Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/CGRztWf40kKhBqsBg-iwulKqXhU.roa
File: CGRztWf40kKhBqsBg-iwulKqXhU.roa (raw, json)
Hash identifier: YdNlSgCb/4WMdkMNUOb1PVLnCvicoczYdjTmwlUz8eU=
Subject key identifier: 08:64:73:B5:67:F8:D2:42:A1:06:AB:01:83:E8:B0:BA:52:AA:5E:15
Certificate issuer: /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial: 018CC348B5F890321BB451A685C05AAEFD71
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/CGRztWf40kKhBqsBg-iwulKqXhU.roa
Signing time: Mon 01 Jan 2024 04:29:31 +0000
ROA not before: Mon 01 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 5.182.22.0/24 maxlen: 24
5.182.23.0/24 maxlen: 24
2a0e:b800:cccc::/48 maxlen: 48
2a0e:b800:aaaa::/48 maxlen: 48
2a0e:b800:abcd::/48 maxlen: 48
2a0e:b800:bbbb::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.mft
rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:b5:f8:90:32:1b:b4:51:a6:85:c0:5a:ae:fd:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Validity
Not Before: Jan 1 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=086473b567f8d242a106ab0183e8b0ba52aa5e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2b:c4:95:df:b9:45:a4:a8:87:39:43:59:ce:
a7:b2:0c:4c:8e:2c:ca:30:0d:a1:82:e9:dd:f5:ce:
b8:23:0f:46:ed:dc:10:e2:06:8f:8a:64:e7:3a:13:
20:f4:dd:3d:75:f5:cf:8b:b0:04:45:98:a6:6e:4e:
ea:41:ed:2d:9a:73:97:2f:70:fd:4c:ce:2d:06:3f:
6c:4a:f1:3f:d4:b4:a3:c0:cb:22:ea:88:e0:fb:e9:
b7:01:d7:7f:95:41:d3:5a:a9:71:04:91:af:e7:44:
b3:39:f4:f7:f7:7b:b3:45:8e:d5:44:0b:2b:55:d0:
f5:6b:e6:a2:d5:fd:26:5b:79:e5:44:f5:d5:7f:30:
0f:5c:a3:04:51:79:c5:dc:83:82:88:dc:68:79:da:
5b:0c:b7:84:da:d0:df:a9:37:4b:52:6f:59:19:6e:
fd:ce:c2:01:89:50:6f:3f:54:a4:1d:55:54:37:64:
cb:fb:e7:13:83:06:40:c1:f4:36:79:4c:b1:ee:6e:
54:1b:91:b2:38:66:06:d4:0d:af:68:ae:b1:5c:39:
ca:27:2a:ca:cd:b1:bc:1f:37:0e:79:94:9a:f6:24:
af:a6:18:5c:1a:65:2e:39:db:38:67:c1:9c:43:84:
53:91:8d:cd:99:d2:a0:de:90:b5:34:9b:92:a8:6a:
2e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:64:73:B5:67:F8:D2:42:A1:06:AB:01:83:E8:B0:BA:52:AA:5E:15
X509v3 Authority Key Identifier:
keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/CGRztWf40kKhBqsBg-iwulKqXhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.22.0/23
IPv6:
2a0e:b800:aaaa::/48
2a0e:b800:abcd::/48
2a0e:b800:bbbb::/48
2a0e:b800:cccc::/48
Signature Algorithm: sha256WithRSAEncryption
