Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/pu3FV2HN9lYJR88Ww1-K-r9MyvM.roa
File: pu3FV2HN9lYJR88Ww1-K-r9MyvM.roa (raw, json)
Hash identifier: prYgRr/gg5AkKKdndwb9a90EXVnq/3UrJ4udgYUXp7k=
Subject key identifier: A6:ED:C5:57:61:CD:F6:56:09:47:CF:16:C3:5F:8A:FA:BF:4C:CA:F3
Certificate issuer: /CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Certificate serial: 018CC26D230D3B231DEECE9A600794D9A0C6
Authority key identifier: D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/pu3FV2HN9lYJR88Ww1-K-r9MyvM.roa
Signing time: Mon 01 Jan 2024 00:29:41 +0000
ROA not before: Mon 01 Jan 2024 00:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 5.182.85.0/24 maxlen: 24
5.182.84.0/24 maxlen: 24
46.254.92.0/24 maxlen: 24
46.254.93.0/24 maxlen: 24
77.232.141.0/24 maxlen: 24
77.232.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 04:03:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:23:0d:3b:23:1d:ee:ce:9a:60:07:94:d9:a0:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d504e641e55a48aee0141e2c0d26227102caa6d4
Validity
Not Before: Jan 1 00:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6edc55761cdf6560947cf16c35f8afabf4ccaf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5d:87:d1:5a:46:39:d0:12:f2:ad:9c:81:94:
f9:00:f9:71:4b:66:b5:90:fd:48:11:44:96:e5:21:
79:13:8c:79:e1:32:71:d1:19:54:12:e2:f3:5a:5f:
89:1e:4c:8b:de:e9:6e:6d:46:cb:4d:d8:2f:1d:6d:
f4:32:f2:1a:01:a2:7c:e4:e2:4a:0a:1f:81:55:f2:
99:6f:a6:10:a2:0d:8c:30:33:ef:45:08:45:87:31:
ac:cc:ad:21:8f:db:9f:bd:e4:11:36:e8:55:e1:a0:
39:7b:10:c6:98:92:e1:d9:90:bc:f3:67:c2:18:f0:
4a:50:a4:7d:61:16:d8:0d:e0:5d:10:0f:52:ec:5c:
b9:5f:94:56:0a:02:82:a0:f3:79:8b:86:05:13:f3:
4c:f3:a0:84:64:49:84:bc:37:b9:fe:c3:5a:66:e4:
64:e2:7d:96:67:d4:dc:71:6a:d1:07:d1:18:29:c2:
b1:d4:47:d9:72:30:6d:b3:92:38:0d:23:95:e3:03:
65:e6:51:da:f6:e4:0c:9d:e7:32:fb:c6:68:b8:79:
6a:5f:63:aa:07:72:02:9a:68:38:cf:ab:30:a9:15:
f6:62:fe:68:c6:02:82:cc:48:1f:2d:23:59:91:ed:
5f:9a:80:87:e3:99:47:34:fe:80:41:83:41:2a:aa:
9f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:ED:C5:57:61:CD:F6:56:09:47:CF:16:C3:5F:8A:FA:BF:4C:CA:F3
X509v3 Authority Key Identifier:
keyid:D5:04:E6:41:E5:5A:48:AE:E0:14:1E:2C:0D:26:22:71:02:CA:A6:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QTmQeVaSK7gFB4sDSYicQLKptQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/pu3FV2HN9lYJR88Ww1-K-r9MyvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f01f35-2cca-4e5a-828a-6bffcb7c0f0a/1/1QTmQeVaSK7gFB4sDSYicQLKptQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.84.0/23
