Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/WuQAjzCZIiB0lKL66YANoGVgeBo.roa
File: WuQAjzCZIiB0lKL66YANoGVgeBo.roa (raw, json)
Hash identifier: z/ASm9AGSOouH/JhpHZIp1uP/jSlFymFRQngD8Oqcuc=
Subject key identifier: 5A:E4:00:8F:30:99:22:20:74:94:A2:FA:E9:80:0D:A0:65:60:78:1A
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 0191B689B184F5218617C47B50A59D205D6E
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/WuQAjzCZIiB0lKL66YANoGVgeBo.roa
Signing time: Tue 03 Sep 2024 06:19:22 +0000
ROA not before: Tue 03 Sep 2024 06:19:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35043
IP address blocks: 5.160.248.0/21 maxlen: 22
5.160.248.0/22 maxlen: 22
5.160.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:89:b1:84:f5:21:86:17:c4:7b:50:a5:9d:20:5d:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Sep 3 06:19:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ae4008f309922207494a2fae9800da06560781a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:84:63:6f:ea:34:10:c0:4c:50:45:12:37:62:
e6:b1:b5:f1:7d:22:a7:95:d5:3a:1d:d7:d9:e4:64:
3b:21:de:d0:82:68:89:c9:85:2d:f6:43:36:79:69:
e1:22:25:c4:67:51:37:bf:71:cc:2b:cf:a8:1a:8d:
26:ff:5a:7c:c8:4f:77:47:c1:c9:c4:bf:29:90:e9:
49:df:74:af:b6:90:a2:e5:60:fd:fd:32:fc:02:5b:
15:b6:fa:7d:c2:c2:19:57:4b:2d:02:9d:bb:9a:15:
2b:cc:09:4f:f8:15:05:a2:fb:5e:3d:53:d1:ee:25:
59:bf:0a:e3:48:1f:3b:d8:35:a8:41:f6:f3:a7:b5:
1e:86:1c:64:38:46:5c:42:3a:e4:d0:40:d1:6f:f3:
4e:a9:cc:85:03:fe:f7:72:dc:cc:26:41:09:ac:81:
68:2d:21:6c:1d:c4:c3:d1:53:32:be:4f:5d:a1:ac:
5f:74:76:92:b4:cc:34:6e:c1:81:1e:5f:36:5a:99:
7e:08:5f:24:21:dc:12:dd:28:6e:2f:2a:31:60:7f:
f1:89:2c:24:9b:e8:8a:d9:54:1d:c6:79:cc:8f:58:
d0:71:f3:16:40:af:57:80:68:8f:c1:19:7d:08:ca:
d4:d1:5b:cd:e9:b3:60:6f:c6:7c:70:70:21:fd:89:
d7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:E4:00:8F:30:99:22:20:74:94:A2:FA:E9:80:0D:A0:65:60:78:1A
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/WuQAjzCZIiB0lKL66YANoGVgeBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.248.0/21
Signature Algorithm: sha256WithRSAEncryption
88:2c:f3:5f:33:87:a8:7a:45:ed:ba:85:15:af:e3:e8:21:e3:
55:37:67:22:22:5f:d3:65:e1:18:60:b2:c8:61:c2:78:8e:35:
05:ed:98:9e:c8:01:72:c2:f6:b4:1a:22:a8:ef:51:48:d2:63:
d7:59:fd:ee:5b:7b:da:0c:0e:62:2d:6a:1b:ac:f0:4d:26:bf:
7c:3b:74:6a:aa:59:89:9d:d7:df:38:5c:52:86:bb:6b:40:1f:
b4:f3:c2:a8:e9:aa:f2:dc:81:b1:dd:27:1b:08:d3:a3:2a:bb:
ff:3d:0d:bb:67:c4:cf:3d:6a:77:90:6e:10:2a:9f:a8:56:0e:
04:e1:3a:ed:98:5f:78:98:d2:bf:53:50:0a:70:0b:c5:69:8b:
4e:da:9b:c3:d1:10:95:7d:90:f9:f2:6d:85:4f:05:49:17:f8:
19:d4:51:e7:39:42:8e:eb:a5:05:00:be:d9:e6:ec:79:a0:6e:
ff:fc:0a:6e:7f:08:85:0d:89:61:ee:68:56:86:f8:e3:d3:29:
e8:5a:73:9f:5c:0a:a4:ed:4a:0d:72:4a:59:44:7c:c7:41:bf:
97:9e:59:b2:2a:95:5f:22:f1:2e:cd:ed:ff:a0:5b:b8:e6:c6:
e4:01:f4:8c:53:c6:35:02:2d:d0:cd:4d:cd:b2:ae:67:38:ac:
fd:2c:cd:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZG2ibGE9SGGF8R7UKWdIF1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwOTAzMDYxOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWU0MDA4ZjMwOTkyMjIwNzQ5NGEyZmFlOTgwMGRhMDY1NjA3ODFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoRjb+o0EMBMUEUSN2LmsbXxfSKn
ldU6HdfZ5GQ7Id7QgmiJyYUt9kM2eWnhIiXEZ1E3v3HMK8+oGo0m/1p8yE93R8HJ
xL8pkOlJ33SvtpCi5WD9/TL8AlsVtvp9wsIZV0stAp27mhUrzAlP+BUFovtePVPR
7iVZvwrjSB872DWoQfbzp7UehhxkOEZcQjrk0EDRb/NOqcyFA/73ctzMJkEJrIFo
LSFsHcTD0VMyvk9doaxfdHaStMw0bsGBHl82Wpl+CF8kIdwS3ShuLyoxYH/xiSwk
m+iK2VQdxnnMj1jQcfMWQK9XgGiPwRl9CMrU0VvN6bNgb8Z8cHAh/YnXLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFrkAI8wmSIgdJSi+umADaBlYHgaMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvV3VRQWp6Q1pJaUIwbEtMNjZZQU5vR1ZnZUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBaD4MA0G
CSqGSIb3DQEBCwUAA4IBAQCILPNfM4eoekXtuoUVr+PoIeNVN2ciIl/TZeEYYLLI
YcJ4jjUF7ZieyAFywva0GiKo71FI0mPXWf3uW3vaDA5iLWobrPBNJr98O3RqqlmJ
ndffOFxShrtrQB+088Ko6ary3IGx3ScbCNOjKrv/PQ27Z8TPPWp3kG4QKp+oVg4E
4TrtmF94mNK/U1AKcAvFaYtO2pvD0RCVfZD58m2FTwVJF/gZ1FHnOUKO66UFAL7Z
5ux5oG7//ApufwiFDYlh7mhWhvjj0ynoWnOfXAqk7UoNckpZRHzHQb+XnlmyKpVf
IvEuze3/oFu45sbkAfSMU8Y1Ai3QzU3Nsq5nOKz9LM1W
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:22 2024 by rpki-client on console-fra.rpki-client.org