15:b0:e7:58:8f:cc:2f:cb:0f:a7:c6:0f:3c:bb:9e:f4:66:99:
da:67:7f:c3:d7:18:25:96:54:ec:a4:eb:e7:cd:1e:81:e3:db:
b7:4f:2e:ce:ae:87:fb:fb:f5:fb:8c:9f:97:0b:b1:bb:5f:70:
74:c9:aa:81:af:bd:e0:29:39:24:7d:14:f7:f9:a0:a7:18:82:
5a:c8:f6:ab:a6:ac:9a:96:6a:ed:7b:84:57:10:10:b0:26:59:
f3:98:40:c1:3c:05:2a:5b:21:fd:0a:d2:5f:4d:7d:5d:38:2b:
e8:78:76:0c:c8:39:48:d1:78:df:fe:d7:17:38:d2:52:9d:92:
35:c3:3b:d7:9d:78:82:d7:33:2a:c4:18:06:09:28:a4:fa:34:
65:2a:be:80:c0:a9:28:00:30:12:69:08:cd:ed:9f:12:e3:de:
54:5d:c2:b0:51:f4:9f:64:60:d2:40:a7:3d:e2:45:a0:5e:a9:
b0:56:cd:98:0d:0c:59:1a:0b:6a:9c:14:85:c9:b4:28:36:1b:
c0:7d:dc:f7:9f:87:98:72:c6:62:b3:bf:13:d2:f7:3a:aa:74:
41:a5:02:5e:4f:0a:0e:29:de:4f:f2:af:3d:34:d4:74:a3:b3:
df:14:57:61:f3:0d:d9:3c:da:0a:ce:71:03:85:7f:3c:10:5c:
35:90:29:ad
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzDSLX4kDIbtFGmhcBarv1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWQ3NjNiNDllMDI0YTdiNmExOWVhZjdkZmI5ODkxMWE5
Yzk0YzgwHhcNMjQwMTAxMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY0NzNiNTY3ZjhkMjQyYTEwNmFiMDE4M2U4YjBiYTUyYWE1ZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCvEld+5RaSohzlDWc6nsgxMjizK
MA2hgund9c64Iw9G7dwQ4gaPimTnOhMg9N09dfXPi7AERZimbk7qQe0tmnOXL3D9
TM4tBj9sSvE/1LSjwMsi6ojg++m3Add/lUHTWqlxBJGv50SzOfT393uzRY7VRAsr
VdD1a+ai1f0mW3nlRPXVfzAPXKMEUXnF3IOCiNxoedpbDLeE2tDfqTdLUm9ZGW79
zsIBiVBvP1SkHVVUN2TL++cTgwZAwfQ2eUyx7m5UG5GyOGYG1A2vaK6xXDnKJyrK
zbG8HzcOeZSa9iSvphhcGmUuOds4Z8GcQ4RTkY3NmdKg3pC1NJuSqGouKwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAhkc7Vn+NJCoQarAYPosLpSql4VMB8GA1UdIwQY
MBaAFO+ddjtJ4CSntqGer337mJEanJTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzct
MDg3MGU2NTk2NDViLzEvQ0dSenRXZjQwa0toQnFzQmctaXd1bEtxWGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzctMDg3MGU2NTk2NDVi
LzEvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQBBbYWMCoE
AgACMCQDBwAqDrgAqqoDBwAqDrgAq80DBwAqDrgAu7sDBwAqDrgAzMwwDQYJKoZI
hvcNAQELBQADggEBABWw51iPzC/LD6fGDzy7nvRmmdpnf8PXGCWWVOyk6+fNHoHj
27dPLs6uh/v79fuMn5cLsbtfcHTJqoGvveApOSR9FPf5oKcYglrI9qumrJqWau17
hFcQELAmWfOYQME8BSpbIf0K0l9NfV04K+h4dgzIOUjReN/+1xc40lKdkjXDO9ed
eILXMyrEGAYJKKT6NGUqvoDAqSgAMBJpCM3tnxLj3lRdwrBR9J9kYNJApz3iRaBe
qbBWzZgNDFkaC2qcFIXJtCg2G8B93Pefh5hyxmKzvxPS9zqqdEGlAl5PCg4p3k/y
rz001HSjs98UV2HzDdk82grOcQOFfzwQXDWQKa0=
-----END CERTIFICATE-----
Generated at Tue May 7 18:48:27 2024 by rpki-client on console-fra.rpki-client.org