Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/Rrj2KPVa_ekaZX7F7vCBwc65QNc.roa
File: Rrj2KPVa_ekaZX7F7vCBwc65QNc.roa (raw, json)
Hash identifier: +uW4mYkXE7/rMEXUz+5j9QmzDPImXD+K+ZqzSREvU1w=
Subject key identifier: 46:B8:F6:28:F5:5A:FD:E9:1A:65:7E:C5:EE:F0:81:C1:CE:B9:40:D7
Certificate issuer: /CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba
Certificate serial: 018CC42560BA3A3E062379EC1EB7076F9DA4
Authority key identifier: A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/Rrj2KPVa_ekaZX7F7vCBwc65QNc.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5483
IP address blocks: 5.56.38.0/24 maxlen: 24
5.56.37.0/24 maxlen: 24
5.56.33.0/24 maxlen: 24
2a01:47c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/pxzA1YsWrbv3-lwv28Nln5xzx7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/pxzA1YsWrbv3-lwv28Nln5xzx7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 07:03:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:60:ba:3a:3e:06:23:79:ec:1e:b7:07:6f:9d:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a71cc0d58b16adbbf7fa5c2fdbc3659f9c73c7ba
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46b8f628f55afde91a657ec5eef081c1ceb940d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:37:59:39:05:64:a8:4a:f0:ae:b3:c9:e5:a8:
f3:27:3f:ea:0d:e7:2e:99:61:58:dc:9b:36:22:2a:
5d:f4:35:0f:fa:79:fe:c8:b5:51:47:0f:48:52:0d:
47:7b:32:54:c4:f2:b3:c0:c3:dd:d1:ef:0e:52:d1:
06:5d:c1:53:18:53:26:d6:26:a8:bf:d0:50:61:4a:
88:07:de:1e:18:8f:30:5b:9c:56:0a:26:c8:b0:df:
88:62:ec:7d:0c:3a:50:8f:1c:05:40:28:17:b4:22:
06:8a:9d:22:d3:5e:b6:70:cc:73:7e:37:f9:59:7b:
49:dc:7a:65:25:69:af:33:dc:31:36:6d:f2:b5:99:
ed:ed:4f:d4:7f:4e:2d:b7:78:14:f1:5b:9d:69:9b:
e5:c9:aa:97:af:f8:5c:bf:31:5b:1b:7d:2e:de:cb:
d3:6b:7d:7e:fb:b5:bf:10:b2:99:d8:4c:b3:d6:47:
b5:ea:96:bc:bf:61:c3:1e:65:25:e7:05:51:a6:57:
49:e7:dd:38:52:50:ac:62:64:18:00:65:ce:4b:fd:
cc:83:d7:59:1f:f7:93:c3:ab:a6:0a:2b:8e:6e:f9:
e6:33:7e:8e:a7:a5:c4:b3:3b:6e:f8:11:4d:af:ec:
27:9f:a1:80:79:73:ab:11:fc:1f:1a:50:4b:05:b6:
37:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:B8:F6:28:F5:5A:FD:E9:1A:65:7E:C5:EE:F0:81:C1:CE:B9:40:D7
X509v3 Authority Key Identifier:
keyid:A7:1C:C0:D5:8B:16:AD:BB:F7:FA:5C:2F:DB:C3:65:9F:9C:73:C7:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pxzA1YsWrbv3-lwv28Nln5xzx7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/Rrj2KPVa_ekaZX7F7vCBwc65QNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5f5a60-9026-4b66-baaa-de640d012065/1/pxzA1YsWrbv3-lwv28Nln5xzx7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.33.0/24
