Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/qa5WxBeXfG6ruf1hJR8V_gxOpD4.roa
File: qa5WxBeXfG6ruf1hJR8V_gxOpD4.roa (raw, json)
Hash identifier: 3nlltNGK2Kw9LNNEyZO42+gMbiKrLpJWwyfLhNC7iJI=
Subject key identifier: A9:AE:56:C4:17:97:7C:6E:AB:B9:FD:61:25:1F:15:FE:0C:4E:A4:3E
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 01934F192C64B5B9FC4056243DD4391C2AF0
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/qa5WxBeXfG6ruf1hJR8V_gxOpD4.roa
Signing time: Thu 21 Nov 2024 14:21:09 +0000
ROA not before: Thu 21 Nov 2024 14:21:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 5.144.181.0/24 maxlen: 24
5.144.182.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
185.5.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4f:19:2c:64:b5:b9:fc:40:56:24:3d:d4:39:1c:2a:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Nov 21 14:21:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9ae56c417977c6eabb9fd61251f15fe0c4ea43e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b3:2d:fb:56:03:d9:b9:6d:38:b7:8b:7f:f0:
2d:fd:a7:00:de:4d:be:48:d4:db:34:71:77:4c:da:
b2:0c:37:f7:77:00:fd:59:b2:1d:da:a5:cb:4a:99:
79:00:b5:e8:8c:c9:4e:8a:fa:98:63:2d:d3:e2:cc:
87:7f:0e:43:e2:d3:63:df:5b:f9:2b:7c:d7:4c:67:
44:fa:b7:db:df:8a:e8:be:eb:ef:8f:cf:49:f6:dc:
87:a4:1c:05:95:c5:99:85:0c:8f:1e:ac:79:cf:92:
dc:0a:be:59:12:d4:d4:30:3a:77:9c:8e:d0:c9:76:
43:76:2a:84:46:50:2d:b2:f4:b7:e1:82:ac:7f:e4:
dd:7e:4c:1e:48:7b:bb:e6:de:84:63:b2:49:20:41:
fa:0c:0e:29:9a:81:ae:00:8c:58:fe:c0:9f:03:b0:
1c:78:aa:17:ab:50:3a:e7:4a:43:a3:7f:45:84:b1:
44:c1:39:12:b8:00:17:2c:24:ea:06:cb:f1:0e:de:
ab:59:42:80:b4:96:7b:7d:16:e8:49:5e:17:5c:6f:
7d:f3:d0:f2:e4:74:4b:be:b4:4f:dc:ee:27:2d:bc:
47:dd:1e:2f:26:d2:73:34:eb:50:38:50:b8:5a:6c:
bd:ce:9d:f6:e9:27:4f:60:a9:61:ad:37:68:6a:c4:
b9:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:AE:56:C4:17:97:7C:6E:AB:B9:FD:61:25:1F:15:FE:0C:4E:A4:3E
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/qa5WxBeXfG6ruf1hJR8V_gxOpD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.181.0-5.144.182.255
5.178.106.0/24
185.5.39.0/24
Signature Algorithm: sha256WithRSAEncryption
11:4f:e5:f0:60:70:19:2a:e4:14:4a:45:97:a3:8b:93:20:b3:
7c:63:60:dc:9a:70:34:ab:b8:49:91:ca:73:48:eb:03:c9:8b:
ce:2d:ed:3f:ac:1e:26:cf:6b:52:c0:48:ca:76:07:b0:e5:48:
dc:51:fb:10:7f:0f:03:32:17:71:5a:67:d6:80:4f:58:8f:9c:
79:08:aa:08:bb:b6:5b:6d:59:5a:46:7a:37:ef:f0:ab:e8:5d:
ca:28:51:fd:cb:26:05:f0:87:1a:04:0a:e5:22:1d:4c:ff:02:
35:19:4d:3f:02:42:01:be:fa:0c:33:6d:a1:dc:1b:44:8f:99:
6c:43:22:ab:0b:77:cf:fe:b4:a8:5c:29:24:2c:c3:6b:b8:d3:
91:71:ba:dc:45:df:9f:be:40:49:e4:ec:3f:be:34:6a:77:3f:
35:67:dd:db:3f:53:3b:ee:b8:b4:e8:b2:41:73:4d:91:94:83:
c0:26:7a:92:19:77:c2:b2:cf:a6:ea:78:06:26:ae:6c:ec:99:
84:ce:96:b3:cf:a8:5d:c4:eb:91:a0:cd:a3:07:4c:63:69:78:
8b:fb:e5:3c:9a:7b:8a:c1:29:4b:8f:b5:77:15:ef:3b:71:84:
49:96:8f:dc:6a:9e:35:dd:21:89:46:48:c7:5f:7c:9b:df:91:
da:5a:11:54
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZNPGSxktbn8QFYkPdQ5HCrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQxMTIxMTQyMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWFlNTZjNDE3OTc3YzZlYWJiOWZkNjEyNTFmMTVmZTBjNGVhNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbMt+1YD2bltOLeLf/At/acA3k2+
SNTbNHF3TNqyDDf3dwD9WbId2qXLSpl5ALXojMlOivqYYy3T4syHfw5D4tNj31v5
K3zXTGdE+rfb34rovuvvj89J9tyHpBwFlcWZhQyPHqx5z5LcCr5ZEtTUMDp3nI7Q
yXZDdiqERlAtsvS34YKsf+TdfkweSHu75t6EY7JJIEH6DA4pmoGuAIxY/sCfA7Ac
eKoXq1A650pDo39FhLFEwTkSuAAXLCTqBsvxDt6rWUKAtJZ7fRboSV4XXG9989Dy
5HRLvrRP3O4nLbxH3R4vJtJzNOtQOFC4Wmy9zp326SdPYKlhrTdoasS5eQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKmuVsQXl3xuq7n9YSUfFf4MTqQ+MB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvcWE1V3hCZVhmRzZydWYxaEpSOFZfZ3hPcEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAFkLUD
BAAFkLYDBAAFsmoDBAC5BScwDQYJKoZIhvcNAQELBQADggEBABFP5fBgcBkq5BRK
RZeji5Mgs3xjYNyacDSruEmRynNI6wPJi84t7T+sHibPa1LASMp2B7DlSNxR+xB/
DwMyF3FaZ9aAT1iPnHkIqgi7tlttWVpGejfv8KvoXcooUf3LJgXwhxoECuUiHUz/
AjUZTT8CQgG++gwzbaHcG0SPmWxDIqsLd8/+tKhcKSQsw2u405FxutxF35++QEnk
7D++NGp3PzVn3ds/UzvuuLToskFzTZGUg8AmepIZd8Kyz6bqeAYmrmzsmYTOlrPP
qF3E65GgzaMHTGNpeIv75Tyae4rBKUuPtXcV7ztxhEmWj9xqnjXdIYlGSMdffJvf
kdpaEVQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:36:48 2024 by rpki-client on console-fra.rpki-client.org