Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/y5D5aILU4N318i6vYg5QnQhuC2s.roa
File: y5D5aILU4N318i6vYg5QnQhuC2s.roa (raw, json)
Hash identifier: CI3Swk5HYncdMMPhpscpvW+R3ej+B3qL7TkNprRZvsY=
Subject key identifier: CB:90:F9:68:82:D4:E0:DD:F5:F2:2E:AF:62:0E:50:9D:08:6E:0B:6B
Certificate issuer: /CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Certificate serial: 019265D2D49703DF6E3D4FF7DC6CFFE8A3F8
Authority key identifier: 70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/y5D5aILU4N318i6vYg5QnQhuC2s.roa
Signing time: Mon 07 Oct 2024 07:12:48 +0000
ROA not before: Mon 07 Oct 2024 07:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31721
IP address blocks: 5.191.0.0/20 maxlen: 20
5.191.16.0/20 maxlen: 20
5.191.32.0/20 maxlen: 20
5.191.33.0/24 maxlen: 24
5.191.34.0/24 maxlen: 24
5.191.48.0/20 maxlen: 20
5.191.64.0/20 maxlen: 20
5.191.80.0/20 maxlen: 20
5.191.90.0/24 maxlen: 24
5.191.96.0/20 maxlen: 20
5.191.100.0/24 maxlen: 24
5.191.101.0/24 maxlen: 24
5.191.102.0/24 maxlen: 24
5.191.103.0/24 maxlen: 24
5.191.104.0/24 maxlen: 24
5.191.105.0/24 maxlen: 24
5.191.106.0/24 maxlen: 24
5.191.107.0/24 maxlen: 24
5.191.108.0/24 maxlen: 24
5.191.109.0/24 maxlen: 24
5.191.110.0/24 maxlen: 24
5.191.111.0/24 maxlen: 24
5.191.112.0/20 maxlen: 20
5.191.112.0/24 maxlen: 24
5.191.113.0/24 maxlen: 24
5.191.114.0/24 maxlen: 24
5.191.115.0/24 maxlen: 24
5.191.116.0/24 maxlen: 24
5.191.117.0/24 maxlen: 24
5.191.118.0/24 maxlen: 24
5.191.119.0/24 maxlen: 24
5.191.120.0/24 maxlen: 24
5.191.121.0/24 maxlen: 24
5.191.122.0/24 maxlen: 24
5.191.123.0/24 maxlen: 24
5.191.124.0/24 maxlen: 24
5.191.125.0/24 maxlen: 24
5.191.126.0/24 maxlen: 24
5.191.127.0/24 maxlen: 24
5.191.128.0/20 maxlen: 20
5.191.128.0/24 maxlen: 24
5.191.129.0/24 maxlen: 24
5.191.130.0/24 maxlen: 24
5.191.131.0/24 maxlen: 24
5.191.132.0/24 maxlen: 24
5.191.133.0/24 maxlen: 24
5.191.134.0/24 maxlen: 24
5.191.135.0/24 maxlen: 24
5.191.136.0/24 maxlen: 24
5.191.137.0/24 maxlen: 24
5.191.138.0/24 maxlen: 24
5.191.139.0/24 maxlen: 24
5.191.140.0/24 maxlen: 24
5.191.141.0/24 maxlen: 24
5.191.142.0/24 maxlen: 24
5.191.144.0/20 maxlen: 20
5.191.160.0/20 maxlen: 20
5.191.176.0/20 maxlen: 20
5.191.192.0/20 maxlen: 20
5.191.208.0/20 maxlen: 20
5.191.224.0/20 maxlen: 20
217.168.176.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:65:d2:d4:97:03:df:6e:3d:4f:f7:dc:6c:ff:e8:a3:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7028ec9ccd6d861f5f1afdad0046f33c9103ba06
Validity
Not Before: Oct 7 07:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb90f96882d4e0ddf5f22eaf620e509d086e0b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:98:c0:63:9b:a2:de:52:cf:20:88:bd:b5:e8:
77:6e:a0:34:b5:e0:39:90:f0:9e:4b:df:62:f6:1b:
ba:d8:04:22:21:52:40:ff:d0:b6:cb:2d:d9:f7:9f:
0a:5c:fe:0b:76:22:4c:39:ac:ca:b0:a8:e2:4b:5a:
1e:5b:43:36:8a:1f:d6:d9:69:09:89:b9:9c:d1:93:
3f:e2:e9:33:65:fa:43:62:21:a7:cf:63:5c:81:f9:
80:aa:7b:1a:f9:7d:96:28:6a:a4:4f:99:09:4f:af:
bf:df:14:77:66:2b:ec:52:d7:5d:6e:11:2b:ab:b5:
e0:ff:7c:85:23:7e:df:e0:3d:91:05:b0:70:89:bf:
58:ae:3f:1a:1a:e8:cd:ca:c0:36:56:e3:db:2a:44:
a5:f1:41:24:ad:b7:55:67:06:c0:9f:a8:b1:90:90:
18:21:64:49:3b:ec:d3:9b:9d:d6:ed:ed:34:53:f6:
06:d7:48:63:87:1c:cc:5e:ef:ed:21:61:80:c3:d2:
