Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/NLmE571muwKh1aAr-ZZw50qChK8.roa
File: NLmE571muwKh1aAr-ZZw50qChK8.roa (raw, json)
Hash identifier: T+e/8ywbs/dvRVugJtpPZzr0e9ZodgLu6rmEGH/a7K8=
Subject key identifier: 34:B9:84:E7:BD:66:BB:02:A1:D5:A0:2B:F9:96:70:E7:4A:82:84:AF
Certificate issuer: /CN=056006f2a1840900c753628121b3fb7ec5bd89e9
Certificate serial: 018CC726D467B364584D4E3F5430B72DE6E4
Authority key identifier: 05:60:06:F2:A1:84:09:00:C7:53:62:81:21:B3:FB:7E:C5:BD:89:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/NLmE571muwKh1aAr-ZZw50qChK8.roa
Signing time: Mon 01 Jan 2024 22:30:59 +0000
ROA not before: Mon 01 Jan 2024 22:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62005
IP address blocks: 5.42.221.0/24 maxlen: 24
45.129.0.0/24 maxlen: 24
2a12:c740:1::/48 maxlen: 48
2a12:c740::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/BWAG8qGECQDHU2KBIbP7fsW9iek.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/BWAG8qGECQDHU2KBIbP7fsW9iek.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:d4:67:b3:64:58:4d:4e:3f:54:30:b7:2d:e6:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056006f2a1840900c753628121b3fb7ec5bd89e9
Validity
Not Before: Jan 1 22:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34b984e7bd66bb02a1d5a02bf99670e74a8284af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ed:7c:c9:cd:e2:b3:92:86:7b:c2:c3:f7:53:
6c:36:40:da:c9:8b:5f:b9:39:b1:81:0d:2d:b1:79:
2c:f1:72:f7:f2:aa:2a:fe:90:8b:09:8e:39:ce:ba:
be:43:85:1c:2b:4e:76:8a:9c:97:66:92:50:b6:60:
81:08:b5:38:4e:cd:8a:76:2c:1f:b5:2f:45:67:63:
f0:38:62:46:73:a2:b2:0d:d4:ac:b3:24:6f:41:08:
c4:34:aa:db:c1:65:73:fb:3c:dd:84:6f:39:ea:35:
68:1a:b3:ea:94:fc:ea:e6:50:e8:28:75:11:71:18:
a1:5d:83:47:fa:7b:96:d2:a4:46:7f:87:07:36:ab:
69:2f:ba:d6:d4:0e:57:ab:38:75:fa:28:31:3a:59:
b8:80:4a:d9:95:78:92:65:16:f4:24:ec:f4:0a:54:
a8:01:1a:f6:8d:49:48:af:0a:ff:77:9b:f8:77:ca:
1b:14:f7:d7:9e:7f:3b:df:1d:a0:70:95:44:61:cb:
1f:e9:5a:7a:b1:1d:2a:e3:75:aa:6b:2f:fa:d1:e1:
5a:eb:da:b0:ae:ad:97:c5:aa:5b:b6:2e:0c:f2:ec:
7e:73:5b:fa:30:d6:4f:a3:08:3d:27:24:7d:18:7e:
1b:fe:52:60:d0:69:a4:65:06:8f:bd:26:a0:f7:23:
aa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:B9:84:E7:BD:66:BB:02:A1:D5:A0:2B:F9:96:70:E7:4A:82:84:AF
X509v3 Authority Key Identifier:
keyid:05:60:06:F2:A1:84:09:00:C7:53:62:81:21:B3:FB:7E:C5:BD:89:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/NLmE571muwKh1aAr-ZZw50qChK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/BWAG8qGECQDHU2KBIbP7fsW9iek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.221.0/24
45.129.0.0/24
IPv6:
2a12:c740::/47
