Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/nk6zo5pWUJfAnV1Z1f083e2m8p4.roa
File: nk6zo5pWUJfAnV1Z1f083e2m8p4.roa (raw, json)
Hash identifier: sRwCQKUSNeyHmNpWuNIhNzZzCGQZl079WXm0Wiemeog=
Subject key identifier: 9E:4E:B3:A3:9A:56:50:97:C0:9D:5D:59:D5:FD:3C:DD:ED:A6:F2:9E
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 018CC5003DB8F8551399B77A933C06C236DB
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/nk6zo5pWUJfAnV1Z1f083e2m8p4.roa
Signing time: Mon 01 Jan 2024 12:29:36 +0000
ROA not before: Mon 01 Jan 2024 12:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 5.252.22.0/24 maxlen: 24
2a0b:ec82::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:3d:b8:f8:55:13:99:b7:7a:93:3c:06:c2:36:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Jan 1 12:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e4eb3a39a565097c09d5d59d5fd3cddeda6f29e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1d:f8:e5:7d:f6:9c:92:c7:2c:42:05:3f:ac:
5c:1d:cb:7d:da:ec:4d:e4:3f:ce:da:48:d3:31:d7:
9e:d6:73:c0:3a:a2:b5:f5:e3:e3:6a:bf:eb:d3:42:
ff:a6:58:60:3e:fe:61:09:95:bb:84:71:fd:e2:4a:
55:30:4c:07:11:0e:2f:bf:4e:b2:01:be:46:f9:ee:
a1:47:47:0f:1e:1f:97:56:98:11:15:52:df:6a:48:
fe:98:8a:66:10:04:d7:88:4d:b8:fb:6d:2c:4c:df:
64:90:50:af:81:27:82:de:7f:35:9b:fa:a9:8f:41:
1e:32:fa:b2:37:7d:ef:86:38:96:d3:05:d4:f9:dd:
d9:43:85:76:a1:9b:98:16:be:59:28:f9:d2:b0:b5:
d2:32:3c:79:b8:95:ac:d0:59:d8:72:6a:80:ba:c4:
49:b2:01:7d:e7:ef:aa:87:f3:4b:31:8c:ef:2c:7f:
d1:31:7e:bf:ee:36:76:d9:bd:67:c6:40:3f:e1:1f:
63:2a:6e:cf:ac:12:9f:f4:ef:b2:71:c7:c7:59:49:
9f:6c:73:ac:a4:62:09:d6:0f:a6:63:f2:21:53:c8:
04:65:34:91:27:c5:ae:02:4f:c3:3d:f5:59:1f:ba:
ab:1a:08:ca:59:40:83:a3:ec:7e:29:b3:59:dd:01:
e8:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4E:B3:A3:9A:56:50:97:C0:9D:5D:59:D5:FD:3C:DD:ED:A6:F2:9E
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/nk6zo5pWUJfAnV1Z1f083e2m8p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.22.0/24
IPv6:
2a0b:ec82::/32
Signature Algorithm: sha256WithRSAEncryption
22:7f:cb:1c:58:df:a8:d4:85:b8:a0:27:e6:4b:d1:79:59:8d:
82:6e:27:51:31:9d:90:e9:f5:f3:f6:cc:a5:1d:2b:c4:e0:66:
e9:ce:7c:23:76:c6:9d:b9:6d:47:a9:5b:33:5a:08:d3:b5:0f:
c2:e5:02:e8:74:f1:bf:d5:68:13:9b:a9:72:d1:69:f5:47:86:
ab:33:a8:f3:c6:52:10:7f:d9:6e:0e:52:af:d4:61:4b:08:98:
27:b3:6b:6a:34:d3:49:de:07:b7:87:6c:20:1f:fa:4f:7c:ec:
f6:e7:54:09:cc:53:5a:c5:6d:16:f4:fa:89:08:8e:18:62:3b:
83:75:93:7a:42:4f:fd:41:c9:9f:dc:1d:47:3a:14:30:4e:6f:
f9:b4:89:82:25:2c:c8:1c:53:9f:36:dd:46:2d:eb:6b:a8:b9:
72:28:85:cd:1c:37:36:2c:c0:67:d2:1e:23:c6:84:5c:00:5c:
7f:d0:95:ee:a1:70:96:3e:d4:c8:b1:fc:07:f5:c9:b5:ff:28:
cb:97:78:45:f3:10:b3:68:ae:bf:27:1a:1e:e2:db:c0:3b:96:
0e:16:95:92:e5:13:17:ed:db:79:1c:61:6d:aa:dc:06:f9:b9:
ef:83:aa:b7:f9:bc:13:aa:b6:74:c3:50:c3:60:a5:cc:e3:4f:
f6:96:fd:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAD24+FUTmbd6kzwGwjbbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjQwMTAxMTIyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTRlYjNhMzlhNTY1MDk3YzA5ZDVkNTlkNWZkM2NkZGVkYTZmMjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR345X32nJLHLEIFP6xcHct92uxN
5D/O2kjTMdee1nPAOqK19ePjar/r00L/plhgPv5hCZW7hHH94kpVMEwHEQ4vv06y
Ab5G+e6hR0cPHh+XVpgRFVLfakj+mIpmEATXiE24+20sTN9kkFCvgSeC3n81m/qp
j0EeMvqyN33vhjiW0wXU+d3ZQ4V2oZuYFr5ZKPnSsLXSMjx5uJWs0FnYcmqAusRJ
sgF95++qh/NLMYzvLH/RMX6/7jZ22b1nxkA/4R9jKm7PrBKf9O+yccfHWUmfbHOs
pGIJ1g+mY/IhU8gEZTSRJ8WuAk/DPfVZH7qrGgjKWUCDo+x+KbNZ3QHofwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ5Os6OaVlCXwJ1dWdX9PN3tpvKeMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvbms2em81cFdVSmZBblYxWjFmMDgzZTJtOHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABfwWMA0E
AgACMAcDBQAqC+yCMA0GCSqGSIb3DQEBCwUAA4IBAQAif8scWN+o1IW4oCfmS9F5
WY2CbidRMZ2Q6fXz9sylHSvE4GbpznwjdsaduW1HqVszWgjTtQ/C5QLodPG/1WgT
m6ly0Wn1R4arM6jzxlIQf9luDlKv1GFLCJgns2tqNNNJ3ge3h2wgH/pPfOz251QJ
zFNaxW0W9PqJCI4YYjuDdZN6Qk/9Qcmf3B1HOhQwTm/5tImCJSzIHFOfNt1GLetr
qLlyKIXNHDc2LMBn0h4jxoRcAFx/0JXuoXCWPtTIsfwH9cm1/yjLl3hF8xCzaK6/
Jxoe4tvAO5YOFpWS5RMX7dt5HGFtqtwG+bnvg6q3+bwTqrZ0w1DDYKXM40/2lv2k
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:20:06 2024 by rpki-client on console-fra.rpki-client.org