Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/doWGqv4zsrVomkIyZjB0cCVyfdY.roa
File: doWGqv4zsrVomkIyZjB0cCVyfdY.roa (raw, json)
Hash identifier: ky63Z79TI7CkIvrhWE28OuN151x/NtuuA+B+a01OCbc=
Subject key identifier: 76:85:86:AA:FE:33:B2:B5:68:9A:42:32:66:30:74:70:25:72:7D:D6
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018F75958B4A74FD162F68D2E2BE338C833E
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/doWGqv4zsrVomkIyZjB0cCVyfdY.roa
Signing time: Tue 14 May 2024 05:31:25 +0000
ROA not before: Tue 14 May 2024 05:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35913
IP address blocks: 5.181.0.0/24 maxlen: 24
5.181.1.0/24 maxlen: 24
5.181.2.0/24 maxlen: 24
5.181.3.0/24 maxlen: 24
2a09:fb86::/32 maxlen: 32
2a11:6e40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:75:95:8b:4a:74:fd:16:2f:68:d2:e2:be:33:8c:83:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: May 14 05:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=768586aafe33b2b5689a42326630747025727dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:cf:1b:c6:50:48:57:6c:ae:5b:26:29:3c:a9:
42:43:b8:1f:e6:5d:0a:d1:6d:ff:45:35:0d:d9:84:
43:2d:98:95:c7:ee:55:c6:06:6c:09:06:0c:52:7d:
ce:bc:24:b1:64:2c:d1:1d:db:7c:73:4f:44:f2:3c:
23:bc:07:b7:c2:3a:3a:58:89:f7:40:1c:6f:bc:8e:
5e:54:b8:a1:a7:08:4d:a8:74:2e:4f:c7:08:41:21:
3c:f4:8a:c3:29:b8:4e:75:1b:a4:41:f9:52:ea:fd:
6c:39:e0:e1:8e:1c:df:f6:93:97:4b:3c:9d:24:09:
11:32:10:4b:13:e1:7b:c9:55:e0:3f:af:6c:91:d8:
10:ab:bc:b8:4c:3a:3f:ce:c7:8a:46:db:4a:7e:d8:
81:7f:42:e4:46:6f:ab:1c:f0:23:10:ca:c2:d9:e0:
f9:94:6a:0c:b2:ea:dc:b9:e2:e1:95:e4:12:b2:dc:
22:d1:ea:2d:98:1c:f8:0d:4c:ed:c7:5d:94:aa:20:
bd:65:d8:f7:c2:b2:87:43:b4:08:d6:99:5a:4b:47:
0b:a0:ea:4f:1c:31:2f:de:2d:e0:fb:5a:04:f9:2e:
19:07:87:36:de:ef:c5:39:0e:5b:6a:3a:08:68:1d:
5e:67:f7:22:9d:98:a0:9f:d0:23:c0:22:f8:fc:3e:
1d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:85:86:AA:FE:33:B2:B5:68:9A:42:32:66:30:74:70:25:72:7D:D6
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/doWGqv4zsrVomkIyZjB0cCVyfdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.0.0/22
IPv6:
2a09:fb86::/32
2a11:6e40::/32
Signature Algorithm: sha256WithRSAEncryption
62:67:cb:4f:1c:a3:1c:67:73:4f:7b:55:60:69:65:38:67:93:
4b:ba:b0:59:cc:8a:4b:40:df:fe:9a:40:c2:01:f5:ec:99:d3:
b2:d4:88:b9:57:a9:5e:c8:c0:79:11:89:8e:0b:b0:31:ec:0e:
79:d1:ee:33:e3:42:bf:37:5d:77:a4:57:9b:93:6d:cf:65:42:
0d:52:eb:ca:82:4c:98:d0:07:4b:a3:a6:37:af:ba:e0:83:72:
14:e9:ed:09:bc:6c:b1:a4:4d:54:39:aa:c5:a8:bf:ad:c1:24:
db:8f:f2:64:80:71:66:2e:02:9d:5a:64:64:9f:d1:1f:05:c8:
cd:14:2c:32:4d:d1:0b:31:d3:d5:c6:25:fc:93:7c:1d:13:56:
03:a6:24:8a:e9:6d:7c:30:36:15:05:29:ca:9c:aa:c7:2a:bb:
5e:a1:70:9f:c0:dc:99:5f:2b:72:3d:6a:2e:8c:cd:a0:d9:d8:
1b:6d:3c:9d:c2:1c:bb:4c:13:74:7a:e8:53:32:64:81:11:2f:
a2:a0:cb:59:8f:0d:cd:96:9b:e3:2a:8f:3c:e1:b7:e9:59:17:
97:58:b3:51:09:da:db:e1:84:96:33:ad:b0:21:e3:d2:fc:9a:
da:3f:9c:15:96:68:5e:db:e5:9a:77:f9:7c:24:71:e6:94:15:
db:50:23:d1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY91lYtKdP0WL2jS4r4zjIM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQwNTE0MDUzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njg1ODZhYWZlMzNiMmI1Njg5YTQyMzI2NjMwNzQ3MDI1NzI3ZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsc8bxlBIV2yuWyYpPKlCQ7gf5l0K
0W3/RTUN2YRDLZiVx+5VxgZsCQYMUn3OvCSxZCzRHdt8c09E8jwjvAe3wjo6WIn3
QBxvvI5eVLihpwhNqHQuT8cIQSE89IrDKbhOdRukQflS6v1sOeDhjhzf9pOXSzyd
JAkRMhBLE+F7yVXgP69skdgQq7y4TDo/zseKRttKftiBf0LkRm+rHPAjEMrC2eD5
lGoMsurcueLhleQSstwi0eotmBz4DUztx12UqiC9Zdj3wrKHQ7QI1plaS0cLoOpP
HDEv3i3g+1oE+S4ZB4c23u/FOQ5bajoIaB1eZ/cinZign9AjwCL4/D4dmwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHaFhqr+M7K1aJpCMmYwdHAlcn3WMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvZG9XR3F2NHpzclZvbWtJeVpqQjBjQ1Z5ZmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCBbUAMBQE
AgACMA4DBQAqCfuGAwUAKhFuQDANBgkqhkiG9w0BAQsFAAOCAQEAYmfLTxyjHGdz
T3tVYGllOGeTS7qwWcyKS0Df/ppAwgH17JnTstSIuVepXsjAeRGJjguwMewOedHu
M+NCvzddd6RXm5Ntz2VCDVLryoJMmNAHS6OmN6+64INyFOntCbxssaRNVDmqxai/
rcEk24/yZIBxZi4CnVpkZJ/RHwXIzRQsMk3RCzHT1cYl/JN8HRNWA6YkiultfDA2
FQUpypyqxyq7XqFwn8DcmV8rcj1qLozNoNnYG208ncIcu0wTdHroUzJkgREvoqDL
WY8NzZab4yqPPOG36VkXl1izUQna2+GEljOtsCHj0vya2j+cFZZoXtvlmnf5fCRx
5pQV21Aj0Q==
-----END CERTIFICATE-----
Generated at Fri Sep 20 21:06:37 2024 by rpki-client on console-ams.rpki-client.org