Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3AyqkQ9AqkIqilgJDRkBxY7UeX0.roa
File: 3AyqkQ9AqkIqilgJDRkBxY7UeX0.roa (raw, json)
Hash identifier: A5lJtAB/A1hL2uuAFB0i10vEeLU0OVUFmHVoHSfE4Xk=
Subject key identifier: DC:0C:AA:91:0F:40:AA:42:2A:8A:58:09:0D:19:01:C5:8E:D4:79:7D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CC42561F71DA43EB71338A2DFA1BB2405
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3AyqkQ9AqkIqilgJDRkBxY7UeX0.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202673
IP address blocks: 163.5.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:61:f7:1d:a4:3e:b7:13:38:a2:df:a1:bb:24:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc0caa910f40aa422a8a58090d1901c58ed4797d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1b:ef:15:fb:ba:85:17:94:9b:13:7d:1c:e7:
32:88:4f:ef:7d:81:b9:2c:91:79:5a:41:b6:80:ea:
29:74:c1:12:3b:1c:56:12:f1:25:c4:4b:6b:f8:55:
3f:fa:2a:07:10:ea:2d:58:07:f8:3f:5d:fa:98:bf:
12:28:70:29:82:d4:c9:dc:f1:22:94:57:5e:d8:b3:
30:c6:7b:3c:5c:e4:94:e1:73:03:b6:21:40:f9:86:
ab:0e:cd:3f:95:67:a8:7e:86:f5:04:dd:fe:02:9d:
57:12:69:69:57:84:c2:bd:a1:1b:47:11:d0:4a:08:
8a:90:ab:6e:fd:32:21:f0:58:2e:f4:79:25:bc:f2:
34:7c:fd:52:96:cb:9b:4e:90:20:c6:04:96:8d:58:
e6:74:64:e9:ab:3d:e8:49:81:63:eb:c7:23:2d:c3:
c9:3f:1d:24:94:70:4b:1f:4e:b4:a4:00:45:d3:77:
48:b0:0f:d5:82:fc:10:56:bb:36:fa:2c:1a:92:39:
28:6e:26:04:1f:a6:00:8f:ea:64:ac:e4:d7:66:92:
cf:85:bb:e6:8c:f2:39:86:25:be:c2:00:5a:e9:49:
ae:b1:b7:de:15:53:b1:9c:e0:78:99:a1:ec:8c:7b:
eb:27:6e:d5:02:63:e3:82:f7:5f:5d:a2:fb:d4:8e:
99:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:0C:AA:91:0F:40:AA:42:2A:8A:58:09:0D:19:01:C5:8E:D4:79:7D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/3AyqkQ9AqkIqilgJDRkBxY7UeX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:7b:de:c1:ba:49:a5:b6:bc:da:41:cb:be:b3:c1:4d:c9:13:
f8:c1:c5:ff:2e:ee:17:7c:fc:e7:49:45:0e:8d:17:47:27:a7:
51:f6:f1:2d:53:13:73:38:d0:95:73:68:15:a4:a6:10:b3:79:
e6:ec:41:ba:31:af:22:47:01:9c:e0:8b:08:8f:28:56:e9:3e:
23:a1:f8:fb:ec:6d:6a:b6:4b:7b:e0:71:0a:96:57:fb:52:ec:
e8:76:d6:f4:6f:19:d1:b7:58:a7:35:c8:dc:14:a5:c0:b6:f5:
2b:81:a9:0c:52:42:10:cf:cb:b2:ce:cf:5a:eb:f0:38:4c:01:
11:62:88:df:93:e3:08:6b:02:37:e4:26:fd:ce:ea:47:16:db:
fb:08:39:b8:78:2a:7d:70:7a:1f:6a:d3:90:59:51:a5:57:7c:
b6:9b:6e:04:36:36:cf:a2:f7:de:6a:47:cf:23:d2:6d:a1:df:
82:d4:ad:5f:2b:4b:06:1b:a9:f7:62:14:64:20:b4:c6:d4:23:
e9:49:66:5d:17:b5:94:98:0a:e1:1c:15:a7:d9:40:71:31:dc:
d4:ce:87:32:b5:b0:49:7d:ec:d4:1b:dd:c7:6e:ec:f5:cb:3c:
08:e7:71:fc:6e:7c:90:e0:d0:84:04:2a:9a:60:00:0c:fa:a4:
3d:3f:df:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJWH3HaQ+txM4ot+huyQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzBjYWE5MTBmNDBhYTQyMmE4YTU4MDkwZDE5MDFjNThlZDQ3OTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRvvFfu6hReUmxN9HOcyiE/vfYG5
LJF5WkG2gOopdMESOxxWEvElxEtr+FU/+ioHEOotWAf4P136mL8SKHApgtTJ3PEi
lFde2LMwxns8XOSU4XMDtiFA+YarDs0/lWeofob1BN3+Ap1XEmlpV4TCvaEbRxHQ
SgiKkKtu/TIh8Fgu9HklvPI0fP1SlsubTpAgxgSWjVjmdGTpqz3oSYFj68cjLcPJ
Px0klHBLH060pABF03dIsA/VgvwQVrs2+iwakjkobiYEH6YAj+pkrOTXZpLPhbvm
jPI5hiW+wgBa6UmusbfeFVOxnOB4maHsjHvrJ27VAmPjgvdfXaL71I6Z8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNwMqpEPQKpCKopYCQ0ZAcWO1Hl9MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvM0F5cWtROUFxa0lxaWxnSkRSa0J4WTdVZVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowV4MA0G
CSqGSIb3DQEBCwUAA4IBAQCfe97BukmltrzaQcu+s8FNyRP4wcX/Lu4XfPznSUUO
jRdHJ6dR9vEtUxNzONCVc2gVpKYQs3nm7EG6Ma8iRwGc4IsIjyhW6T4jofj77G1q
tkt74HEKllf7Uuzodtb0bxnRt1inNcjcFKXAtvUrgakMUkIQz8uyzs9a6/A4TAER
Yojfk+MIawI35Cb9zupHFtv7CDm4eCp9cHofatOQWVGlV3y2m24ENjbPovfeakfP
I9Jtod+C1K1fK0sGG6n3YhRkILTG1CPpSWZdF7WUmArhHBWn2UBxMdzUzocytbBJ
fezUG93Hbuz1yzwI53H8bnyQ4NCEBCqaYAAM+qQ9P99k
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:34:50 2024 by rpki-client on console-fra.rpki-client.org