Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iZMbE-13YK9IClWf9iobip9tq7o.roa
File: iZMbE-13YK9IClWf9iobip9tq7o.roa (raw, json)
Hash identifier: QT2OTKtqX95ch3LPtf+2pJI5OwTxcLxRG8po9y7R3nk=
Subject key identifier: 89:93:1B:13:ED:77:60:AF:48:0A:55:9F:F6:2A:1B:8A:9F:6D:AB:BA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01931FBF9722ACD086CBBEB99BA593145A1E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iZMbE-13YK9IClWf9iobip9tq7o.roa
Signing time: Tue 12 Nov 2024 09:41:09 +0000
ROA not before: Tue 12 Nov 2024 09:41:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 163.5.25.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:bf:97:22:ac:d0:86:cb:be:b9:9b:a5:93:14:5a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 12 09:41:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89931b13ed7760af480a559ff62a1b8a9f6dabba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ea:50:3c:c9:19:af:78:b6:0a:99:a6:e3:16:
5b:52:19:dd:f5:fe:dd:e7:3a:66:c1:ba:34:d8:e4:
80:6f:24:d4:bd:a5:3b:8b:45:8f:84:6a:7d:3b:2c:
f4:bc:35:36:46:83:e9:ff:89:8a:20:11:ff:49:44:
97:b2:06:43:71:21:da:2b:27:13:45:b8:31:a8:c2:
b8:50:b8:17:4b:e3:e9:f7:7e:6f:1f:d1:9f:59:3e:
4b:d1:a4:25:83:ec:ea:a5:c4:8c:00:f2:e5:1b:44:
ff:df:61:b0:e0:f4:39:73:a6:e5:90:1a:5c:bf:7e:
48:4d:11:d2:8d:08:16:57:c1:d5:c5:92:84:a3:2f:
0f:7f:f0:a1:01:40:e2:97:96:79:dd:27:c8:0e:d6:
b4:50:16:c3:b8:76:86:80:9e:36:07:22:7b:47:fe:
3d:94:97:b2:82:7d:a3:77:b3:2c:6d:9b:f5:10:37:
4d:8f:2a:52:ed:8f:5b:88:de:57:48:84:94:42:fe:
1d:d7:f4:9c:21:75:d3:49:85:0e:6f:47:ea:66:ad:
e0:9f:86:33:22:09:de:80:8a:d7:78:63:10:d1:29:
67:71:1c:6f:60:f8:d9:82:04:01:bc:94:78:4f:64:
c4:e8:db:71:db:d5:c2:32:95:49:d7:2a:db:bf:66:
a3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:93:1B:13:ED:77:60:AF:48:0A:55:9F:F6:2A:1B:8A:9F:6D:AB:BA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iZMbE-13YK9IClWf9iobip9tq7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.25.0/24
163.5.40.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:60:15:de:9f:c0:6f:d1:7b:7b:e8:a3:e5:d2:92:d6:a2:81:
e5:35:43:a3:f1:5b:7b:31:94:21:61:65:e8:6b:28:3e:df:91:
0a:fe:e2:3f:f9:44:bc:da:a8:0b:15:ca:69:4e:f3:88:4d:dd:
7a:b4:ad:e4:55:75:d3:c9:8c:21:15:74:96:1a:72:01:da:2f:
29:d9:3e:ac:9e:18:5b:1e:3e:fa:bc:d5:55:fa:ca:73:7c:c7:
d2:ac:a0:32:92:3f:24:bd:91:2a:cd:29:10:be:7c:85:02:cd:
ef:0c:08:da:9a:5c:9e:a0:f2:4c:a9:f9:ad:a6:4f:62:8e:42:
0c:fa:a3:41:48:a1:eb:eb:93:4c:05:f4:a3:27:4f:86:d9:1d:
6e:b9:06:64:06:07:1b:29:8a:c1:35:21:4a:20:e6:92:b2:37:
8b:dd:7f:c5:8c:49:06:9c:72:15:fe:33:6e:fc:98:b5:0c:ae:
8a:c8:b4:13:88:30:51:93:51:fd:40:fa:59:f8:d4:ce:2d:ed:
d2:43:ff:09:38:7f:d9:34:5d:e1:10:8a:4b:fb:37:01:48:35:
b9:4a:4a:c9:5e:3d:3e:a9:47:35:2e:6a:f0:80:e1:e7:b8:28:
0f:94:e9:b2:f1:1c:70:bc:42:c5:e7:e5:81:c8:73:d7:17:be:
9d:e4:d7:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMfv5cirNCGy765m6WTFFoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTEyMDk0MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTkzMWIxM2VkNzc2MGFmNDgwYTU1OWZmNjJhMWI4YTlmNmRhYmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5epQPMkZr3i2Cpmm4xZbUhnd9f7d
5zpmwbo02OSAbyTUvaU7i0WPhGp9Oyz0vDU2RoPp/4mKIBH/SUSXsgZDcSHaKycT
RbgxqMK4ULgXS+Pp935vH9GfWT5L0aQlg+zqpcSMAPLlG0T/32Gw4PQ5c6blkBpc
v35ITRHSjQgWV8HVxZKEoy8Pf/ChAUDil5Z53SfIDta0UBbDuHaGgJ42ByJ7R/49
lJeygn2jd7MsbZv1EDdNjypS7Y9biN5XSISUQv4d1/ScIXXTSYUOb0fqZq3gn4Yz
IgnegIrXeGMQ0SlncRxvYPjZggQBvJR4T2TE6Ntx29XCMpVJ1yrbv2ajWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImTGxPtd2CvSApVn/YqG4qfbau6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaVpNYkUtMTNZSzlJQ2xXZjlpb2JpcDl0cTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowUZAwQA
owUoMA0GCSqGSIb3DQEBCwUAA4IBAQCgYBXen8Bv0Xt76KPl0pLWooHlNUOj8Vt7
MZQhYWXoayg+35EK/uI/+US82qgLFcppTvOITd16tK3kVXXTyYwhFXSWGnIB2i8p
2T6snhhbHj76vNVV+spzfMfSrKAykj8kvZEqzSkQvnyFAs3vDAjamlyeoPJMqfmt
pk9ijkIM+qNBSKHr65NMBfSjJ0+G2R1uuQZkBgcbKYrBNSFKIOaSsjeL3X/FjEkG
nHIV/jNu/Ji1DK6KyLQTiDBRk1H9QPpZ+NTOLe3SQ/8JOH/ZNF3hEIpL+zcBSDW5
SkrJXj0+qUc1LmrwgOHnuCgPlOmy8RxwvELF5+WByHPXF76d5NcZ
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:44:57 2024 by rpki-client on console-ams.rpki-client.org