Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/CRreIKHNlP1KuobAlT9gmQax60w.roa
File: CRreIKHNlP1KuobAlT9gmQax60w.roa (raw, json)
Hash identifier: uSSvvwPOC7wcfA3pJp9+gT0OgAVaUAKuf8Ub5i1wPMM=
Subject key identifier: 09:1A:DE:20:A1:CD:94:FD:4A:BA:86:C0:95:3F:60:99:06:B1:EB:4C
Certificate issuer: /CN=56e3353d5f423ad4271c3261caa543140530bddb
Certificate serial: 018CC7953E0DDB6B3FC0544D3137ECEE467D
Authority key identifier: 56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/CRreIKHNlP1KuobAlT9gmQax60w.roa
Signing time: Tue 02 Jan 2024 00:31:35 +0000
ROA not before: Tue 02 Jan 2024 00:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34757
IP address blocks: 5.44.168.0/23 maxlen: 24
109.111.176.0/20 maxlen: 24
193.238.128.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.mft
rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3e:0d:db:6b:3f:c0:54:4d:31:37:ec:ee:46:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56e3353d5f423ad4271c3261caa543140530bddb
Validity
Not Before: Jan 2 00:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=091ade20a1cd94fd4aba86c0953f609906b1eb4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b9:b3:d0:14:52:fc:ca:31:4b:22:39:ec:1d:
25:ef:ff:51:b7:70:36:3a:56:d1:c5:4c:e3:59:6b:
ef:15:b5:48:7e:04:a6:76:ce:05:61:ea:a5:3f:8e:
10:d8:60:ef:6d:63:6b:ec:7a:d0:b2:46:e5:ea:4a:
0d:88:f2:09:38:44:ae:e2:23:45:63:d5:b7:95:49:
03:92:27:60:e8:80:d8:c5:dc:3d:49:c9:f6:c9:89:
3c:bb:d2:68:78:5c:64:c7:b7:a5:90:05:12:93:63:
30:4f:c0:10:4d:9a:28:28:d2:32:af:bc:21:8b:fe:
ce:bc:24:f3:d5:1e:21:bc:cc:b7:76:fb:33:5a:22:
65:92:ff:30:32:bd:83:ef:f3:79:7a:5d:51:fb:2e:
b2:cb:26:94:45:2d:3d:cd:20:79:5c:5f:b5:5f:80:
68:ad:b8:f3:2a:c5:ba:ce:93:e6:9a:06:f3:28:d8:
ac:19:82:3a:ef:fb:9e:36:be:36:8a:2f:41:7f:bf:
a6:e9:15:2f:65:10:41:2e:97:34:4a:2c:20:88:da:
3c:93:0d:d8:03:2c:37:02:4a:93:07:6a:de:20:50:
8c:4e:7e:84:af:6e:d7:b5:cf:3d:ca:ef:97:b8:81:
86:8c:9e:d0:0f:17:0b:7d:78:fa:46:c1:21:b5:1a:
ed:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:1A:DE:20:A1:CD:94:FD:4A:BA:86:C0:95:3F:60:99:06:B1:EB:4C
X509v3 Authority Key Identifier:
keyid:56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/CRreIKHNlP1KuobAlT9gmQax60w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.168.0/23
109.111.176.0/20
193.238.128.0/22
Signature Algorithm: sha256WithRSAEncryption
12:7a:d6:1e:dc:06:81:87:c8:56:b4:43:1f:5d:73:90:78:6c:
cf:ff:b6:ab:ed:c6:50:b6:5e:f0:e4:9e:cb:79:4c:2c:c5:f6:
8d:64:0e:f4:d8:f2:33:04:9e:d7:59:d7:a7:18:f1:e0:44:f2:
87:4d:20:5c:cf:ba:a2:d4:0b:10:90:6c:86:a7:3c:e4:96:68:
c4:85:09:a8:b1:55:32:fe:51:dd:ca:30:5c:25:15:59:d7:02:
a4:8c:79:65:03:62:f1:3b:8a:7d:7a:bd:e8:72:4b:63:c9:44:
05:f3:fa:1f:70:72:68:26:56:58:9e:27:97:43:43:83:f1:2e:
a3:1c:a4:29:c0:38:d5:5a:eb:8f:8d:fd:8d:6f:f9:b7:94:95:
17:28:87:c8:1a:85:85:94:48:44:4a:8a:08:ce:32:45:06:31:
04:01:6e:46:25:b9:c6:a1:4c:ab:c8:82:ce:39:60:3a:3c:af:
bc:de:50:2d:84:07:42:a3:5a:47:25:1f:34:c2:a9:e2:7c:b7:
59:4b:67:5a:f2:38:3f:b1:7e:7f:c0:7c:a2:79:51:4e:84:43:
b3:60:4b:df:da:d1:37:21:e7:70:5c:e8:ff:e6:56:c2:70:85:
a6:fc:93:4f:e9:d1:9b:6f:76:06:b1:ca:a1:79:42:25:9b:68:
49:b0:e2:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlT4N22s/wFRNMTfs7kZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZTMzNTNkNWY0MjNhZDQyNzFjMzI2MWNhYTU0MzE0MDUz
MGJkZGIwHhcNMjQwMTAyMDAzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTFhZGUyMGExY2Q5NGZkNGFiYTg2YzA5NTNmNjA5OTA2YjFlYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurmz0BRS/MoxSyI57B0l7/9Rt3A2
OlbRxUzjWWvvFbVIfgSmds4FYeqlP44Q2GDvbWNr7HrQskbl6koNiPIJOESu4iNF
Y9W3lUkDkidg6IDYxdw9Scn2yYk8u9JoeFxkx7elkAUSk2MwT8AQTZooKNIyr7wh
i/7OvCTz1R4hvMy3dvszWiJlkv8wMr2D7/N5el1R+y6yyyaURS09zSB5XF+1X4Bo
rbjzKsW6zpPmmgbzKNisGYI67/ueNr42ii9Bf7+m6RUvZRBBLpc0SiwgiNo8kw3Y
Ayw3AkqTB2reIFCMTn6Er27Xtc89yu+XuIGGjJ7QDxcLfXj6RsEhtRrtNQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAka3iChzZT9SrqGwJU/YJkGsetMMB8GA1UdIwQY
MBaAFFbjNT1fQjrUJxwyYcqlQxQFML3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTIt
ZTUyZGEzYjg2NzU0LzEvQ1JyZUlLSE5sUDFLdW9iQWxUOWdtUWF4NjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTItZTUyZGEzYjg2NzU0
LzEvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBSyoAwQE
bW+wAwQCwe6AMA0GCSqGSIb3DQEBCwUAA4IBAQASetYe3AaBh8hWtEMfXXOQeGzP
/7ar7cZQtl7w5J7LeUwsxfaNZA702PIzBJ7XWdenGPHgRPKHTSBcz7qi1AsQkGyG
pzzklmjEhQmosVUy/lHdyjBcJRVZ1wKkjHllA2LxO4p9er3ocktjyUQF8/ofcHJo
JlZYnieXQ0OD8S6jHKQpwDjVWuuPjf2Nb/m3lJUXKIfIGoWFlEhESooIzjJFBjEE
AW5GJbnGoUyryILOOWA6PK+83lAthAdCo1pHJR80wqnifLdZS2da8jg/sX5/wHyi
eVFOhEOzYEvf2tE3IedwXOj/5lbCcIWm/JNP6dGbb3YGscqheUIlm2hJsOKZ
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:09:48 2024 by rpki-client on console-ams.rpki-client.org