Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bNSacWKCFfqtVcFcMTfp_MVv3FY.roa
File: bNSacWKCFfqtVcFcMTfp_MVv3FY.roa (raw, json)
Hash identifier: u89fTNjSCLOdRI/9KYYz0RPP7sryj2qkOV4AxBtPyUU=
Subject key identifier: 6C:D4:9A:71:62:82:15:FA:AD:55:C1:5C:31:37:E9:FC:C5:6F:DC:56
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018CDAF4D97C8690A10E667278A9484791DF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bNSacWKCFfqtVcFcMTfp_MVv3FY.roa
Signing time: Fri 05 Jan 2024 18:48:48 +0000
ROA not before: Fri 05 Jan 2024 18:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204372
IP address blocks: 163.5.99.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:da:f4:d9:7c:86:90:a1:0e:66:72:78:a9:48:47:91:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 5 18:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cd49a71628215faad55c15c3137e9fcc56fdc56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:46:2f:80:4c:c0:f6:23:a8:2d:f5:dc:41:3b:
d8:4c:ba:ff:48:92:21:84:ab:18:00:8c:e8:eb:f9:
3b:0d:ee:6f:02:88:b3:17:3b:ce:d5:d2:e4:99:b6:
1f:9b:dc:f8:00:c1:77:38:29:5a:fa:a4:a2:b7:e5:
43:b1:53:7e:a9:a0:79:6e:88:12:6e:0c:15:61:0c:
fb:12:90:cc:10:b2:11:62:8f:16:35:91:0e:d4:d5:
aa:09:fa:a3:fa:8c:7a:e8:16:ad:b6:52:ba:1d:b1:
36:73:02:ae:ba:6b:7a:ea:1f:4c:eb:11:92:b3:e6:
6b:cc:8f:10:e5:d9:f3:aa:b5:0b:a6:60:68:72:70:
21:48:16:49:b4:22:58:4f:75:3f:0f:59:bf:a9:b2:
c4:90:33:04:41:88:77:dc:e7:f3:49:00:ce:d4:23:
7b:1c:f1:41:3d:2c:f0:01:6f:47:77:ca:10:36:44:
78:82:c9:05:95:f7:ed:88:75:70:30:93:34:62:52:
86:ee:a7:ae:2b:4c:df:6f:02:fc:5d:25:fa:bd:13:
11:44:c0:5d:1b:7a:8e:9d:be:c9:bb:19:6d:e7:00:
0a:c2:87:e8:dd:c5:43:f1:d1:fc:17:7a:3a:d2:19:
ec:bb:90:c5:c4:96:34:54:40:a3:a9:ea:fc:e2:24:
10:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D4:9A:71:62:82:15:FA:AD:55:C1:5C:31:37:E9:FC:C5:6F:DC:56
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bNSacWKCFfqtVcFcMTfp_MVv3FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.35.0/24
163.5.62.0/24
163.5.99.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
97:0a:e4:bc:e1:05:b9:45:ad:96:ed:7d:09:00:cf:ad:0b:fd:
24:d9:cf:78:e6:96:7c:02:2d:8a:cf:8a:37:e9:da:96:0d:cc:
94:5d:59:f8:0e:d6:f0:d5:c2:70:4f:2b:92:ec:db:19:6d:34:
db:20:35:b6:31:46:00:3f:cb:50:d8:e5:f0:24:f7:df:d5:25:
cc:b4:74:c6:9c:ad:1f:3a:3a:6d:99:39:23:20:ca:20:19:23:
d4:61:1e:76:ee:b0:8b:5d:66:f4:db:9b:e7:fe:a0:b5:4d:2f:
2e:81:f9:2e:b5:0d:18:cd:81:3f:cb:8e:c7:55:df:6c:1a:f9:
87:21:0c:63:5f:c5:3d:74:37:be:e0:97:f0:3f:41:c2:2b:a4:
d8:b7:2a:86:6d:26:8d:cb:47:98:91:31:df:b0:48:b5:14:3e:
df:46:7d:92:a2:23:18:ac:26:8b:fa:a4:57:b4:9f:ed:07:bf:
49:87:3b:e5:16:04:de:db:f7:e1:17:50:0c:2f:44:5a:3b:f2:
49:14:82:ff:f1:6b:68:8b:49:07:31:79:94:8b:10:5b:9b:1f:
a9:70:f4:2d:a1:77:cc:4a:26:c3:61:f3:bf:b9:f8:61:c5:8e:
32:16:e4:42:22:17:e7:ee:a4:4e:c7:a3:d9:6a:eb:df:47:ba:
55:0c:e3:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYza9Nl8hpChDmZyeKlIR5HfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMTA1MTg0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q0OWE3MTYyODIxNWZhYWQ1NWMxNWMzMTM3ZTlmY2M1NmZkYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokYvgEzA9iOoLfXcQTvYTLr/SJIh
hKsYAIzo6/k7De5vAoizFzvO1dLkmbYfm9z4AMF3OCla+qSit+VDsVN+qaB5bogS
bgwVYQz7EpDMELIRYo8WNZEO1NWqCfqj+ox66BattlK6HbE2cwKuumt66h9M6xGS
s+ZrzI8Q5dnzqrULpmBocnAhSBZJtCJYT3U/D1m/qbLEkDMEQYh33OfzSQDO1CN7
HPFBPSzwAW9Hd8oQNkR4gskFlfftiHVwMJM0YlKG7qeuK0zfbwL8XSX6vRMRRMBd
G3qOnb7Juxlt5wAKwofo3cVD8dH8F3o60hnsu5DFxJY0VECjqer84iQQ2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGzUmnFighX6rVXBXDE36fzFb9xWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYk5TYWNXS0NGZnF0VmNGY01UZnBfTVZ2M0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUfAwQA
owUjAwQAowU+AwQAowVjAwQAowXdMA0GCSqGSIb3DQEBCwUAA4IBAQCXCuS84QW5
Ra2W7X0JAM+tC/0k2c945pZ8Ai2Kz4o36dqWDcyUXVn4Dtbw1cJwTyuS7NsZbTTb
IDW2MUYAP8tQ2OXwJPff1SXMtHTGnK0fOjptmTkjIMogGSPUYR527rCLXWb025vn
/qC1TS8ugfkutQ0YzYE/y47HVd9sGvmHIQxjX8U9dDe+4JfwP0HCK6TYtyqGbSaN
y0eYkTHfsEi1FD7fRn2SoiMYrCaL+qRXtJ/tB79JhzvlFgTe2/fhF1AML0RaO/JJ
FIL/8Wtoi0kHMXmUixBbmx+pcPQtoXfMSibDYfO/ufhhxY4yFuRCIhfn7qROx6PZ
auvfR7pVDOOZ
-----END CERTIFICATE-----
Generated at Fri May 3 01:07:48 2024 by rpki-client on console-ams.rpki-client.org