Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ioaMz8z3-dtMi4ekUymqrYYf-uY.roa
File: ioaMz8z3-dtMi4ekUymqrYYf-uY.roa (raw, json)
Hash identifier: K3cqcGuwbaWG8D4IxsyZGaM18KNKPQUFBGQDsyWY+5E=
Subject key identifier: 8A:86:8C:CF:CC:F7:F9:DB:4C:8B:87:A4:53:29:AA:AD:86:1F:FA:E6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018EB968C253C4B15BB22506FF4823082011
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ioaMz8z3-dtMi4ekUymqrYYf-uY.roa
Signing time: Sun 07 Apr 2024 16:33:54 +0000
ROA not before: Sun 07 Apr 2024 16:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198883
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b9:68:c2:53:c4:b1:5b:b2:25:06:ff:48:23:08:20:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 7 16:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a868ccfccf7f9db4c8b87a45329aaad861ffae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f5:47:b0:84:39:72:01:17:76:ae:08:f3:dc:
2b:ba:94:d5:71:02:e2:99:60:f7:0d:90:49:1c:51:
05:46:2e:07:92:cd:de:3d:39:8b:78:cf:a1:82:ca:
2b:02:ec:31:31:d5:50:9b:d4:1a:79:68:6d:8c:cc:
09:2c:24:02:bf:4f:7c:ce:a6:ff:0c:4d:82:6b:e7:
9c:88:d0:57:3a:b2:e3:08:3e:0e:0d:f6:c5:b0:bc:
1c:24:e2:2d:36:90:17:25:18:85:9a:e9:de:e0:7b:
67:37:ca:93:c3:4b:71:94:a9:10:87:7c:ea:bd:a8:
de:b4:8d:6a:da:b7:c2:27:01:f6:92:05:a0:78:6a:
80:80:52:e5:e9:34:66:97:65:49:f8:d3:21:36:e9:
2e:75:33:a7:62:25:5c:ea:c9:84:11:1d:fe:ca:28:
3e:2f:08:47:b2:b8:49:fa:d8:70:7b:fd:8e:c8:ab:
b8:b8:c6:01:1d:df:22:8b:c0:07:9f:da:04:39:36:
9e:3b:3b:e7:71:26:08:00:0e:37:57:73:a9:84:12:
f3:d0:e8:ac:e1:60:2a:b5:06:21:c9:db:db:b0:50:
45:2b:17:6a:4a:5f:bb:72:96:6e:a9:ab:7c:91:1c:
88:97:97:f3:05:4c:82:22:45:0b:96:c7:3c:0b:1f:
07:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:86:8C:CF:CC:F7:F9:DB:4C:8B:87:A4:53:29:AA:AD:86:1F:FA:E6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ioaMz8z3-dtMi4ekUymqrYYf-uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.192.0/23
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
69:f5:31:12:79:a0:eb:a5:72:75:1a:f9:f0:5c:9d:3f:f7:86:
84:99:14:1f:a6:9c:ab:de:e4:72:37:b2:b6:12:da:5f:db:b7:
e3:32:ab:0e:c8:ba:03:93:57:7e:dc:4b:5e:ee:9a:7e:26:02:
72:1c:fb:c3:39:c5:61:55:8b:d4:66:6d:ab:9d:9c:6f:4d:a4:
d5:fb:ac:41:ab:ce:45:24:e9:98:7a:81:d4:d6:a8:25:3e:16:
c9:ea:a4:2b:90:eb:57:cb:85:12:99:1d:58:1e:3b:5c:eb:17:
7d:7d:bf:9a:1b:8e:f7:91:60:df:32:bf:f5:6a:a9:01:6b:68:
12:ca:2f:0d:a1:e1:e3:ee:0b:87:54:ee:82:94:b7:dc:45:ad:
33:79:f3:c4:1b:77:ac:58:03:12:01:f4:83:5e:8f:15:4e:8e:
f6:c8:52:05:db:e3:1f:d3:7c:06:3a:c7:a1:1c:2f:27:14:01:
13:31:0c:5e:c7:10:1e:32:b5:f5:c4:ea:9f:a8:ec:82:43:0d:
ae:6f:20:84:7d:68:8d:84:5f:7d:d3:94:41:80:85:a2:6f:f8:
62:fc:13:7c:d6:ea:7d:94:de:97:81:a1:2f:94:db:6c:01:bf:
98:e9:5a:11:b0:b5:ac:6b:9e:4b:f0:45:64:c0:7b:f9:1a:8f:
6b:9f:db:1e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY65aMJTxLFbsiUG/0gjCCARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDA3MTYzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTg2OGNjZmNjZjdmOWRiNGM4Yjg3YTQ1MzI5YWFhZDg2MWZmYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfVHsIQ5cgEXdq4I89wrupTVcQLi
mWD3DZBJHFEFRi4Hks3ePTmLeM+hgsorAuwxMdVQm9QaeWhtjMwJLCQCv098zqb/
DE2Ca+eciNBXOrLjCD4ODfbFsLwcJOItNpAXJRiFmune4HtnN8qTw0txlKkQh3zq
vajetI1q2rfCJwH2kgWgeGqAgFLl6TRml2VJ+NMhNukudTOnYiVc6smEER3+yig+
LwhHsrhJ+thwe/2OyKu4uMYBHd8ii8AHn9oEOTaeOzvncSYIAA43V3OphBLz0Ois
4WAqtQYhydvbsFBFKxdqSl+7cpZuqat8kRyIl5fzBUyCIkULlsc8Cx8HfwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIqGjM/M9/nbTIuHpFMpqq2GH/rmMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaW9hTXo4ejMtZHRNaTRla1V5bXFyWVlmLXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBowXAMAwD
BACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAGn1MRJ5oOulcnUa+fBcnT/3
hoSZFB+mnKve5HI3srYS2l/bt+Myqw7IugOTV37cS17umn4mAnIc+8M5xWFVi9Rm
baudnG9NpNX7rEGrzkUk6Zh6gdTWqCU+FsnqpCuQ61fLhRKZHVgeO1zrF319v5ob
jveRYN8yv/VqqQFraBLKLw2h4ePuC4dU7oKUt9xFrTN588Qbd6xYAxIB9INejxVO
jvbIUgXb4x/TfAY6x6EcLycUARMxDF7HEB4ytfXE6p+o7IJDDa5vIIR9aI2EX33T
lEGAhaJv+GL8E3zW6n2U3peBoS+U22wBv5jpWhGwtaxrnkvwRWTAe/kaj2uf2x4=
-----END CERTIFICATE-----
Generated at Fri May 3 09:19:25 2024 by rpki-client on console-fra.rpki-client.org