Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/5E5lP2rm95pyG--w0P7vqadMg08.roa
File: 5E5lP2rm95pyG--w0P7vqadMg08.roa (raw, json)
Hash identifier: dLlodH1+He6cFYzrD1zOY5VerQw2t9UqZArd1WEcVhE=
Subject key identifier: E4:4E:65:3F:6A:E6:F7:9A:72:1B:EF:B0:D0:FE:EF:A9:A7:4C:83:4F
Certificate issuer: /CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Certificate serial: 018E7FF9407DE49F15E64E2ADE6357B14206
Authority key identifier: 88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/5E5lP2rm95pyG--w0P7vqadMg08.roa
Signing time: Wed 27 Mar 2024 12:53:45 +0000
ROA not before: Wed 27 Mar 2024 12:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53358
IP address blocks: 2a05:f300::/29 maxlen: 64
2a12:4b40::/29 maxlen: 64
2a13:c400::/29 maxlen: 64
2a13:c800::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:f9:40:7d:e4:9f:15:e6:4e:2a:de:63:57:b1:42:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88b213bf1627548efdfb1b2e2645baaf1d983aa0
Validity
Not Before: Mar 27 12:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e44e653f6ae6f79a721befb0d0feefa9a74c834f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:04:61:52:b5:7e:71:e2:b8:3a:45:90:95:6f:
c4:15:01:bf:9e:ee:e6:c1:fc:10:18:d7:bb:9a:0e:
f2:d6:ed:7b:37:a4:df:96:c8:b5:4a:5d:b4:dd:d5:
f8:d6:38:7e:90:3f:e8:c1:74:d8:54:6f:ae:2c:f1:
68:93:36:5c:f4:2b:c5:f9:b2:3d:a2:ae:13:34:9f:
54:e1:58:5d:27:ba:3b:08:e4:8b:e2:cd:a8:8d:e2:
b7:18:de:50:f7:af:95:db:68:b3:61:78:6d:51:01:
68:9f:29:6a:72:14:4c:73:fa:f0:0d:24:f5:85:2e:
d2:d6:5c:16:a0:3b:a6:74:35:de:c4:be:df:db:c3:
69:67:ab:a3:71:7b:de:c0:9a:1a:17:5f:a5:b4:be:
a4:b1:f1:77:40:ab:f5:46:77:c7:dc:b5:a4:2e:f0:
04:4b:36:11:94:3f:1b:90:fc:92:4b:48:1a:b7:4a:
11:a5:ff:d4:f6:10:fc:bb:b9:37:1d:c0:b9:47:77:
67:9f:57:67:b4:1d:d7:2d:9f:5c:ad:a2:4b:47:2f:
e2:0b:d6:84:c9:24:04:3a:ba:f8:58:9b:a0:a0:dc:
5e:4d:a6:d9:87:8d:6a:36:91:d0:6f:90:5b:61:d7:
34:bb:e7:7a:03:02:51:80:c2:5d:af:4b:fe:85:d3:
b8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:4E:65:3F:6A:E6:F7:9A:72:1B:EF:B0:D0:FE:EF:A9:A7:4C:83:4F
X509v3 Authority Key Identifier:
keyid:88:B2:13:BF:16:27:54:8E:FD:FB:1B:2E:26:45:BA:AF:1D:98:3A:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iLITvxYnVI79-xsuJkW6rx2YOqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/5E5lP2rm95pyG--w0P7vqadMg08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3c0269-c194-4e6d-abce-72735e118d51/1/iLITvxYnVI79-xsuJkW6rx2YOqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:f300::/29
2a12:4b40::/29
2a13:c400::/29
