Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/1-CAHj82r7nK4Czz8VRkLL2BKpAk.roa
File: 1-CAHj82r7nK4Czz8VRkLL2BKpAk.roa (raw, json)
Hash identifier: ZcSXjc6wSkgkbcj86NyonKcu8GMs5bK04QGIh4ewHHc=
Subject key identifier: F8:20:07:8F:CD:AB:EE:72:B8:0B:3C:FC:55:19:0B:2F:60:4A:A4:09
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0191B39E9EE456BF15783CD22FF5B1C4DBFC
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/1-CAHj82r7nK4Czz8VRkLL2BKpAk.roa
Signing time: Mon 02 Sep 2024 16:43:22 +0000
ROA not before: Mon 02 Sep 2024 16:43:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214304
IP address blocks: 5.144.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:9e:9e:e4:56:bf:15:78:3c:d2:2f:f5:b1:c4:db:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Sep 2 16:43:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f820078fcdabee72b80b3cfc55190b2f604aa409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cd:7c:a2:b2:f6:bd:03:6d:bf:db:f4:ae:2a:
fe:5c:1e:01:84:d5:0e:c0:8d:2f:f7:93:cb:fb:bb:
a6:fa:49:35:40:db:1c:60:99:56:79:21:34:67:dc:
f6:07:f3:49:b1:7a:a1:5d:91:29:d2:ad:c8:6c:d8:
d1:8c:d9:32:f7:b8:9a:ff:61:89:61:64:72:1b:22:
c6:c8:98:7f:23:0d:ae:b6:78:f4:dd:0b:fc:a9:90:
52:93:1a:bc:90:7d:4a:10:3d:1f:92:fe:bb:49:c6:
1a:26:45:62:86:bb:a4:fd:c4:b2:94:9b:a8:09:c9:
de:6e:23:45:c6:72:5f:30:d5:c0:80:fc:f2:ec:d6:
2f:da:cd:9a:2d:08:50:33:3a:03:ac:77:eb:da:f7:
6f:e5:87:3f:75:3e:c9:54:51:07:fb:75:73:5d:4f:
e0:45:1f:ce:58:ad:1e:b5:46:ef:44:2a:00:f0:ec:
2a:39:5b:d7:f7:69:0e:5e:79:ab:de:4a:23:5e:2e:
29:7e:a8:95:34:1c:ac:21:04:e3:b5:3a:86:6b:01:
90:4a:80:78:15:61:6d:36:35:77:b3:5a:22:4e:63:
60:3f:98:b9:10:35:82:82:89:19:54:9f:e8:53:b1:
9e:36:05:92:62:26:0a:5a:e1:f0:b2:52:a2:cd:9e:
dd:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:20:07:8F:CD:AB:EE:72:B8:0B:3C:FC:55:19:0B:2F:60:4A:A4:09
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/1-CAHj82r7nK4Czz8VRkLL2BKpAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.177.0/24
Signature Algorithm: sha256WithRSAEncryption
49:c5:17:42:52:25:f0:3f:db:9b:a2:9b:9f:67:c8:35:ea:5b:
e0:42:65:2d:fe:e3:c3:79:61:f7:ec:06:fd:c0:94:a1:d6:ec:
66:29:61:d1:7a:1d:d2:1e:78:c0:8d:00:4c:31:7b:df:83:fb:
c9:4c:04:7e:0a:55:9a:37:1d:8b:de:19:9c:0e:2d:9c:f2:3e:
90:c3:99:13:fb:34:6c:6e:0e:e7:b4:3d:66:9c:31:9b:a4:15:
6f:32:dc:d7:0c:99:f4:0e:4d:3f:a6:02:8d:22:4b:74:6e:c7:
ba:00:b5:6e:cd:68:13:52:35:a2:06:20:dc:b7:db:a5:56:40:
1e:9d:80:f4:92:54:60:56:0d:55:1f:a1:88:da:1e:a1:98:f0:
0f:e2:c1:ae:72:f2:36:22:33:3d:48:3b:75:67:40:b2:06:63:
ca:54:4d:86:19:ad:1b:19:8e:89:8f:0e:7f:f9:87:d7:e4:eb:
1b:d7:03:e6:94:e0:87:a1:5c:df:83:02:bd:14:41:8b:40:1c:
8a:e6:57:4e:17:cb:2f:af:cc:08:f3:25:e4:ce:e0:07:ec:32:
cb:a7:81:81:43:0f:87:56:06:c9:20:a5:a7:23:9c:1c:c8:02:
db:d3:78:32:32:37:ef:d6:91:57:9c:7b:f0:aa:3c:d1:a7:ab:
c5:89:1e:af
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZGznp7kVr8VeDzSL/WxxNv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwOTAyMTY0MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODIwMDc4ZmNkYWJlZTcyYjgwYjNjZmM1NTE5MGIyZjYwNGFhNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwc18orL2vQNtv9v0rir+XB4BhNUO
wI0v95PL+7um+kk1QNscYJlWeSE0Z9z2B/NJsXqhXZEp0q3IbNjRjNky97ia/2GJ
YWRyGyLGyJh/Iw2utnj03Qv8qZBSkxq8kH1KED0fkv67ScYaJkVihruk/cSylJuo
CcnebiNFxnJfMNXAgPzy7NYv2s2aLQhQMzoDrHfr2vdv5Yc/dT7JVFEH+3VzXU/g
RR/OWK0etUbvRCoA8OwqOVvX92kOXnmr3kojXi4pfqiVNBysIQTjtTqGawGQSoB4
FWFtNjV3s1oiTmNgP5i5EDWCgokZVJ/oU7GeNgWSYiYKWuHwslKizZ7d7QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPggB4/Nq+5yuAs8/FUZCy9gSqQJMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvMS1DQUhqODJyN25LNEN6ejhWUmtMTDJCS3BBay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvODlmMDcxLTU2MzEtNDVkYi1hN2U1LWNkNjE1MjI2MWM2
Zi8xL0V4aUJjeW8tSkZxVm04WjU0RVdNT2ZpVDVHcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAWQsTAN
BgkqhkiG9w0BAQsFAAOCAQEAScUXQlIl8D/bm6Kbn2fINepb4EJlLf7jw3lh9+wG
/cCUodbsZilh0Xod0h54wI0ATDF734P7yUwEfgpVmjcdi94ZnA4tnPI+kMOZE/s0
bG4O57Q9Zpwxm6QVbzLc1wyZ9A5NP6YCjSJLdG7HugC1bs1oE1I1ogYg3LfbpVZA
Hp2A9JJUYFYNVR+hiNoeoZjwD+LBrnLyNiIzPUg7dWdAsgZjylRNhhmtGxmOiY8O
f/mH1+TrG9cD5pTgh6Fc34MCvRRBi0AciuZXThfLL6/MCPMl5M7gB+wyy6eBgUMP
h1YGySClpyOcHMgC29N4MjI379aRV5x78Ko80aerxYkerw==
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:45:49 2024 by rpki-client on console-ams.rpki-client.org