Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/My27Wg750G8HCT5Ed-v9ku8o6i4.roa
File: My27Wg750G8HCT5Ed-v9ku8o6i4.roa (raw, json)
Hash identifier: Y3E+xdDXG3Cpt1NR1gJuB6nl7Z+TAXH79Po7KRGnzQw=
Subject key identifier: 33:2D:BB:5A:0E:F9:D0:6F:07:09:3E:44:77:EB:FD:92:EF:28:EA:2E
Certificate issuer: /CN=0ac1565a5f6c4e54ca2f19d364759b6a0ed61840
Certificate serial: 018CC5DC0B69CF175C0A2A51BF3E19FB906F
Authority key identifier: 0A:C1:56:5A:5F:6C:4E:54:CA:2F:19:D3:64:75:9B:6A:0E:D6:18:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CsFWWl9sTlTKLxnTZHWbag7WGEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/My27Wg750G8HCT5Ed-v9ku8o6i4.roa
Signing time: Mon 01 Jan 2024 16:29:41 +0000
ROA not before: Mon 01 Jan 2024 16:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198288
IP address blocks: 185.44.156.0/22 maxlen: 22
5.34.248.0/21 maxlen: 22
2a00:f8c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/CsFWWl9sTlTKLxnTZHWbag7WGEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/CsFWWl9sTlTKLxnTZHWbag7WGEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CsFWWl9sTlTKLxnTZHWbag7WGEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:0b:69:cf:17:5c:0a:2a:51:bf:3e:19:fb:90:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ac1565a5f6c4e54ca2f19d364759b6a0ed61840
Validity
Not Before: Jan 1 16:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=332dbb5a0ef9d06f07093e4477ebfd92ef28ea2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fc:fb:dd:26:94:25:63:1e:67:0c:d7:96:ce:
55:0a:b4:d6:37:05:6b:ce:20:aa:56:30:b8:fc:82:
51:3f:f8:8c:d5:93:fe:29:7a:59:5a:5d:ee:40:3a:
25:98:8b:29:04:6a:8c:01:07:3e:22:df:81:cb:95:
84:00:45:e8:f6:4d:1f:3a:5e:24:87:e6:45:b8:f2:
5f:56:8f:a6:d0:b1:ff:98:3a:4a:05:07:fd:40:2c:
6e:1e:a5:fc:61:3f:84:57:04:8d:6a:e7:5e:34:03:
f7:79:40:a8:9f:58:c7:47:4d:28:71:89:c7:1e:71:
e6:ca:8a:a2:a6:16:de:b2:52:72:35:0a:bc:61:63:
84:ac:b5:ea:9e:95:9b:c3:4b:90:b8:21:a7:25:b7:
1a:c6:d7:fd:5c:6d:49:7d:a2:d6:7e:90:88:08:53:
2e:7b:8f:af:fb:58:b0:53:13:d7:bb:53:35:aa:7d:
fb:9e:dc:f3:8e:15:b9:fe:69:a0:b0:3e:45:d6:16:
1c:e2:7a:9f:70:ff:a8:53:6b:df:cf:9e:94:58:70:
c4:2a:82:75:e8:d7:25:8d:25:94:68:28:28:1d:b0:
94:c8:5b:d1:ad:b2:49:ba:d0:8d:c0:39:c4:59:03:
b7:52:c5:59:00:80:f3:14:3c:c8:7c:2a:69:2e:68:
b8:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2D:BB:5A:0E:F9:D0:6F:07:09:3E:44:77:EB:FD:92:EF:28:EA:2E
X509v3 Authority Key Identifier:
keyid:0A:C1:56:5A:5F:6C:4E:54:CA:2F:19:D3:64:75:9B:6A:0E:D6:18:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CsFWWl9sTlTKLxnTZHWbag7WGEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/My27Wg750G8HCT5Ed-v9ku8o6i4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7edb22-ff47-465f-9068-5c4a0eb2017f/1/CsFWWl9sTlTKLxnTZHWbag7WGEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.248.0/21
