Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/5NxOKrRtslmkPvlrByinB0X0sp8.roa
File: 5NxOKrRtslmkPvlrByinB0X0sp8.roa (raw, json)
Hash identifier: 7WVUiDwnEXQgDx+4hwcmQbZKIniGkQOixEos8jOJeag=
Subject key identifier: E4:DC:4E:2A:B4:6D:B2:59:A4:3E:F9:6B:07:28:A7:07:45:F4:B2:9F
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0192DC9B97E6D288CF3702FA7580FF94D203
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/5NxOKrRtslmkPvlrByinB0X0sp8.roa
Signing time: Wed 30 Oct 2024 08:47:17 +0000
ROA not before: Wed 30 Oct 2024 08:47:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62163
IP address blocks: 45.140.10.0/23 maxlen: 23
46.161.216.0/24 maxlen: 24
46.161.217.0/24 maxlen: 24
46.161.218.0/24 maxlen: 24
46.161.219.0/24 maxlen: 24
193.56.239.0/24 maxlen: 24
194.40.246.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:9b:97:e6:d2:88:cf:37:02:fa:75:80:ff:94:d2:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 30 08:47:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4dc4e2ab46db259a43ef96b0728a70745f4b29f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c8:cc:f5:e2:48:22:67:b3:74:1d:f2:87:49:
f1:0a:7d:3d:d7:bb:10:d9:c1:d4:4e:b6:5c:cd:6f:
f2:f7:a0:80:08:17:c0:0e:0d:bc:00:76:9b:4a:18:
73:76:3e:55:b2:76:51:00:f6:2f:6d:0b:8d:fd:d6:
e4:4c:f0:60:19:3c:ed:a7:d2:f9:20:87:22:cd:9e:
86:e0:26:2f:d0:6d:9f:1f:6d:5d:b5:ba:86:94:40:
de:10:44:5c:18:17:b8:47:5b:d7:f6:c8:33:e1:a9:
77:d2:ff:57:aa:7b:29:3f:c8:44:c5:cc:5e:56:04:
c5:da:01:98:48:5b:79:86:40:60:d2:5d:7b:4f:26:
d3:39:b6:a6:a0:31:89:3f:cc:3e:94:5a:53:2f:a2:
90:d2:dc:aa:c6:9d:cb:4c:89:bf:19:17:10:aa:77:
31:e2:fb:6f:07:64:c5:4d:cb:9d:a5:58:3a:3b:bc:
dc:3a:6c:14:16:c7:df:91:c5:6b:6d:72:0e:b3:3e:
b2:a2:c8:4b:fb:4a:76:9c:35:02:0f:34:a1:3f:b8:
29:90:0d:04:45:e1:1a:54:1c:dd:fc:85:32:9e:b8:
cb:99:7c:5c:f2:9b:10:ce:57:5d:ef:2a:04:e4:ff:
f5:c3:92:cd:68:51:19:b7:d4:2f:a6:bc:9e:03:c5:
4f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:DC:4E:2A:B4:6D:B2:59:A4:3E:F9:6B:07:28:A7:07:45:F4:B2:9F
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/5NxOKrRtslmkPvlrByinB0X0sp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.10.0/23
46.161.216.0/22
193.56.239.0/24
194.40.246.0/23
Signature Algorithm: sha256WithRSAEncryption
26:13:3c:fd:7f:b8:50:8c:1e:1b:39:88:e8:6b:27:30:5e:ec:
f3:00:2f:b0:23:8f:1e:1e:f4:fe:c5:2e:1e:ca:78:2f:9d:50:
21:53:c0:0e:70:5b:bd:c3:00:ff:48:d5:b9:24:c5:d8:78:c4:
0c:5a:92:3f:ac:e9:12:58:0e:b4:12:0f:f8:9b:24:19:09:ca:
2c:25:70:46:bf:49:42:cd:c5:0b:ce:d7:88:08:5e:c4:21:e3:
0f:b7:96:63:b3:49:17:7a:ce:50:3a:7c:cf:46:0b:29:76:a1:
ce:8d:6d:25:1e:c7:ab:f4:95:6c:28:3c:92:1d:02:a5:73:93:
df:19:b9:35:c3:36:46:69:ae:ce:c9:48:50:44:3a:3a:5e:8c:
0b:ce:bc:ce:31:0b:d7:64:68:7f:5e:86:3d:1f:68:76:3b:2f:
10:7a:8d:cd:11:f5:c3:51:d1:70:d7:2a:26:9a:8d:56:72:eb:
19:be:ca:db:e3:0e:9d:84:0a:db:40:92:6c:71:f6:9f:61:6f:
0f:7e:75:93:2b:02:6d:37:42:df:68:34:1b:b0:59:2f:c2:45:
61:0d:d4:6a:d6:60:36:c5:90:28:2a:68:bf:ff:b2:8c:43:2d:
46:ce:bb:d3:13:14:43:60:3d:60:02:27:8f:2c:65:24:b5:a5:
f1:d7:97:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLcm5fm0ojPNwL6dYD/lNIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQxMDMwMDg0NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGRjNGUyYWI0NmRiMjU5YTQzZWY5NmIwNzI4YTcwNzQ1ZjRiMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MjM9eJIImezdB3yh0nxCn0917sQ
2cHUTrZczW/y96CACBfADg28AHabShhzdj5VsnZRAPYvbQuN/dbkTPBgGTztp9L5
IIcizZ6G4CYv0G2fH21dtbqGlEDeEERcGBe4R1vX9sgz4al30v9XqnspP8hExcxe
VgTF2gGYSFt5hkBg0l17TybTObamoDGJP8w+lFpTL6KQ0tyqxp3LTIm/GRcQqncx
4vtvB2TFTcudpVg6O7zcOmwUFsffkcVrbXIOsz6yoshL+0p2nDUCDzShP7gpkA0E
ReEaVBzd/IUynrjLmXxc8psQzldd7yoE5P/1w5LNaFEZt9QvpryeA8VP8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOTcTiq0bbJZpD75awcopwdF9LKfMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvNU54T0tyUnRzbG1rUHZsckJ5aW5CMFgwc3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYwKAwQC
LqHYAwQAwTjvAwQBwij2MA0GCSqGSIb3DQEBCwUAA4IBAQAmEzz9f7hQjB4bOYjo
aycwXuzzAC+wI48eHvT+xS4eyngvnVAhU8AOcFu9wwD/SNW5JMXYeMQMWpI/rOkS
WA60Eg/4myQZCcosJXBGv0lCzcULzteICF7EIeMPt5Zjs0kXes5QOnzPRgspdqHO
jW0lHser9JVsKDySHQKlc5PfGbk1wzZGaa7OyUhQRDo6XowLzrzOMQvXZGh/XoY9
H2h2Oy8Qeo3NEfXDUdFw1yommo1WcusZvsrb4w6dhArbQJJscfafYW8PfnWTKwJt
N0LfaDQbsFkvwkVhDdRq1mA2xZAoKmi//7KMQy1GzrvTExRDYD1gAiePLGUktaXx
15eJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:02 2024 by rpki-client on console-ams.rpki-client.org