Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5kwpOiOvO95jOH3ceNd-rV_NImw.roa
File: 5kwpOiOvO95jOH3ceNd-rV_NImw.roa (raw, json)
Hash identifier: hkJ82k6qg456b3+dujV6NFf5bRbyLWgOstILGFGL3zI=
Subject key identifier: E6:4C:29:3A:23:AF:3B:DE:63:38:7D:DC:78:D7:7E:AD:5F:CD:22:6C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018E9DF508749ACA99FDDC146C08F343DAA3
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5kwpOiOvO95jOH3ceNd-rV_NImw.roa
Signing time: Tue 02 Apr 2024 08:37:45 +0000
ROA not before: Tue 02 Apr 2024 08:37:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 89.251.18.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
146.19.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:f5:08:74:9a:ca:99:fd:dc:14:6c:08:f3:43:da:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 2 08:37:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e64c293a23af3bde63387ddc78d77ead5fcd226c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:16:fe:6c:25:76:2b:bf:54:b9:ac:dd:b4:c3:
02:85:7f:89:b4:1f:01:6b:7b:c8:70:ed:a4:0a:42:
5e:63:e2:05:e0:44:6a:be:8b:9a:ca:d7:b4:c9:4a:
f9:5a:4c:ba:ff:1d:77:42:14:fc:60:32:92:b3:ab:
8a:e5:8d:d7:10:eb:20:95:5c:5a:0e:f4:25:a0:26:
c0:2c:e6:2a:c2:f3:2c:3b:03:9f:98:f8:22:0a:f7:
cd:93:cd:58:aa:f6:ef:a7:3b:b4:8b:3a:93:4a:f2:
9d:84:d3:70:5e:9b:bc:48:da:9a:75:d8:fe:05:04:
6c:f3:c0:0d:f5:9c:cc:2c:26:cc:fb:01:89:86:09:
c7:26:1b:75:dd:69:71:81:f0:21:84:a1:4c:da:15:
7a:e8:62:2a:57:33:1b:0f:3f:97:94:4d:fa:8a:b8:
31:37:f8:00:aa:cd:99:49:75:44:1f:c3:c3:58:b7:
28:10:63:13:96:05:24:05:a0:4b:0d:14:7d:cf:73:
b8:a6:03:0f:43:f2:83:41:e7:c0:9e:86:21:f8:42:
e2:29:64:53:63:fc:aa:7b:4f:aa:ef:14:2d:2a:d1:
10:68:02:9c:ca:bf:aa:f4:d1:f3:ec:fa:8d:ac:5d:
18:4c:6f:bc:81:27:3c:08:d8:5a:d9:e8:02:05:6c:
0a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:4C:29:3A:23:AF:3B:DE:63:38:7D:DC:78:D7:7E:AD:5F:CD:22:6C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/5kwpOiOvO95jOH3ceNd-rV_NImw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.20.0/24
89.251.31.0/24
109.122.44.0/24
146.19.56.0/24
Signature Algorithm: sha256WithRSAEncryption
30:2a:2f:b6:c4:e9:a0:6f:99:08:75:c5:4e:54:ca:51:ee:76:
bf:95:54:f0:50:fe:fa:36:b9:78:69:f9:48:48:b0:64:dc:5f:
1d:26:da:1e:a6:e7:91:69:a7:d1:fa:af:dd:db:fc:d0:c9:78:
81:18:93:78:c2:b4:29:e2:7b:c9:78:ed:44:b6:b3:1f:6c:8c:
ef:cd:a6:c2:1d:c8:53:53:57:3b:a3:0a:9e:fa:38:74:86:2b:
e7:4b:85:23:46:5e:15:bd:83:2e:af:94:e9:83:4a:70:22:5e:
8c:fe:47:7d:84:67:19:02:64:1c:18:59:bd:de:e8:5c:4e:6c:
5a:c6:82:18:9c:32:df:01:b0:37:b6:52:09:99:13:e6:52:2c:
36:5c:7e:82:d3:07:53:1e:79:f0:ca:df:fa:90:b5:88:4f:d3:
ab:eb:32:f3:48:df:4b:39:2c:38:3c:af:bb:05:c9:f2:11:b1:
e9:66:34:07:3a:62:cf:62:cf:5b:f1:43:61:2e:64:2f:36:2d:
56:f6:5f:50:0d:a3:5c:f5:d3:dc:63:dd:83:a1:6b:56:13:12:
d1:c7:9e:31:68:81:a5:90:15:60:46:a9:86:57:69:43:79:77:
97:95:0b:b1:46:ff:15:58:91:db:be:cc:c7:81:9f:31:ac:39:
24:aa:20:72
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6d9Qh0msqZ/dwUbAjzQ9qjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQwNDAyMDgzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjRjMjkzYTIzYWYzYmRlNjMzODdkZGM3OGQ3N2VhZDVmY2QyMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhb+bCV2K79UuazdtMMChX+JtB8B
a3vIcO2kCkJeY+IF4ERqvouayte0yUr5Wky6/x13QhT8YDKSs6uK5Y3XEOsglVxa
DvQloCbALOYqwvMsOwOfmPgiCvfNk81Yqvbvpzu0izqTSvKdhNNwXpu8SNqaddj+
BQRs88AN9ZzMLCbM+wGJhgnHJht13WlxgfAhhKFM2hV66GIqVzMbDz+XlE36irgx
N/gAqs2ZSXVEH8PDWLcoEGMTlgUkBaBLDRR9z3O4pgMPQ/KDQefAnoYh+ELiKWRT
Y/yqe0+q7xQtKtEQaAKcyr+q9NHz7PqNrF0YTG+8gSc8CNha2egCBWwKMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOZMKTojrzveYzh93HjXfq1fzSJsMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvNWt3cE9pT3ZPOTVqT0gzY2VOZC1yVl9OSW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWfsSAwQA
WfsUAwQAWfsfAwQAbXosAwQAkhM4MA0GCSqGSIb3DQEBCwUAA4IBAQAwKi+2xOmg
b5kIdcVOVMpR7na/lVTwUP76Nrl4aflISLBk3F8dJtoepueRaafR+q/d2/zQyXiB
GJN4wrQp4nvJeO1EtrMfbIzvzabCHchTU1c7owqe+jh0hivnS4UjRl4VvYMur5Tp
g0pwIl6M/kd9hGcZAmQcGFm93uhcTmxaxoIYnDLfAbA3tlIJmRPmUiw2XH6C0wdT
Hnnwyt/6kLWIT9Or6zLzSN9LOSw4PK+7BcnyEbHpZjQHOmLPYs9b8UNhLmQvNi1W
9l9QDaNc9dPcY92DoWtWExLRx54xaIGlkBVgRqmGV2lDeXeXlQuxRv8VWJHbvszH
gZ8xrDkkqiBy
-----END CERTIFICATE-----
Generated at Sat May 4 09:00:59 2024 by rpki-client on console-ams.rpki-client.org