2a13:c800::/29
Signature Algorithm: sha256WithRSAEncryption
34:bb:63:da:3f:23:40:b4:6b:65:5e:be:e6:3b:a4:2c:80:08:
6b:25:96:cb:b8:37:94:f0:0c:ea:09:e4:80:a7:2b:f7:c5:e2:
8f:c1:fa:eb:96:4e:ec:13:ff:ad:8c:c1:7f:5b:d8:95:54:35:
c2:88:2e:b9:dc:4a:19:bf:e1:f0:33:67:5f:3d:11:78:19:35:
9f:26:e7:2f:05:87:04:b3:3f:c7:19:e9:53:6a:10:cd:3d:16:
90:d6:76:5d:2b:00:24:27:b0:c0:68:1f:08:d8:75:02:70:c9:
d7:63:04:b3:6d:b3:aa:0f:a4:6c:97:28:1b:7d:dc:7d:0a:3b:
05:d8:d7:bc:9f:23:19:ec:14:19:d3:de:e8:18:93:33:c4:0c:
18:45:19:9c:7c:87:d2:2e:b9:3e:df:be:98:01:0f:6a:05:2b:
dc:e6:b9:56:4c:5c:5d:22:77:c5:23:55:38:65:94:97:ea:18:
76:60:15:50:85:e3:b7:0f:03:27:df:7c:c3:14:4e:a1:e9:1e:
0f:8a:8c:df:95:63:93:3c:64:40:c8:ee:8c:db:06:06:72:c2:
89:ae:cc:60:97:76:00:35:87:b3:ce:a9:10:ec:9f:6c:8b:3f:
1f:0d:50:fb:c4:80:37:29:01:c4:ea:e0:27:c6:4d:0d:9e:f5:
5b:56:d5:a3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY5/+UB95J8V5k4q3mNXsUIGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YjIxM2JmMTYyNzU0OGVmZGZiMWIyZTI2NDViYWFmMWQ5
ODNhYTAwHhcNMjQwMzI3MTI1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDRlNjUzZjZhZTZmNzlhNzIxYmVmYjBkMGZlZWZhOWE3NGM4MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowRhUrV+ceK4OkWQlW/EFQG/nu7m
wfwQGNe7mg7y1u17N6Tflsi1Sl203dX41jh+kD/owXTYVG+uLPFokzZc9CvF+bI9
oq4TNJ9U4VhdJ7o7COSL4s2ojeK3GN5Q96+V22izYXhtUQFonylqchRMc/rwDST1
hS7S1lwWoDumdDXexL7f28NpZ6ujcXvewJoaF1+ltL6ksfF3QKv1RnfH3LWkLvAE
SzYRlD8bkPySS0gat0oRpf/U9hD8u7k3HcC5R3dnn1dntB3XLZ9craJLRy/iC9aE
ySQEOrr4WJugoNxeTabZh41qNpHQb5BbYdc0u+d6AwJRgMJdr0v+hdO4FwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFOROZT9q5veachvvsND+76mnTINPMB8GA1UdIwQY
MBaAFIiyE78WJ1SO/fsbLiZFuq8dmDqgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2Ut
NzI3MzVlMTE4ZDUxLzEvNUU1bFAycm05NXB5Ry0tdzBQN3ZxYWRNZzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zYzAyNjktYzE5NC00ZTZkLWFiY2UtNzI3MzVlMTE4ZDUx
LzEvaUxJVHZ4WW5WSTc5LXhzdUprVzZyeDJZT3FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgXzAAMF
AyoSS0ADBQMqE8QAAwUDKhPIADANBgkqhkiG9w0BAQsFAAOCAQEANLtj2j8jQLRr
ZV6+5jukLIAIayWWy7g3lPAM6gnkgKcr98Xij8H665ZO7BP/rYzBf1vYlVQ1wogu
udxKGb/h8DNnXz0ReBk1nybnLwWHBLM/xxnpU2oQzT0WkNZ2XSsAJCewwGgfCNh1
AnDJ12MEs22zqg+kbJcoG33cfQo7BdjXvJ8jGewUGdPe6BiTM8QMGEUZnHyH0i65
Pt++mAEPagUr3Oa5VkxcXSJ3xSNVOGWUl+oYdmAVUIXjtw8DJ998wxROoekeD4qM
35VjkzxkQMjujNsGBnLCia7MYJd2ADWHs86pEOyfbIs/Hw1Q+8SANykBxOrgJ8ZN
DZ71W1bVow==
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:17:39 2024 by rpki-client on console-ams.rpki-client.org