Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/R5KOY29DdSWWGivwR8vWBooeapo.roa
File: R5KOY29DdSWWGivwR8vWBooeapo.roa (raw, json)
Hash identifier: 80ziZYwmzZEsEk7rOFz8nB9lUsavIEnNHpglc6Q6GFE=
Subject key identifier: 47:92:8E:63:6F:43:75:25:96:1A:2B:F0:47:CB:D6:06:8A:1E:6A:9A
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492DB7506F7053373868631F01E6F85
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/R5KOY29DdSWWGivwR8vWBooeapo.roa
Signing time: Mon 01 Jan 2024 10:30:07 +0000
ROA not before: Mon 01 Jan 2024 10:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51541
IP address blocks: 5.160.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:db:75:06:f7:05:33:73:86:86:31:f0:1e:6f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47928e636f437525961a2bf047cbd6068a1e6a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:26:cb:c5:b2:61:0e:05:eb:bd:50:07:aa:9d:
60:1d:f1:93:8d:0c:00:f6:e8:74:80:d0:90:e0:92:
1c:4c:89:32:0d:41:5d:74:08:37:f7:85:79:be:b4:
63:bc:9c:73:a8:bd:1f:20:3b:de:21:13:1b:73:38:
86:24:11:9d:48:80:dc:e2:13:80:b3:ac:81:07:d6:
b4:08:c2:6d:2c:28:fc:c6:4b:3f:6d:f7:23:8c:2e:
26:55:a4:2a:fb:25:41:05:64:e4:06:f1:74:b2:9a:
65:b2:32:31:8b:96:c8:c5:61:91:e5:58:0a:58:df:
db:2b:f9:c3:f2:d1:52:31:0e:ff:78:69:ed:5a:ef:
4d:78:de:e8:cf:7e:81:5d:12:04:5e:90:6e:cd:fe:
7e:6b:3d:33:00:92:90:6f:75:fa:ed:3a:e1:00:79:
f1:d8:9f:02:0a:6f:a5:ac:33:5e:a0:03:98:86:15:
43:2c:cd:f5:d0:8a:89:e9:6a:d1:fe:d3:6a:1b:2e:
cb:46:63:d0:7f:f7:1b:23:68:69:e8:16:76:bf:c3:
2d:97:ed:3f:fd:f7:e2:73:2d:96:77:96:60:d1:32:
e6:5b:b1:8e:bc:0d:b0:de:b9:0c:c2:64:3e:32:64:
05:b1:6b:b0:2d:72:1d:a3:ea:66:58:84:97:11:db:
4c:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:92:8E:63:6F:43:75:25:96:1A:2B:F0:47:CB:D6:06:8A:1E:6A:9A
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/R5KOY29DdSWWGivwR8vWBooeapo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.152.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:34:0e:fa:d0:e1:17:41:3b:76:12:1c:8c:fa:5d:a4:4d:21:
cb:f5:43:73:d6:fd:51:cd:dd:82:f5:76:c6:b5:50:ee:e7:15:
2b:ef:0c:c1:a9:63:34:ba:1f:77:c3:c9:b6:67:ea:f3:82:31:
3d:9c:d8:7a:8a:83:f5:02:fa:e6:e4:77:12:5a:3e:d5:9e:bd:
09:65:a2:ca:5f:c6:cd:34:75:b3:4a:ad:66:ee:33:d3:b4:ee:
1c:f5:29:29:20:cb:a0:53:de:9a:b9:de:3b:54:a3:25:38:f3:
66:c5:9a:9c:35:8f:48:62:46:2d:a5:0f:3b:f8:b7:1a:8c:75:
21:c5:b1:d9:10:82:5a:f8:a7:5e:eb:99:67:ef:23:e9:d7:d2:
03:06:d1:36:86:90:4c:b4:16:78:93:0c:1b:0a:77:5f:53:fe:
fa:5d:ee:b4:88:c7:3b:d9:d7:3b:50:71:b0:98:5b:c2:ac:91:
cf:e5:3a:65:22:ab:8a:e7:7d:0f:e5:75:86:5c:d9:ba:5d:5b:
39:df:3d:2b:90:4b:1c:dc:0c:d1:fe:77:6d:6e:f4:78:26:ef:
27:64:21:3f:52:d6:b6:cd:29:79:a0:5e:f9:10:22:f0:34:83:
8e:24:32:10:a8:40:05:32:b7:fe:37:ea:aa:98:a3:db:8b:8d:
53:bc:23:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEktt1BvcFM3OGhjHwHm+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzkyOGU2MzZmNDM3NTI1OTYxYTJiZjA0N2NiZDYwNjhhMWU2YTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SbLxbJhDgXrvVAHqp1gHfGTjQwA
9uh0gNCQ4JIcTIkyDUFddAg394V5vrRjvJxzqL0fIDveIRMbcziGJBGdSIDc4hOA
s6yBB9a0CMJtLCj8xks/bfcjjC4mVaQq+yVBBWTkBvF0spplsjIxi5bIxWGR5VgK
WN/bK/nD8tFSMQ7/eGntWu9NeN7oz36BXRIEXpBuzf5+az0zAJKQb3X67TrhAHnx
2J8CCm+lrDNeoAOYhhVDLM310IqJ6WrR/tNqGy7LRmPQf/cbI2hp6BZ2v8Mtl+0/
/fficy2Wd5Zg0TLmW7GOvA2w3rkMwmQ+MmQFsWuwLXIdo+pmWISXEdtM8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeSjmNvQ3Ullhor8EfL1gaKHmqaMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvUjVLT1kyOURkU1dXR2l2d1I4dldCb29lYXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaCYMA0G
CSqGSIb3DQEBCwUAA4IBAQCcNA760OEXQTt2EhyM+l2kTSHL9UNz1v1Rzd2C9XbG
tVDu5xUr7wzBqWM0uh93w8m2Z+rzgjE9nNh6ioP1Avrm5HcSWj7Vnr0JZaLKX8bN
NHWzSq1m7jPTtO4c9SkpIMugU96aud47VKMlOPNmxZqcNY9IYkYtpQ87+LcajHUh
xbHZEIJa+Kde65ln7yPp19IDBtE2hpBMtBZ4kwwbCndfU/76Xe60iMc72dc7UHGw
mFvCrJHP5TplIquK530P5XWGXNm6XVs53z0rkEsc3AzR/ndtbvR4Ju8nZCE/Uta2
zSl5oF75ECLwNIOOJDIQqEAFMrf+N+qqmKPbi41TvCNZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:25 2024 by rpki-client on console-ams.rpki-client.org