Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/W1ydgh4_fONBhZpx8KbDIuHMFXM.roa
File: W1ydgh4_fONBhZpx8KbDIuHMFXM.roa (raw, json)
Hash identifier: 5Vp3eyEG9lXnTFrNn7A8Gd+1HkCX+YhFt5Q40u1c/Xo=
Subject key identifier: 5B:5C:9D:82:1E:3F:7C:E3:41:85:9A:71:F0:A6:C3:22:E1:CC:15:73
Certificate issuer: /CN=fe92ef35321bf8f722734bff9dfa63fbd0f0690a
Certificate serial: 018FCD97C8F0FFA17ABA7BEB893A60C39710
Authority key identifier: FE:92:EF:35:32:1B:F8:F7:22:73:4B:FF:9D:FA:63:FB:D0:F0:69:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_pLvNTIb-Pcic0v_nfpj-9DwaQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/W1ydgh4_fONBhZpx8KbDIuHMFXM.roa
Signing time: Fri 31 May 2024 07:40:27 +0000
ROA not before: Fri 31 May 2024 07:40:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212559
IP address blocks: 5.1.42.0/24 maxlen: 24
91.243.118.0/24 maxlen: 24
193.107.15.0/24 maxlen: 24
2a10:78c0::/29 maxlen: 32
2a10:ef40::/29 maxlen: 32
2a11:2900::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/_pLvNTIb-Pcic0v_nfpj-9DwaQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/_pLvNTIb-Pcic0v_nfpj-9DwaQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_pLvNTIb-Pcic0v_nfpj-9DwaQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cd:97:c8:f0:ff:a1:7a:ba:7b:eb:89:3a:60:c3:97:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe92ef35321bf8f722734bff9dfa63fbd0f0690a
Validity
Not Before: May 31 07:40:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5b5c9d821e3f7ce341859a71f0a6c322e1cc1573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:93:49:66:03:36:66:47:71:1b:be:2d:d1:ad:
1c:46:c4:91:81:bb:f1:58:ce:81:5f:7b:6e:95:3a:
1f:d2:31:f1:a6:ca:f0:75:1d:a8:85:aa:a2:cb:20:
f3:00:8e:cc:ec:b3:e6:a8:5c:cd:5a:af:c9:4b:74:
08:1d:30:8d:b6:dd:d8:f7:6e:d7:e0:c1:b0:74:ec:
3a:54:6c:4f:d3:d0:ef:0a:ed:20:f2:a1:12:4c:80:
6f:17:39:ab:43:10:4e:24:4a:27:a2:74:aa:0a:7e:
86:12:8f:d5:6c:e8:9f:1a:d4:67:65:b3:b5:65:0a:
a2:cc:82:43:03:82:6f:8a:71:ff:fb:08:54:6e:ab:
39:bb:ff:08:b2:21:19:f1:c8:81:25:1b:df:e4:bd:
fe:51:e5:c3:2d:d7:bd:79:7a:48:9c:0f:83:b2:33:
39:6b:f4:c8:8e:71:fd:2b:d9:45:cf:9b:89:f7:c6:
b4:38:4f:74:08:b0:69:95:d3:69:38:79:ea:9d:29:
c6:69:74:c6:e6:15:83:f8:af:28:77:0c:56:40:09:
f0:59:81:84:95:3f:cc:97:3f:27:b8:6a:dc:dc:24:
7f:12:00:ae:fb:48:82:45:8a:ac:b5:5d:87:97:c9:
44:70:fa:20:ee:1c:fb:a6:2d:1b:83:9d:1f:2d:6e:
0d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:5C:9D:82:1E:3F:7C:E3:41:85:9A:71:F0:A6:C3:22:E1:CC:15:73
X509v3 Authority Key Identifier:
keyid:FE:92:EF:35:32:1B:F8:F7:22:73:4B:FF:9D:FA:63:FB:D0:F0:69:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_pLvNTIb-Pcic0v_nfpj-9DwaQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/W1ydgh4_fONBhZpx8KbDIuHMFXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/_pLvNTIb-Pcic0v_nfpj-9DwaQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.42.0/24
