Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/s53IUwL0OEzcYN19aA0UUregMcY.roa
File: s53IUwL0OEzcYN19aA0UUregMcY.roa (raw, json)
Hash identifier: oGlK43xLbGliRac5fedl0x3SRzLK1wu8hJei6Z9MNA8=
Subject key identifier: B3:9D:C8:53:02:F4:38:4C:DC:60:DD:7D:68:0D:14:52:B7:A0:31:C6
Certificate issuer: /CN=4dd1b2587490ad061cb207176bdeec81a531588c
Certificate serial: 018CC86F22CFD30CE5B79FAFE372EE63C6A7
Authority key identifier: 4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/s53IUwL0OEzcYN19aA0UUregMcY.roa
Signing time: Tue 02 Jan 2024 04:29:35 +0000
ROA not before: Tue 02 Jan 2024 04:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40009
IP address blocks: 80.231.16.0/23 maxlen: 23
5.23.20.0/24 maxlen: 24
80.231.162.0/23 maxlen: 23
80.231.163.0/24 maxlen: 24
80.231.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:22:cf:d3:0c:e5:b7:9f:af:e3:72:ee:63:c6:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd1b2587490ad061cb207176bdeec81a531588c
Validity
Not Before: Jan 2 04:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b39dc85302f4384cdc60dd7d680d1452b7a031c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:40:32:8f:fa:82:b3:51:e5:05:08:30:8c:81:
8b:94:9a:18:20:cd:13:ec:23:f2:2b:f0:20:9f:eb:
d9:83:cb:ea:60:29:20:06:da:4a:a5:b1:7c:5f:2f:
cc:ff:46:7a:8f:29:e9:9f:db:7f:66:33:d5:e7:f1:
20:69:93:4c:29:61:43:27:c0:18:b4:ad:c2:da:c1:
10:85:37:dd:ac:0c:4a:f6:99:72:98:ba:90:fa:22:
20:01:8b:ee:cc:dd:eb:d2:8a:b7:95:e3:c3:e0:12:
81:73:8f:e2:26:10:a8:17:a8:53:08:17:19:f6:3b:
a6:39:30:6d:d2:0c:9b:5d:dd:47:1b:ad:a5:1e:c6:
3f:4f:83:7e:49:80:64:2d:52:49:8b:b2:31:1f:97:
e1:b1:6a:a3:07:fb:af:ac:34:20:a6:0c:79:7d:ae:
35:1b:1a:52:73:a3:bc:3e:05:44:21:d5:04:22:26:
7b:80:cd:21:98:e6:ad:df:d6:76:1e:e0:04:37:06:
b9:66:90:9d:5e:74:05:8b:2c:94:be:50:e7:ac:27:
fd:fa:20:f0:17:1d:43:0c:8f:f7:b6:bd:00:1f:48:
59:10:84:5d:2d:79:74:e6:88:27:d9:39:fd:07:83:
57:94:a4:ce:fa:86:b0:d1:39:40:a4:c4:bf:0a:36:
eb:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9D:C8:53:02:F4:38:4C:DC:60:DD:7D:68:0D:14:52:B7:A0:31:C6
X509v3 Authority Key Identifier:
keyid:4D:D1:B2:58:74:90:AD:06:1C:B2:07:17:6B:DE:EC:81:A5:31:58:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdGyWHSQrQYcsgcXa97sgaUxWIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/s53IUwL0OEzcYN19aA0UUregMcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/01d2af-1f21-4b80-b665-db463c5fb0b4/1/TdGyWHSQrQYcsgcXa97sgaUxWIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.20.0/24
