Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/vWS0xiuQ99kZBgj6ZUXJjhY7uk4.roa
File: vWS0xiuQ99kZBgj6ZUXJjhY7uk4.roa (raw, json)
Hash identifier: q8QpDCMF4MlA9UeVcoT1w/uRyv2b/X7u5YbCUzd1Hxg=
Subject key identifier: BD:64:B4:C6:2B:90:F7:D9:19:06:08:FA:65:45:C9:8E:16:3B:BA:4E
Certificate issuer: /CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Certificate serial: 018FF2F44C2524A95C6EB0C1F65A88BC21D6
Authority key identifier: 38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/vWS0xiuQ99kZBgj6ZUXJjhY7uk4.roa
Signing time: Fri 07 Jun 2024 13:47:27 +0000
ROA not before: Fri 07 Jun 2024 13:47:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201148
IP address blocks: 5.63.19.0/24 maxlen: 24
2a13:3f40::/29 maxlen: 29
2a13:3f40:1000::/48 maxlen: 48
2a13:3f40:1001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 15:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:f4:4c:25:24:a9:5c:6e:b0:c1:f6:5a:88:bc:21:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382e533033b3ce95e4972bf2382ddac293c2dc01
Validity
Not Before: Jun 7 13:47:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd64b4c62b90f7d9190608fa6545c98e163bba4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:55:d3:87:95:ce:3c:f0:1c:69:46:02:f7:da:
2b:18:37:85:5e:cb:37:3b:bf:44:0f:c1:38:7a:70:
79:db:5f:00:87:df:d8:5a:ca:3d:50:27:a9:9c:76:
5a:ce:5d:5a:45:a7:61:3b:80:ea:52:a1:e9:10:65:
a9:9f:d3:dc:09:ba:19:c7:e4:e7:e6:30:78:9a:d7:
a4:a7:c0:9e:c6:1c:3b:fc:15:a9:fa:5a:4b:e8:78:
70:d6:61:38:92:c1:b0:b8:2a:80:c3:7e:6a:41:7a:
6b:f5:56:c6:ca:44:26:74:c8:61:88:9a:0a:03:4c:
4c:4a:56:26:25:7c:3c:c5:a8:a3:0f:69:14:03:b9:
84:57:95:d6:8c:00:a1:86:98:6e:1b:99:ba:54:46:
93:11:1a:c4:a1:9c:79:93:83:9f:a6:2d:8a:69:31:
c9:66:35:36:76:63:93:75:d2:cb:1d:e1:a5:e4:8e:
6e:e1:51:10:bd:9c:79:5f:e9:2e:eb:bd:dd:66:18:
98:3e:fa:b1:b8:20:55:8e:0d:e1:1e:e1:54:b6:f5:
aa:15:f4:d0:c4:aa:76:76:f3:9d:cf:a0:33:30:e1:
5d:00:76:ce:76:44:43:fc:f8:2a:31:28:27:42:34:
68:ab:fc:26:ad:f6:c5:e1:07:56:97:1d:57:cb:a3:
6b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:64:B4:C6:2B:90:F7:D9:19:06:08:FA:65:45:C9:8E:16:3B:BA:4E
X509v3 Authority Key Identifier:
keyid:38:2E:53:30:33:B3:CE:95:E4:97:2B:F2:38:2D:DA:C2:93:C2:DC:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OC5TMDOzzpXklyvyOC3awpPC3AE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/vWS0xiuQ99kZBgj6ZUXJjhY7uk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a0fae1-40ee-4191-b2d4-eaa090514b52/1/OC5TMDOzzpXklyvyOC3awpPC3AE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.19.0/24
