Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/5m2MGUXbYFYdzN2i8PI01LJ1PLA.roa
File: 5m2MGUXbYFYdzN2i8PI01LJ1PLA.roa (raw, json)
Hash identifier: qUKI9voGurLM6pUkYKDZY57DnKg6huimrCwRrcGaQqE=
Subject key identifier: E6:6D:8C:19:45:DB:60:56:1D:CC:DD:A2:F0:F2:34:D4:B2:75:3C:B0
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 0190EAB40516A2F7582E3AA5F90AC0FEA7D5
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/5m2MGUXbYFYdzN2i8PI01LJ1PLA.roa
Signing time: Thu 25 Jul 2024 16:23:04 +0000
ROA not before: Thu 25 Jul 2024 16:23:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206092
IP address blocks: 45.131.194.0/24 maxlen: 24
45.134.22.0/24 maxlen: 24
85.8.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ea:b4:05:16:a2:f7:58:2e:3a:a5:f9:0a:c0:fe:a7:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jul 25 16:23:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e66d8c1945db60561dccdda2f0f234d4b2753cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e4:90:a2:92:97:84:e7:4e:80:62:c9:88:60:
93:0c:b0:3e:e4:cc:f7:3d:25:8b:11:e8:17:db:74:
d6:00:40:8d:c7:e0:2e:11:8f:c7:dc:34:8b:49:c9:
e5:f6:8e:c8:6d:9e:83:28:6a:8b:ef:24:cb:6a:5f:
67:0a:43:8c:6c:d1:aa:5a:3f:f4:76:7a:99:b1:00:
c1:1a:d4:c9:2a:d6:c6:59:43:72:21:93:3e:6f:1e:
72:61:98:e6:c9:4f:f0:e6:72:c2:d0:c4:5c:c5:33:
46:f5:3d:ad:4b:8a:fe:36:e4:84:b3:a5:ff:04:36:
ef:fd:21:32:86:4b:e3:c9:15:36:f2:70:20:c2:c7:
76:34:8b:e0:e8:bd:26:3c:5e:00:4f:d2:f2:d4:f9:
48:f1:bf:6a:85:68:4a:95:af:59:e4:53:44:d8:53:
99:22:82:26:49:2d:50:0f:21:43:04:b1:58:d2:5b:
63:c5:94:86:fb:4a:1e:6d:0a:b8:03:f1:f3:f5:f9:
21:e7:02:1b:7c:fd:db:40:f9:bd:f9:46:31:55:c9:
b2:1b:cb:88:c7:ef:d2:ee:01:74:df:1e:95:c8:ef:
0e:5f:7d:95:ab:13:73:8f:5f:12:a5:95:d8:3d:65:
0b:6a:c1:ff:94:36:2b:11:d8:eb:26:61:9d:25:56:
fb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:6D:8C:19:45:DB:60:56:1D:CC:DD:A2:F0:F2:34:D4:B2:75:3C:B0
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/5m2MGUXbYFYdzN2i8PI01LJ1PLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.194.0/24
45.134.22.0/24
85.8.130.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:85:e7:9e:7b:d9:10:47:68:48:dd:55:94:03:56:7f:4b:7c:
92:ca:07:10:6d:ba:34:40:51:32:78:6a:e8:f7:a5:fe:47:de:
04:57:db:5f:f0:9e:29:09:99:8f:7b:0e:54:da:f3:37:f0:67:
e0:7a:76:af:21:b5:ab:5e:a1:8a:85:06:54:6d:f6:69:89:02:
96:18:83:2d:03:98:0b:d0:38:ee:99:53:bf:77:11:d2:0b:2b:
b0:c6:83:29:61:6e:18:4d:44:ca:9b:e6:f8:63:ca:d7:68:52:
c0:52:a1:28:41:76:48:31:7a:5c:26:83:73:b4:f3:48:f4:14:
d0:c5:77:d9:61:ce:3d:24:a2:1a:a5:be:2a:5e:41:bb:a8:c6:
43:08:9d:8f:f5:3f:5e:5c:95:eb:91:8d:3e:36:2c:67:fc:d8:
34:4a:9a:2c:92:e3:4a:4f:19:e3:e7:4b:32:2b:07:d6:d9:73:
ef:ac:f9:ae:a3:4a:a4:bb:a9:88:7f:b6:9c:b8:7f:3a:6d:f5:
67:3f:96:6f:5c:b1:ce:17:68:c2:5b:fe:41:ff:e9:72:b1:cc:
8b:19:7d:dd:d8:f6:bb:43:28:16:95:bc:e3:7b:3c:3e:74:2e:
f0:74:2b:9e:4a:4d:80:17:3a:88:89:47:42:ef:18:a3:7a:0f:
db:78:0e:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZDqtAUWovdYLjql+QrA/qfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwNzI1MTYyMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjZkOGMxOTQ1ZGI2MDU2MWRjY2RkYTJmMGYyMzRkNGIyNzUzY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleSQopKXhOdOgGLJiGCTDLA+5Mz3
PSWLEegX23TWAECNx+AuEY/H3DSLScnl9o7IbZ6DKGqL7yTLal9nCkOMbNGqWj/0
dnqZsQDBGtTJKtbGWUNyIZM+bx5yYZjmyU/w5nLC0MRcxTNG9T2tS4r+NuSEs6X/
BDbv/SEyhkvjyRU28nAgwsd2NIvg6L0mPF4AT9Ly1PlI8b9qhWhKla9Z5FNE2FOZ
IoImSS1QDyFDBLFY0ltjxZSG+0oebQq4A/Hz9fkh5wIbfP3bQPm9+UYxVcmyG8uI
x+/S7gF03x6VyO8OX32VqxNzj18SpZXYPWULasH/lDYrEdjrJmGdJVb7TwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOZtjBlF22BWHczdovDyNNSydTywMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvNW0yTUdVWGJZRllkek4yaThQSTAxTEoxUExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYPCAwQA
LYYWAwQAVQiCMA0GCSqGSIb3DQEBCwUAA4IBAQBMheeee9kQR2hI3VWUA1Z/S3yS
ygcQbbo0QFEyeGro96X+R94EV9tf8J4pCZmPew5U2vM38GfgenavIbWrXqGKhQZU
bfZpiQKWGIMtA5gL0DjumVO/dxHSCyuwxoMpYW4YTUTKm+b4Y8rXaFLAUqEoQXZI
MXpcJoNztPNI9BTQxXfZYc49JKIapb4qXkG7qMZDCJ2P9T9eXJXrkY0+Nixn/Ng0
SposkuNKTxnj50syKwfW2XPvrPmuo0qku6mIf7acuH86bfVnP5ZvXLHOF2jCW/5B
/+lyscyLGX3d2Pa7QygWlbzjezw+dC7wdCueSk2AFzqIiUdC7xijeg/beA4I
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:20 2024 by rpki-client on console-ams.rpki-client.org