Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4759f9-7fdf-4916-a995-6970ecd9a610/1/N10tvbF_NVgDud9G_U8HdZWgLEs.roa
File: N10tvbF_NVgDud9G_U8HdZWgLEs.roa (raw, json)
Hash identifier: QQOdiDVY7MERy1uoIGMgoi7QHgGhQ8YrCaxyPxbFMik=
Subject key identifier: 37:5D:2D:BD:B1:7F:35:58:03:B9:DF:46:FD:4F:07:75:95:A0:2C:4B
Certificate issuer: /CN=052b864969e9680764899015e163ece77bb4cb76
Certificate serial: 018CC6B7E329E55DE8A7ACCF6781845D03F3
Authority key identifier: 05:2B:86:49:69:E9:68:07:64:89:90:15:E1:63:EC:E7:7B:B4:CB:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSuGSWnpaAdkiZAV4WPs53u0y3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4759f9-7fdf-4916-a995-6970ecd9a610/1/N10tvbF_NVgDud9G_U8HdZWgLEs.roa
Signing time: Mon 01 Jan 2024 20:29:49 +0000
ROA not before: Mon 01 Jan 2024 20:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61349
IP address blocks: 5.144.91.0/24 maxlen: 24
5.144.88.0/23 maxlen: 23
5.144.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/4759f9-7fdf-4916-a995-6970ecd9a610/1/BSuGSWnpaAdkiZAV4WPs53u0y3Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/4759f9-7fdf-4916-a995-6970ecd9a610/1/BSuGSWnpaAdkiZAV4WPs53u0y3Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/BSuGSWnpaAdkiZAV4WPs53u0y3Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:e3:29:e5:5d:e8:a7:ac:cf:67:81:84:5d:03:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=052b864969e9680764899015e163ece77bb4cb76
Validity
Not Before: Jan 1 20:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=375d2dbdb17f355803b9df46fd4f077595a02c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e4:67:30:07:af:04:57:42:73:00:6a:ec:77:
a8:e8:2f:2d:99:d7:14:5c:b9:8f:b1:4c:e0:3d:01:
a9:a3:bd:51:b2:30:5e:e8:f4:63:4c:f3:61:ff:9e:
a2:45:6b:8d:65:2a:80:69:65:6b:0a:7b:c8:32:3c:
24:94:0d:60:3c:6c:10:07:3d:cc:4d:b7:64:39:0a:
67:7b:f6:6d:3c:85:20:4e:7d:ee:b6:2c:7b:7a:22:
fa:a9:7e:b3:a2:9e:80:9a:11:f1:ae:ee:30:26:48:
45:94:a6:be:17:7d:30:ff:a9:76:4d:45:88:91:92:
45:f4:10:5e:c1:ff:30:d8:e4:84:e4:1c:74:df:72:
b9:fc:65:d1:82:c3:33:be:a5:94:4b:11:fc:8a:80:
f1:78:97:11:58:28:fa:c5:5c:5b:d9:eb:83:6d:fa:
1a:16:f4:46:7e:2f:a0:28:0d:6c:6e:2b:0e:a1:1c:
fd:31:b2:00:9c:d2:1d:f7:cc:0c:11:a9:4a:8a:14:
85:a9:74:28:83:ef:34:f3:e5:c7:88:1e:da:d9:0e:
82:14:7e:2d:fc:9c:08:cc:0d:09:a7:4b:9c:71:cb:
29:42:f2:85:01:ab:a0:a6:89:24:29:86:a1:56:72:
23:a6:df:67:16:38:1e:f0:2e:2b:08:4f:67:7e:9a:
92:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:5D:2D:BD:B1:7F:35:58:03:B9:DF:46:FD:4F:07:75:95:A0:2C:4B
X509v3 Authority Key Identifier:
keyid:05:2B:86:49:69:E9:68:07:64:89:90:15:E1:63:EC:E7:7B:B4:CB:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSuGSWnpaAdkiZAV4WPs53u0y3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4759f9-7fdf-4916-a995-6970ecd9a610/1/N10tvbF_NVgDud9G_U8HdZWgLEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4759f9-7fdf-4916-a995-6970ecd9a610/1/BSuGSWnpaAdkiZAV4WPs53u0y3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.88.0/23
