Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ho7do1a5noxN1WhoaBjUvFqlnnQ.roa
File: ho7do1a5noxN1WhoaBjUvFqlnnQ.roa (raw, json)
Hash identifier: 2ToehLntB8lsLcDTw/Lug5YYlF2wHuyiqvO8Tyb7KgY=
Subject key identifier: 86:8E:DD:A3:56:B9:9E:8C:4D:D5:68:68:68:18:D4:BC:5A:A5:9E:74
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01924DE335946476AC4A1D295F0214F89002
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ho7do1a5noxN1WhoaBjUvFqlnnQ.roa
Signing time: Wed 02 Oct 2024 15:39:48 +0000
ROA not before: Wed 02 Oct 2024 15:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.47.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:e3:35:94:64:76:ac:4a:1d:29:5f:02:14:f8:90:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 2 15:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=868edda356b99e8c4dd568686818d4bc5aa59e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:19:06:5b:f0:76:17:6e:5e:ba:63:0a:2c:c2:
dd:12:a8:fc:ed:ca:ea:77:09:44:99:c4:46:c3:65:
3c:b4:be:08:b2:c5:e6:63:ec:13:03:25:06:67:f6:
f0:fb:b0:24:dc:ad:f5:a3:77:87:aa:a0:38:e2:f7:
7f:a9:f6:75:c1:1f:df:12:00:13:51:24:1e:74:95:
02:a6:97:1e:1a:43:c0:b0:2c:52:88:9f:dd:70:44:
ba:c3:1c:3c:8a:45:80:ec:23:dc:84:5e:a9:04:97:
bd:95:5b:c6:41:68:4e:4a:2c:3a:66:29:6a:08:23:
df:bd:bc:ad:2e:e8:a7:d6:eb:34:2e:5e:0e:d8:e9:
56:60:3e:0e:da:36:17:87:27:b2:ee:ea:d3:a2:5b:
d1:bb:77:d9:01:27:a8:57:27:1f:5f:f3:5b:01:e0:
c1:20:f2:7a:77:3a:84:43:1c:58:9b:93:83:74:b2:
52:ef:7e:55:30:d1:87:f7:21:dd:46:01:a2:e0:90:
a2:32:15:21:b2:58:1c:3e:ec:96:be:81:99:29:3d:
9b:84:ef:32:04:a1:cb:f2:13:66:36:f6:70:55:47:
c7:e2:a6:b7:70:ad:f2:37:28:85:2b:e4:e9:27:e4:
de:fc:dd:fd:9e:c1:db:14:5c:2c:ba:92:39:5c:ff:
0c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8E:DD:A3:56:B9:9E:8C:4D:D5:68:68:68:18:D4:BC:5A:A5:9E:74
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ho7do1a5noxN1WhoaBjUvFqlnnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.47.0/24
163.5.66.0/24
163.5.156.0/24
163.5.170.0/24
163.5.186.0/24
163.5.220.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:b0:cb:bf:42:67:e6:76:8a:37:95:a6:ba:5a:82:9d:03:08:
ec:40:1d:d1:bf:36:ae:db:a1:74:17:af:ec:85:b4:28:65:53:
fa:74:a4:3a:db:44:b7:d8:dd:af:20:b2:1d:8c:e0:da:70:11:
77:69:34:7c:08:ad:cc:3b:f7:d4:e4:53:ce:29:35:95:f9:88:
0f:98:1c:bb:9f:96:20:02:dc:18:e9:25:23:6f:18:e5:2c:73:
78:76:bd:ac:fa:06:fe:b6:b6:97:0e:24:83:0c:a0:04:c9:75:
07:44:3d:02:ae:05:8a:8c:a8:0e:8f:e2:6f:ba:39:e8:ee:7f:
04:44:03:50:65:fc:f0:14:76:98:02:e7:58:ce:8c:f4:e0:31:
d9:fa:e6:bb:0b:e7:0d:9e:58:31:64:12:5f:4b:a0:a0:89:43:
ac:9e:4d:1c:08:59:80:b1:2d:df:79:58:f3:dc:82:2e:45:9a:
79:f7:e1:68:a4:55:3a:57:2e:0d:07:51:ae:3c:5b:a9:32:cb:
63:e5:3d:f9:42:81:f5:1a:79:9a:0a:8d:cc:80:48:18:a8:c1:
35:03:7e:3e:90:95:8c:7c:e3:99:39:ff:14:a8:fa:5c:23:4e:
22:02:51:e8:95:a1:3d:51:ef:67:f4:cc:d2:eb:a0:ac:07:e9:
e5:44:a0:68
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZJN4zWUZHasSh0pXwIU+JACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMDAyMTUzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjhlZGRhMzU2Yjk5ZThjNGRkNTY4Njg2ODE4ZDRiYzVhYTU5ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBkGW/B2F25eumMKLMLdEqj87crq
dwlEmcRGw2U8tL4IssXmY+wTAyUGZ/bw+7Ak3K31o3eHqqA44vd/qfZ1wR/fEgAT
USQedJUCppceGkPAsCxSiJ/dcES6wxw8ikWA7CPchF6pBJe9lVvGQWhOSiw6Zilq
CCPfvbytLuin1us0Ll4O2OlWYD4O2jYXhyey7urTolvRu3fZASeoVycfX/NbAeDB
IPJ6dzqEQxxYm5ODdLJS735VMNGH9yHdRgGi4JCiMhUhslgcPuyWvoGZKT2bhO8y
BKHL8hNmNvZwVUfH4qa3cK3yNyiFK+TpJ+Te/N39nsHbFFwsupI5XP8MdQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIaO3aNWuZ6MTdVoaGgY1LxapZ50MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaG83ZG8xYTVub3hOMVdob2FCalV2RnFsbm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowUvAwQA
owVCAwQAowWcAwQAowWqAwQAowW6AwQAowXcMA0GCSqGSIb3DQEBCwUAA4IBAQBL
sMu/Qmfmdoo3laa6WoKdAwjsQB3Rvzau26F0F6/shbQoZVP6dKQ620S32N2vILId
jODacBF3aTR8CK3MO/fU5FPOKTWV+YgPmBy7n5YgAtwY6SUjbxjlLHN4dr2s+gb+
traXDiSDDKAEyXUHRD0CrgWKjKgOj+Jvujno7n8ERANQZfzwFHaYAudYzoz04DHZ
+ua7C+cNnlgxZBJfS6CgiUOsnk0cCFmAsS3feVjz3IIuRZp59+FopFU6Vy4NB1Gu
PFupMstj5T35QoH1GnmaCo3MgEgYqME1A34+kJWMfOOZOf8UqPpcI04iAlHolaE9
Ue9n9MzS66CsB+nlRKBo
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:44:25 2024 by rpki-client on console-ams.rpki-client.org