46.254.92.0/23
77.232.140.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:de:7e:e4:24:f7:aa:a2:d3:52:64:b5:22:0a:f4:46:2a:6e:
7d:34:25:15:78:45:cf:4f:17:7a:ef:7b:b1:12:70:2b:54:0e:
66:d4:58:c2:8d:c5:cc:09:ee:c7:31:a3:78:a1:3a:14:5c:9f:
0d:af:43:d8:12:cd:58:36:60:34:d9:04:a3:46:1b:84:31:1e:
c6:0a:06:d9:b6:cb:8b:08:ba:d0:5c:ab:32:66:71:95:36:9d:
45:36:1f:7c:9f:95:6f:ca:23:01:1b:b2:3f:f9:a9:67:96:69:
86:25:a0:de:21:c2:4d:18:08:51:1b:a4:5e:d4:60:18:3c:f6:
54:c2:c3:02:73:88:ba:8b:39:ca:ea:f8:95:9b:2c:d4:12:95:
c3:da:d2:f7:61:42:d5:49:61:6e:9f:da:65:fc:89:12:c3:ca:
9a:02:6e:62:76:f6:71:c7:37:a7:35:51:b6:d1:ce:e8:0d:5e:
45:7c:95:58:3e:31:38:3d:02:af:85:2a:b5:a1:ab:4a:13:c1:
e9:6f:8e:ea:01:3b:1e:0c:cb:54:a3:a0:90:f5:6c:43:27:54:
7d:93:59:21:fa:92:1f:66:8a:f4:70:91:f8:fc:64:3a:2b:46:
ad:5c:45:93:f7:03:51:fe:48:c6:fe:20:dc:07:e1:56:17:3e:
63:8e:f6:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbSMNOyMd7s6aYAeU2aDGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDRlNjQxZTU1YTQ4YWVlMDE0MWUyYzBkMjYyMjcxMDJj
YWE2ZDQwHhcNMjQwMTAxMDAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVkYzU1NzYxY2RmNjU2MDk0N2NmMTZjMzVmOGFmYWJmNGNjYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol2H0VpGOdAS8q2cgZT5APlxS2a1
kP1IEUSW5SF5E4x54TJx0RlUEuLzWl+JHkyL3ulubUbLTdgvHW30MvIaAaJ85OJK
Ch+BVfKZb6YQog2MMDPvRQhFhzGszK0hj9ufveQRNuhV4aA5exDGmJLh2ZC882fC
GPBKUKR9YRbYDeBdEA9S7Fy5X5RWCgKCoPN5i4YFE/NM86CEZEmEvDe5/sNaZuRk
4n2WZ9TccWrRB9EYKcKx1EfZcjBts5I4DSOV4wNl5lHa9uQMnecy+8ZouHlqX2Oq
B3ICmmg4z6swqRX2Yv5oxgKCzEgfLSNZke1fmoCH45lHNP6AQYNBKqqfnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKbtxVdhzfZWCUfPFsNfivq/TMrzMB8GA1UdIwQY
MBaAFNUE5kHlWkiu4BQeLA0mInECyqbUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEt
NmJmZmNiN2MwZjBhLzEvcHUzRlYySE45bFlKUjg4V3cxLUstcjlNeXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mMDFmMzUtMmNjYS00ZTVhLTgyOGEtNmJmZmNiN2MwZjBh
LzEvMVFUbVFlVmFTSzdnRkI0c0RTWWljUUxLcHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbZUAwQB
Lv5cAwQBTeiMMA0GCSqGSIb3DQEBCwUAA4IBAQCi3n7kJPeqotNSZLUiCvRGKm59
NCUVeEXPTxd673uxEnArVA5m1FjCjcXMCe7HMaN4oToUXJ8Nr0PYEs1YNmA02QSj
RhuEMR7GCgbZtsuLCLrQXKsyZnGVNp1FNh98n5VvyiMBG7I/+alnlmmGJaDeIcJN
GAhRG6Re1GAYPPZUwsMCc4i6iznK6viVmyzUEpXD2tL3YULVSWFun9pl/IkSw8qa
Am5idvZxxzenNVG20c7oDV5FfJVYPjE4PQKvhSq1oatKE8Hpb47qATseDMtUo6CQ
9WxDJ1R9k1kh+pIfZor0cJH4/GQ6K0atXEWT9wNR/kjG/iDcB+FWFz5jjvb5
-----END CERTIFICATE-----
Generated at Tue May 7 09:55:50 2024 by rpki-client on console-fra.rpki-client.org