Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vHlfXhV6rxZsCB5xCVgQldmVrjU.roa
File: vHlfXhV6rxZsCB5xCVgQldmVrjU.roa (raw, json)
Hash identifier: ZIF2nF4QShL7Wc7JNEDrVEvOZT7JpRgnH0+RwytEXVU=
Subject key identifier: BC:79:5F:5E:15:7A:AF:16:6C:08:1E:71:09:58:10:95:D9:95:AE:35
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 018D73F731655C31096D6CC8DB360EFE9445
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vHlfXhV6rxZsCB5xCVgQldmVrjU.roa
Signing time: Sun 04 Feb 2024 11:53:16 +0000
ROA not before: Sun 04 Feb 2024 11:53:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215607
IP address blocks: 163.5.59.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:73:f7:31:65:5c:31:09:6d:6c:c8:db:36:0e:fe:94:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 4 11:53:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc795f5e157aaf166c081e7109581095d995ae35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:57:21:26:4c:53:3a:bd:5f:fa:09:76:87:bd:
58:ae:8b:a9:09:d0:37:c0:aa:33:f0:6b:49:f5:8e:
40:b2:cf:09:17:1a:32:18:bf:3d:94:6f:67:55:ea:
77:fc:d3:57:05:1b:80:17:a6:6a:f0:88:8c:25:c6:
61:57:b3:05:c3:ef:c8:23:62:8e:b7:1b:8c:d0:51:
90:7d:ff:f3:37:69:3f:36:1f:c1:d4:6b:e1:c6:a9:
24:b1:95:37:74:dc:9a:c7:df:2d:b6:86:cc:bd:4f:
b2:03:ea:f7:32:b4:28:91:07:0a:34:d6:b8:ff:0c:
25:a1:a0:f5:be:92:a8:c1:fb:cc:69:6e:13:52:a0:
c1:b0:e8:52:69:21:b2:64:e1:cf:01:c1:b8:d6:2a:
61:58:af:f5:e5:13:a3:b2:de:46:27:18:ed:57:8b:
a2:cc:b2:3a:2c:c8:5d:71:50:1c:1f:7f:b8:bd:58:
fb:b1:6d:e5:ad:db:9a:ea:ca:45:5d:c0:58:86:37:
77:04:fd:01:a4:33:c4:c5:e9:26:59:e7:fb:70:45:
20:58:a5:32:3b:af:cd:02:2e:bb:fd:7d:08:03:14:
e5:8b:ef:48:68:63:d7:b0:d0:df:9e:3a:7d:c5:d1:
cf:3c:9c:e4:ba:f9:02:5a:87:49:bc:25:f5:18:4b:
b8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:79:5F:5E:15:7A:AF:16:6C:08:1E:71:09:58:10:95:D9:95:AE:35
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/vHlfXhV6rxZsCB5xCVgQldmVrjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.59.0/24
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:35:90:1f:bb:f8:09:19:7b:c9:df:6d:c8:a5:9c:76:d1:3f:
fe:57:42:d9:29:5b:f6:d8:d1:c0:25:4b:3d:95:86:0f:88:e6:
bc:44:41:b7:62:27:da:93:40:1a:ee:8c:19:11:81:e8:96:16:
5a:80:b2:c9:50:2d:0f:ac:cf:6a:d9:47:3d:a3:a9:ef:60:9c:
b1:76:cc:cd:1b:6c:74:04:af:97:66:2a:8e:4d:bd:48:21:23:
a5:40:bd:53:ae:3d:64:dc:26:e9:a1:12:49:f3:59:4b:fc:99:
9d:36:f8:f5:fb:c2:86:e2:eb:c9:dd:33:f1:6a:e4:a1:60:20:
26:32:ff:86:34:cb:87:16:03:52:2d:67:b9:1d:38:48:a2:f7:
68:d9:53:8d:aa:95:3e:b5:0e:3b:b9:52:a9:de:11:e5:c6:be:
b0:b8:6e:6f:08:b4:c4:f1:11:2a:8f:18:3c:50:9b:5f:ed:b0:
98:4a:03:81:6b:08:b8:b1:9b:0a:dd:3f:d4:91:e2:66:c0:8a:
32:c4:8d:b5:de:01:b9:00:d0:ac:c1:14:77:17:ae:51:9e:ea:
7e:cf:ba:0d:9f:cc:cd:9f:51:dd:00:63:f6:7a:be:c0:0f:83:
66:67:9c:eb:d3:01:9d:d4:03:44:41:d1:32:33:c6:0a:52:5a:
01:d0:ec:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1z9zFlXDEJbWzI2zYO/pRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQwMjA0MTE1MzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzc5NWY1ZTE1N2FhZjE2NmMwODFlNzEwOTU4MTA5NWQ5OTVhZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FchJkxTOr1f+gl2h71YroupCdA3
wKoz8GtJ9Y5Ass8JFxoyGL89lG9nVep3/NNXBRuAF6Zq8IiMJcZhV7MFw+/II2KO
txuM0FGQff/zN2k/Nh/B1GvhxqkksZU3dNyax98ttobMvU+yA+r3MrQokQcKNNa4
/wwloaD1vpKowfvMaW4TUqDBsOhSaSGyZOHPAcG41iphWK/15ROjst5GJxjtV4ui
zLI6LMhdcVAcH3+4vVj7sW3lrdua6spFXcBYhjd3BP0BpDPExekmWef7cEUgWKUy
O6/NAi67/X0IAxTli+9IaGPXsNDfnjp9xdHPPJzkuvkCWodJvCX1GEu4mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLx5X14Veq8WbAgecQlYEJXZla41MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdkhsZlhoVjZyeFpzQ0I1eENWZ1FsZG1WcmpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowU7AwQA
uf02MA0GCSqGSIb3DQEBCwUAA4IBAQBtNZAfu/gJGXvJ323IpZx20T/+V0LZKVv2
2NHAJUs9lYYPiOa8REG3Yifak0Aa7owZEYHolhZagLLJUC0PrM9q2Uc9o6nvYJyx
dszNG2x0BK+XZiqOTb1IISOlQL1Trj1k3CbpoRJJ81lL/JmdNvj1+8KG4uvJ3TPx
auShYCAmMv+GNMuHFgNSLWe5HThIovdo2VONqpU+tQ47uVKp3hHlxr6wuG5vCLTE
8REqjxg8UJtf7bCYSgOBawi4sZsK3T/UkeJmwIoyxI213gG5ANCswRR3F65Rnup+
z7oNn8zNn1HdAGP2er7AD4NmZ5zr0wGd1ANEQdEyM8YKUloB0Ozx
-----END CERTIFICATE-----
Generated at Fri May 3 06:39:11 2024 by rpki-client on console-fra.rpki-client.org