Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/K5jDefxvEqGmTAaLkKTK2jAUriU.roa
File: K5jDefxvEqGmTAaLkKTK2jAUriU.roa (raw, json)
Hash identifier: nvoLyiMzt1kATFmpSFVzfFjdzoDyfHNNY9Gemn/+zgQ=
Subject key identifier: 2B:98:C3:79:FC:6F:12:A1:A6:4C:06:8B:90:A4:CA:DA:30:14:AE:25
Certificate issuer: /CN=a88ad546f1a0ef8cf75c92a748bd5c86362e209b
Certificate serial: 018CC50069F26B48D70F3879288C097F4351
Authority key identifier: A8:8A:D5:46:F1:A0:EF:8C:F7:5C:92:A7:48:BD:5C:86:36:2E:20:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIrVRvGg74z3XJKnSL1chjYuIJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/K5jDefxvEqGmTAaLkKTK2jAUriU.roa
Signing time: Mon 01 Jan 2024 12:29:47 +0000
ROA not before: Mon 01 Jan 2024 12:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50794
IP address blocks: 178.21.240.0/21 maxlen: 21
37.0.24.0/21 maxlen: 21
2a04:7e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/qIrVRvGg74z3XJKnSL1chjYuIJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/qIrVRvGg74z3XJKnSL1chjYuIJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/qIrVRvGg74z3XJKnSL1chjYuIJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 20:23:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:69:f2:6b:48:d7:0f:38:79:28:8c:09:7f:43:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a88ad546f1a0ef8cf75c92a748bd5c86362e209b
Validity
Not Before: Jan 1 12:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b98c379fc6f12a1a64c068b90a4cada3014ae25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:42:e0:b3:e5:5b:45:75:5c:5a:c3:6d:6a:a5:
10:df:ee:ad:b4:c1:28:d1:d7:3c:af:0f:0a:05:d5:
b9:c9:b3:45:f1:f0:0c:a6:88:7b:62:05:b3:d4:78:
48:95:b2:a3:e3:c8:1b:62:56:6e:5e:05:4a:2a:58:
cd:69:06:59:9a:bf:1f:9a:fd:a4:70:7b:b8:71:57:
28:1f:b4:ab:4f:6f:ed:c5:28:3a:6a:d5:cb:47:72:
37:0a:09:12:38:e5:dc:48:d3:7a:fe:8f:37:18:04:
26:11:33:44:4e:a6:85:0b:9b:40:45:65:4b:9a:50:
42:7c:fd:ae:f5:07:e7:9c:7a:81:24:df:45:97:4a:
95:8c:db:0d:68:cf:56:25:79:8c:3a:e3:3d:cc:73:
03:d2:e4:de:64:ac:29:96:7d:68:0e:89:0b:94:61:
ef:f3:70:4d:5e:cd:3a:2c:34:ac:69:f1:38:55:75:
6e:a8:bb:61:92:a3:41:1c:7f:49:83:06:ae:c5:02:
e8:20:b3:c1:a1:c5:0f:89:64:bb:51:a0:70:cb:c4:
93:b3:7f:94:85:cc:2c:6d:02:37:e0:81:26:9d:4c:
48:e6:ae:2a:2c:b6:b6:f5:b6:94:83:0f:0b:8b:f4:
b4:fd:c4:86:1d:9c:ad:17:da:cb:5c:04:c9:10:f3:
2b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:98:C3:79:FC:6F:12:A1:A6:4C:06:8B:90:A4:CA:DA:30:14:AE:25
X509v3 Authority Key Identifier:
keyid:A8:8A:D5:46:F1:A0:EF:8C:F7:5C:92:A7:48:BD:5C:86:36:2E:20:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIrVRvGg74z3XJKnSL1chjYuIJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/K5jDefxvEqGmTAaLkKTK2jAUriU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/qIrVRvGg74z3XJKnSL1chjYuIJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.24.0/21
