Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fPWECxy5kujRufDM-A-plA95HwU.roa
File: fPWECxy5kujRufDM-A-plA95HwU.roa (raw, json)
Hash identifier: VjHzX2gIojBbiKI3ju0JSKPu87eOH7Mxw7YE717JcZY=
Subject key identifier: 7C:F5:84:0B:1C:B9:92:E8:D1:B9:F0:CC:F8:0F:A9:94:0F:79:1F:05
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01934515B40DDD486382ABF8C4588464B283
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fPWECxy5kujRufDM-A-plA95HwU.roa
Signing time: Tue 19 Nov 2024 15:41:10 +0000
ROA not before: Tue 19 Nov 2024 15:41:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56339
IP address blocks: 163.5.2.0/24 maxlen: 24
163.5.5.0/24 maxlen: 24
163.5.10.0/24 maxlen: 24
163.5.11.0/24 maxlen: 24
163.5.20.0/24 maxlen: 24
163.5.21.0/24 maxlen: 24
163.5.23.0/24 maxlen: 24
163.5.24.0/24 maxlen: 24
163.5.42.0/24 maxlen: 24
163.5.43.0/24 maxlen: 24
163.5.45.0/24 maxlen: 24
163.5.48.0/24 maxlen: 24
163.5.50.0/24 maxlen: 24
163.5.52.0/24 maxlen: 24
163.5.55.0/24 maxlen: 24
163.5.57.0/24 maxlen: 24
163.5.68.0/24 maxlen: 24
163.5.69.0/24 maxlen: 24
163.5.80.0/24 maxlen: 24
163.5.81.0/24 maxlen: 24
163.5.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:45:15:b4:0d:dd:48:63:82:ab:f8:c4:58:84:64:b2:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 19 15:41:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cf5840b1cb992e8d1b9f0ccf80fa9940f791f05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e4:72:06:51:d5:d5:f7:db:d5:4a:c4:2f:12:
d4:b3:5d:45:13:90:c3:07:de:4c:2f:2c:8c:2d:d4:
58:ec:c2:6f:30:c1:d6:61:3c:6f:5d:d1:f2:db:30:
65:a5:80:80:c0:d6:d9:61:45:21:af:2d:b7:90:fc:
11:fb:f3:8a:30:94:49:15:22:fc:19:7d:4e:24:57:
64:59:b2:83:21:79:35:67:87:cd:8f:6b:95:70:76:
c4:1c:02:c8:a8:ec:89:84:07:44:96:cb:2c:6b:f3:
9e:1c:21:c9:20:74:89:f5:3d:e6:18:ce:f2:9c:c1:
cb:5b:ae:81:b1:f6:b9:11:8c:a2:54:89:72:15:c8:
ba:f6:63:43:b2:c3:57:f3:84:78:25:9d:50:55:e8:
94:ca:de:7c:e9:6b:3e:a1:5a:74:87:78:9f:48:f7:
3f:e7:2f:ca:b4:fa:bc:ba:43:54:b3:f7:1a:ad:a5:
f8:8b:ee:86:f3:8c:25:56:2c:66:e1:74:03:a9:72:
cf:9b:b4:38:fb:28:78:c5:4d:09:e1:cb:f8:6b:11:
59:31:db:e4:61:4f:f6:05:f2:8f:10:d8:ff:4c:75:
b5:da:89:1f:ba:1a:13:8f:3d:9a:8e:ac:76:99:de:
9a:d7:f0:de:05:8d:b0:a9:db:c4:fe:f5:e4:2e:04:
09:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F5:84:0B:1C:B9:92:E8:D1:B9:F0:CC:F8:0F:A9:94:0F:79:1F:05
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/fPWECxy5kujRufDM-A-plA95HwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.2.0/24
163.5.5.0/24
163.5.10.0/23
