Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/5SUNbGyCs4AFjHovbl5qm2Iby3c.roa
File: 5SUNbGyCs4AFjHovbl5qm2Iby3c.roa (raw, json)
Hash identifier: 2oo1h6t684au8CMgcnKb4jq10004LbCF2MFEMuv76OU=
Subject key identifier: E5:25:0D:6C:6C:82:B3:80:05:8C:7A:2F:6E:5E:6A:9B:62:1B:CB:77
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 018CC4245728E42EC99ACA58E784CEB1DA11
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/5SUNbGyCs4AFjHovbl5qm2Iby3c.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62014
IP address blocks: 91.108.16.0/22 maxlen: 22
91.108.56.0/23 maxlen: 23
149.154.168.0/22 maxlen: 22
2001:b28:f23f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 07:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:57:28:e4:2e:c9:9a:ca:58:e7:84:ce:b1:da:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5250d6c6c82b380058c7a2f6e5e6a9b621bcb77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fb:5c:e9:91:f1:f3:2d:b9:14:91:01:fc:3d:
e4:66:f1:02:ff:00:a2:96:77:8b:45:e7:05:c6:c1:
d8:e4:39:8b:e2:bc:74:7d:78:02:9a:d0:ba:0f:a4:
11:b0:af:3f:85:95:bd:a3:a4:5f:a4:4b:00:e3:e3:
23:5f:fe:44:f4:14:43:6a:33:f8:71:52:01:a8:f1:
47:71:72:e4:4a:a6:ba:0b:af:a2:0b:0e:00:2e:f2:
85:a1:71:dd:e9:92:2d:93:ec:39:0a:d4:30:da:fd:
9c:9f:61:46:92:c4:66:57:f3:85:7d:8a:3b:68:e0:
4b:13:62:59:15:39:38:cb:c6:e4:d2:aa:7b:a0:8b:
e9:10:d1:62:c8:cd:89:25:5c:d1:29:8c:a8:2e:5c:
80:f6:d8:dc:b4:bf:b6:34:33:ce:90:fa:62:fa:b0:
29:e8:4d:b4:03:17:15:e4:1a:30:e0:5b:d1:ed:77:
2d:d9:f8:04:ee:18:b8:f7:e0:99:6c:bf:3f:0c:5f:
0e:7f:93:c9:f0:92:16:1b:53:8c:58:73:0d:90:d7:
dd:98:38:3e:b1:90:d3:9b:6f:46:ff:0a:61:5e:d6:
74:16:92:c2:9f:12:34:75:c5:57:eb:2c:ff:ac:e6:
f8:65:c3:1c:cb:55:f9:6e:df:d9:1b:71:6c:5d:fa:
92:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:25:0D:6C:6C:82:B3:80:05:8C:7A:2F:6E:5E:6A:9B:62:1B:CB:77
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/5SUNbGyCs4AFjHovbl5qm2Iby3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.16.0/22
91.108.56.0/23
149.154.168.0/22
IPv6:
2001:b28:f23f::/48
Signature Algorithm: sha256WithRSAEncryption
3c:78:04:c3:5c:36:0c:9a:f1:df:2b:59:98:ac:08:08:1b:0f:
18:13:5e:42:42:cc:5b:4f:69:61:7d:24:29:d4:54:88:59:66:
97:70:bd:9e:04:28:31:45:fc:4b:3d:c2:00:f3:ea:1b:3c:62:
d7:76:99:c9:e3:36:ae:0f:76:ae:9a:29:f6:91:54:2e:bb:e0:
4e:74:b1:c8:ce:d2:c2:14:6f:f3:7a:b9:ed:cb:24:02:b3:1f:
c4:36:e1:04:9e:46:0f:dd:f4:8c:54:8f:84:55:aa:a8:84:99:
b7:23:a0:a7:cd:85:fe:e8:ad:41:dd:69:78:0f:b4:34:f1:48:
31:bf:53:9f:25:e5:36:41:ab:4e:34:e1:0d:61:6a:f6:9e:5e:
07:04:a9:93:bc:ba:3c:ec:48:51:65:84:40:27:16:61:5b:4e:
99:b3:c9:44:38:bc:c6:69:e0:f9:c2:28:e2:62:b5:15:e1:4e:
dc:a2:54:9d:66:51:ea:5f:10:1c:6d:da:fa:ec:07:5a:ab:16:
e8:4c:4a:0b:8c:6b:b9:dd:24:fe:fa:82:ad:f1:5c:4b:a0:44:
63:3a:5a:5b:a2:cc:ec:96:29:63:f7:fd:0f:49:b9:81:6c:0f:
eb:96:3f:9c:e6:46:f9:39:6a:5b:0f:2f:ac:0e:2a:7b:91:c2:
c5:bc:9c:eb
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEJFco5C7JmspY54TOsdoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTI1MGQ2YzZjODJiMzgwMDU4YzdhMmY2ZTVlNmE5YjYyMWJjYjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPtc6ZHx8y25FJEB/D3kZvEC/wCi
lneLRecFxsHY5DmL4rx0fXgCmtC6D6QRsK8/hZW9o6RfpEsA4+MjX/5E9BRDajP4
cVIBqPFHcXLkSqa6C6+iCw4ALvKFoXHd6ZItk+w5CtQw2v2cn2FGksRmV/OFfYo7
aOBLE2JZFTk4y8bk0qp7oIvpENFiyM2JJVzRKYyoLlyA9tjctL+2NDPOkPpi+rAp
6E20AxcV5Bow4FvR7Xct2fgE7hi49+CZbL8/DF8Of5PJ8JIWG1OMWHMNkNfdmDg+
sZDTm29G/wphXtZ0FpLCnxI0dcVX6yz/rOb4ZcMcy1X5bt/ZG3FsXfqSGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOUlDWxsgrOABYx6L25eaptiG8t3MB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvNVNVTmJHeUNzNEFGakhvdmJsNXFtMklieTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCW2wQAwQB
W2w4AwQClZqoMA8EAgACMAkDBwAgAQso8j8wDQYJKoZIhvcNAQELBQADggEBADx4
BMNcNgya8d8rWZisCAgbDxgTXkJCzFtPaWF9JCnUVIhZZpdwvZ4EKDFF/Es9wgDz
6hs8Ytd2mcnjNq4Pdq6aKfaRVC674E50scjO0sIUb/N6ue3LJAKzH8Q24QSeRg/d
9IxUj4RVqqiEmbcjoKfNhf7orUHdaXgPtDTxSDG/U58l5TZBq0404Q1havaeXgcE
qZO8ujzsSFFlhEAnFmFbTpmzyUQ4vMZp4PnCKOJitRXhTtyiVJ1mUepfEBxt2vrs
B1qrFuhMSguMa7ndJP76gq3xXEugRGM6WluizOyWKWP3/Q9JuYFsD+uWP5zmRvk5
alsPL6wOKnuRwsW8nOs=
-----END CERTIFICATE-----
Generated at Fri Jun 28 13:52:26 2024 by rpki-client on console-ams.rpki-client.org