Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tRofWI054mQVeXpnpVnV2wbNHRk.roa
File: tRofWI054mQVeXpnpVnV2wbNHRk.roa (raw, json)
Hash identifier: oC02wBjtDeMgWMCn1YOg5OvzYP5kBu7WYPmYoV5EDoY=
Subject key identifier: B5:1A:1F:58:8D:39:E2:64:15:79:7A:67:A5:59:D5:DB:06:CD:1D:19
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018EB968C33B2852516F9DEC88FF7BF86A20
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tRofWI054mQVeXpnpVnV2wbNHRk.roa
Signing time: Sun 07 Apr 2024 16:33:54 +0000
ROA not before: Sun 07 Apr 2024 16:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216159
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b9:68:c3:3b:28:52:51:6f:9d:ec:88:ff:7b:f8:6a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 7 16:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b51a1f588d39e26415797a67a559d5db06cd1d19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:09:54:d6:10:27:45:37:13:1f:54:76:76:2d:
08:78:88:21:41:93:00:4b:7b:6d:74:e1:29:54:a2:
b9:e9:96:2c:4d:ad:f2:dd:da:ee:dc:b9:ea:22:6e:
08:d6:82:1d:e9:ac:65:b7:33:d3:c2:ea:b7:ff:30:
65:ec:1c:cb:2a:eb:7c:f8:45:26:7e:61:ea:e7:fb:
eb:11:dd:e2:46:91:51:ca:92:e3:e8:b8:67:fd:ce:
a2:e6:5b:25:c7:f9:d8:89:32:d2:a3:d4:bd:b6:29:
8f:4d:fd:88:2c:41:42:b9:0c:7c:40:1d:4e:7c:de:
69:ff:f8:46:dd:25:ab:f0:1d:8f:9e:59:85:e0:24:
53:81:a7:97:86:a3:4e:ab:84:49:24:d6:47:c3:17:
b5:8d:e6:db:f7:76:a0:a7:1e:ad:0a:7b:82:a5:37:
00:c3:a2:01:02:2d:d5:4f:f9:bf:87:8b:f6:85:98:
24:68:d6:dd:28:c4:ef:b8:8b:86:94:ab:d1:59:61:
a9:ec:a0:92:f1:c9:35:9c:ad:ee:ff:01:65:a5:d2:
b5:ed:f1:cc:92:e2:37:45:aa:35:a7:7d:d7:37:70:
52:81:78:cb:fb:ba:a1:d8:41:ad:b1:19:8b:a7:c0:
20:74:e7:28:13:67:5d:40:74:84:37:89:80:60:19:
c1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1A:1F:58:8D:39:E2:64:15:79:7A:67:A5:59:D5:DB:06:CD:1D:19
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tRofWI054mQVeXpnpVnV2wbNHRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.192.0/23
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
54:5b:99:48:a9:92:60:33:da:f0:3c:74:59:e7:c0:26:55:23:
28:b7:5e:34:09:a4:23:2e:a9:7f:f9:2e:40:1e:9c:f4:ec:6a:
26:57:60:07:3d:75:96:2a:81:a9:df:6a:e3:cf:64:8e:2a:8c:
07:b0:11:42:ee:91:a8:ba:56:96:1d:ac:37:f4:83:8e:07:12:
fd:23:26:f7:90:10:c9:f8:77:4d:ed:fb:60:7b:b1:bb:24:2a:
4b:4f:12:1f:70:94:2b:a5:b0:cd:a4:3d:3c:fa:fa:98:4e:18:
f2:66:1d:d5:a6:56:fc:84:e9:e7:b8:68:90:e9:94:f2:65:55:
72:b1:ef:69:19:31:35:cb:88:55:d9:a8:70:c2:3b:10:55:11:
ba:de:77:2d:5f:1e:38:58:3a:d3:48:13:2c:73:54:e7:90:99:
4e:c2:89:e8:52:1d:a0:09:d1:9e:d9:9a:c7:0a:11:6e:3d:72:
bc:5f:c6:5c:5c:55:79:bb:1a:37:e7:a2:94:16:4c:87:52:4b:
87:73:01:1f:14:88:78:7a:b0:5a:c0:43:c9:b7:bc:44:57:5c:
09:da:f4:b9:9e:94:f8:3e:ed:19:1d:91:43:9e:70:d9:bf:97:
de:e2:28:6a:73:81:ec:9a:1d:8d:16:14:bf:49:2f:7c:46:d5:
ca:4e:0b:1c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY65aMM7KFJRb53siP97+GogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwNDA3MTYzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFhMWY1ODhkMzllMjY0MTU3OTdhNjdhNTU5ZDVkYjA2Y2QxZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwlU1hAnRTcTH1R2di0IeIghQZMA
S3ttdOEpVKK56ZYsTa3y3dru3LnqIm4I1oId6axltzPTwuq3/zBl7BzLKut8+EUm
fmHq5/vrEd3iRpFRypLj6Lhn/c6i5lslx/nYiTLSo9S9timPTf2ILEFCuQx8QB1O
fN5p//hG3SWr8B2PnlmF4CRTgaeXhqNOq4RJJNZHwxe1jebb93agpx6tCnuCpTcA
w6IBAi3VT/m/h4v2hZgkaNbdKMTvuIuGlKvRWWGp7KCS8ck1nK3u/wFlpdK17fHM
kuI3Rao1p33XN3BSgXjL+7qh2EGtsRmLp8AgdOcoE2ddQHSEN4mAYBnB7wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLUaH1iNOeJkFXl6Z6VZ1dsGzR0ZMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdFJvZldJMDU0bVFWZVhwbnBWblYyd2JOSFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBowXAMAwD
BACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAFRbmUipkmAz2vA8dFnnwCZV
Iyi3XjQJpCMuqX/5LkAenPTsaiZXYAc9dZYqganfauPPZI4qjAewEULukai6VpYd
rDf0g44HEv0jJveQEMn4d03t+2B7sbskKktPEh9wlCulsM2kPTz6+phOGPJmHdWm
VvyE6ee4aJDplPJlVXKx72kZMTXLiFXZqHDCOxBVEbredy1fHjhYOtNIEyxzVOeQ
mU7CiehSHaAJ0Z7ZmscKEW49crxfxlxcVXm7GjfnopQWTIdSS4dzAR8UiHh6sFrA
Q8m3vERXXAna9LmelPg+7RkdkUOecNm/l97iKGpzgeyaHY0WFL9JL3xG1cpOCxw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:47:09 2024 by rpki-client on console-fra.rpki-client.org