178.21.240.0/21
IPv6:
2a04:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
65:78:b4:4b:22:fd:06:23:70:2e:b3:d4:71:5c:f0:7e:14:02:
6c:2d:a4:8a:8b:ee:2f:d9:48:49:63:dc:d5:41:53:6c:3e:f2:
4b:eb:13:18:4a:ff:3a:20:eb:ca:c2:61:49:ed:a9:b8:0a:77:
6b:02:4c:52:d6:cb:14:65:d8:7c:28:7c:5c:ce:c9:52:8d:ff:
c7:a1:fc:b9:6a:97:59:93:d0:ab:78:dc:b5:90:39:88:7f:a8:
b9:4f:ac:98:b5:3b:4b:0e:a7:bc:f8:d6:36:6f:d2:42:a4:86:
32:69:3e:fc:50:0e:6e:48:c0:9a:9a:52:38:aa:28:b8:02:68:
43:9c:81:e7:d5:78:ac:26:f9:5e:9e:39:04:ba:56:33:62:91:
a3:6e:23:84:79:32:f5:5c:e5:14:f7:d9:0e:01:88:af:c9:f9:
04:75:cb:c3:45:17:39:90:ff:36:b4:3c:a5:18:20:97:5e:13:
d7:d8:e5:22:db:a7:6f:c2:c3:91:9a:90:b7:c7:2f:d7:21:2b:
18:49:4e:ae:d5:66:de:a4:4b:6c:72:03:e4:be:54:76:52:28:
7d:05:f1:2c:bf:31:4c:86:42:0a:b6:bd:16:78:92:4f:2c:0a:
20:2f:ce:38:df:db:dc:06:f6:62:19:9d:76:e9:c2:34:f2:c3:
2b:34:96:a0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFAGnya0jXDzh5KIwJf0NRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OGFkNTQ2ZjFhMGVmOGNmNzVjOTJhNzQ4YmQ1Yzg2MzYy
ZTIwOWIwHhcNMjQwMTAxMTIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk4YzM3OWZjNmYxMmExYTY0YzA2OGI5MGE0Y2FkYTMwMTRhZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmULgs+VbRXVcWsNtaqUQ3+6ttMEo
0dc8rw8KBdW5ybNF8fAMpoh7YgWz1HhIlbKj48gbYlZuXgVKKljNaQZZmr8fmv2k
cHu4cVcoH7SrT2/txSg6atXLR3I3CgkSOOXcSNN6/o83GAQmETNETqaFC5tARWVL
mlBCfP2u9QfnnHqBJN9Fl0qVjNsNaM9WJXmMOuM9zHMD0uTeZKwpln1oDokLlGHv
83BNXs06LDSsafE4VXVuqLthkqNBHH9JgwauxQLoILPBocUPiWS7UaBwy8STs3+U
hcwsbQI34IEmnUxI5q4qLLa29baUgw8Li/S0/cSGHZytF9rLXATJEPMrTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCuYw3n8bxKhpkwGi5CkytowFK4lMB8GA1UdIwQY
MBaAFKiK1UbxoO+M91ySp0i9XIY2LiCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlyVlJ2R2c3NHozWEpLblNMMWNoall1SUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81MDBhOGMtNmEyZC00MzRiLTk2ZjEt
MThlYjc3OWE2NDk3LzEvSzVqRGVmeHZFcUdtVEFhTGtLVEsyakFVcmlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81MDBhOGMtNmEyZC00MzRiLTk2ZjEtMThlYjc3OWE2NDk3
LzEvcUlyVlJ2R2c3NHozWEpLblNMMWNoall1SUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJQAYAwQD
shXwMA0EAgACMAcDBQMqBH6AMA0GCSqGSIb3DQEBCwUAA4IBAQBleLRLIv0GI3Au
s9RxXPB+FAJsLaSKi+4v2UhJY9zVQVNsPvJL6xMYSv86IOvKwmFJ7am4CndrAkxS
1ssUZdh8KHxczslSjf/Hofy5apdZk9CreNy1kDmIf6i5T6yYtTtLDqe8+NY2b9JC
pIYyaT78UA5uSMCamlI4qii4AmhDnIHn1XisJvlenjkEulYzYpGjbiOEeTL1XOUU
99kOAYivyfkEdcvDRRc5kP82tDylGCCXXhPX2OUi26dvwsORmpC3xy/XISsYSU6u
1WbepEtscgPkvlR2Uih9BfEsvzFMhkIKtr0WeJJPLAogL84439vcBvZiGZ126cI0
8sMrNJag
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:54:44 2024 by rpki-client on console-ams.rpki-client.org