Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/y_f60bUYrRtflLHuItbuFXI_ErQ.roa
File: y_f60bUYrRtflLHuItbuFXI_ErQ.roa (raw, json)
Hash identifier: e/DfOqA4k//fvn0Ez3kAf0UApVlw9AVwBcIRuf1ax0U=
Subject key identifier: CB:F7:FA:D1:B5:18:AD:1B:5F:94:B1:EE:22:D6:EE:15:72:3F:12:B4
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0191095CD7AB8B595266D2171F7475664718
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/y_f60bUYrRtflLHuItbuFXI_ErQ.roa
Signing time: Wed 31 Jul 2024 15:16:04 +0000
ROA not before: Wed 31 Jul 2024 15:16:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59592
IP address blocks: 5.230.206.0/24 maxlen: 32
5.230.220.0/24 maxlen: 32
5.231.87.0/24 maxlen: 32
5.231.200.0/24 maxlen: 32
185.13.158.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:09:5c:d7:ab:8b:59:52:66:d2:17:1f:74:75:66:47:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jul 31 15:16:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbf7fad1b518ad1b5f94b1ee22d6ee15723f12b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1b:d5:87:1d:ed:24:5c:e3:7b:ea:46:ea:34:
b0:aa:de:ca:08:9b:ce:a1:15:72:12:07:ba:42:a5:
d7:aa:4c:5f:15:e0:a7:d8:05:f5:bb:45:8e:6e:65:
97:83:c9:51:37:b7:45:89:03:10:93:4b:08:9b:bc:
b0:f2:ea:f7:f5:bc:8a:91:d4:c6:02:ed:83:0b:21:
1e:72:37:92:36:ab:a0:53:eb:9a:de:fe:2b:8c:81:
7a:81:03:34:13:b7:30:27:2e:67:5c:4b:f6:c2:1b:
2e:b9:68:08:43:75:cd:3a:11:01:9d:12:be:32:4c:
5b:ce:2a:52:a0:91:dd:e8:b2:bc:20:1c:b3:22:3f:
33:cc:30:45:39:34:d7:91:ef:18:48:68:f7:71:be:
e4:57:dc:d7:9e:98:24:2e:b8:3c:c1:26:47:9e:97:
cc:28:79:0c:97:30:b2:37:fb:74:db:3e:55:25:f6:
89:41:a7:c7:8a:d5:67:cd:59:5b:03:f3:1f:f2:a2:
a2:52:15:3e:b7:0a:97:d3:59:62:93:9e:02:4b:d1:
16:80:65:1f:15:2f:4e:0e:d6:d1:b5:25:f3:92:a4:
f2:7c:50:34:44:7b:88:1f:64:df:21:51:c7:0f:ec:
ca:f3:a3:54:f0:c5:f2:bc:d5:5c:f5:82:68:be:7d:
fb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:F7:FA:D1:B5:18:AD:1B:5F:94:B1:EE:22:D6:EE:15:72:3F:12:B4
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/y_f60bUYrRtflLHuItbuFXI_ErQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.230.206.0/24
5.230.220.0/24
5.231.87.0/24
5.231.200.0/24
185.13.158.0/24
Signature Algorithm: sha256WithRSAEncryption
40:cc:98:eb:c7:0a:e3:47:5c:c9:be:51:d7:b2:91:43:07:0d:
f2:5d:64:55:77:41:46:e6:95:70:3e:99:cb:d9:54:a5:7b:fa:
e5:75:c8:5c:69:3a:fe:51:a8:f7:3a:06:20:60:99:15:38:c9:
3e:06:bc:50:0b:fc:50:68:df:f4:5b:3b:8e:27:79:c8:7c:f1:
58:38:5a:a8:c6:bf:28:81:2d:86:fd:b4:fb:0f:b9:6d:44:27:
95:d4:8d:5a:39:b5:6e:c8:c6:4f:ad:94:da:c5:50:67:fc:52:
0a:6e:9b:7d:f3:f2:cd:df:01:c5:67:9d:f5:17:63:87:92:63:
5c:ac:96:c6:35:92:99:bf:df:8a:a8:ba:dc:3d:79:5d:f5:ef:
bd:83:1e:91:87:ed:83:ee:b3:7b:6b:b7:c5:d7:53:27:12:3c:
5d:6d:0c:08:a3:11:61:9c:c6:ba:5a:07:c4:84:8e:c7:0a:27:
9e:92:53:97:90:f5:e2:86:63:80:65:70:0c:b6:ce:28:c3:d7:
1e:37:58:6c:24:5d:73:79:63:a9:b5:74:de:9f:c4:62:21:07:
6d:50:60:6e:b7:8f:d8:b0:de:72:65:72:9d:8c:4d:57:4e:ee:
5d:41:13:7a:be:17:76:4a:4e:ac:91:51:c7:77:44:42:91:99:
c0:25:a5:df
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZEJXNeri1lSZtIXH3R1ZkcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwNzMxMTUxNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmY3ZmFkMWI1MThhZDFiNWY5NGIxZWUyMmQ2ZWUxNTcyM2YxMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshvVhx3tJFzje+pG6jSwqt7KCJvO
oRVyEge6QqXXqkxfFeCn2AX1u0WObmWXg8lRN7dFiQMQk0sIm7yw8ur39byKkdTG
Au2DCyEecjeSNqugU+ua3v4rjIF6gQM0E7cwJy5nXEv2whsuuWgIQ3XNOhEBnRK+
MkxbzipSoJHd6LK8IByzIj8zzDBFOTTXke8YSGj3cb7kV9zXnpgkLrg8wSZHnpfM
KHkMlzCyN/t02z5VJfaJQafHitVnzVlbA/Mf8qKiUhU+twqX01lik54CS9EWgGUf
FS9ODtbRtSXzkqTyfFA0RHuIH2TfIVHHD+zK86NU8MXyvNVc9YJovn37eQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMv3+tG1GK0bX5Sx7iLW7hVyPxK0MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEveV9mNjBiVVlyUnRmbExIdUl0YnVGWElfRXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABebOAwQA
BebcAwQABedXAwQABefIAwQAuQ2eMA0GCSqGSIb3DQEBCwUAA4IBAQBAzJjrxwrj
R1zJvlHXspFDBw3yXWRVd0FG5pVwPpnL2VSle/rldchcaTr+Uaj3OgYgYJkVOMk+
BrxQC/xQaN/0WzuOJ3nIfPFYOFqoxr8ogS2G/bT7D7ltRCeV1I1aObVuyMZPrZTa
xVBn/FIKbpt98/LN3wHFZ531F2OHkmNcrJbGNZKZv9+KqLrcPXld9e+9gx6Rh+2D
7rN7a7fF11MnEjxdbQwIoxFhnMa6WgfEhI7HCieeklOXkPXihmOAZXAMts4ow9ce
N1hsJF1zeWOptXTen8RiIQdtUGBut4/YsN5yZXKdjE1XTu5dQRN6vhd2Sk6skVHH
d0RCkZnAJaXf
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:27:16 2024 by rpki-client on console-fra.rpki-client.org