Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/5_qwJVIKEoZBfmNd8yNldjKt-Bk.roa
File: 5_qwJVIKEoZBfmNd8yNldjKt-Bk.roa (raw, json)
Hash identifier: YUVbOQQYo+sRsBoWssz++DKM1ZS33QD4Je1OAjkA5xQ=
Subject key identifier: E7:FA:B0:25:52:0A:12:86:41:7E:63:5D:F3:23:65:76:32:AD:F8:19
Certificate issuer: /CN=73dd2894568aebd05ad6432d53cf70e2cd788e6e
Certificate serial: 018CC5DC19DED6036CC54FBAE747BB2A9691
Authority key identifier: 73:DD:28:94:56:8A:EB:D0:5A:D6:43:2D:53:CF:70:E2:CD:78:8E:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c90olFaK69Ba1kMtU89w4s14jm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/5_qwJVIKEoZBfmNd8yNldjKt-Bk.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49984
IP address blocks: 5.199.232.0/21 maxlen: 21
185.42.128.0/22 maxlen: 22
178.210.128.0/19 maxlen: 19
2a01:a240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/c90olFaK69Ba1kMtU89w4s14jm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/c90olFaK69Ba1kMtU89w4s14jm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/c90olFaK69Ba1kMtU89w4s14jm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:19:de:d6:03:6c:c5:4f:ba:e7:47:bb:2a:96:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73dd2894568aebd05ad6432d53cf70e2cd788e6e
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7fab025520a1286417e635df323657632adf819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9e:2f:48:6c:7d:5c:c8:d3:47:b7:4a:35:ef:
e6:d2:0c:ad:b1:8b:6e:5a:a3:6c:dc:d6:b3:12:55:
d9:83:3d:35:f1:24:78:55:93:f5:0e:cf:91:05:54:
ab:27:b9:c1:53:f5:b5:1d:77:01:0f:bf:ee:0e:a3:
ff:33:92:b9:40:e0:4e:fb:4f:4a:e9:ce:8c:2b:15:
0e:1e:cb:6a:8d:f9:2b:da:67:d3:d9:53:fb:1d:97:
4f:52:38:c8:8c:21:36:ed:b4:4a:50:3c:e4:29:79:
c8:8b:e1:23:4a:b0:ee:03:b7:73:85:72:f3:ca:34:
96:96:cd:c9:0c:8d:5f:bc:75:5f:be:f0:28:ff:41:
92:15:7f:f2:5b:7b:7e:73:dd:fb:8c:6c:53:cd:31:
2b:78:8a:e7:ae:8a:8c:5c:f7:1c:f4:84:b9:f6:30:
83:b1:3a:35:03:2a:54:b1:8a:72:89:b1:50:eb:ee:
22:89:2b:4f:ad:e6:6f:47:f0:aa:a1:ca:dc:49:a3:
95:cf:bf:e9:be:06:2f:e6:cf:9f:ef:be:ad:76:2a:
fe:92:24:90:22:8c:f7:75:c8:c7:31:9c:f5:71:ba:
7f:84:49:8b:25:66:49:b3:76:e7:01:3c:58:b4:11:
69:47:ce:ad:07:26:42:6a:d4:5b:48:f0:6f:da:a5:
22:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FA:B0:25:52:0A:12:86:41:7E:63:5D:F3:23:65:76:32:AD:F8:19
X509v3 Authority Key Identifier:
keyid:73:DD:28:94:56:8A:EB:D0:5A:D6:43:2D:53:CF:70:E2:CD:78:8E:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c90olFaK69Ba1kMtU89w4s14jm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/5_qwJVIKEoZBfmNd8yNldjKt-Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/c90olFaK69Ba1kMtU89w4s14jm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.232.0/21
