Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4F9T8gz61o3rRXkEDQyYx-cuh0I.roa
File: 4F9T8gz61o3rRXkEDQyYx-cuh0I.roa (raw, json)
Hash identifier: 3IEwn3qutQBaprERwH7FykgLXzU6xRwNeZktpurLc8o=
Subject key identifier: E0:5F:53:F2:0C:FA:D6:8D:EB:45:79:04:0D:0C:98:C7:E7:2E:87:42
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018DDA9FE4CF0D19B6C1972EB3CC07AF9505
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4F9T8gz61o3rRXkEDQyYx-cuh0I.roa
Signing time: Sat 24 Feb 2024 10:18:48 +0000
ROA not before: Sat 24 Feb 2024 10:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399486
IP address blocks: 163.5.32.0/24 maxlen: 24
163.5.64.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
163.5.181.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:da:9f:e4:cf:0d:19:b6:c1:97:2e:b3:cc:07:af:95:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 24 10:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e05f53f20cfad68deb4579040d0c98c7e72e8742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:42:76:b3:ea:f7:d0:1a:44:b5:92:0e:be:60:
3b:c4:ab:6e:78:42:82:55:ea:03:b4:31:0c:2c:57:
62:62:ff:26:76:59:be:b2:63:43:f9:5a:39:53:fc:
82:e1:9d:9d:9a:a0:0a:08:63:ba:2e:7f:ad:03:cf:
84:60:32:39:24:8a:10:bd:ab:77:ce:80:62:c7:e3:
8a:7e:7f:32:76:65:53:c2:e0:33:59:c1:ac:3d:f5:
d5:4f:97:b1:32:37:a8:a1:5e:db:91:f5:6a:97:2a:
54:33:10:b0:9a:f2:e5:ed:e1:14:7c:39:be:86:e4:
b6:87:08:81:16:4f:df:a0:dd:f0:22:e6:28:1d:91:
0f:9a:92:b6:ce:1a:c5:5c:3a:84:7f:4c:15:60:78:
6c:3e:df:d9:78:96:26:95:1e:4b:47:d7:ec:24:88:
0b:58:e5:44:9b:cb:1e:f4:9d:e1:b0:7a:13:27:64:
4f:50:bb:68:b3:e2:5a:61:c8:71:5b:9b:a8:92:88:
99:a5:0f:17:49:9f:85:4b:65:ae:cc:ca:d6:71:c1:
a0:a3:7c:02:c5:18:b2:7d:74:2a:d0:54:01:bf:7d:
7b:3b:ec:0b:4d:8b:5e:20:75:89:44:db:9d:ab:05:
52:ae:c7:bb:50:4a:6c:21:26:ad:18:bf:6f:f7:ec:
c6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:5F:53:F2:0C:FA:D6:8D:EB:45:79:04:0D:0C:98:C7:E7:2E:87:42
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4F9T8gz61o3rRXkEDQyYx-cuh0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.64.0/24
163.5.106.0/24
163.5.112.0/24
163.5.160.0/24
163.5.169.0/24
163.5.181.0/24
163.5.210.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:9c:59:2b:3f:f3:aa:1f:9f:d2:9a:f4:29:0e:b8:1a:14:44:
21:d5:d8:82:c1:2e:50:5d:9d:3f:ec:76:6e:5d:5b:b1:5b:0c:
ba:c7:b6:b1:71:9b:9a:84:b4:1f:1b:fc:60:9d:1b:6c:32:f2:
06:92:c9:0a:04:63:cf:93:20:46:12:e9:2a:49:cb:ab:c3:92:
45:6a:5a:49:89:ce:f2:47:70:71:33:2a:97:1d:cb:c3:fe:8c:
38:c5:7f:63:ab:c8:88:e0:7d:12:d4:34:2a:bb:e1:50:5d:c9:
f1:c0:d4:89:04:f3:ae:a2:b8:55:99:82:a1:e5:76:1b:43:c8:
77:2b:ba:25:83:18:21:59:92:bc:e7:2c:05:df:7c:1d:12:be:
7e:ec:0a:11:c6:f6:0d:ff:06:ae:57:c2:85:da:fe:cd:31:0e:
3a:50:45:14:6a:ff:c1:65:e9:ed:08:1c:03:d0:41:d6:0b:9e:
59:92:5d:b2:bd:fa:97:02:37:63:9f:73:b0:6c:5b:a2:26:8d:
6b:26:30:0a:61:da:f8:d2:d3:db:d8:dc:a7:c9:10:1a:4d:42:
a2:c0:75:68:78:20:50:29:b9:80:dc:02:95:64:bd:e6:b1:58:
51:4d:35:7b:38:46:bc:cc:40:b3:87:36:9f:dd:f3:fc:1f:09:
5a:af:f0:fa
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY3an+TPDRm2wZcus8wHr5UFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjI0MTAxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDVmNTNmMjBjZmFkNjhkZWI0NTc5MDQwZDBjOThjN2U3MmU4NzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEJ2s+r30BpEtZIOvmA7xKtueEKC
VeoDtDEMLFdiYv8mdlm+smND+Vo5U/yC4Z2dmqAKCGO6Ln+tA8+EYDI5JIoQvat3
zoBix+OKfn8ydmVTwuAzWcGsPfXVT5exMjeooV7bkfVqlypUMxCwmvLl7eEUfDm+
huS2hwiBFk/foN3wIuYoHZEPmpK2zhrFXDqEf0wVYHhsPt/ZeJYmlR5LR9fsJIgL
WOVEm8se9J3hsHoTJ2RPULtos+JaYchxW5uokoiZpQ8XSZ+FS2WuzMrWccGgo3wC
xRiyfXQq0FQBv317O+wLTYteIHWJRNudqwVSrse7UEpsISatGL9v9+zGcwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOBfU/IM+taN60V5BA0MmMfnLodCMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNEY5VDhnejYxbzNyUlhrRURReVl4LWN1aDBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAowUgAwQA
owVAAwQAowVqAwQAowVwAwQAowWgAwQAowWpAwQAowW1AwQAowXSMA0GCSqGSIb3
DQEBCwUAA4IBAQBPnFkrP/OqH5/SmvQpDrgaFEQh1diCwS5QXZ0/7HZuXVuxWwy6
x7axcZuahLQfG/xgnRtsMvIGkskKBGPPkyBGEukqScurw5JFalpJic7yR3BxMyqX
HcvD/ow4xX9jq8iI4H0S1DQqu+FQXcnxwNSJBPOuorhVmYKh5XYbQ8h3K7olgxgh
WZK85ywF33wdEr5+7AoRxvYN/wauV8KF2v7NMQ46UEUUav/BZentCBwD0EHWC55Z
kl2yvfqXAjdjn3OwbFuiJo1rJjAKYdr40tPb2NynyRAaTUKiwHVoeCBQKbmA3AKV
ZL3msVhRTTV7OEa8zECzhzaf3fP8Hwlar/D6
-----END CERTIFICATE-----
Generated at Fri May 3 06:23:23 2024 by rpki-client on console-ams.rpki-client.org