Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/c9JvI3P2KoEcpR-Q5niZ5CYEFlY.roa
File: c9JvI3P2KoEcpR-Q5niZ5CYEFlY.roa (raw, json)
Hash identifier: 0bUZ9m9MUPvQnYgovSFFMWC7E9YbujHdwy9BPgFhGFc=
Subject key identifier: 73:D2:6F:23:73:F6:2A:81:1C:A5:1F:90:E6:78:99:E4:26:04:16:56
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01924D7AD77BD904A80ACAC4F22CD83E0D81
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/c9JvI3P2KoEcpR-Q5niZ5CYEFlY.roa
Signing time: Wed 02 Oct 2024 13:45:48 +0000
ROA not before: Wed 02 Oct 2024 13:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 163.5.82.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:7a:d7:7b:d9:04:a8:0a:ca:c4:f2:2c:d8:3e:0d:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 2 13:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73d26f2373f62a811ca51f90e67899e426041656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:77:08:c2:1f:e7:7b:f4:10:ea:b4:a7:bf:9b:
f5:65:d1:ea:e8:0b:4f:dd:25:9e:82:de:d7:55:cc:
c4:02:11:7a:5d:cb:3a:97:1a:45:b4:b1:3f:3e:2b:
8c:94:f2:e0:fa:8d:85:3c:62:92:c8:43:8e:03:ed:
56:fd:c9:fb:1f:84:50:58:46:46:4c:7d:de:a4:88:
e0:16:a2:dc:2e:f4:99:9f:bf:b7:93:63:d2:b1:2f:
29:b3:4c:3e:ed:0f:91:2f:d8:fc:e0:3d:73:d1:3b:
3e:f9:4e:03:7d:64:7a:33:97:ab:b8:dd:01:fe:a1:
c7:fc:66:66:4a:5f:53:93:ea:62:c7:e1:c4:f6:c1:
1a:7c:bf:9f:25:60:bc:7a:f2:e6:5f:d8:85:37:e7:
e3:0e:fb:92:dd:eb:06:d1:08:73:93:cc:c0:ff:de:
f0:49:aa:9a:69:8f:9c:a2:62:5f:97:81:55:80:28:
49:02:86:6a:67:e6:42:f3:ed:35:90:92:d8:02:3d:
89:24:79:1c:7b:9c:51:c6:65:39:ef:64:0a:b0:64:
38:50:84:98:b4:98:36:d2:ff:84:45:b2:83:ee:fc:
19:9f:d6:43:74:cc:91:a7:10:88:22:cb:fe:c1:cb:
ba:b1:cb:13:0c:a7:55:df:0a:09:3f:8c:8b:46:f1:
7e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D2:6F:23:73:F6:2A:81:1C:A5:1F:90:E6:78:99:E4:26:04:16:56
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/c9JvI3P2KoEcpR-Q5niZ5CYEFlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.82.0/24
163.5.99.0/24
163.5.127.0/24
163.5.202.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:70:cb:8a:9a:34:14:a6:18:3b:d8:7c:b6:a3:be:97:0d:b6:
4a:71:c0:98:d3:2c:1c:88:1b:31:8a:2f:8b:d7:72:57:e0:6e:
33:86:80:8e:5f:19:9f:50:44:56:fd:b3:75:07:82:e4:45:e8:
74:7a:75:e8:0c:99:4f:e8:ec:00:e0:cc:39:60:ae:b6:43:64:
27:62:5e:9a:62:fe:39:ab:bc:a7:f1:19:51:80:94:2e:86:68:
1c:59:5a:e1:2d:2e:71:a5:13:98:a0:e7:3d:17:49:07:a5:d7:
67:51:68:8f:c9:75:f7:31:1b:d5:da:2e:80:8c:ba:6b:3a:2d:
33:f9:60:fb:54:54:40:da:89:32:3f:85:a2:2e:9a:6d:22:6f:
e2:e9:60:ac:ae:4e:9f:80:b8:b5:cc:de:1c:c1:c1:0d:69:46:
18:ee:3a:3b:0b:28:b5:a2:66:59:55:02:33:45:52:82:56:a8:
34:a3:dd:da:89:b6:2f:7a:98:7a:28:65:0b:69:c9:6e:52:8b:
08:42:56:5e:9c:39:13:87:67:a5:ba:f1:fe:ab:22:d6:4b:1c:
66:7c:66:f1:29:c3:b2:7a:ad:e7:7c:88:2a:6d:2e:a1:1e:ac:
de:c2:3f:b4:8a:9e:b7:a6:c0:81:93:65:77:90:a6:0c:1a:66:
71:ea:80:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJNetd72QSoCsrE8izYPg2BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMDAyMTM0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2QyNmYyMzczZjYyYTgxMWNhNTFmOTBlNjc4OTllNDI2MDQxNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoncIwh/ne/QQ6rSnv5v1ZdHq6AtP
3SWegt7XVczEAhF6Xcs6lxpFtLE/PiuMlPLg+o2FPGKSyEOOA+1W/cn7H4RQWEZG
TH3epIjgFqLcLvSZn7+3k2PSsS8ps0w+7Q+RL9j84D1z0Ts++U4DfWR6M5eruN0B
/qHH/GZmSl9Tk+pix+HE9sEafL+fJWC8evLmX9iFN+fjDvuS3esG0Qhzk8zA/97w
SaqaaY+comJfl4FVgChJAoZqZ+ZC8+01kJLYAj2JJHkce5xRxmU572QKsGQ4UISY
tJg20v+ERbKD7vwZn9ZDdMyRpxCIIsv+wcu6scsTDKdV3woJP4yLRvF+kQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHPSbyNz9iqBHKUfkOZ4meQmBBZWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYzlKdkkzUDJLb0VjcFItUTVuaVo1Q1lFRmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVSAwQA
owVjAwQAowV/AwQAowXKMA0GCSqGSIb3DQEBCwUAA4IBAQCLcMuKmjQUphg72Hy2
o76XDbZKccCY0ywciBsxii+L13JX4G4zhoCOXxmfUERW/bN1B4LkReh0enXoDJlP
6OwA4Mw5YK62Q2QnYl6aYv45q7yn8RlRgJQuhmgcWVrhLS5xpROYoOc9F0kHpddn
UWiPyXX3MRvV2i6AjLprOi0z+WD7VFRA2okyP4WiLpptIm/i6WCsrk6fgLi1zN4c
wcENaUYY7jo7Cyi1omZZVQIzRVKCVqg0o93aibYveph6KGULacluUosIQlZenDkT
h2eluvH+qyLWSxxmfGbxKcOyeq3nfIgqbS6hHqzewj+0ip63psCBk2V3kKYMGmZx
6oA8
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:27:30 2024 by rpki-client on console-fra.rpki-client.org