21:8f:55:88:4d:fe:86:ce:98:ea:69:0e:67:b5:ae:
11:9b:69:70:5e:aa:67:88:30:88:d5:f3:5a:cf:d6:
de:5a:13:2e:73:26:4e:b6:3b:a2:a1:b2:b8:c8:1c:
00:bf:38:52:59:39:5c:5a:e6:23:cb:57:32:0e:81:
9a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:90:F9:68:82:D4:E0:DD:F5:F2:2E:AF:62:0E:50:9D:08:6E:0B:6B
X509v3 Authority Key Identifier:
keyid:70:28:EC:9C:CD:6D:86:1F:5F:1A:FD:AD:00:46:F3:3C:91:03:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCjsnM1thh9fGv2tAEbzPJEDugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/y5D5aILU4N318i6vYg5QnQhuC2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3c3154-7803-4ec6-bf70-ccdd06563a5f/1/cCjsnM1thh9fGv2tAEbzPJEDugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.191.0.0-5.191.239.255
217.168.176.0/20
Signature Algorithm: sha256WithRSAEncryption
16:4c:d1:bd:82:4d:1a:c3:b9:6e:3c:6f:e4:22:17:89:36:d4:
37:43:3e:a8:2b:50:25:4d:0d:40:87:e7:2b:b0:ec:ec:64:bf:
96:b9:36:59:96:48:f1:60:23:d2:0b:2c:0a:75:66:ef:52:e6:
50:df:03:d4:32:25:00:ad:69:c6:67:a3:7a:79:f6:32:a3:29:
9f:ad:16:33:67:db:2c:85:e2:8b:6f:80:99:e8:e7:ef:bd:32:
fc:52:af:0d:11:99:44:d9:04:d2:66:db:03:f7:74:94:6f:5e:
0e:38:b7:f3:d2:ee:6a:f1:13:63:c5:ef:6c:71:1b:f0:86:58:
00:9b:7f:6a:91:33:0d:12:5b:8b:1e:a2:f9:06:29:b9:c3:3c:
56:1e:7d:d1:93:68:da:d9:fa:22:1f:c3:73:19:d5:e7:4c:40:
9b:49:ea:60:fd:1a:7e:d0:d4:d3:81:50:8e:55:09:cf:71:21:
82:4c:25:0c:e1:f9:0b:42:4f:95:fb:a7:78:23:91:0e:fd:98:
dc:d8:51:5d:47:17:56:59:a8:d8:40:08:fb:ba:b7:a3:a4:aa:
16:58:d9:a1:b9:76:6c:1d:72:d3:a3:70:43:1b:0d:6f:0c:62:
b7:6c:12:f2:3a:8c:5a:3a:0b:d8:4e:b2:79:4f:42:bc:d8:12:
4c:73:e3:6f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZJl0tSXA99uPU/33Gz/6KP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjhlYzljY2Q2ZDg2MWY1ZjFhZmRhZDAwNDZmMzNjOTEw
M2JhMDYwHhcNMjQxMDA3MDcxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjkwZjk2ODgyZDRlMGRkZjVmMjJlYWY2MjBlNTA5ZDA4NmUwYjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JjAY5ui3lLPIIi9teh3bqA0teA5
kPCeS99i9hu62AQiIVJA/9C2yy3Z958KXP4LdiJMOazKsKjiS1oeW0M2ih/W2WkJ
ibmc0ZM/4ukzZfpDYiGnz2NcgfmAqnsa+X2WKGqkT5kJT6+/3xR3ZivsUtddbhEr
q7Xg/3yFI37f4D2RBbBwib9Yrj8aGujNysA2VuPbKkSl8UEkrbdVZwbAn6ixkJAY
IWRJO+zTm53W7e00U/YG10hjhxzMXu/tIWGAw9Ihj1WITf6GzpjqaQ5nta4Rm2lw
XqpniDCI1fNaz9beWhMucyZOtjuiobK4yBwAvzhSWTlcWuYjy1cyDoGa3wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMuQ+WiC1ODd9fIur2IOUJ0IbgtrMB8GA1UdIwQY
MBaAFHAo7JzNbYYfXxr9rQBG8zyRA7oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAt
Y2NkZDA2NTYzYTVmLzEveTVENWFJTFU0TjMxOGk2dllnNVFuUWh1QzJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zYzMxNTQtNzgwMy00ZWM2LWJmNzAtY2NkZDA2NTYzYTVm
LzEvY0Nqc25NMXRoaDlmR3YydEFFYnpQSkVEdWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwAFvwME
BAW/4AMEBNmosDANBgkqhkiG9w0BAQsFAAOCAQEAFkzRvYJNGsO5bjxv5CIXiTbU
N0M+qCtQJU0NQIfnK7Ds7GS/lrk2WZZI8WAj0gssCnVm71LmUN8D1DIlAK1pxmej
enn2MqMpn60WM2fbLIXii2+Amejn770y/FKvDRGZRNkE0mbbA/d0lG9eDji389Lu
avETY8XvbHEb8IZYAJt/apEzDRJbix6i+QYpucM8Vh590ZNo2tn6Ih/DcxnV50xA
m0nqYP0aftDU04FQjlUJz3EhgkwlDOH5C0JPlfuneCORDv2Y3NhRXUcXVlmo2EAI
+7q3o6SqFljZobl2bB1y06NwQxsNbwxit2wS8jqMWjoL2E6yeU9CvNgSTHPjbw==
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:30:11 2024 by rpki-client on console-ams.rpki-client.org