Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/5o0qCs4ORZ6d0MzCbcgZI1tcIuo.roa
File: 5o0qCs4ORZ6d0MzCbcgZI1tcIuo.roa (raw, json)
Hash identifier: mxl5m/5ntai0jYeXU16jLyUQPDtmw+DfBR7LxrlBN8g=
Subject key identifier: E6:8D:2A:0A:CE:0E:45:9E:9D:D0:CC:C2:6D:C8:19:23:5B:5C:22:EA
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 019227E0FC0A1E1F5A3387E456CD4E5A99C3
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/5o0qCs4ORZ6d0MzCbcgZI1tcIuo.roa
Signing time: Wed 25 Sep 2024 06:31:48 +0000
ROA not before: Wed 25 Sep 2024 06:31:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 2.58.76.0/22 maxlen: 32
45.67.4.0/22 maxlen: 32
46.16.32.0/24 maxlen: 32
46.254.105.0/24 maxlen: 32
80.73.243.0/24 maxlen: 32
87.236.144.0/24 maxlen: 32
92.119.168.0/22 maxlen: 32
93.157.108.0/24 maxlen: 32
103.110.160.0/22 maxlen: 32
103.113.29.0/24 maxlen: 24
103.195.144.0/22 maxlen: 32
103.219.212.0/23 maxlen: 32
137.59.4.0/22 maxlen: 32
146.255.187.0/24 maxlen: 32
178.212.226.0/24 maxlen: 32
185.72.240.0/22 maxlen: 32
213.173.60.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.mft
rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:27:e0:fc:0a:1e:1f:5a:33:87:e4:56:cd:4e:5a:99:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Sep 25 06:31:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e68d2a0ace0e459e9dd0ccc26dc819235b5c22ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e9:c3:83:08:82:e0:e7:c9:c1:3a:a0:5c:a5:
99:95:78:37:c0:51:6c:08:41:d3:82:e1:23:a5:7f:
42:09:f1:cb:ab:91:ff:9c:75:8f:93:89:13:98:32:
d6:b5:34:b8:24:61:fe:d7:d5:20:30:4f:1a:df:5b:
47:f1:fa:16:74:19:90:14:27:36:28:c9:0f:1a:2c:
09:c2:95:52:3a:65:07:ce:87:5a:25:58:13:72:2a:
1f:8f:bb:d1:6e:ce:f9:1b:7d:39:8a:52:43:c9:8b:
f2:94:1b:f1:3f:c4:3f:3b:43:61:7c:30:84:ce:f8:
9d:91:ab:0d:0e:2c:cf:c0:25:78:12:03:64:fa:86:
da:49:34:89:f1:43:30:a5:42:b0:cb:85:7f:64:0c:
45:d6:50:50:00:85:b9:61:e5:c2:af:be:df:1e:dd:
93:6d:70:7e:50:7d:f2:07:c1:85:79:e1:63:87:7f:
b0:7a:3e:ac:61:b0:a0:55:b4:cc:2e:1d:37:68:bd:
47:af:72:08:50:82:9a:2a:ec:6c:08:f2:09:8f:3b:
0c:50:71:cf:93:b5:6f:74:8e:47:c0:3b:2d:b4:7b:
8d:c1:1a:7f:b2:1b:28:bb:2b:cf:79:d5:93:81:4c:
45:b6:7f:e0:c9:1a:f7:95:59:34:51:86:de:3b:88:
d1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:8D:2A:0A:CE:0E:45:9E:9D:D0:CC:C2:6D:C8:19:23:5B:5C:22:EA
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/5o0qCs4ORZ6d0MzCbcgZI1tcIuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.76.0/22
45.67.4.0/22
46.16.32.0/24
46.254.105.0/24
80.73.243.0/24
87.236.144.0/24
92.119.168.0/22
93.157.108.0/24
103.110.160.0/22
103.113.29.0/24
103.195.144.0/22
103.219.212.0/23
137.59.4.0/22
146.255.187.0/24