178.210.128.0/19
185.42.128.0/22
IPv6:
2a01:a240::/32
Signature Algorithm: sha256WithRSAEncryption
0b:e9:7c:83:d8:99:e6:6c:bd:04:82:3b:78:cb:64:20:2f:b2:
59:72:30:d2:e4:68:3e:c8:2f:3d:65:ce:bc:f3:4d:58:ff:de:
ff:8a:c5:8f:f7:26:1f:32:54:ba:48:3b:93:72:c3:5f:06:0e:
51:22:9e:de:ce:be:8c:a3:f7:ca:de:b5:2b:81:37:f9:96:c1:
15:fa:95:46:01:c5:15:a7:83:2e:fd:fe:c7:03:c3:a9:a1:45:
50:9f:bd:01:dd:e1:82:8b:6a:ee:8b:45:2e:de:dd:a7:8a:b8:
50:c1:bd:e2:a7:2c:28:e0:af:f6:83:da:3b:c5:0d:0d:78:da:
8f:cb:9f:e4:6d:96:2e:a8:ea:a5:93:52:b2:ea:5b:84:3e:31:
1b:4c:58:95:33:ad:28:e4:55:53:1d:e2:db:42:44:fd:60:7a:
96:a3:f6:02:d5:1e:24:89:4f:94:26:dc:58:42:ab:db:4d:d2:
32:7d:18:df:0b:6a:69:71:c8:e6:95:8d:ac:b7:d4:51:2c:15:
ec:50:a9:fb:e6:36:05:f0:a0:97:62:a7:5f:62:cb:64:3f:3d:
40:a6:32:fd:bd:31:8b:b8:e1:fc:da:10:4a:43:4f:d2:7b:71:
bc:65:ef:fa:4a:fc:b3:ef:e1:aa:c3:72:93:09:0b:00:56:e6:
67:a8:a1:94
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF3Bne1gNsxU+650e7KpaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZGQyODk0NTY4YWViZDA1YWQ2NDMyZDUzY2Y3MGUyY2Q3
ODhlNmUwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2ZhYjAyNTUyMGExMjg2NDE3ZTYzNWRmMzIzNjU3NjMyYWRmODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs54vSGx9XMjTR7dKNe/m0gytsYtu
WqNs3NazElXZgz018SR4VZP1Ds+RBVSrJ7nBU/W1HXcBD7/uDqP/M5K5QOBO+09K
6c6MKxUOHstqjfkr2mfT2VP7HZdPUjjIjCE27bRKUDzkKXnIi+EjSrDuA7dzhXLz
yjSWls3JDI1fvHVfvvAo/0GSFX/yW3t+c937jGxTzTEreIrnroqMXPcc9IS59jCD
sTo1AypUsYpyibFQ6+4iiStPreZvR/CqocrcSaOVz7/pvgYv5s+f776tdir+kiSQ
Ioz3dcjHMZz1cbp/hEmLJWZJs3bnATxYtBFpR86tByZCatRbSPBv2qUipwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOf6sCVSChKGQX5jXfMjZXYyrfgZMB8GA1UdIwQY
MBaAFHPdKJRWiuvQWtZDLVPPcOLNeI5uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzkwb2xGYUs2OUJhMWtNdFU4OXc0czE0am00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hMWQyMGUtNTBhMi00NGRjLWIxZTgt
YTY3ZGNhOGEwODhjLzEvNV9xd0pWSUtFb1pCZm1OZDh5Tmxkakt0LUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hMWQyMGUtNTBhMi00NGRjLWIxZTgtYTY3ZGNhOGEwODhj
LzEvYzkwb2xGYUs2OUJhMWtNdFU4OXc0czE0am00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBcfoAwQF
stKAAwQCuSqAMA0EAgACMAcDBQAqAaJAMA0GCSqGSIb3DQEBCwUAA4IBAQAL6XyD
2JnmbL0Egjt4y2QgL7JZcjDS5Gg+yC89Zc68801Y/97/isWP9yYfMlS6SDuTcsNf
Bg5RIp7ezr6Mo/fK3rUrgTf5lsEV+pVGAcUVp4Mu/f7HA8OpoUVQn70B3eGCi2ru
i0Uu3t2nirhQwb3ipywo4K/2g9o7xQ0NeNqPy5/kbZYuqOqlk1Ky6luEPjEbTFiV
M60o5FVTHeLbQkT9YHqWo/YC1R4kiU+UJtxYQqvbTdIyfRjfC2ppccjmlY2st9RR
LBXsUKn75jYF8KCXYqdfYstkPz1ApjL9vTGLuOH82hBKQ0/Se3G8Ze/6Svyz7+Gq
w3KTCQsAVuZnqKGU
-----END CERTIFICATE-----
Generated at Sat Jun 22 09:59:13 2024 by rpki-client on console-ams.rpki-client.org