163.5.20.0/23
163.5.23.0-163.5.24.255
163.5.42.0/23
163.5.45.0/24
163.5.48.0/24
163.5.50.0/24
163.5.52.0/24
163.5.55.0/24
163.5.57.0/24
163.5.68.0/23
163.5.80.0/23
163.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:46:9a:ef:d7:da:87:a1:ef:98:77:3b:9a:d2:8f:2d:5d:be:
64:f5:d3:61:b7:e2:81:de:f2:df:2b:37:0e:b9:ac:03:dc:6c:
02:b0:d1:d4:b3:04:7d:7a:12:d7:3d:a7:32:44:58:59:81:f7:
67:3e:37:e6:44:e1:4c:d9:b6:39:80:16:50:1e:0f:d3:26:61:
5f:8e:06:b9:f2:a1:96:66:0f:f6:32:49:65:8a:e0:a6:19:9a:
e7:b4:94:39:aa:c8:17:da:5c:86:d4:6f:26:da:4d:d5:11:98:
74:e5:7f:5f:80:b1:ad:84:4d:41:3d:47:94:7a:a8:ad:90:70:
2e:ec:be:50:52:27:d0:f0:fa:bc:19:7e:b0:e1:99:97:7d:fa:
7c:01:12:d1:b0:91:4c:45:73:f2:fc:5c:64:88:8d:43:29:0b:
3e:aa:03:8e:c3:5a:6f:46:f0:5f:21:eb:af:2c:4c:4e:a0:88:
2c:a9:e4:62:b8:2d:ba:c7:6e:ad:15:cf:90:47:92:d2:21:be:
62:50:56:07:48:8f:13:61:c7:af:0e:2d:f2:e8:b2:d0:3c:6c:
7e:fb:a7:18:7a:19:96:c8:e0:9d:1b:62:0e:b4:1b:94:36:b2:
2d:b0:93:44:57:07:60:1c:4e:a5:9d:84:42:a2:e2:6e:bd:15:
29:08:9d:a7
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZNFFbQN3Uhjgqv4xFiEZLKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTE5MTU0MTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Y1ODQwYjFjYjk5MmU4ZDFiOWYwY2NmODBmYTk5NDBmNzkxZjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuRyBlHV1ffb1UrELxLUs11FE5DD
B95MLyyMLdRY7MJvMMHWYTxvXdHy2zBlpYCAwNbZYUUhry23kPwR+/OKMJRJFSL8
GX1OJFdkWbKDIXk1Z4fNj2uVcHbEHALIqOyJhAdElsssa/OeHCHJIHSJ9T3mGM7y
nMHLW66Bsfa5EYyiVIlyFci69mNDssNX84R4JZ1QVeiUyt586Ws+oVp0h3ifSPc/
5y/KtPq8ukNUs/caraX4i+6G84wlVixm4XQDqXLPm7Q4+yh4xU0J4cv4axFZMdvk
YU/2BfKPENj/THW12okfuhoTjz2ajqx2md6a1/DeBY2wqdvE/vXkLgQJywIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFHz1hAscuZLo0bnwzPgPqZQPeR8FMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZlBXRUN4eTVrdWpSdWZETS1BLXBsQTk1SHdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAowUCAwQA
owUFAwQBowUKAwQBowUUMAwDBACjBRcDBACjBRgDBAGjBSoDBACjBS0DBACjBTAD
BACjBTIDBACjBTQDBACjBTcDBACjBTkDBAGjBUQDBAGjBVADBACjBVUwDQYJKoZI
hvcNAQELBQADggEBAKlGmu/X2oeh75h3O5rSjy1dvmT102G34oHe8t8rNw65rAPc
bAKw0dSzBH16Etc9pzJEWFmB92c+N+ZE4UzZtjmAFlAeD9MmYV+OBrnyoZZmD/Yy
SWWK4KYZmue0lDmqyBfaXIbUbybaTdURmHTlf1+Asa2ETUE9R5R6qK2QcC7svlBS
J9Dw+rwZfrDhmZd9+nwBEtGwkUxFc/L8XGSIjUMpCz6qA47DWm9G8F8h668sTE6g
iCyp5GK4LbrHbq0Vz5BHktIhvmJQVgdIjxNhx68OLfLostA8bH77pxh6GZbI4J0b
Yg60G5Q2si2wk0RXB2AcTqWdhEKi4m69FSkInac=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:18:18 2024 by rpki-client on console-ams.rpki-client.org