Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/chUFIeysM8uMaZWDLRNR5_TUDVw.roa
File: chUFIeysM8uMaZWDLRNR5_TUDVw.roa (raw, json)
Hash identifier: B2XB1lAxNUe9MT/mbk6Yja1qrVo/ByydRjfl7lwNKbs=
Subject key identifier: 72:15:05:21:EC:AC:33:CB:8C:69:95:83:2D:13:51:E7:F4:D4:0D:5C
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 018CC64A77C13A795B7F226DCE596A4F54A6
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/chUFIeysM8uMaZWDLRNR5_TUDVw.roa
Signing time: Mon 01 Jan 2024 18:30:18 +0000
ROA not before: Mon 01 Jan 2024 18:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50673
IP address blocks: 128.0.68.0/23 maxlen: 23
188.72.68.0/23 maxlen: 23
46.243.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 06:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:77:c1:3a:79:5b:7f:22:6d:ce:59:6a:4f:54:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 18:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72150521ecac33cb8c6995832d1351e7f4d40d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:65:89:be:14:21:38:b1:32:c1:14:5f:8f:81:
73:b7:d6:50:e7:57:c4:6b:15:2e:61:6b:57:f9:72:
f7:28:e0:68:58:8f:eb:00:c1:13:9b:ae:a2:e6:39:
7a:ee:4a:58:4f:8d:fb:6c:f2:d2:a8:e6:b9:53:6c:
97:bc:e5:f5:e2:5e:aa:9a:2d:1e:38:ff:2e:ed:57:
64:e8:a6:46:83:cc:2a:fa:d4:0d:3d:8f:c2:3c:03:
32:a7:af:7d:6f:8f:1b:50:7c:0d:6d:cc:95:da:18:
46:eb:75:a0:b7:7c:c7:4b:26:bd:51:d9:94:42:b8:
f8:ea:58:ae:f8:04:25:8d:b5:a6:cb:2d:97:40:15:
17:d7:7f:e8:8a:ab:a3:86:3f:24:d6:7d:19:b1:74:
66:89:39:7c:2e:5f:2b:38:06:96:a8:29:f0:62:6a:
91:cd:77:2f:71:06:b4:bf:98:44:d0:f0:62:73:e1:
99:2b:85:f3:7c:5d:d8:2e:14:9c:a1:d8:58:55:e8:
61:b1:aa:41:67:3f:76:2c:20:ed:7d:bd:86:07:57:
2c:bf:4d:74:65:94:33:9a:c2:ad:78:2d:d8:2e:44:
96:cf:49:65:64:dc:d4:56:f6:5f:4b:16:86:8d:8e:
c3:7f:87:19:1a:66:39:e7:c0:f1:82:85:61:15:8a:
c7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:15:05:21:EC:AC:33:CB:8C:69:95:83:2D:13:51:E7:F4:D4:0D:5C
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/chUFIeysM8uMaZWDLRNR5_TUDVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.188.0/22
128.0.68.0/23
188.72.68.0/23
Signature Algorithm: sha256WithRSAEncryption
81:c7:cd:80:49:0d:61:f6:34:e2:d6:7e:ec:a6:d5:09:4f:92:
73:bd:52:54:ba:89:7f:b6:00:71:1e:af:64:3f:4d:e1:c0:b4:
d5:a4:03:99:dd:a6:8c:08:6f:77:50:07:12:49:2a:ea:e3:ed:
39:67:59:37:eb:fe:ac:e4:59:67:bc:fd:2e:3a:a9:5f:58:b3:
1a:f7:ca:68:c2:1b:d4:36:9e:17:63:d6:27:23:43:79:4a:cf:
ea:f3:e8:f0:53:83:3d:67:b0:05:b9:a8:21:7a:46:fa:0f:03:
f3:7c:be:de:ac:66:35:13:fb:df:10:09:35:a1:11:b9:a7:90:
3c:d0:c7:0b:90:f4:bd:a5:fc:46:08:9c:53:0a:ae:a5:20:0d:
73:df:e3:53:ae:f5:0f:c0:c8:6c:35:63:dd:59:f9:e9:9a:ec:
af:67:03:ee:ca:04:8a:81:3f:a0:e8:12:e4:d8:1a:e1:81:ac:
d2:13:51:b6:b5:a6:40:7a:4f:8f:a2:35:43:aa:fd:6b:f4:3a:
d1:6e:01:a3:ca:40:db:da:c5:c6:4f:c0:ba:50:63:3d:be:23:
b0:28:51:13:61:83:99:b4:6f:d0:51:7c:cf:4f:a9:04:66:5f:
98:e5:0c:99:d9:0e:48:be:72:6f:44:16:ef:8b:64:31:1b:00:
97:45:3e:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGSnfBOnlbfyJtzllqT1SmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjQwMTAxMTgzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE1MDUyMWVjYWMzM2NiOGM2OTk1ODMyZDEzNTFlN2Y0ZDQwZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGWJvhQhOLEywRRfj4Fzt9ZQ51fE
axUuYWtX+XL3KOBoWI/rAMETm66i5jl67kpYT437bPLSqOa5U2yXvOX14l6qmi0e
OP8u7Vdk6KZGg8wq+tQNPY/CPAMyp699b48bUHwNbcyV2hhG63Wgt3zHSya9UdmU
Qrj46liu+AQljbWmyy2XQBUX13/oiqujhj8k1n0ZsXRmiTl8Ll8rOAaWqCnwYmqR
zXcvcQa0v5hE0PBic+GZK4XzfF3YLhScodhYVehhsapBZz92LCDtfb2GB1csv010
ZZQzmsKteC3YLkSWz0llZNzUVvZfSxaGjY7Df4cZGmY558DxgoVhFYrHUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHIVBSHsrDPLjGmVgy0TUef01A1cMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvY2hVRklleXNNOHVNYVpXRExSTlI1X1RVRFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLvO8AwQB
gABEAwQBvEhEMA0GCSqGSIb3DQEBCwUAA4IBAQCBx82ASQ1h9jTi1n7sptUJT5Jz
vVJUuol/tgBxHq9kP03hwLTVpAOZ3aaMCG93UAcSSSrq4+05Z1k36/6s5FlnvP0u
OqlfWLMa98powhvUNp4XY9YnI0N5Ss/q8+jwU4M9Z7AFuaghekb6DwPzfL7erGY1
E/vfEAk1oRG5p5A80McLkPS9pfxGCJxTCq6lIA1z3+NTrvUPwMhsNWPdWfnpmuyv
ZwPuygSKgT+g6BLk2BrhgazSE1G2taZAek+PojVDqv1r9DrRbgGjykDb2sXGT8C6
UGM9viOwKFETYYOZtG/QUXzPT6kEZl+Y5QyZ2Q5IvnJvRBbvi2QxGwCXRT6r
-----END CERTIFICATE-----
Generated at Wed Jun 26 10:34:53 2024 by rpki-client on console-fra.rpki-client.org