Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/e249lnZKJfrd8xANMbWOM3lvWU0.roa
File: e249lnZKJfrd8xANMbWOM3lvWU0.roa (raw, json)
Hash identifier: PyNbDLTSrWKbh0Jw9bJAfOrcvJwiC+K0jy+DxilTDNA=
Subject key identifier: 7B:6E:3D:96:76:4A:25:FA:DD:F3:10:0D:31:B5:8E:33:79:6F:59:4D
Certificate issuer: /CN=56e3353d5f423ad4271c3261caa543140530bddb
Certificate serial: 018CC7953E91E75E300C022F2DF3DC3E228E
Authority key identifier: 56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/e249lnZKJfrd8xANMbWOM3lvWU0.roa
Signing time: Tue 02 Jan 2024 00:31:36 +0000
ROA not before: Tue 02 Jan 2024 00:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41794
IP address blocks: 5.44.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.mft
rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 21:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:3e:91:e7:5e:30:0c:02:2f:2d:f3:dc:3e:22:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56e3353d5f423ad4271c3261caa543140530bddb
Validity
Not Before: Jan 2 00:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b6e3d96764a25faddf3100d31b58e33796f594d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f1:e4:12:a1:fe:37:d6:c1:1d:8a:42:5a:3f:
46:95:c2:ba:30:51:60:3e:e7:b3:5c:e0:4b:92:11:
93:ca:7a:63:6a:23:49:72:ec:ee:e9:d4:e8:f6:20:
03:bc:04:26:a0:6c:0f:ef:bd:d9:1f:a0:0f:c7:7d:
7c:63:74:7c:c6:44:23:1a:d2:61:e7:cb:f5:53:2c:
f7:95:cf:10:15:0b:a4:bd:59:2d:19:dc:42:32:25:
ed:78:46:a0:1a:b0:30:f1:b2:f2:7c:6e:42:d6:04:
f5:71:1f:97:04:03:ea:4c:02:e5:1e:6c:a8:57:4c:
df:78:f2:48:08:66:b9:11:20:ef:a4:25:63:80:1d:
50:be:a7:71:68:64:19:62:4e:19:62:15:fe:02:17:
75:e9:97:fb:f4:8d:8c:50:c7:7f:f2:e9:a5:4d:df:
43:1a:c9:7b:65:c4:7b:3d:fa:51:14:7f:4b:9a:fc:
2c:2f:77:53:09:65:b7:f7:6b:8f:92:18:f4:ac:0e:
96:09:1d:47:d9:03:e3:75:d1:7e:9b:0e:4e:14:ef:
d3:b4:b2:6d:e4:b2:3a:55:ec:5a:9b:ef:1f:0b:b0:
fe:ac:d0:73:b6:2d:90:82:04:72:46:f5:a9:2d:68:
6b:81:cb:88:a0:19:af:fb:53:98:ce:be:de:13:57:
76:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:6E:3D:96:76:4A:25:FA:DD:F3:10:0D:31:B5:8E:33:79:6F:59:4D
X509v3 Authority Key Identifier:
keyid:56:E3:35:3D:5F:42:3A:D4:27:1C:32:61:CA:A5:43:14:05:30:BD:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VuM1PV9COtQnHDJhyqVDFAUwvds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/e249lnZKJfrd8xANMbWOM3lvWU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6109d6-0a8a-4bf6-a0e2-e52da3b86754/1/VuM1PV9COtQnHDJhyqVDFAUwvds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.170.0/23