185.44.156.0/22
IPv6:
2a00:f8c0::/32
Signature Algorithm: sha256WithRSAEncryption
13:af:a5:3e:a1:2f:ec:d4:f1:41:d1:80:31:38:b3:dd:7a:01:
f1:f6:86:24:d2:f9:3a:84:3f:e8:85:27:aa:91:94:a4:a8:ff:
40:da:3f:f1:de:90:b2:3e:a0:f9:7b:13:43:50:a9:54:b1:a8:
2d:03:2c:e6:16:49:22:b2:bc:26:20:5b:29:5d:79:6d:4a:33:
57:92:1e:16:76:e0:a2:c7:27:1a:95:7a:0c:d8:f4:77:d9:70:
67:52:3d:d7:e6:56:7d:b2:6a:c7:7d:8f:68:19:b1:31:f7:c5:
15:a8:49:5c:15:18:a7:4e:30:91:7e:62:b1:ae:cb:5d:6b:2b:
52:89:58:e7:63:d0:e0:d5:88:f8:76:6f:4e:56:42:5b:19:53:
07:d5:a6:24:a1:c8:e1:f2:45:0c:26:e5:b1:63:3b:6c:9a:a3:
20:e7:ec:30:74:dd:5f:7d:34:7b:ff:61:b0:97:4e:7c:57:b2:
2d:fd:7a:2d:79:ff:96:f4:dd:24:a7:14:f7:3d:72:67:e1:99:
c0:af:ad:ed:ef:47:0d:6a:94:22:3c:9a:cc:16:22:8a:a9:c2:
d1:80:46:33:5f:be:52:86:24:e5:fc:f4:4e:5c:9a:bd:dc:5b:
42:2b:5e:cd:0d:e1:c3:b9:3a:5e:7d:d5:a8:74:c3:4b:e4:65:
03:68:16:83
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3AtpzxdcCipRvz4Z+5BvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYzE1NjVhNWY2YzRlNTRjYTJmMTlkMzY0NzU5YjZhMGVk
NjE4NDAwHhcNMjQwMTAxMTYyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzJkYmI1YTBlZjlkMDZmMDcwOTNlNDQ3N2ViZmQ5MmVmMjhlYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfz73SaUJWMeZwzXls5VCrTWNwVr
ziCqVjC4/IJRP/iM1ZP+KXpZWl3uQDolmIspBGqMAQc+It+By5WEAEXo9k0fOl4k
h+ZFuPJfVo+m0LH/mDpKBQf9QCxuHqX8YT+EVwSNaudeNAP3eUCon1jHR00ocYnH
HnHmyoqiphbeslJyNQq8YWOErLXqnpWbw0uQuCGnJbcaxtf9XG1JfaLWfpCICFMu
e4+v+1iwUxPXu1M1qn37ntzzjhW5/mmgsD5F1hYc4nqfcP+oU2vfz56UWHDEKoJ1
6NcljSWUaCgoHbCUyFvRrbJJutCNwDnEWQO3UsVZAIDzFDzIfCppLmi4FQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDMtu1oO+dBvBwk+RHfr/ZLvKOouMB8GA1UdIwQY
MBaAFArBVlpfbE5Uyi8Z02R1m2oO1hhAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3NGV1dsOXNUbFRLTHhuVFpIV2JhZzdXR0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZWRiMjItZmY0Ny00NjVmLTkwNjgt
NWM0YTBlYjIwMTdmLzEvTXkyN1dnNzUwRzhIQ1Q1RWQtdjlrdThvNmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83ZWRiMjItZmY0Ny00NjVmLTkwNjgtNWM0YTBlYjIwMTdm
LzEvQ3NGV1dsOXNUbFRLTHhuVFpIV2JhZzdXR0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBSL4AwQC
uSycMA0EAgACMAcDBQAqAPjAMA0GCSqGSIb3DQEBCwUAA4IBAQATr6U+oS/s1PFB
0YAxOLPdegHx9oYk0vk6hD/ohSeqkZSkqP9A2j/x3pCyPqD5exNDUKlUsagtAyzm
FkkisrwmIFspXXltSjNXkh4WduCixycalXoM2PR32XBnUj3X5lZ9smrHfY9oGbEx
98UVqElcFRinTjCRfmKxrstdaytSiVjnY9Dg1Yj4dm9OVkJbGVMH1aYkocjh8kUM
JuWxYztsmqMg5+wwdN1ffTR7/2Gwl058V7It/Xotef+W9N0kpxT3PXJn4ZnAr63t
70cNapQiPJrMFiKKqcLRgEYzX75ShiTl/PROXJq93FtCK17NDeHDuTpefdWodMNL
5GUDaBaD
-----END CERTIFICATE-----
Generated at Fri Jun 21 17:31:19 2024 by rpki-client on console-ams.rpki-client.org