Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/O9PyFQY357MYKoN6TeWd4H_tknE.roa
File: O9PyFQY357MYKoN6TeWd4H_tknE.roa (raw, json)
Hash identifier: lNgD8ZfeLHm/MICk6kKQ40hNQiiJ0+3axSrox79BNsk=
Subject key identifier: 3B:D3:F2:15:06:37:E7:B3:18:2A:83:7A:4D:E5:9D:E0:7F:ED:92:71
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492E14BAFE0CC3A1FC35AE54596F1D2
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/O9PyFQY357MYKoN6TeWd4H_tknE.roa
Signing time: Mon 01 Jan 2024 10:30:09 +0000
ROA not before: Mon 01 Jan 2024 10:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62039
IP address blocks: 5.160.204.0/23 maxlen: 24
5.160.206.0/23 maxlen: 24
5.160.205.0/24 maxlen: 24
5.160.204.0/22 maxlen: 24
5.160.204.0/24 maxlen: 24
5.160.206.0/24 maxlen: 24
5.160.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e1:4b:af:e0:cc:3a:1f:c3:5a:e5:45:96:f1:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bd3f2150637e7b3182a837a4de59de07fed9271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ad:e9:2e:d4:91:29:63:9e:fa:3f:d4:04:e5:
04:cc:bf:6d:ce:1f:05:f2:0c:71:82:67:41:79:ee:
35:64:2a:ed:d4:6b:0b:ba:a5:37:b7:95:f9:b7:cf:
5e:85:98:6d:05:0e:aa:a0:e8:56:51:7d:14:0e:aa:
68:25:86:84:73:39:fb:79:d7:8a:18:64:a1:4e:21:
e8:54:f4:c5:b4:04:c9:07:df:3a:e5:c7:41:44:50:
1e:80:9a:c3:b8:01:fc:41:3d:eb:f6:e7:23:82:e0:
f3:38:7d:e1:2b:94:ec:5e:ac:4c:1e:84:a7:56:64:
ae:f0:72:40:ce:2c:e1:2c:e7:8a:37:e4:db:8f:db:
ea:5e:88:c7:0f:0d:43:26:b3:91:2d:95:74:bd:1a:
c5:3a:7f:05:20:81:c5:5a:83:c6:d8:6b:29:f2:ac:
35:0e:3e:57:07:6a:a2:85:6d:4f:88:f0:96:ea:26:
91:08:8f:eb:ef:b0:b1:1c:49:13:29:27:e1:db:21:
7e:1f:7f:9f:94:78:10:90:38:a0:46:97:00:d0:24:
15:f2:4d:de:da:63:3d:ab:a4:ea:fb:fb:09:f6:c2:
c4:b0:30:c7:20:c0:f3:90:ed:9d:a4:8e:db:ae:86:
9c:92:02:80:ee:6d:74:d8:dc:d4:68:ee:d1:1d:c6:
41:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D3:F2:15:06:37:E7:B3:18:2A:83:7A:4D:E5:9D:E0:7F:ED:92:71
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/O9PyFQY357MYKoN6TeWd4H_tknE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.204.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:f9:28:0e:68:42:02:d7:6c:85:db:10:27:a6:2d:55:37:5b:
45:a9:09:bf:17:65:10:b8:25:ad:0c:04:6e:04:3b:09:73:f2:
c2:bd:44:09:7c:cc:7e:96:00:79:82:5b:c2:c4:51:66:1a:25:
e5:0c:0e:8f:00:9c:75:40:95:61:24:db:40:a1:c6:2e:34:98:
3c:61:5f:2f:8b:c6:b8:93:2a:7a:d4:4a:6e:a3:c3:fb:b1:13:
fe:18:61:2d:89:00:a2:74:32:2e:97:fb:80:43:dc:c7:bb:ce:
fb:e2:28:d9:08:3c:e8:50:18:08:2d:c4:9b:71:96:70:5a:72:
f9:a8:8d:76:f8:89:0f:44:55:f0:ad:53:ec:96:80:1a:e8:7c:
1c:4b:39:c1:60:b3:89:a6:50:f1:2a:dd:14:04:27:97:f9:76:
9d:e1:cc:6e:76:d4:1d:c8:67:c1:84:e2:3a:6b:25:ed:ef:00:
31:18:99:2f:fa:ec:fc:ce:2d:39:df:bf:9d:e8:ee:47:8e:bf:
04:10:9b:49:39:a4:73:59:cd:c0:ec:fc:7c:6a:7d:65:34:d3:
ef:ad:58:d7:fd:2f:45:23:16:59:de:bb:b3:18:06:49:77:7c:
1c:9d:71:1a:d9:f1:b6:7a:05:9e:8f:dc:6c:d8:8b:02:5c:60:
b9:6c:62:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkuFLr+DMOh/DWuVFlvHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQzZjIxNTA2MzdlN2IzMTgyYTgzN2E0ZGU1OWRlMDdmZWQ5MjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta3pLtSRKWOe+j/UBOUEzL9tzh8F
8gxxgmdBee41ZCrt1GsLuqU3t5X5t89ehZhtBQ6qoOhWUX0UDqpoJYaEczn7edeK
GGShTiHoVPTFtATJB9865cdBRFAegJrDuAH8QT3r9ucjguDzOH3hK5TsXqxMHoSn
VmSu8HJAzizhLOeKN+Tbj9vqXojHDw1DJrORLZV0vRrFOn8FIIHFWoPG2Gsp8qw1
Dj5XB2qihW1PiPCW6iaRCI/r77CxHEkTKSfh2yF+H3+flHgQkDigRpcA0CQV8k3e
2mM9q6Tq+/sJ9sLEsDDHIMDzkO2dpI7broackgKA7m102NzUaO7RHcZBUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvT8hUGN+ezGCqDek3lneB/7ZJxMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvTzlQeUZRWTM1N01ZS29ONlRlV2Q0SF90a25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBaDMMA0G
CSqGSIb3DQEBCwUAA4IBAQBc+SgOaEIC12yF2xAnpi1VN1tFqQm/F2UQuCWtDARu
BDsJc/LCvUQJfMx+lgB5glvCxFFmGiXlDA6PAJx1QJVhJNtAocYuNJg8YV8vi8a4
kyp61Epuo8P7sRP+GGEtiQCidDIul/uAQ9zHu8774ijZCDzoUBgILcSbcZZwWnL5
qI12+IkPRFXwrVPsloAa6HwcSznBYLOJplDxKt0UBCeX+Xad4cxudtQdyGfBhOI6
ayXt7wAxGJkv+uz8zi0537+d6O5Hjr8EEJtJOaRzWc3A7Px8an1lNNPvrVjX/S9F
IxZZ3ruzGAZJd3wcnXEa2fG2egWej9xs2IsCXGC5bGII
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:25 2024 by rpki-client on console-ams.rpki-client.org