5.144.91.0-5.144.92.255
Signature Algorithm: sha256WithRSAEncryption
19:35:79:a4:d2:5e:c6:5d:7c:5d:2b:7f:e6:f7:f2:c9:e7:f6:
76:8f:b0:b5:ad:02:52:41:fb:ae:2c:71:08:d4:1c:b7:02:23:
96:6b:24:70:1c:5f:76:bd:63:32:c3:6e:b0:15:80:d0:ed:c7:
ea:65:e1:b5:43:cd:4d:94:f0:b9:09:ea:13:02:38:4c:13:75:
f6:90:7b:a7:f1:93:5d:91:ef:81:4d:d9:8c:4f:eb:9b:c4:70:
b9:de:1e:a4:1f:d9:8d:2d:cd:21:f6:8a:21:a6:d7:62:57:fe:
f3:3f:55:ed:47:b5:5f:ae:ef:f9:7b:81:d3:56:38:83:42:dd:
84:25:d3:59:99:6a:35:b3:a7:97:5c:c4:b9:72:69:ba:2e:43:
ac:f5:44:58:c5:43:e9:b5:b3:61:44:70:34:9e:3e:07:3f:bb:
f4:41:a8:4c:14:82:c7:eb:40:4c:d3:45:d4:82:0b:11:31:f0:
4f:75:09:66:d9:9b:ab:bb:7c:63:6a:99:0c:b2:63:db:d6:1d:
43:e2:84:61:3a:82:bf:0e:bc:00:1b:d5:1d:11:d5:a9:c6:ed:
e0:a6:41:70:28:0a:4f:4e:50:b9:6f:e6:c5:6d:90:f3:81:4c:
34:5c:d6:2e:d5:e0:41:51:fd:40:06:75:98:cb:5f:9e:36:97:
bc:10:d3:12
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGt+Mp5V3op6zPZ4GEXQPzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MmI4NjQ5NjllOTY4MDc2NDg5OTAxNWUxNjNlY2U3N2Ji
NGNiNzYwHhcNMjQwMTAxMjAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzVkMmRiZGIxN2YzNTU4MDNiOWRmNDZmZDRmMDc3NTk1YTAyYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+RnMAevBFdCcwBq7Heo6C8tmdcU
XLmPsUzgPQGpo71RsjBe6PRjTPNh/56iRWuNZSqAaWVrCnvIMjwklA1gPGwQBz3M
TbdkOQpne/ZtPIUgTn3utix7eiL6qX6zop6AmhHxru4wJkhFlKa+F30w/6l2TUWI
kZJF9BBewf8w2OSE5Bx033K5/GXRgsMzvqWUSxH8ioDxeJcRWCj6xVxb2euDbfoa
FvRGfi+gKA1sbisOoRz9MbIAnNId98wMEalKihSFqXQog+808+XHiB7a2Q6CFH4t
/JwIzA0Jp0ucccspQvKFAaugpokkKYahVnIjpt9nFjge8C4rCE9nfpqSGQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDddLb2xfzVYA7nfRv1PB3WVoCxLMB8GA1UdIwQY
MBaAFAUrhklp6WgHZImQFeFj7Od7tMt2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlN1R1NXbnBhQWRraVpBVjRXUHM1M3UweTNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80NzU5ZjktN2ZkZi00OTE2LWE5OTUt
Njk3MGVjZDlhNjEwLzEvTjEwdHZiRl9OVmdEdWQ5R19VOEhkWldnTEVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80NzU5ZjktN2ZkZi00OTE2LWE5OTUtNjk3MGVjZDlhNjEw
LzEvQlN1R1NXbnBhQWRraVpBVjRXUHM1M3UweTNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBBZBYMAwD
BAAFkFsDBAAFkFwwDQYJKoZIhvcNAQELBQADggEBABk1eaTSXsZdfF0rf+b38snn
9naPsLWtAlJB+64scQjUHLcCI5ZrJHAcX3a9YzLDbrAVgNDtx+pl4bVDzU2U8LkJ
6hMCOEwTdfaQe6fxk12R74FN2YxP65vEcLneHqQf2Y0tzSH2iiGm12JX/vM/Ve1H
tV+u7/l7gdNWOINC3YQl01mZajWzp5dcxLlyabouQ6z1RFjFQ+m1s2FEcDSePgc/
u/RBqEwUgsfrQEzTRdSCCxEx8E91CWbZm6u7fGNqmQyyY9vWHUPihGE6gr8OvAAb
1R0R1anG7eCmQXAoCk9OULlv5sVtkPOBTDRc1i7V4EFR/UAGdZjLX542l7wQ0xI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:17 2024 by rpki-client on console-ams.rpki-client.org