Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5JzlsKF6HzSMiPO4RjOuoO4YcKE.roa
File: 5JzlsKF6HzSMiPO4RjOuoO4YcKE.roa (raw, json)
Hash identifier: YfVVvbc0jKA4yeZgB2V67+CnZWf5xEQ5EDqPschSdWY=
Subject key identifier: E4:9C:E5:B0:A1:7A:1F:34:8C:88:F3:B8:46:33:AE:A0:EE:18:70:A1
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0192F680D8B4193F3C6C5C74389C042132B6
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5JzlsKF6HzSMiPO4RjOuoO4YcKE.roa
Signing time: Mon 04 Nov 2024 09:28:12 +0000
ROA not before: Mon 04 Nov 2024 09:28:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 193.124.15.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
212.193.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:80:d8:b4:19:3f:3c:6c:5c:74:38:9c:04:21:32:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 4 09:28:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e49ce5b0a17a1f348c88f3b84633aea0ee1870a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fb:07:ab:a3:f3:73:39:04:92:b5:47:d4:08:
03:4b:6b:48:cb:df:25:0b:e6:06:03:9a:b1:62:05:
b1:7b:3b:41:97:4e:b5:4c:62:6d:9b:3b:a2:24:ed:
d0:cc:19:16:9b:a5:0c:0d:f1:72:ed:2b:9e:70:aa:
75:c9:d6:45:5e:b2:87:d7:16:de:0b:70:6d:df:27:
53:35:34:10:13:f9:35:41:cf:08:2d:4b:d4:29:e2:
7e:76:77:09:c9:73:9c:ee:a7:71:1b:29:97:d7:02:
74:61:8e:53:3e:45:97:18:21:cc:12:eb:59:b5:5c:
f2:cb:80:b4:d2:9f:dd:72:cd:56:e1:2e:c4:62:f2:
bb:cd:dc:20:a7:6e:b9:dd:36:a4:a5:fa:bb:e1:97:
a8:01:84:8a:85:c1:24:5a:a8:83:db:3d:ca:83:35:
36:c6:cb:61:d3:b4:b9:a6:ac:24:19:de:7f:8b:a7:
4f:84:89:7b:a9:13:d8:16:db:59:e6:3b:63:2b:92:
2f:be:82:a2:2d:7b:9d:6d:de:c9:0f:30:60:e1:7a:
6f:26:6e:46:c6:79:1b:64:f2:ff:2f:62:c3:77:18:
85:4f:9b:2f:e2:b5:f3:8e:3b:de:c8:18:37:86:a2:
50:65:48:db:dd:13:a0:52:74:b2:ac:62:2d:74:8b:
56:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:9C:E5:B0:A1:7A:1F:34:8C:88:F3:B8:46:33:AE:A0:EE:18:70:A1
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5JzlsKF6HzSMiPO4RjOuoO4YcKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.87.123.0/24
194.135.104.0/24
195.133.83.0/24
212.193.25.0/24
Signature Algorithm: sha256WithRSAEncryption
78:1e:ba:d2:d6:3b:db:42:a6:ec:aa:7a:66:2f:78:c2:0f:24:
35:08:7d:8b:af:46:9c:c2:12:5d:c3:f4:af:72:31:39:93:50:
e8:91:8a:7f:7d:82:aa:59:6d:7a:53:30:42:18:d2:75:14:cd:
38:8c:21:92:98:c3:73:fe:e6:f5:aa:fc:70:41:e6:c2:6b:40:
7e:17:88:18:dc:13:d2:92:0e:e5:60:cf:62:40:46:6c:73:58:
99:ea:38:3d:1c:f0:fa:42:97:78:8e:75:8a:97:0a:5c:ff:cd:
6e:fb:a6:b7:89:1c:ac:eb:29:d4:21:26:50:c4:b8:39:05:9c:
8f:62:2e:b0:59:6c:6e:63:89:c2:b5:72:15:ef:ad:7c:ca:c6:
8b:33:1d:6c:7a:e0:9b:1e:51:50:ee:ee:1e:c6:41:2b:f0:ba:
3d:57:e7:73:52:a5:0f:30:42:70:73:28:80:e4:0e:d5:d3:9b:
5a:86:b3:af:f9:57:c9:de:2b:44:87:69:0b:83:6f:ed:36:8b:
ee:89:a4:5f:a4:ef:ed:12:49:44:1a:1b:62:36:14:8a:55:fa:
ef:47:36:71:9a:9d:d1:39:cd:73:c4:bf:0f:1f:48:b1:57:7c:
b8:c6:5f:fe:90:05:69:95:c1:27:42:c5:33:a2:1e:f5:13:6c:
d4:fa:23:69
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZL2gNi0GT88bFx0OJwEITK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMTA0MDkyODEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDljZTViMGExN2ExZjM0OGM4OGYzYjg0NjMzYWVhMGVlMTg3MGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PsHq6PzczkEkrVH1AgDS2tIy98l
C+YGA5qxYgWxeztBl061TGJtmzuiJO3QzBkWm6UMDfFy7SuecKp1ydZFXrKH1xbe
C3Bt3ydTNTQQE/k1Qc8ILUvUKeJ+dncJyXOc7qdxGymX1wJ0YY5TPkWXGCHMEutZ
tVzyy4C00p/dcs1W4S7EYvK7zdwgp2653Takpfq74ZeoAYSKhcEkWqiD2z3KgzU2
xsth07S5pqwkGd5/i6dPhIl7qRPYFttZ5jtjK5IvvoKiLXudbd7JDzBg4XpvJm5G
xnkbZPL/L2LDdxiFT5sv4rXzjjveyBg3hqJQZUjb3ROgUnSyrGItdItWFwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOSc5bCheh80jIjzuEYzrqDuGHChMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNUp6bHNLRjZIelNNaVBPNFJqT3VvTzRZY0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwXwPAwQA
wXwYAwQAwld7AwQAwodoAwQAw4VTAwQA1MEZMA0GCSqGSIb3DQEBCwUAA4IBAQB4
HrrS1jvbQqbsqnpmL3jCDyQ1CH2Lr0acwhJdw/SvcjE5k1DokYp/fYKqWW16UzBC
GNJ1FM04jCGSmMNz/ub1qvxwQebCa0B+F4gY3BPSkg7lYM9iQEZsc1iZ6jg9HPD6
Qpd4jnWKlwpc/81u+6a3iRys6ynUISZQxLg5BZyPYi6wWWxuY4nCtXIV7618ysaL
Mx1seuCbHlFQ7u4exkEr8Lo9V+dzUqUPMEJwcyiA5A7V05tahrOv+VfJ3itEh2kL
g2/tNovuiaRfpO/tEklEGhtiNhSKVfrvRzZxmp3ROc1zxL8PH0ixV3y4xl/+kAVp
lcEnQsUzoh71E2zU+iNp
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:20:47 2024 by rpki-client on console-ams.rpki-client.org