Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/pofQTCd4QsyPiD8FzNaae7G5FVM.roa
File: pofQTCd4QsyPiD8FzNaae7G5FVM.roa (raw, json)
Hash identifier: 7hMsNV5NjsANoxAqGA0JUWLvCD0+WLV52TM6+c0YiEM=
Subject key identifier: A6:87:D0:4C:27:78:42:CC:8F:88:3F:05:CC:D6:9A:7B:B1:B9:15:53
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 018CC86EFEED97516A7ED7B2522143AEBD77
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/pofQTCd4QsyPiD8FzNaae7G5FVM.roa
Signing time: Tue 02 Jan 2024 04:29:26 +0000
ROA not before: Tue 02 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 5.57.80.0/22 maxlen: 22
2001:7f8:17::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:fe:ed:97:51:6a:7e:d7:b2:52:21:43:ae:bd:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jan 2 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a687d04c277842cc8f883f05ccd69a7bb1b91553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7c:f9:5a:78:eb:84:29:32:4f:fa:30:2c:fa:
2b:18:c7:5b:13:0b:c8:c4:67:bf:fd:8e:29:0f:a5:
d1:3b:c5:b0:c4:b4:84:74:fa:17:13:75:03:16:ff:
84:6c:93:a7:f9:3f:48:bf:ae:4a:20:43:f7:8a:30:
0f:00:62:30:26:e4:50:66:e1:93:11:1d:e0:c4:7c:
1e:c3:c4:42:06:73:f2:06:f0:ea:be:ad:6b:fc:b5:
96:e4:58:b3:73:85:7c:26:5f:cd:b3:d8:da:94:b5:
7b:b3:e7:58:38:bc:07:09:66:f1:a0:8d:23:80:d0:
fb:f1:d6:ff:19:d9:af:14:4a:58:04:5d:3e:cb:10:
1a:64:ab:e5:65:f4:aa:d4:67:f9:24:28:72:e8:82:
ee:7e:24:0a:5a:92:84:fb:13:8d:21:92:04:ec:18:
21:01:6f:8c:df:98:b4:77:2b:9a:d0:95:f9:b3:f6:
07:a0:b0:35:e9:5d:cc:cf:3b:03:5b:0f:e4:4e:9b:
7f:58:52:ca:4b:71:c4:9f:26:77:44:dc:cb:1c:32:
d5:27:1a:cf:85:1d:a3:b5:81:bb:47:29:c8:da:29:
59:32:18:10:c6:0d:cd:f9:16:2f:d3:bb:01:e9:df:
39:2d:7a:22:ac:9a:64:86:e9:dc:f6:ed:06:e2:39:
13:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:87:D0:4C:27:78:42:CC:8F:88:3F:05:CC:D6:9A:7B:B1:B9:15:53
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/pofQTCd4QsyPiD8FzNaae7G5FVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.80.0/22
IPv6:
2001:7f8:17::/64
Signature Algorithm: sha256WithRSAEncryption
89:6f:14:72:89:47:cc:17:b6:35:e8:34:9d:d3:82:08:49:39:
2b:55:17:7b:82:45:61:7e:5d:33:9f:89:3c:31:1b:bd:7f:70:
85:de:51:29:81:30:1a:0c:87:92:8f:a0:bf:10:c8:56:55:05:
2f:f7:7c:47:7c:83:04:8e:ac:c8:f0:d9:80:5e:ae:ea:28:fa:
97:ef:d6:64:1d:06:bf:df:5e:d4:aa:c9:af:70:20:16:6b:ee:
35:3c:92:f1:e4:d6:0f:77:db:f0:cf:54:e9:fe:13:2e:2f:68:
b4:5f:f9:74:c2:58:42:91:32:3e:49:ba:a4:30:e6:2b:c3:fd:
d5:01:1a:ad:be:59:cf:17:fa:c3:2b:97:c7:ce:2c:e4:47:0d:
25:8c:eb:c7:4a:8e:7e:9f:84:83:0c:40:e7:f1:2a:84:65:35:
5e:2f:22:6c:ec:c9:4b:55:47:bd:a6:e5:c2:2b:66:cf:a7:cd:
b7:c8:8d:b6:8d:94:1e:c9:90:84:0e:d8:27:97:e6:4d:98:b3:
91:28:a5:eb:36:9b:ae:e7:f3:e9:23:47:f2:ce:26:6f:4a:0b:
83:fb:37:a4:15:d3:93:f9:25:5a:65:e4:88:87:bc:e3:c9:0e:
80:b3:2c:54:00:4e:6f:51:d5:5e:b6:51:5a:91:d5:10:c1:19:
ee:0c:1e:5f
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzIbv7tl1FqfteyUiFDrr13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQwN2I0NWY3ZDgzMTI0YzlmOGMwZmFjMDNiZWMwMjQ2
OGIzN2UwHhcNMjQwMTAyMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjg3ZDA0YzI3Nzg0MmNjOGY4ODNmMDVjY2Q2OWE3YmIxYjkxNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnz5WnjrhCkyT/owLPorGMdbEwvI
xGe//Y4pD6XRO8WwxLSEdPoXE3UDFv+EbJOn+T9Iv65KIEP3ijAPAGIwJuRQZuGT
ER3gxHwew8RCBnPyBvDqvq1r/LWW5Fizc4V8Jl/Ns9jalLV7s+dYOLwHCWbxoI0j
gND78db/GdmvFEpYBF0+yxAaZKvlZfSq1Gf5JChy6ILufiQKWpKE+xONIZIE7Bgh
AW+M35i0dyua0JX5s/YHoLA16V3MzzsDWw/kTpt/WFLKS3HEnyZ3RNzLHDLVJxrP
hR2jtYG7RynI2ilZMhgQxg3N+RYv07sB6d85LXoirJpkhunc9u0G4jkTxQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFKaH0EwneELMj4g/BczWmnuxuRVTMB8GA1UdIwQY
MBaAFF6NB7RffYMSTJ+MD6wDvsAkaLN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQt
NmM4ZmQ4NGJiNWY1LzEvcG9mUVRDZDRRc3lQaUQ4RnpOYWFlN0c1RlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQtNmM4ZmQ4NGJiNWY1
LzEvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAMBAIAATAGAwQCBTlQMBEE
AgACMAsDCQAgAQf4ABcAADANBgkqhkiG9w0BAQsFAAOCAQEAiW8UcolHzBe2Neg0
ndOCCEk5K1UXe4JFYX5dM5+JPDEbvX9whd5RKYEwGgyHko+gvxDIVlUFL/d8R3yD
BI6syPDZgF6u6ij6l+/WZB0Gv99e1KrJr3AgFmvuNTyS8eTWD3fb8M9U6f4TLi9o
tF/5dMJYQpEyPkm6pDDmK8P91QEarb5Zzxf6wyuXx84s5EcNJYzrx0qOfp+EgwxA
5/EqhGU1Xi8ibOzJS1VHvablwitmz6fNt8iNto2UHsmQhA7YJ5fmTZizkSil6zab
rufz6SNH8s4mb0oLg/s3pBXTk/klWmXkiIe848kOgLMsVABOb1HVXrZRWpHVEMEZ
7gweXw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:52 2024 by rpki-client on console-ams.rpki-client.org