178.212.226.0/24
185.72.240.0/22
213.173.60.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:0a:1a:32:19:a0:98:39:fa:c1:17:3c:8b:ab:e8:0c:11:86:
08:e5:03:98:76:53:ba:0e:7f:ed:1f:29:0c:50:95:fd:82:a6:
41:e9:ef:70:52:10:c4:33:89:09:81:cf:ac:2c:cc:50:ec:50:
c0:36:74:26:4a:fc:39:a7:d4:01:ae:1f:3b:ea:f1:15:d3:8c:
9c:67:c4:f8:4e:25:58:fc:9a:bb:ec:2e:1e:c9:1e:9b:ba:e0:
bb:77:e4:a7:5e:03:97:fd:4e:39:91:43:4b:95:0d:99:a3:e6:
13:98:6a:70:89:9d:26:d5:f3:4b:bb:a8:5e:47:3c:74:dc:36:
38:3d:c0:16:8f:34:05:de:5d:07:e0:2c:da:a7:4a:90:be:18:
19:2e:0b:e2:96:9c:e7:c1:ae:f6:0e:22:93:f4:65:3a:24:d3:
b9:b3:c0:15:16:3f:3b:18:5d:c1:c6:f1:87:71:08:87:76:21:
28:0b:cd:97:88:0f:c2:f2:45:81:af:f7:b5:9f:97:4c:03:cb:
db:c7:9c:91:50:23:80:0e:f4:35:29:a4:2f:7d:69:96:73:8e:
07:86:9a:15:95:f9:19:6c:47:2c:2b:0d:ca:6a:9e:d1:f7:91:
93:26:5f:6c:74:c2:b6:f7:b3:2f:25:8f:a8:e6:f9:62:6e:fe:
ee:f3:1b:fa
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZIn4PwKHh9aM4fkVs1OWpnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzOTkxYWZjZDQ1NWViMWIxNzRmY2Y4OWY4ZTEwZWFmN2Y3
MGIzNTUwHhcNMjQwOTI1MDYzMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjhkMmEwYWNlMGU0NTllOWRkMGNjYzI2ZGM4MTkyMzViNWMyMmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnunDgwiC4OfJwTqgXKWZlXg3wFFs
CEHTguEjpX9CCfHLq5H/nHWPk4kTmDLWtTS4JGH+19UgME8a31tH8foWdBmQFCc2
KMkPGiwJwpVSOmUHzodaJVgTciofj7vRbs75G305ilJDyYvylBvxP8Q/O0NhfDCE
zvidkasNDizPwCV4EgNk+obaSTSJ8UMwpUKwy4V/ZAxF1lBQAIW5YeXCr77fHt2T
bXB+UH3yB8GFeeFjh3+wej6sYbCgVbTMLh03aL1Hr3IIUIKaKuxsCPIJjzsMUHHP
k7VvdI5HwDsttHuNwRp/shsouyvPedWTgUxFtn/gyRr3lVk0UYbeO4jRiQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFOaNKgrODkWendDMwm3IGSNbXCLqMB8GA1UdIwQY
MBaAFIOZGvzUVesbF0/PifjhDq9/cLNVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmIt
ZTE1NDM3MzgwMDk5LzEvNW8wcUNzNE9SWjZkME16Q2JjZ1pJMXRjSXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS82OWVkMjktYWY0ZS00NTI0LWFkZmItZTE1NDM3MzgwMDk5
LzEvZzVrYV9OUlY2eHNYVDgtSi1PRU9yMzl3czFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQCAjpMAwQC
LUMEAwQALhAgAwQALv5pAwQAUEnzAwQAV+yQAwQCXHeoAwQAXZ1sAwQCZ26gAwQA
Z3EdAwQCZ8OQAwQBZ9vUAwQCiTsEAwQAkv+7AwQAstTiAwQCuUjwAwQC1a08MA0G
CSqGSIb3DQEBCwUAA4IBAQB7ChoyGaCYOfrBFzyLq+gMEYYI5QOYdlO6Dn/tHykM
UJX9gqZB6e9wUhDEM4kJgc+sLMxQ7FDANnQmSvw5p9QBrh876vEV04ycZ8T4TiVY
/Jq77C4eyR6buuC7d+SnXgOX/U45kUNLlQ2Zo+YTmGpwiZ0m1fNLu6heRzx03DY4
PcAWjzQF3l0H4Czap0qQvhgZLgvilpznwa72DiKT9GU6JNO5s8AVFj87GF3BxvGH
cQiHdiEoC82XiA/C8kWBr/e1n5dMA8vbx5yRUCOADvQ1KaQvfWmWc44HhpoVlfkZ
bEcsKw3Kap7R95GTJl9sdMK297MvJY+o5vlibv7u8xv6
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:38:23 2024 by rpki-client on console-ams.rpki-client.org