Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-MlsZrEKlvN4jIIrLSIGehz1a1M.roa
File: 1-MlsZrEKlvN4jIIrLSIGehz1a1M.roa (raw, json)
Hash identifier: qrUqUwTWTw2bYU6TnGVuT0iMHMgBXHqMsVd9RjVa1Uo=
Subject key identifier: F8:C9:6C:66:B1:0A:96:F3:78:8C:82:2B:2D:22:06:7A:1C:F5:6B:53
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC4254E68807F6728A907E8A94101933E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-MlsZrEKlvN4jIIrLSIGehz1a1M.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 163.5.67.0/24 maxlen: 24
163.5.98.0/24 maxlen: 24
163.5.208.0/24 maxlen: 24
163.5.217.0/24 maxlen: 24
163.5.222.0/24 maxlen: 24
163.5.115.0/24 maxlen: 24
163.5.122.0/24 maxlen: 24
163.5.249.0/24 maxlen: 24
163.5.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4e:68:80:7f:67:28:a9:07:e8:a9:41:01:93:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8c96c66b10a96f3788c822b2d22067a1cf56b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e7:61:b5:d7:dd:10:c1:d6:15:39:d6:4a:07:
4e:85:0a:f8:eb:48:1a:3c:e8:c4:4e:58:3d:c0:c4:
53:e1:de:82:ba:68:53:10:79:2a:46:75:b7:b6:4a:
d8:ad:c0:70:18:3d:06:a1:45:b0:3f:5c:92:8d:cf:
a1:4b:09:45:aa:fc:b7:77:24:85:d6:f1:be:fe:66:
ef:79:c9:59:8d:e8:53:d9:7b:a8:73:55:11:90:b2:
52:c4:0d:d0:83:e6:e1:57:82:17:b4:ce:8c:1f:65:
2e:74:be:f1:19:98:6b:5f:e8:8e:38:89:85:ab:a6:
68:17:43:4c:f0:ae:f4:ea:87:c4:a4:79:32:fa:6f:
fe:9e:09:63:b6:f2:fd:87:f5:37:a5:de:7a:5b:cb:
73:2b:67:fd:97:c9:c3:1a:89:86:c9:47:cc:97:d9:
71:fe:f8:5c:14:eb:a3:94:31:20:27:80:51:e5:15:
63:94:c6:18:ad:74:25:26:aa:46:83:0c:12:88:48:
de:9d:7b:c1:4d:9f:9a:5d:6a:81:81:bf:c9:1f:79:
9a:89:c2:30:82:bc:8a:65:88:62:46:fa:a5:b5:22:
cc:a5:b7:64:e2:97:34:55:0c:3c:90:da:77:37:19:
2e:a8:6f:92:9d:ac:9a:fc:75:43:7c:b1:ee:fe:41:
5e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:C9:6C:66:B1:0A:96:F3:78:8C:82:2B:2D:22:06:7A:1C:F5:6B:53
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1-MlsZrEKlvN4jIIrLSIGehz1a1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.37.0/24
163.5.67.0/24
163.5.98.0/24
163.5.115.0/24
163.5.122.0/24
163.5.208.0/24
163.5.217.0/24
163.5.222.0/24
163.5.249.0/24
Signature Algorithm: sha256WithRSAEncryption
66:1f:18:8d:b4:14:b6:05:bf:65:bf:5e:e9:00:fe:63:90:46:
f7:a4:a7:73:7b:94:09:2c:48:f4:14:85:f6:29:69:0f:e1:38:
af:7a:f5:58:f2:bb:21:23:5a:30:51:ba:49:74:46:24:fa:e7:
d1:c8:e0:d8:bc:80:95:28:b8:ff:78:37:16:9f:0b:67:5f:b9:
97:9e:54:8e:6a:bf:f9:94:fc:87:9a:7c:df:55:aa:fd:d7:2d:
1f:ce:d8:83:45:60:87:b5:ed:6d:04:8e:1a:5d:ae:67:bb:8c:
c3:b9:dd:c1:21:53:26:eb:b3:90:c2:3d:25:13:5f:b9:f3:31:
3d:3c:de:2c:f9:3f:df:4b:21:db:cd:01:f0:ad:5e:d1:ca:a1:
ee:70:41:8e:9e:7e:34:0e:c4:91:b0:5e:59:1d:5b:cd:12:cf:
89:38:9f:63:25:ad:f2:d2:e5:94:73:6d:4b:60:7e:cc:06:0e:
ba:53:e1:93:5e:72:22:ea:b7:f5:ff:2a:b4:f5:ab:89:9a:c3:
e8:cb:27:bd:3a:73:23:b5:3f:bc:ba:2f:6f:c3:9e:5c:33:a6:
44:57:76:f8:b1:59:a4:df:0d:22:a2:42:c8:19:14:93:b4:45:
95:0c:d3:36:b9:39:2c:78:a1:31:be:c1:10:29:43:da:fa:02:
c2:aa:cb:df
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzEJU5ogH9nKKkH6KlBAZM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGM5NmM2NmIxMGE5NmYzNzg4YzgyMmIyZDIyMDY3YTFjZjU2YjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+dhtdfdEMHWFTnWSgdOhQr460ga
POjETlg9wMRT4d6CumhTEHkqRnW3tkrYrcBwGD0GoUWwP1ySjc+hSwlFqvy3dySF
1vG+/mbveclZjehT2Xuoc1URkLJSxA3Qg+bhV4IXtM6MH2UudL7xGZhrX+iOOImF
q6ZoF0NM8K706ofEpHky+m/+ngljtvL9h/U3pd56W8tzK2f9l8nDGomGyUfMl9lx
/vhcFOujlDEgJ4BR5RVjlMYYrXQlJqpGgwwSiEjenXvBTZ+aXWqBgb/JH3maicIw
gryKZYhiRvqltSLMpbdk4pc0VQw8kNp3NxkuqG+Snaya/HVDfLHu/kFehwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPjJbGaxCpbzeIyCKy0iBnoc9WtTMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMS1NbHNackVLbHZONGpJSXJMU0lHZWh6MWExTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvZDAyZGZiLTk2NzMtNDlhOC05NzFjLTlmZTk0MTA4ZmYw
MS8xL0RPaFJ0dDFkTms3aG5nczRJQnMtamZKaVM4cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAKMFJQME
AKMFQwMEAKMFYgMEAKMFcwMEAKMFegMEAKMF0AMEAKMF2QMEAKMF3gMEAKMF+TAN
BgkqhkiG9w0BAQsFAAOCAQEAZh8YjbQUtgW/Zb9e6QD+Y5BG96Snc3uUCSxI9BSF
9ilpD+E4r3r1WPK7ISNaMFG6SXRGJPrn0cjg2LyAlSi4/3g3Fp8LZ1+5l55Ujmq/
+ZT8h5p831Wq/dctH87Yg0Vgh7XtbQSOGl2uZ7uMw7ndwSFTJuuzkMI9JRNfufMx
PTzeLPk/30sh280B8K1e0cqh7nBBjp5+NA7EkbBeWR1bzRLPiTifYyWt8tLllHNt
S2B+zAYOulPhk15yIuq39f8qtPWriZrD6MsnvTpzI7U/vLovb8OeXDOmRFd2+LFZ
pN8NIqJCyBkUk7RFlQzTNrk5LHihMb7BEClD2voCwqrL3w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:47:08 2024 by rpki-client on console-fra.rpki-client.org