Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DXarJMcTBS7rgw-cMGJzFCCswMo.roa
File: DXarJMcTBS7rgw-cMGJzFCCswMo.roa (raw, json)
Hash identifier: zvMiWnwiMHYT37DsLzw9ungLM8Hqh9RRpBgZUTpq3iE=
Subject key identifier: 0D:76:AB:24:C7:13:05:2E:EB:83:0F:9C:30:62:73:14:20:AC:C0:CA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0193122A4CFC6F71122103987FAF1FBDA36F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DXarJMcTBS7rgw-cMGJzFCCswMo.roa
Signing time: Sat 09 Nov 2024 18:23:02 +0000
ROA not before: Sat 09 Nov 2024 18:23:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.99.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:12:2a:4c:fc:6f:71:12:21:03:98:7f:af:1f:bd:a3:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 9 18:23:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d76ab24c713052eeb830f9c3062731420acc0ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1a:1a:6c:77:b6:a5:76:5a:1d:ed:57:32:45:
91:f3:35:26:f6:1a:c4:55:e7:99:2a:45:46:07:ad:
be:4d:9d:26:5c:2c:6b:6b:fb:1b:82:6d:e8:f0:70:
4c:af:0e:13:99:f3:a8:89:82:78:b6:be:c9:2f:b0:
d3:8c:1d:03:83:db:7d:c9:17:ee:32:7a:5d:23:b3:
7f:4b:b3:b6:9e:d8:7a:5c:71:9b:1a:49:07:ec:fd:
c0:44:1e:5f:fb:44:e7:86:98:e7:40:f9:b8:5f:04:
97:cb:7e:12:22:be:08:08:44:32:be:91:4d:b4:c2:
b2:69:7f:a5:3b:1c:ca:90:fc:e3:0a:ce:55:37:f7:
fb:ea:fe:44:0c:9b:b9:6a:08:61:14:9d:a9:91:2d:
00:d6:a1:72:4a:73:34:93:4a:0b:59:f5:73:2d:d1:
66:58:7a:00:68:91:2a:e4:1b:97:ad:db:26:50:c4:
ab:e5:b7:c6:62:02:8e:65:41:7d:35:d7:68:d4:fb:
17:0d:46:b1:b3:8e:03:a9:27:83:6e:71:76:f4:b6:
37:c5:7d:06:1e:34:d5:d3:65:84:2e:84:94:91:a3:
c7:a7:fb:d6:2d:1c:10:57:b6:21:c6:1e:1a:3a:37:
c7:ae:89:5e:53:32:26:a7:1d:18:f9:e2:0b:28:34:
03:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:76:AB:24:C7:13:05:2E:EB:83:0F:9C:30:62:73:14:20:AC:C0:CA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DXarJMcTBS7rgw-cMGJzFCCswMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.99.0/24
163.5.142.0/23
163.5.192.0/23
163.5.213.0-163.5.214.255
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:2c:72:66:21:32:b1:b8:51:46:70:f5:28:89:dd:5c:eb:17:
d5:8a:b4:0f:ea:9e:45:5e:08:70:d9:d7:82:06:24:25:44:6e:
73:08:60:56:3e:6f:ad:79:cb:86:b8:09:48:4c:65:1e:35:2b:
eb:3c:98:bb:6f:99:76:11:47:72:6b:74:c5:7e:2b:8b:77:85:
b0:0c:e9:ac:46:c4:7c:e0:9c:ab:68:40:d8:89:35:0a:25:3a:
82:56:5c:2c:81:d3:4c:14:ed:ca:a8:0a:1c:50:1d:8d:4b:15:
97:00:3b:9e:43:45:9b:a9:bb:4e:6a:03:5a:eb:c5:a5:2f:8e:
91:69:87:bc:55:45:f6:1d:3e:c7:0b:91:23:00:ce:1a:fc:2b:
1d:64:d9:f3:01:72:b3:f4:fc:2d:62:23:1e:af:6d:a6:2a:35:
10:51:3b:aa:3e:e7:c7:10:e8:e2:91:aa:fb:3d:b8:98:39:80:
35:4c:44:c3:e4:25:01:48:01:cb:25:f6:58:88:5b:b9:fb:58:
f3:c8:ca:bc:28:1d:42:a8:75:77:4b:2e:0f:70:6c:2c:6c:e1:
7e:46:5d:78:b3:be:15:60:3e:5f:45:5b:1a:3b:5e:76:d8:dc:
49:0a:9b:2e:89:77:61:67:62:bf:48:1e:6e:f3:63:1d:c2:ac:
98:5d:c2:68
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZMSKkz8b3ESIQOYf68fvaNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTA5MTgyMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDc2YWIyNGM3MTMwNTJlZWI4MzBmOWMzMDYyNzMxNDIwYWNjMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hoabHe2pXZaHe1XMkWR8zUm9hrE
VeeZKkVGB62+TZ0mXCxra/sbgm3o8HBMrw4TmfOoiYJ4tr7JL7DTjB0Dg9t9yRfu
MnpdI7N/S7O2nth6XHGbGkkH7P3ARB5f+0TnhpjnQPm4XwSXy34SIr4ICEQyvpFN
tMKyaX+lOxzKkPzjCs5VN/f76v5EDJu5aghhFJ2pkS0A1qFySnM0k0oLWfVzLdFm
WHoAaJEq5BuXrdsmUMSr5bfGYgKOZUF9Nddo1PsXDUaxs44DqSeDbnF29LY3xX0G
HjTV02WELoSUkaPHp/vWLRwQV7Yhxh4aOjfHroleUzImpx0Y+eILKDQDWwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFA12qyTHEwUu64MPnDBicxQgrMDKMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRFhhckpNY1RCUzdyZ3ctY01HSnpGQ0Nzd01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowVjAwQB
owWOAwQBowXAMAwDBACjBdUDBACjBdYDBAC5/TYwDQYJKoZIhvcNAQELBQADggEB
AHoscmYhMrG4UUZw9SiJ3VzrF9WKtA/qnkVeCHDZ14IGJCVEbnMIYFY+b615y4a4
CUhMZR41K+s8mLtvmXYRR3JrdMV+K4t3hbAM6axGxHzgnKtoQNiJNQolOoJWXCyB
00wU7cqoChxQHY1LFZcAO55DRZupu05qA1rrxaUvjpFph7xVRfYdPscLkSMAzhr8
Kx1k2fMBcrP0/C1iIx6vbaYqNRBRO6o+58cQ6OKRqvs9uJg5gDVMRMPkJQFIAcsl
9liIW7n7WPPIyrwoHUKodXdLLg9wbCxs4X5GXXizvhVgPl9FWxo7XnbY3EkKmy6J
d2FnYr9IHm7zYx3CrJhdwmg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:47:08 2024 by rpki-client on console-fra.rpki-client.org