Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/fTQSeWpy_cUD4p9b03SBGE2LHU0.roa
File: fTQSeWpy_cUD4p9b03SBGE2LHU0.roa (raw, json)
Hash identifier: d0dNP0mjO3Ry/ESYOsrbJDL389MuzHyvb7EYb030W/o=
Subject key identifier: 7D:34:12:79:6A:72:FD:C5:03:E2:9F:5B:D3:74:81:18:4D:8B:1D:4D
Certificate issuer: /CN=00911779c767d2364e86f4e27ef8c5fe9bb01090
Certificate serial: 018CC42449E7AAB0C0F4F97ABF49D0A267C1
Authority key identifier: 00:91:17:79:C7:67:D2:36:4E:86:F4:E2:7E:F8:C5:FE:9B:B0:10:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AJEXecdn0jZOhvTifvjF_puwEJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/fTQSeWpy_cUD4p9b03SBGE2LHU0.roa
Signing time: Mon 01 Jan 2024 08:29:21 +0000
ROA not before: Mon 01 Jan 2024 08:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198867
IP address blocks: 5.45.191.0/24 maxlen: 24
5.45.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/AJEXecdn0jZOhvTifvjF_puwEJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/AJEXecdn0jZOhvTifvjF_puwEJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/AJEXecdn0jZOhvTifvjF_puwEJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:49:e7:aa:b0:c0:f4:f9:7a:bf:49:d0:a2:67:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00911779c767d2364e86f4e27ef8c5fe9bb01090
Validity
Not Before: Jan 1 08:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d3412796a72fdc503e29f5bd37481184d8b1d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:11:08:0e:a1:25:4b:ef:24:d5:a8:fe:1e:26:
d1:f7:3e:a9:10:8d:7b:bd:6f:91:89:d1:0e:3a:e0:
99:d2:d9:c8:be:89:57:e5:1c:d8:5a:be:a7:6f:8f:
74:89:2d:a6:f9:cb:dc:49:7a:54:e7:32:d7:0b:c2:
9f:9d:be:90:6e:62:21:4c:17:ea:5f:42:dc:73:b1:
f4:ab:a8:4f:83:74:1e:68:82:69:54:ee:92:d6:dd:
77:06:28:85:44:55:e8:96:b4:c7:c3:7c:35:e9:1d:
62:df:53:b7:80:59:23:82:e5:06:8e:8c:a8:4d:29:
f0:c4:67:04:e6:ef:98:f0:f5:cb:a2:e0:69:82:9d:
7e:cb:54:c9:d5:f0:02:51:1a:54:87:7e:49:9a:48:
b5:7f:fb:58:18:82:f8:6d:d4:03:b9:b1:fd:20:eb:
d4:c8:4a:9f:84:cb:d3:35:ad:91:13:fe:a5:1e:fc:
3e:b4:2d:47:7e:e9:41:2b:27:dd:fe:7b:15:8b:0e:
7a:5f:4d:fb:22:41:87:5a:c4:b6:ce:02:24:ba:4a:
f2:91:be:b6:f4:39:1f:ea:db:9b:a1:5e:99:7e:ab:
3d:cc:bd:38:a3:a0:f1:7b:d6:b3:0b:b8:b3:32:ac:
15:15:1c:14:f2:79:26:7f:be:1e:b3:bc:78:b5:92:
8d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:34:12:79:6A:72:FD:C5:03:E2:9F:5B:D3:74:81:18:4D:8B:1D:4D
X509v3 Authority Key Identifier:
keyid:00:91:17:79:C7:67:D2:36:4E:86:F4:E2:7E:F8:C5:FE:9B:B0:10:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJEXecdn0jZOhvTifvjF_puwEJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/fTQSeWpy_cUD4p9b03SBGE2LHU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/259fbe-2855-4e19-918f-62c1b1ff3a26/1/AJEXecdn0jZOhvTifvjF_puwEJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.190.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:eb:b3:bf:2e:45:6d:9a:22:87:60:36:26:e5:9c:c9:e5:6e:
