Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TWwfg_H1o3TmsAkeC_LWUaqo7-0.roa
File: TWwfg_H1o3TmsAkeC_LWUaqo7-0.roa (raw, json)
Hash identifier: xwJbLwfVqTpnAqOG1r0RC27myVIM+oB+T+hxMsqSYEQ=
Subject key identifier: 4D:6C:1F:83:F1:F5:A3:74:E6:B0:09:1E:0B:F2:D6:51:AA:A8:EF:ED
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D7E7900032DBBD8C56922B9496BDE84D8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TWwfg_H1o3TmsAkeC_LWUaqo7-0.roa
Signing time: Tue 06 Feb 2024 12:51:15 +0000
ROA not before: Tue 06 Feb 2024 12:51:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.94.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:79:00:03:2d:bb:d8:c5:69:22:b9:49:6b:de:84:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 6 12:51:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d6c1f83f1f5a374e6b0091e0bf2d651aaa8efed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d8:78:5c:88:ea:82:98:95:98:68:4e:5a:87:
05:d1:02:8d:de:3a:1c:47:1f:88:1a:93:61:52:11:
1b:4e:c6:96:d0:ce:c0:f1:b4:ec:e7:2c:e7:01:bc:
ea:34:41:d9:8f:8e:ab:ba:72:d7:b6:21:99:04:34:
0d:07:d1:aa:f0:66:9f:93:86:39:b9:01:e0:cf:c2:
20:83:4d:da:06:cf:d6:09:06:a1:9b:90:58:2d:20:
03:7e:8e:a5:4d:31:53:6f:e6:c7:65:ed:65:0f:fe:
e6:f6:56:a9:84:8a:bd:a2:a8:f5:eb:07:8e:3a:df:
dd:87:a4:cf:0e:67:ff:86:f6:a9:49:b4:6b:1f:f6:
7a:88:70:c6:a5:28:60:26:0c:ae:80:19:af:80:88:
30:63:2a:80:b1:a1:1a:78:ee:11:b8:d0:97:30:e2:
98:d0:33:cc:e3:a1:50:30:09:38:df:e6:79:be:b6:
91:7a:5d:b5:12:e8:61:c9:1f:4b:20:f5:89:7e:10:
ad:88:b9:ca:db:c5:3f:6b:15:f5:1a:64:52:08:d8:
40:cf:f0:29:a4:93:78:52:1e:9d:5e:9c:ed:11:8c:
fa:9a:ad:19:75:2e:88:1a:1a:ad:f6:52:4a:7f:59:
3a:af:b4:50:98:bc:4f:5b:5b:e8:3e:31:0f:b9:b6:
01:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6C:1F:83:F1:F5:A3:74:E6:B0:09:1E:0B:F2:D6:51:AA:A8:EF:ED
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/TWwfg_H1o3TmsAkeC_LWUaqo7-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.62.0/24
163.5.94.0/24
163.5.142.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
07:0f:20:94:f3:55:40:f5:07:a3:b4:dc:05:46:c3:e7:5c:97:
7e:34:82:a4:34:c8:e1:3d:51:ba:3b:5c:59:d6:b5:28:9f:88:
68:c6:73:dd:d7:ab:65:ad:14:44:5f:e1:ad:70:dd:6c:27:2b:
0f:4c:95:c7:a9:1d:c8:e2:06:11:38:e9:b4:cf:81:25:cb:96:
48:cd:7c:19:73:a5:be:15:49:6f:ed:82:ca:f6:4d:e5:3c:17:
e3:b0:44:cc:6c:f7:33:4b:e5:34:8c:cb:82:c6:3e:cc:92:4c:
7a:9e:ee:2d:6b:7b:c5:c0:3f:53:ee:19:3a:ea:de:8d:63:ce:
d0:13:c6:0a:5f:47:05:c6:71:47:09:f3:80:ba:52:d9:d2:ad:
ac:25:60:c8:ec:5a:1b:44:50:8f:ee:d1:28:72:ec:56:91:59:
72:cd:5d:e2:f8:82:0b:e4:00:21:34:cd:d7:75:8a:86:12:02:
f6:3a:bd:85:8a:fa:ec:6d:27:38:f3:7c:d8:a8:6b:a8:cf:a5:
01:3a:ab:ec:01:7f:76:b1:d5:17:1e:0b:20:bb:72:d3:49:17:
de:16:96:22:36:43:d3:d7:8d:5a:11:10:a1:4f:80:3a:67:48:
d0:7e:02:a6:82:b8:1f:14:9a:15:56:15:9f:d5:ef:3d:15:43:
39:ef:30:4b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY1+eQADLbvYxWkiuUlr3oTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjA2MTI1MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZjMWY4M2YxZjVhMzc0ZTZiMDA5MWUwYmYyZDY1MWFhYThlZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNh4XIjqgpiVmGhOWocF0QKN3joc
Rx+IGpNhUhEbTsaW0M7A8bTs5yznAbzqNEHZj46runLXtiGZBDQNB9Gq8Gafk4Y5
uQHgz8Igg03aBs/WCQahm5BYLSADfo6lTTFTb+bHZe1lD/7m9laphIq9oqj16weO
Ot/dh6TPDmf/hvapSbRrH/Z6iHDGpShgJgyugBmvgIgwYyqAsaEaeO4RuNCXMOKY
0DPM46FQMAk43+Z5vraRel21EuhhyR9LIPWJfhCtiLnK28U/axX1GmRSCNhAz/Ap
pJN4Uh6dXpztEYz6mq0ZdS6IGhqt9lJKf1k6r7RQmLxPW1voPjEPubYBqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE1sH4Px9aN05rAJHgvy1lGqqO/tMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVFd3ZmdfSDFvM1Rtc0FrZUNfTFdVYXFvNy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowUfAwQA
owUjAwQAowU+AwQAowVeAwQAowWOAwQAowXdMA0GCSqGSIb3DQEBCwUAA4IBAQAH
DyCU81VA9QejtNwFRsPnXJd+NIKkNMjhPVG6O1xZ1rUon4hoxnPd16tlrRREX+Gt
cN1sJysPTJXHqR3I4gYROOm0z4Ely5ZIzXwZc6W+FUlv7YLK9k3lPBfjsETMbPcz
S+U0jMuCxj7Mkkx6nu4ta3vFwD9T7hk66t6NY87QE8YKX0cFxnFHCfOAulLZ0q2s
JWDI7FobRFCP7tEocuxWkVlyzV3i+IIL5AAhNM3XdYqGEgL2Or2FivrsbSc483zY
qGuoz6UBOqvsAX92sdUXHgsgu3LTSRfeFpYiNkPT141aERChT4A6Z0jQfgKmgrgf
FJoVVhWf1e89FUM57zBL
-----END CERTIFICATE-----
Generated at Fri May 3 06:23:24 2024 by rpki-client on console-ams.rpki-client.org