Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/murjWeK1FLRE-PVmGgc2Ed0jGeA.roa
File: murjWeK1FLRE-PVmGgc2Ed0jGeA.roa (raw, json)
Hash identifier: frKeiVu46Q1B9r0Bf6mgYA/+NbO1oICJpx9XYbkKO3M=
Subject key identifier: 9A:EA:E3:59:E2:B5:14:B4:44:F8:F5:66:1A:07:36:11:DD:23:19:E0
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492D578B63DDDD2AA678FD11C178EF3
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/murjWeK1FLRE-PVmGgc2Ed0jGeA.roa
Signing time: Mon 01 Jan 2024 10:30:06 +0000
ROA not before: Mon 01 Jan 2024 10:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47990
IP address blocks: 5.160.196.0/23 maxlen: 23
5.160.240.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:d5:78:b6:3d:dd:d2:aa:67:8f:d1:1c:17:8e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9aeae359e2b514b444f8f5661a073611dd2319e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f9:cd:a7:74:ba:7d:ed:32:0b:43:0a:c4:2d:
e8:ba:cb:9e:3c:07:40:a3:80:ab:4d:7e:f8:06:15:
ff:90:1d:9f:bf:09:e7:6c:bb:72:2c:e2:52:33:1f:
09:30:70:cb:fb:79:13:20:50:be:7c:ca:04:67:18:
fa:b9:e4:32:f8:ac:34:a5:78:b7:a7:b9:c6:d3:ec:
f8:fd:7d:fb:27:f1:2b:ef:fd:e8:e6:26:7a:61:24:
e4:d4:2e:b3:3f:e4:16:13:6d:f9:17:a4:30:73:ac:
5e:d9:8a:f4:ea:95:57:35:0a:21:28:a9:1a:e8:53:
12:b6:6d:eb:06:5f:27:d6:ad:e3:c8:3f:07:b7:f5:
73:4b:e0:fd:ea:91:fb:fd:86:d4:56:5e:4d:d3:fa:
b6:24:53:da:78:e8:06:6e:48:dd:c8:84:2a:a5:d1:
23:51:72:3a:f6:ec:ef:fe:55:4c:69:ff:1b:c4:28:
db:77:9d:f7:09:82:fa:85:5c:62:95:ca:ba:01:31:
df:31:b8:a2:2f:5f:ce:25:60:ec:dc:b2:8b:d5:25:
2a:9e:6b:df:7f:de:17:4b:20:17:ba:9a:66:6a:ef:
06:90:96:c8:0f:36:21:2c:3e:72:49:f2:c9:21:dc:
47:8e:fd:6b:3f:2a:0f:a6:e0:76:42:39:e4:f5:f3:
b3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EA:E3:59:E2:B5:14:B4:44:F8:F5:66:1A:07:36:11:DD:23:19:E0
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/murjWeK1FLRE-PVmGgc2Ed0jGeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.196.0/23
5.160.240.0/23
Signature Algorithm: sha256WithRSAEncryption
33:b9:83:66:b4:b3:e8:d3:55:fc:10:76:61:2a:5a:0a:b6:46:
af:37:30:ea:3a:06:5f:9d:54:cf:fe:40:25:17:9e:ed:16:fc:
f9:b9:25:41:b8:39:52:38:26:e4:de:99:75:8e:cf:47:86:d1:
5a:69:a8:7e:83:60:0e:24:d9:f5:cd:94:44:43:8f:39:2b:d5:
48:ba:7e:3a:8e:da:f3:8f:85:a4:05:a3:90:c8:15:c2:9b:46:
72:69:6b:34:4b:7a:05:62:51:31:86:31:f0:f0:0c:b3:16:9c:
f3:0a:7d:b0:44:80:42:9a:60:2b:c0:56:f4:66:68:21:b0:e3:
3f:36:f4:3a:b9:4f:ed:b2:6a:34:2b:00:84:35:83:3d:e2:c0:
e4:97:22:b4:54:78:77:92:86:ac:21:ca:26:a6:a7:04:d5:0c:
78:e0:d2:3f:77:35:7b:a7:da:6d:9b:cb:74:05:af:9d:92:8f:
6f:12:9b:ac:e7:37:33:51:a4:0d:a7:f4:56:1b:ab:06:33:e5:
3c:46:f6:08:81:a6:9a:2c:be:3e:c9:96:fe:e2:40:96:80:f1:
c3:a8:9b:b5:2e:b5:6c:8e:26:cb:fd:54:4d:7f:62:dc:98:b0:
3e:f6:bc:9d:8b:91:f7:bd:e8:4e:65:de:bc:34:07:c2:c5:a2:
03:dd:9b:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEktV4tj3d0qpnj9EcF47zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWVhZTM1OWUyYjUxNGI0NDRmOGY1NjYxYTA3MzYxMWRkMjMxOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPnNp3S6fe0yC0MKxC3ousuePAdA
o4CrTX74BhX/kB2fvwnnbLtyLOJSMx8JMHDL+3kTIFC+fMoEZxj6ueQy+Kw0pXi3
p7nG0+z4/X37J/Er7/3o5iZ6YSTk1C6zP+QWE235F6Qwc6xe2Yr06pVXNQohKKka
6FMStm3rBl8n1q3jyD8Ht/VzS+D96pH7/YbUVl5N0/q2JFPaeOgGbkjdyIQqpdEj
UXI69uzv/lVMaf8bxCjbd533CYL6hVxilcq6ATHfMbiiL1/OJWDs3LKL1SUqnmvf
f94XSyAXuppmau8GkJbIDzYhLD5ySfLJIdxHjv1rPyoPpuB2Qjnk9fOzowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJrq41nitRS0RPj1ZhoHNhHdIxngMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvbXVyaldlSzFGTFJFLVBWbUdnYzJFZDBqR2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBaDEAwQB
BaDwMA0GCSqGSIb3DQEBCwUAA4IBAQAzuYNmtLPo01X8EHZhKloKtkavNzDqOgZf
nVTP/kAlF57tFvz5uSVBuDlSOCbk3pl1js9HhtFaaah+g2AOJNn1zZREQ485K9VI
un46jtrzj4WkBaOQyBXCm0ZyaWs0S3oFYlExhjHw8AyzFpzzCn2wRIBCmmArwFb0
ZmghsOM/NvQ6uU/tsmo0KwCENYM94sDklyK0VHh3koasIcompqcE1Qx44NI/dzV7
p9ptm8t0Ba+dko9vEpus5zczUaQNp/RWG6sGM+U8RvYIgaaaLL4+yZb+4kCWgPHD
qJu1LrVsjibL/VRNf2LcmLA+9rydi5H3vehOZd68NAfCxaID3Ztj
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:25 2024 by rpki-client on console-ams.rpki-client.org