e4:0a:ab:a4:fa:08:c8:21:3d:fa:05:fb:65:9c:d5:b6:96:1c:
a7:28:13:c4:d8:8b:1e:62:09:d2:11:72:62:96:e3:c0:22:cd:
80:aa:d4:f7:03:e6:6a:fa:5c:62:7b:dc:62:87:61:dc:72:98:
b0:cb:76:86:3c:bc:ee:72:4d:d2:6e:d6:1e:dc:56:94:fa:8e:
26:89:ca:ce:02:a6:30:ea:92:f5:db:d2:79:99:28:91:fe:e1:
91:52:6e:7d:2a:3b:43:cb:c3:ea:ca:ed:d3:c8:b5:f8:e6:d2:
59:4f:db:a0:7f:59:87:42:25:f9:ea:be:f3:f8:a8:a8:6a:cd:
b2:2f:e2:3d:95:14:98:fe:22:54:e2:aa:af:0d:ca:da:70:e5:
6e:c8:b1:97:ec:7d:cb:5f:89:e3:8b:69:14:1d:6a:5b:ac:da:
d3:ef:6c:6f:ae:95:d7:58:8a:2d:8e:96:0d:b9:a9:ea:94:24:
d0:72:8b:b6:d8:b1:35:24:dc:1b:ce:5f:75:ca:46:e1:12:cb:
d6:ee:53:f0:7a:e0:ff:1d:67:b4:c1:60:1c:46:36:1e:34:0b:
c0:3e:ac:ea:9e:4a:68:11:7a:bc:29:b3:7b:9f:01:b6:52:5d:
53:ba:93:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJEnnqrDA9Pl6v0nQomfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwOTExNzc5Yzc2N2QyMzY0ZTg2ZjRlMjdlZjhjNWZlOWJi
MDEwOTAwHhcNMjQwMTAxMDgyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM0MTI3OTZhNzJmZGM1MDNlMjlmNWJkMzc0ODExODRkOGIxZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkREIDqElS+8k1aj+HibR9z6pEI17
vW+RidEOOuCZ0tnIvolX5RzYWr6nb490iS2m+cvcSXpU5zLXC8Kfnb6QbmIhTBfq
X0Lcc7H0q6hPg3QeaIJpVO6S1t13BiiFRFXolrTHw3w16R1i31O3gFkjguUGjoyo
TSnwxGcE5u+Y8PXLouBpgp1+y1TJ1fACURpUh35Jmki1f/tYGIL4bdQDubH9IOvU
yEqfhMvTNa2RE/6lHvw+tC1HfulBKyfd/nsViw56X037IkGHWsS2zgIkukrykb62
9Dkf6tuboV6Zfqs9zL04o6Dxe9azC7izMqwVFRwU8nkmf74es7x4tZKNAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH00Enlqcv3FA+KfW9N0gRhNix1NMB8GA1UdIwQY
MBaAFACRF3nHZ9I2Tob04n74xf6bsBCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUpFWGVjZG4walpPaHZUaWZ2akZfcHV3RUpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yNTlmYmUtMjg1NS00ZTE5LTkxOGYt
NjJjMWIxZmYzYTI2LzEvZlRRU2VXcHlfY1VENHA5YjAzU0JHRTJMSFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yNTlmYmUtMjg1NS00ZTE5LTkxOGYtNjJjMWIxZmYzYTI2
LzEvQUpFWGVjZG4walpPaHZUaWZ2akZfcHV3RUpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBS2+MA0G
CSqGSIb3DQEBCwUAA4IBAQBP67O/LkVtmiKHYDYm5ZzJ5W7kCquk+gjIIT36Bftl
nNW2lhynKBPE2IseYgnSEXJiluPAIs2AqtT3A+Zq+lxie9xih2Hccpiwy3aGPLzu
ck3SbtYe3FaU+o4micrOAqYw6pL129J5mSiR/uGRUm59KjtDy8Pqyu3TyLX45tJZ
T9ugf1mHQiX56r7z+Kioas2yL+I9lRSY/iJU4qqvDcracOVuyLGX7H3LX4nji2kU
HWpbrNrT72xvrpXXWIotjpYNuanqlCTQcou22LE1JNwbzl91ykbhEsvW7lPweuD/
HWe0wWAcRjYeNAvAPqzqnkpoEXq8KbN7nwG2Ul1TupOZ
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:14:38 2024 by rpki-client on console-ams.rpki-client.org