91.243.118.0/24
193.107.15.0/24
IPv6:
2a10:78c0::/29
2a10:ef40::/29
2a11:2900::/29
Signature Algorithm: sha256WithRSAEncryption
58:ab:53:e3:78:3e:5c:ae:9c:a7:5c:9d:2f:63:f4:a1:8c:9a:
62:1a:0c:1a:f8:b5:38:c4:b1:a8:45:22:6a:3e:c1:f8:84:f1:
78:cf:28:7f:ec:e7:e0:db:b4:1b:c1:90:09:ad:c0:e1:6c:c1:
a4:5c:ad:6b:ee:a9:f5:4c:34:55:25:5c:74:f3:c9:14:38:a9:
a3:29:c2:24:c7:81:25:f7:7c:1d:55:17:95:b5:d3:9f:97:ae:
9a:e5:a6:55:35:92:d9:67:1f:67:4d:9d:47:7a:93:c3:fd:ea:
1a:33:c0:0b:b4:0b:4d:55:e9:1d:69:9f:e3:3a:0b:95:aa:66:
f5:a4:13:aa:48:48:e5:cb:c5:ed:8d:4b:34:77:44:10:50:3d:
d7:02:b0:3d:92:58:f3:12:a3:e6:7c:27:b5:3a:17:bc:26:ec:
4a:d4:1d:99:ac:87:5b:b0:44:55:08:50:3f:31:f2:99:25:67:
25:a9:4f:19:75:e1:8a:a7:6c:bd:2f:5a:3e:a3:4f:95:60:dc:
21:64:e5:4a:e3:16:2a:76:4c:95:c3:cd:4d:4a:db:ae:e6:97:
e2:96:cb:18:b8:37:17:67:83:dd:fa:6d:58:ca:5f:e7:45:d6:
c7:c8:fb:7a:8f:6f:73:17:3f:80:34:1c:2a:f9:88:8c:78:e6:
71:c0:96:f7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY/Nl8jw/6F6unvriTpgw5cQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlOTJlZjM1MzIxYmY4ZjcyMjczNGJmZjlkZmE2M2ZiZDBm
MDY5MGEwHhcNMjQwNTMxMDc0MDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjVjOWQ4MjFlM2Y3Y2UzNDE4NTlhNzFmMGE2YzMyMmUxY2MxNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJNJZgM2ZkdxG74t0a0cRsSRgbvx
WM6BX3tulTof0jHxpsrwdR2ohaqiyyDzAI7M7LPmqFzNWq/JS3QIHTCNtt3Y927X
4MGwdOw6VGxP09DvCu0g8qESTIBvFzmrQxBOJEononSqCn6GEo/VbOifGtRnZbO1
ZQqizIJDA4JvinH/+whUbqs5u/8IsiEZ8ciBJRvf5L3+UeXDLde9eXpInA+DsjM5
a/TIjnH9K9lFz5uJ98a0OE90CLBpldNpOHnqnSnGaXTG5hWD+K8odwxWQAnwWYGE
lT/Mlz8nuGrc3CR/EgCu+0iCRYqstV2Hl8lEcPog7hz7pi0bg50fLW4N4QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFtcnYIeP3zjQYWacfCmwyLhzBVzMB8GA1UdIwQY
MBaAFP6S7zUyG/j3InNL/536Y/vQ8GkKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3BMdk5USWItUGNpYzB2X25mcGotOUR3YVFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kMjcyNWQtODAwMS00MWYxLTgwZTUt
YTllZWYyOTRhYzM0LzEvVzF5ZGdoNF9mT05CaFpweDhLYkRJdUhNRlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kMjcyNWQtODAwMS00MWYxLTgwZTUtYTllZWYyOTRhYzM0
LzEvX3BMdk5USWItUGNpYzB2X25mcGotOUR3YVFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQABQEqAwQA
W/N2AwQAwWsPMBsEAgACMBUDBQMqEHjAAwUDKhDvQAMFAyoRKQAwDQYJKoZIhvcN
AQELBQADggEBAFirU+N4PlyunKdcnS9j9KGMmmIaDBr4tTjEsahFImo+wfiE8XjP
KH/s5+DbtBvBkAmtwOFswaRcrWvuqfVMNFUlXHTzyRQ4qaMpwiTHgSX3fB1VF5W1
05+XrprlplU1ktlnH2dNnUd6k8P96hozwAu0C01V6R1pn+M6C5WqZvWkE6pISOXL
xe2NSzR3RBBQPdcCsD2SWPMSo+Z8J7U6F7wm7ErUHZmsh1uwRFUIUD8x8pklZyWp
Txl14YqnbL0vWj6jT5Vg3CFk5UrjFip2TJXDzU1K267ml+KWyxi4Nxdng936bVjK
X+dF1sfI+3qPb3MXP4A0HCr5iIx45nHAlvc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:05 2024 by rpki-client on console-ams.rpki-client.org