Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/P1_yPApzj2lJAnfFiM64MpLzWk0.roa
File: P1_yPApzj2lJAnfFiM64MpLzWk0.roa (raw, json)
Hash identifier: 8Zo/3NoNhRfNoFOXXKUwoXsJmkMbWX29k4lJdqAImlU=
Subject key identifier: 3F:5F:F2:3C:0A:73:8F:69:49:02:77:C5:88:CE:B8:32:92:F3:5A:4D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018E72079D5F2659E000DB42E894D282907A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/P1_yPApzj2lJAnfFiM64MpLzWk0.roa
Signing time: Sun 24 Mar 2024 19:54:45 +0000
ROA not before: Sun 24 Mar 2024 19:54:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 163.5.157.0/24 maxlen: 24
163.5.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:72:07:9d:5f:26:59:e0:00:db:42:e8:94:d2:82:90:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 24 19:54:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f5ff23c0a738f69490277c588ceb83292f35a4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:9f:13:99:4a:24:f2:c6:2e:15:dd:55:39:eb:
62:79:3e:b4:2b:a3:0b:9b:ee:d5:8b:65:1e:16:14:
23:c0:e8:1c:51:23:8f:bd:5d:c7:4f:45:ea:8b:0c:
0f:24:81:65:51:72:a1:85:bb:92:54:2f:35:73:69:
06:a4:58:48:3c:88:ae:50:35:db:2f:3e:ca:e8:8d:
96:7e:83:f5:bc:c8:68:e3:aa:d0:92:78:5e:fc:0e:
6b:9c:30:18:52:76:b4:15:77:88:36:fc:08:25:d2:
23:0a:1d:fd:de:07:d4:c7:e6:5c:44:d9:33:e9:ba:
8f:76:13:78:8a:b3:00:17:bf:a2:73:73:b2:b2:2a:
39:a5:ad:02:47:ae:83:b6:9f:de:5e:81:49:71:b7:
4b:5b:4b:b3:ec:49:61:14:fe:43:d9:6d:2c:94:c9:
b0:64:8a:9e:57:24:5e:0a:01:8f:45:2d:dd:9c:21:
d3:e5:a3:b4:63:67:82:76:86:2a:98:57:bd:5a:a4:
d4:2b:85:7d:d1:aa:8f:fe:ed:91:43:28:d2:89:38:
f0:ea:cf:74:89:b5:e8:90:0b:72:11:d4:d8:f4:35:
0d:98:ee:eb:55:e3:9a:f2:e0:6a:a1:33:a9:03:fc:
16:77:25:bd:bb:eb:9b:fb:63:8f:8d:a5:ef:57:74:
fe:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:5F:F2:3C:0A:73:8F:69:49:02:77:C5:88:CE:B8:32:92:F3:5A:4D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/P1_yPApzj2lJAnfFiM64MpLzWk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.157.0/24
163.5.194.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:8f:b6:99:9c:e9:ad:b2:57:a7:f0:2e:95:12:fc:fe:50:cc:
95:a7:c0:42:57:35:ed:b9:e8:20:8b:e0:0f:03:ca:8f:d5:7c:
73:4e:1f:4e:f2:be:56:e2:0d:b6:67:a3:dc:7f:22:ca:1a:6e:
92:bd:3c:e1:95:b6:d0:f9:7a:b7:77:c7:f9:21:b3:99:63:b4:
40:d3:94:1d:3d:46:19:17:a4:a6:4f:c8:df:da:c7:b6:68:92:
96:54:6d:89:c0:0b:ee:8b:a5:81:9c:e0:82:46:ae:60:8c:60:
df:f6:16:88:12:7b:5c:62:cb:d6:94:3e:a1:f9:c5:d1:7a:d6:
69:81:ca:e4:45:a7:c0:85:80:8a:a8:b1:43:62:e1:ff:2c:64:
b7:4b:fa:5f:58:42:51:f6:8a:bd:8d:bd:bb:14:99:1a:8d:63:
7a:64:ac:6d:05:20:bb:9d:ff:17:cd:c6:70:f3:7c:4f:47:2c:
97:76:65:3e:5a:4b:34:77:85:7f:1c:c8:58:d2:ed:52:a4:29:
28:23:96:57:4c:a5:66:07:7e:f3:01:46:d4:72:f6:b0:0f:80:
dd:3b:a6:bb:dd:25:85:e6:3d:7e:f9:7e:48:a1:00:13:0e:21:
34:b5:4d:12:1f:13:df:08:b3:e4:de:f2:42:4b:a8:ca:4a:95:
aa:ad:69:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5yB51fJlngANtC6JTSgpB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMzI0MTk1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjVmZjIzYzBhNzM4ZjY5NDkwMjc3YzU4OGNlYjgzMjkyZjM1YTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnp8TmUok8sYuFd1VOetieT60K6ML
m+7Vi2UeFhQjwOgcUSOPvV3HT0XqiwwPJIFlUXKhhbuSVC81c2kGpFhIPIiuUDXb
Lz7K6I2WfoP1vMho46rQknhe/A5rnDAYUna0FXeINvwIJdIjCh393gfUx+ZcRNkz
6bqPdhN4irMAF7+ic3Oysio5pa0CR66Dtp/eXoFJcbdLW0uz7ElhFP5D2W0slMmw
ZIqeVyReCgGPRS3dnCHT5aO0Y2eCdoYqmFe9WqTUK4V90aqP/u2RQyjSiTjw6s90
ibXokAtyEdTY9DUNmO7rVeOa8uBqoTOpA/wWdyW9u+ub+2OPjaXvV3T+gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD9f8jwKc49pSQJ3xYjOuDKS81pNMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUDFfeVBBcHpqMmxKQW5mRmlNNjRNcEx6V2swLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWdAwQA
owXCMA0GCSqGSIb3DQEBCwUAA4IBAQCdj7aZnOmtslen8C6VEvz+UMyVp8BCVzXt
ueggi+APA8qP1XxzTh9O8r5W4g22Z6PcfyLKGm6SvTzhlbbQ+Xq3d8f5IbOZY7RA
05QdPUYZF6SmT8jf2se2aJKWVG2JwAvui6WBnOCCRq5gjGDf9haIEntcYsvWlD6h
+cXRetZpgcrkRafAhYCKqLFDYuH/LGS3S/pfWEJR9oq9jb27FJkajWN6ZKxtBSC7
nf8XzcZw83xPRyyXdmU+Wks0d4V/HMhY0u1SpCkoI5ZXTKVmB37zAUbUcvawD4Dd
O6a73SWF5j1++X5IoQATDiE0tU0SHxPfCLPk3vJCS6jKSpWqrWmC
-----END CERTIFICATE-----
Generated at Fri May 3 02:02:44 2024 by rpki-client on console-fra.rpki-client.org