Signature Algorithm: sha256WithRSAEncryption
40:2f:30:51:6b:50:ed:3a:37:0f:5b:63:b0:df:da:58:d1:ad:
5f:a1:37:9c:9c:c7:c9:32:55:23:b0:22:1c:77:0e:db:da:d1:
0b:3a:09:ea:13:f7:20:f3:e9:ba:6b:7c:cf:04:39:27:7e:f6:
c6:b3:1e:c1:c0:e0:4c:14:90:3b:f7:8a:77:41:34:9e:9b:ca:
9d:ac:9b:bf:1d:53:d0:2f:62:66:bf:cd:ee:a8:44:a8:35:8f:
11:bd:6b:04:72:c7:8f:fe:8a:40:06:ae:75:e4:21:1c:cf:1a:
39:9d:21:66:9a:24:97:ad:ca:42:9a:51:2a:62:61:d8:59:1f:
8e:0b:79:b7:1d:b4:c6:28:be:e7:a5:ec:39:ab:02:0d:f5:49:
3b:70:47:c9:13:81:26:13:41:de:64:f0:0e:6b:79:dc:01:23:
6f:17:d7:4f:75:82:14:ee:45:e5:74:13:64:6f:15:46:39:5d:
64:7f:e9:f5:28:3e:98:06:20:42:41:10:ae:9c:b4:6d:8d:7d:
a7:1b:85:b6:74:72:e2:c6:87:38:51:e9:2e:e4:19:48:85:06:
8d:3f:26:67:c0:f7:7d:fa:4a:24:8a:6d:ef:08:9e:da:a6:07:
bf:de:9d:2d:3b:51:8c:25:9b:c5:4b:99:40:db:16:91:06:67:
90:75:3b:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlT6R514wDAIvLfPcPiKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZTMzNTNkNWY0MjNhZDQyNzFjMzI2MWNhYTU0MzE0MDUz
MGJkZGIwHhcNMjQwMTAyMDAzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjZlM2Q5Njc2NGEyNWZhZGRmMzEwMGQzMWI1OGUzMzc5NmY1OTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvHkEqH+N9bBHYpCWj9GlcK6MFFg
PuezXOBLkhGTynpjaiNJcuzu6dTo9iADvAQmoGwP773ZH6APx318Y3R8xkQjGtJh
58v1Uyz3lc8QFQukvVktGdxCMiXteEagGrAw8bLyfG5C1gT1cR+XBAPqTALlHmyo
V0zfePJICGa5ESDvpCVjgB1QvqdxaGQZYk4ZYhX+Ahd16Zf79I2MUMd/8umlTd9D
Gsl7ZcR7PfpRFH9LmvwsL3dTCWW392uPkhj0rA6WCR1H2QPjddF+mw5OFO/TtLJt
5LI6Vexam+8fC7D+rNBzti2QggRyRvWpLWhrgcuIoBmv+1OYzr7eE1d2TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHtuPZZ2SiX63fMQDTG1jjN5b1lNMB8GA1UdIwQY
MBaAFFbjNT1fQjrUJxwyYcqlQxQFML3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTIt
ZTUyZGEzYjg2NzU0LzEvZTI0OWxuWktKZnJkOHhBTk1iV09NM2x2V1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MTA5ZDYtMGE4YS00YmY2LWEwZTItZTUyZGEzYjg2NzU0
LzEvVnVNMVBWOUNPdFFuSERKaHlxVkRGQVV3dmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBSyqMA0G
CSqGSIb3DQEBCwUAA4IBAQBALzBRa1DtOjcPW2Ow39pY0a1foTecnMfJMlUjsCIc
dw7b2tELOgnqE/cg8+m6a3zPBDknfvbGsx7BwOBMFJA794p3QTSem8qdrJu/HVPQ
L2Jmv83uqESoNY8RvWsEcseP/opABq515CEczxo5nSFmmiSXrcpCmlEqYmHYWR+O
C3m3HbTGKL7npew5qwIN9Uk7cEfJE4EmE0HeZPAOa3ncASNvF9dPdYIU7kXldBNk
bxVGOV1kf+n1KD6YBiBCQRCunLRtjX2nG4W2dHLixoc4Ueku5BlIhQaNPyZnwPd9
+kokim3vCJ7apge/3p0tO1GMJZvFS5lA2xaRBmeQdTtH
-----END CERTIFICATE-----
Generated at Wed Jun 26 06:36:23 2024 by rpki-client on console-fra.rpki-client.org