BUnJXjavK+rbRF50DBjtOGDbSN
TMboNjf4MehIHHOuGMQeu/QsugDfCWyd+CstW21uBB+I1v0Xcn0kalN4FIJo02An
o9CYARTvhjkhZ05+k5R5Z+3xZC9wb68eIRJ9R9dP/cibfs8L3l0cYDgR3kPru03+
q36FX/l/J2m6lOfX3JLC1qgKYsib648iL2XtrLBp+ennRHpN9H1VjS0TmwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM477XaCp8USfl9WXyMKhxI5x+BlMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvemp2dGRvS254UkotWDFaZkl3cUhFam5INEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowUiAwQA
owV2AwQAowWZAwQAowWxAwQAowW5AwQAowX8MA0GCSqGSIb3DQEBCwUAA4IBAQBu
Lh9QKuB2s1BOh8AIttOT5RTJyeHHRPOS0C3su3mWvm22X2WYPRn13p4PfAGt5nSQ
N7Bhs4/bkT5u/bAqjW5UAVKivlhudXAQHLjfu9DwOqTodeG4J5wdiIC1Jt2AOkge
UdoGKWUjiVPkULMw7WbRTLFg0tokB/o1d5v8z+GrOKO37g4DY4hdyXtzqqWDApCT
wNkjRt0yP6T4NhceRfEKDAqkQyTx1wa1EG4YNWPCsR4bQAo6+NO+Mz86HRf+0iDy
1mxfYWA2GjdOmLsmYTL5p2C362wEQMsmt+c5c0Wdoc/ht61C9YimybZ/kNZB9i8V
yc1EMr4WNAFD2xwnzxLE
-----END CERTIFICATE-----
Generated at Tue Apr 30 16:24:48 2024 by rpki-client on console-fra.rpki-client.org