5.56.37.0-5.56.38.255
IPv6:
2a01:47c0::/32
Signature Algorithm: sha256WithRSAEncryption
93:dd:58:e9:54:94:2d:d9:1b:3a:4f:95:7b:8e:59:d2:46:a3:
8b:38:db:1c:1a:d6:6d:3b:00:53:b9:f9:a8:b9:94:28:bb:d4:
67:c5:61:3a:df:af:29:91:3c:e1:a5:11:67:91:e8:42:d2:4f:
21:9b:2c:a3:bb:4b:84:5f:6f:17:a7:e5:68:f3:ec:d4:a7:43:
10:d6:b1:5a:e4:87:74:4a:b2:f5:13:73:23:28:c2:eb:41:70:
d1:cb:aa:12:2a:b5:cc:3f:06:05:07:c3:d3:fd:bb:fc:5d:9e:
9a:8e:6d:e2:8c:a3:2c:5b:89:48:7d:d2:53:5f:7f:1f:4a:3c:
7f:ee:7f:72:81:e3:ef:01:87:83:2e:5c:55:6c:77:41:08:65:
56:02:6b:02:cd:d3:78:27:4e:78:11:64:26:8f:79:43:38:bf:
99:9d:ed:02:ad:02:a9:00:96:d7:10:5a:d6:e3:fb:e6:04:87:
32:00:a4:a8:48:c4:43:78:86:0f:d3:85:c6:af:6c:1a:15:a1:
b5:6f:7e:11:fa:fb:fc:13:3b:b9:9e:23:eb:42:75:fa:4d:34:
94:19:18:96:0a:57:15:c3:9e:23:0c:2b:39:39:9f:b6:49:eb:
3e:79:d1:14:73:00:25:3f:5b:00:7f:e0:21:bc:3a:af:44:fb:
c6:53:51:dc
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzEJWC6Oj4GI3nsHrcHb52kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MWNjMGQ1OGIxNmFkYmJmN2ZhNWMyZmRiYzM2NTlmOWM3
M2M3YmEwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmI4ZjYyOGY1NWFmZGU5MWE2NTdlYzVlZWYwODFjMWNlYjk0MGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjdZOQVkqErwrrPJ5ajzJz/qDecu
mWFY3Js2Iipd9DUP+nn+yLVRRw9IUg1HezJUxPKzwMPd0e8OUtEGXcFTGFMm1iao
v9BQYUqIB94eGI8wW5xWCibIsN+IYux9DDpQjxwFQCgXtCIGip0i0162cMxzfjf5
WXtJ3HplJWmvM9wxNm3ytZnt7U/Uf04tt3gU8VudaZvlyaqXr/hcvzFbG30u3svT
a31++7W/ELKZ2Eyz1ke16pa8v2HDHmUl5wVRpldJ5904UlCsYmQYAGXOS/3Mg9dZ
H/eTw6umCiuObvnmM36Op6XEsztu+BFNr+wnn6GAeXOrEfwfGlBLBbY3QQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEa49ij1Wv3pGmV+xe7wgcHOuUDXMB8GA1UdIwQY
MBaAFKccwNWLFq279/pcL9vDZZ+cc8e6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEt
ZGU2NDBkMDEyMDY1LzEvUnJqMktQVmFfZWthWlg3Rjd2Q0J3YzY1UU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81ZjVhNjAtOTAyNi00YjY2LWJhYWEtZGU2NDBkMDEyMDY1
LzEvcHh6QTFZc1dyYnYzLWx3djI4TmxuNXh6eDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQABTghMAwD
BAAFOCUDBAAFOCYwDQQCAAIwBwMFACoBR8AwDQYJKoZIhvcNAQELBQADggEBAJPd
WOlUlC3ZGzpPlXuOWdJGo4s42xwa1m07AFO5+ai5lCi71GfFYTrfrymRPOGlEWeR
6ELSTyGbLKO7S4Rfbxen5Wjz7NSnQxDWsVrkh3RKsvUTcyMowutBcNHLqhIqtcw/
BgUHw9P9u/xdnpqObeKMoyxbiUh90lNffx9KPH/uf3KB4+8Bh4MuXFVsd0EIZVYC
awLN03gnTngRZCaPeUM4v5md7QKtAqkAltcQWtbj++YEhzIApKhIxEN4hg/Thcav
bBoVobVvfhH6+/wTO7meI+tCdfpNNJQZGJYKVxXDniMMKzk5n7ZJ6z550RRzACU/
WwB/4CG8Oq9E+8ZTUdw=
-----END CERTIFICATE-----
Generated at Sun Jun 16 11:42:10 2024 by rpki-client on console-ams.rpki-client.org