IPv6:
2a13:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
72:fb:fb:99:0c:d5:80:0c:cc:ef:87:c0:74:e8:80:bd:d1:a4:
9a:b7:66:f8:ac:1d:05:84:85:d0:3c:48:57:05:4f:56:7c:2e:
03:47:96:22:90:c8:9a:d9:7c:bf:ac:0d:b6:ed:21:f6:3a:fa:
9d:ba:ce:ac:93:1a:38:29:9a:42:5b:37:f7:34:59:ac:fd:1f:
1d:a7:f6:36:f6:9a:9d:93:88:09:85:ee:8b:c4:40:98:e1:75:
2d:d7:6d:5d:12:52:9a:74:b8:21:da:81:70:fa:c3:be:62:0c:
50:a4:56:2c:d8:f8:c3:79:48:83:23:83:3b:9a:55:7f:fb:c1:
71:ed:2e:80:6c:3c:7f:37:e9:a7:4b:07:64:a5:8c:60:57:8c:
3d:88:03:b9:74:2a:17:f5:51:34:a2:67:ff:eb:5d:b8:0b:d6:
8e:36:28:5b:ba:f7:3e:37:5e:f2:81:39:88:6c:76:91:53:ff:
68:22:ef:bd:df:b4:ea:2d:7d:3d:2d:14:87:68:27:e1:e4:21:
bb:24:5e:d6:5e:90:0d:c3:ae:ff:45:d8:5f:16:b7:51:c4:67:
25:1c:63:25:eb:37:f1:5b:6c:c9:c5:72:41:67:4c:cf:70:a7:
9f:f0:5f:ae:5c:72:b8:17:8a:df:92:79:da:4d:ca:d0:df:be:
53:c2:4d:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/y9EwlJKlcbrDB9lqIvCHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MmU1MzMwMzNiM2NlOTVlNDk3MmJmMjM4MmRkYWMyOTNj
MmRjMDEwHhcNMjQwNjA3MTM0NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDY0YjRjNjJiOTBmN2Q5MTkwNjA4ZmE2NTQ1Yzk4ZTE2M2JiYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1XTh5XOPPAcaUYC99orGDeFXss3
O79ED8E4enB5218Ah9/YWso9UCepnHZazl1aRadhO4DqUqHpEGWpn9PcCboZx+Tn
5jB4mtekp8Cexhw7/BWp+lpL6Hhw1mE4ksGwuCqAw35qQXpr9VbGykQmdMhhiJoK
A0xMSlYmJXw8xaijD2kUA7mEV5XWjAChhphuG5m6VEaTERrEoZx5k4Ofpi2KaTHJ
ZjU2dmOTddLLHeGl5I5u4VEQvZx5X+ku673dZhiYPvqxuCBVjg3hHuFUtvWqFfTQ
xKp2dvOdz6AzMOFdAHbOdkRD/PgqMSgnQjRoq/wmrfbF4QdWlx1Xy6NrMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL1ktMYrkPfZGQYI+mVFyY4WO7pOMB8GA1UdIwQY
MBaAFDguUzAzs86V5Jcr8jgt2sKTwtwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQt
ZWFhMDkwNTE0YjUyLzEvdldTMHhpdVE5OWtaQmdqNlpVWEpqaFk3dWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hMGZhZTEtNDBlZS00MTkxLWIyZDQtZWFhMDkwNTE0YjUy
LzEvT0M1VE1ET3p6cFhrbHl2eU9DM2F3cFBDM0FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABT8TMA0E
AgACMAcDBQMqEz9AMA0GCSqGSIb3DQEBCwUAA4IBAQBy+/uZDNWADMzvh8B06IC9
0aSat2b4rB0FhIXQPEhXBU9WfC4DR5YikMia2Xy/rA227SH2Ovqdus6skxo4KZpC
Wzf3NFms/R8dp/Y29pqdk4gJhe6LxECY4XUt121dElKadLgh2oFw+sO+YgxQpFYs
2PjDeUiDI4M7mlV/+8Fx7S6AbDx/N+mnSwdkpYxgV4w9iAO5dCoX9VE0omf/6124
C9aONihbuvc+N17ygTmIbHaRU/9oIu+937TqLX09LRSHaCfh5CG7JF7WXpANw67/
RdhfFrdRxGclHGMl6zfxW2zJxXJBZ0zPcKef8F+uXHK4F4rfknnaTcrQ375Twk1O
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:15:41 2024 by rpki-client on console-fra.rpki-client.org