Signature Algorithm: sha256WithRSAEncryption
1b:23:50:95:06:29:31:31:64:ea:82:4a:0e:9e:32:f9:53:17:
50:d8:fa:b9:f8:72:b4:e0:69:e9:3c:14:5d:4b:16:fd:42:e0:
36:18:2a:bd:92:fb:d2:68:33:75:f8:30:d2:99:bf:7e:d8:d3:
c2:31:d6:b9:d0:20:9e:0d:d9:ca:f3:99:16:67:e8:f4:c1:79:
de:4f:93:d9:20:a8:da:bb:e1:29:d6:a0:41:61:42:14:43:60:
59:1f:86:ee:0b:d1:89:a0:2e:8c:1c:a0:20:cc:9d:b2:3b:b0:
57:16:80:a8:e6:20:24:f0:d0:b3:a3:96:83:97:9b:52:93:f4:
f5:a2:49:5d:0d:ac:9d:94:91:bb:4f:a4:94:b0:e8:21:17:b6:
6a:6b:23:d3:51:9d:3a:54:b4:8b:1d:ca:cb:ae:eb:14:ec:1b:
1a:db:b1:c5:8c:82:b7:05:dd:f0:d2:00:b7:70:fb:42:4d:04:
3d:ce:9d:7c:e9:2d:fa:39:d8:03:a6:c5:78:fb:0a:b7:4d:91:
06:1f:b6:2e:8d:5d:2b:17:a0:02:d3:e3:f0:8e:b2:70:b6:13:
9e:7a:de:37:88:d9:60:3f:3e:44:9e:cd:ed:31:e7:9c:4f:37:
94:1d:5a:27:3a:90:9c:0c:4a:c9:fa:0e:86:f8:53:0d:9d:73:
6c:d1:89:80
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzHJtRns2RYTU4/VDC3LebkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjAwNmYyYTE4NDA5MDBjNzUzNjI4MTIxYjNmYjdlYzVi
ZDg5ZTkwHhcNMjQwMTAxMjIzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGI5ODRlN2JkNjZiYjAyYTFkNWEwMmJmOTk2NzBlNzRhODI4NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+18yc3is5KGe8LD91NsNkDayYtf
uTmxgQ0tsXks8XL38qoq/pCLCY45zrq+Q4UcK052ipyXZpJQtmCBCLU4Ts2Kdiwf
tS9FZ2PwOGJGc6KyDdSssyRvQQjENKrbwWVz+zzdhG856jVoGrPqlPzq5lDoKHUR
cRihXYNH+nuW0qRGf4cHNqtpL7rW1A5Xqzh1+igxOlm4gErZlXiSZRb0JOz0ClSo
ARr2jUlIrwr/d5v4d8obFPfXnn873x2gcJVEYcsf6Vp6sR0q43Wqay/60eFa69qw
rq2Xxapbti4M8ux+c1v6MNZPowg9JyR9GH4b/lJg0GmkZQaPvSag9yOqsQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDS5hOe9ZrsCodWgK/mWcOdKgoSvMB8GA1UdIwQY
MBaAFAVgBvKhhAkAx1NigSGz+37FvYnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldBRzhxR0VDUURIVTJLQkliUDdmc1c5aWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81NzMyZDMtYTUzYy00MWY3LWE2MjMt
NTViM2U2NDc2YTdiLzEvTkxtRTU3MW11d0toMWFBci1aWnc1MHFDaEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81NzMyZDMtYTUzYy00MWY3LWE2MjMtNTViM2U2NDc2YTdi
LzEvQldBRzhxR0VDUURIVTJLQkliUDdmc1c5aWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABSrdAwQA
LYEAMA8EAgACMAkDBwEqEsdAAAAwDQYJKoZIhvcNAQELBQADggEBABsjUJUGKTEx
ZOqCSg6eMvlTF1DY+rn4crTgaek8FF1LFv1C4DYYKr2S+9JoM3X4MNKZv37Y08Ix
1rnQIJ4N2crzmRZn6PTBed5Pk9kgqNq74SnWoEFhQhRDYFkfhu4L0YmgLowcoCDM
nbI7sFcWgKjmICTw0LOjloOXm1KT9PWiSV0NrJ2UkbtPpJSw6CEXtmprI9NRnTpU
tIsdysuu6xTsGxrbscWMgrcF3fDSALdw+0JNBD3OnXzpLfo52AOmxXj7CrdNkQYf
ti6NXSsXoALT4/COsnC2E5563jeI2WA/PkSeze0x55xPN5QdWic6kJwMSsn6Dob4
Uw2dc2zRiYA=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:38:58 2024 by rpki-client on console-ams.rpki-client.org