Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/18hMjZHz-fe8Kz3hDzmdaiVWGC4.roa
File: 18hMjZHz-fe8Kz3hDzmdaiVWGC4.roa (raw, json)
Hash identifier: J44A5sMA7Yta1mBqUmbpy5dR15VfkZxpr3KVIBtZODo=
Subject key identifier: D7:C8:4C:8D:91:F3:F9:F7:BC:2B:3D:E1:0F:39:9D:6A:25:56:18:2E
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0193219F54240D52629017E3F46475432173
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/18hMjZHz-fe8Kz3hDzmdaiVWGC4.roa
Signing time: Tue 12 Nov 2024 18:25:10 +0000
ROA not before: Tue 12 Nov 2024 18:25:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207252
IP address blocks: 5.83.152.0/24 maxlen: 24
5.231.29.0/24 maxlen: 24
77.90.12.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:21:9f:54:24:0d:52:62:90:17:e3:f4:64:75:43:21:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 12 18:25:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7c84c8d91f3f9f7bc2b3de10f399d6a2556182e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:24:f7:ed:96:cf:e0:3a:4b:bc:0d:a0:25:54:
a1:f1:17:9f:ff:df:c6:cf:7a:fa:82:1d:41:bb:75:
44:30:c1:90:4c:f7:61:26:f5:fa:0a:d0:2e:a7:de:
d8:93:43:fe:06:b9:f7:0e:60:c4:c4:f4:6b:d7:43:
20:19:42:03:23:47:a9:8d:20:e1:98:a2:9e:45:2c:
d1:a4:40:b5:f3:91:e5:f4:e9:26:86:19:a4:58:96:
2b:cc:b4:ed:3a:7c:2d:50:b9:ee:87:46:9e:64:9e:
7e:83:86:54:01:ed:7c:f8:39:98:0a:4d:55:55:6a:
e2:ff:2d:93:bd:98:2b:5d:e1:16:cf:e4:79:56:5e:
87:f1:60:3c:76:e7:49:ee:a5:79:7d:f8:d7:a4:9c:
0d:78:87:46:a5:b1:9a:10:0c:1f:00:bd:24:cf:73:
37:ee:a8:bf:cd:0b:8a:62:7b:4b:5b:f6:79:ce:b5:
ba:aa:d6:49:34:5e:c6:a7:73:37:22:08:e7:b0:fb:
42:a7:18:21:7b:d0:60:ca:75:dc:08:b1:4d:b5:ed:
1d:9d:98:c8:b6:42:a0:bc:31:39:2e:3b:4d:c8:cb:
bb:89:e9:72:4a:a1:03:73:90:43:64:0a:eb:6e:de:
d3:b9:ea:fe:20:03:57:bd:e8:77:09:2e:60:16:78:
87:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C8:4C:8D:91:F3:F9:F7:BC:2B:3D:E1:0F:39:9D:6A:25:56:18:2E
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/18hMjZHz-fe8Kz3hDzmdaiVWGC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.152.0/24
5.231.29.0/24
77.90.12.0/24
77.90.22.0/24
Signature Algorithm: sha256WithRSAEncryption
04:43:6c:67:e2:0b:86:b1:82:21:25:94:51:d5:86:f3:c6:21:
32:12:51:11:41:90:9d:6d:e3:72:ff:db:28:e9:99:23:fe:54:
c8:58:0e:09:83:79:ae:54:77:f6:e4:71:20:f5:d3:b8:eb:ec:
7d:76:01:c9:de:54:be:36:04:78:d0:bc:6d:54:fe:b1:2f:7c:
df:f6:1b:f9:44:55:62:09:a1:69:73:3d:0c:51:0b:c4:24:b0:
ea:da:5a:55:e5:d9:58:58:45:00:8c:46:a9:72:d6:d1:69:86:
f2:12:62:ab:e9:7c:69:1b:0c:fa:dc:04:50:90:a3:c9:cd:63:
9b:9b:61:3c:23:26:65:82:8f:3a:c6:e9:12:90:80:e5:b0:c2:
f8:2e:76:3b:5b:d7:b2:0e:3e:14:a1:b8:14:8f:48:70:72:bc:
1d:94:b6:60:29:08:0f:b1:6b:1c:a5:b9:dd:f0:a4:fc:25:22:
f3:7c:91:10:13:a0:dd:68:ff:86:3e:e9:fe:6e:ac:14:c5:13:
86:da:41:5b:34:d7:ff:99:f4:11:45:d2:c5:7d:cb:40:34:91:
46:64:b2:26:d9:fe:cc:93:02:23:bb:ef:8c:cd:fc:bb:e5:a5:
b8:e0:4a:4f:98:96:9c:65:cf:8a:f1:01:06:1e:bf:96:b3:dc:
58:3e:ce:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMhn1QkDVJikBfj9GR1QyFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQxMTEyMTgyNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2M4NGM4ZDkxZjNmOWY3YmMyYjNkZTEwZjM5OWQ2YTI1NTYxODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ST37ZbP4DpLvA2gJVSh8Ref/9/G
z3r6gh1Bu3VEMMGQTPdhJvX6CtAup97Yk0P+Brn3DmDExPRr10MgGUIDI0epjSDh
mKKeRSzRpEC185Hl9OkmhhmkWJYrzLTtOnwtULnuh0aeZJ5+g4ZUAe18+DmYCk1V
VWri/y2TvZgrXeEWz+R5Vl6H8WA8dudJ7qV5ffjXpJwNeIdGpbGaEAwfAL0kz3M3
7qi/zQuKYntLW/Z5zrW6qtZJNF7Gp3M3IgjnsPtCpxghe9BgynXcCLFNte0dnZjI
tkKgvDE5LjtNyMu7ielySqEDc5BDZArrbt7Tuer+IANXveh3CS5gFniHUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNfITI2R8/n3vCs94Q85nWolVhguMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMThoTWpaSHotZmU4S3ozaER6bWRhaVZXR0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABVOYAwQA
BecdAwQATVoMAwQATVoWMA0GCSqGSIb3DQEBCwUAA4IBAQAEQ2xn4guGsYIhJZRR
1YbzxiEyElERQZCdbeNy/9so6Zkj/lTIWA4Jg3muVHf25HEg9dO46+x9dgHJ3lS+
NgR40LxtVP6xL3zf9hv5RFViCaFpcz0MUQvEJLDq2lpV5dlYWEUAjEapctbRaYby
EmKr6XxpGwz63ARQkKPJzWObm2E8IyZlgo86xukSkIDlsML4LnY7W9eyDj4UobgU
j0hwcrwdlLZgKQgPsWscpbnd8KT8JSLzfJEQE6DdaP+GPun+bqwUxROG2kFbNNf/
mfQRRdLFfctANJFGZLIm2f7MkwIju++Mzfy75aW44EpPmJacZc+K8QEGHr+Ws9xY
Ps4t
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:44 2024 by rpki-client on console-ams.rpki-client.org