80.231.16.0/23
80.231.162.0/23
Signature Algorithm: sha256WithRSAEncryption
96:ee:52:f6:c0:61:93:b6:12:75:ed:2e:75:e1:5d:99:bd:e3:
a3:68:79:d9:3d:01:9d:9d:9c:ff:43:57:8a:64:b7:ad:63:53:
9c:23:82:33:ba:c1:af:b4:9f:19:00:c3:4f:df:4c:94:9f:00:
bf:47:32:d6:b6:57:f1:88:de:49:af:5e:6a:6a:64:36:25:ea:
77:04:15:6a:8d:d6:a2:cc:01:21:85:91:7b:4d:17:f1:61:d3:
b5:d4:d9:93:f3:cf:66:7e:7b:18:2b:a1:5e:4c:fa:08:31:20:
d9:d3:a1:1b:91:66:a6:c1:40:d4:96:05:3b:9a:a8:d4:a8:55:
ab:d5:b7:27:ff:91:91:5e:4b:32:22:be:4f:e3:bc:a4:74:a1:
e3:31:8b:79:b7:c0:39:2f:18:91:3b:15:ec:e0:92:94:a1:25:
ce:e4:fc:2c:97:d6:06:7e:02:40:26:fb:d1:f2:11:74:6c:9f:
41:7e:d2:b4:80:4e:89:8f:2e:6d:10:6b:b9:0c:d7:37:ef:d4:
9e:63:81:89:fa:9e:80:b2:be:13:98:79:37:9f:ce:85:1a:85:
6f:bf:61:24:07:8b:de:3e:7b:6f:32:90:26:ed:89:26:a6:c2:
46:33:11:5c:ce:c0:23:b4:10:88:7d:ec:91:f4:ef:64:0e:8d:
3f:33:41:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIbyLP0wzlt5+v43LuY8anMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDFiMjU4NzQ5MGFkMDYxY2IyMDcxNzZiZGVlYzgxYTUz
MTU4OGMwHhcNMjQwMTAyMDQyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzlkYzg1MzAyZjQzODRjZGM2MGRkN2Q2ODBkMTQ1MmI3YTAzMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikAyj/qCs1HlBQgwjIGLlJoYIM0T
7CPyK/Agn+vZg8vqYCkgBtpKpbF8Xy/M/0Z6jynpn9t/ZjPV5/EgaZNMKWFDJ8AY
tK3C2sEQhTfdrAxK9plymLqQ+iIgAYvuzN3r0oq3lePD4BKBc4/iJhCoF6hTCBcZ
9jumOTBt0gybXd1HG62lHsY/T4N+SYBkLVJJi7IxH5fhsWqjB/uvrDQgpgx5fa41
GxpSc6O8PgVEIdUEIiZ7gM0hmOat39Z2HuAENwa5ZpCdXnQFiyyUvlDnrCf9+iDw
Fx1DDI/3tr0AH0hZEIRdLXl05ogn2Tn9B4NXlKTO+oaw0TlApMS/CjbrKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLOdyFMC9DhM3GDdfWgNFFK3oDHGMB8GA1UdIwQY
MBaAFE3Rslh0kK0GHLIHF2ve7IGlMViMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUt
ZGI0NjNjNWZiMGI0LzEvczUzSVV3TDBPRXpjWU4xOWFBMFVVcmVnTWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8wMWQyYWYtMWYyMS00YjgwLWI2NjUtZGI0NjNjNWZiMGI0
LzEvVGRHeVdIU1FyUVljc2djWGE5N3NnYVV4V0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABRcUAwQB
UOcQAwQBUOeiMA0GCSqGSIb3DQEBCwUAA4IBAQCW7lL2wGGTthJ17S514V2ZveOj
aHnZPQGdnZz/Q1eKZLetY1OcI4IzusGvtJ8ZAMNP30yUnwC/RzLWtlfxiN5Jr15q
amQ2Jep3BBVqjdaizAEhhZF7TRfxYdO11NmT889mfnsYK6FeTPoIMSDZ06EbkWam
wUDUlgU7mqjUqFWr1bcn/5GRXksyIr5P47ykdKHjMYt5t8A5LxiROxXs4JKUoSXO
5Pwsl9YGfgJAJvvR8hF0bJ9BftK0gE6Jjy5tEGu5DNc379SeY4GJ+p6Asr4TmHk3
n86FGoVvv2EkB4vePntvMpAm7YkmpsJGMxFczsAjtBCIfeyR9O9kDo0/M0H/
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:50 2024 by rpki-client on console-ams.rpki-client.org