Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/w3U4RGD-RR7pfqM-x5GLo3NEI6k.roa
File: w3U4RGD-RR7pfqM-x5GLo3NEI6k.roa (raw, json)
Hash identifier: 4w41hRAcla/qvSZOMsfe9VIf0Pp8cdA1Zp6+AEIFBkw=
Subject key identifier: C3:75:38:44:60:FE:45:1E:E9:7E:A3:3E:C7:91:8B:A3:73:44:23:A9
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 018CC794EF4F37EB5EE92C7309B9FC15DE71
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/w3U4RGD-RR7pfqM-x5GLo3NEI6k.roa
Signing time: Tue 02 Jan 2024 00:31:15 +0000
ROA not before: Tue 02 Jan 2024 00:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201671
IP address blocks: 5.104.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ef:4f:37:eb:5e:e9:2c:73:09:b9:fc:15:de:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jan 2 00:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c375384460fe451ee97ea33ec7918ba3734423a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:74:c9:1c:7e:47:85:23:64:46:58:f7:49:93:
9b:bf:63:f0:47:45:f5:77:39:e8:04:62:16:06:ea:
fa:20:8a:0d:3e:4d:ba:07:97:1e:01:10:78:7f:fc:
05:cf:cb:ab:f4:bc:fa:ef:e9:a8:c6:64:3c:0e:75:
ad:3e:6e:d9:02:c5:f8:84:77:0c:be:82:e2:0b:1a:
b8:70:87:1b:41:7e:66:41:74:eb:91:7f:a7:b6:06:
a4:2a:49:a8:7a:cd:88:a7:20:ea:d6:df:5f:7e:88:
35:08:5d:9d:56:10:35:42:8e:ec:0b:fe:c3:e5:59:
b4:6f:71:b5:1f:8c:a0:d7:16:61:be:53:93:6d:31:
e5:5d:c8:ad:7d:ef:2c:52:1a:d7:c2:29:04:5d:ff:
75:ee:ac:fb:6b:7f:42:50:93:23:c5:a8:6e:2b:09:
3d:fc:d4:71:5a:f5:4f:d7:96:13:cd:76:24:c3:c7:
96:16:ba:f7:20:52:c9:d4:9a:c8:60:08:bc:70:8f:
26:31:0b:38:62:32:14:56:10:83:ae:cb:c3:be:20:
0d:a5:0c:ca:d3:77:a7:98:db:ab:6f:74:a6:86:4d:
3a:62:af:a4:63:d0:3a:44:ef:8a:50:f9:8b:74:02:
7c:7e:50:44:14:9e:47:41:22:9b:0c:ed:e8:8e:5c:
cb:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:75:38:44:60:FE:45:1E:E9:7E:A3:3E:C7:91:8B:A3:73:44:23:A9
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/w3U4RGD-RR7pfqM-x5GLo3NEI6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.75.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:3e:b0:ce:ad:ab:51:6d:26:d5:d7:65:ee:16:bc:6b:f2:86:
52:6c:cc:43:a2:70:47:dd:cf:bf:c2:4f:36:7b:b3:a8:ae:3f:
25:4e:2f:08:80:b3:4d:4b:9d:48:2a:ed:75:a5:20:69:40:38:
95:e5:5b:8a:c5:6d:06:99:3c:bb:2e:f1:7a:f0:e5:32:7c:9a:
f1:a5:18:b1:c7:c3:29:41:90:53:de:1e:46:76:9e:38:d8:2b:
ba:a8:06:02:7d:4b:ad:cb:bc:02:f6:bc:1b:eb:82:c7:41:c5:
61:73:5d:b4:19:a1:0c:db:c9:e7:67:b4:a5:52:e6:6e:e5:56:
49:b8:07:30:39:11:fe:bf:69:64:52:6a:8a:71:c9:80:05:91:
42:55:2f:05:ce:6a:ac:f5:47:ff:fe:de:2e:0e:8b:a5:53:49:
94:73:c7:fc:53:73:b5:6d:d9:20:62:4e:85:06:3c:e1:7e:73:
69:77:cd:99:d0:b1:f5:a2:ca:0e:c7:b2:ea:24:83:02:85:d5:
43:6e:86:93:27:4f:0c:b7:d6:49:fb:a2:4a:72:50:5d:80:6f:
ba:22:d7:be:5b:41:d2:bc:fa:82:ad:1b:8f:2f:df:da:aa:80:
36:9f:24:d4:52:3e:5c:4c:01:23:6e:1f:0b:71:00:c4:25:b5:
1a:48:0d:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlO9PN+te6SxzCbn8Fd5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjQwMTAyMDAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzc1Mzg0NDYwZmU0NTFlZTk3ZWEzM2VjNzkxOGJhMzczNDQyM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXTJHH5HhSNkRlj3SZObv2PwR0X1
dznoBGIWBur6IIoNPk26B5ceARB4f/wFz8ur9Lz67+moxmQ8DnWtPm7ZAsX4hHcM
voLiCxq4cIcbQX5mQXTrkX+ntgakKkmoes2IpyDq1t9ffog1CF2dVhA1Qo7sC/7D
5Vm0b3G1H4yg1xZhvlOTbTHlXcitfe8sUhrXwikEXf917qz7a39CUJMjxahuKwk9
/NRxWvVP15YTzXYkw8eWFrr3IFLJ1JrIYAi8cI8mMQs4YjIUVhCDrsvDviANpQzK
03enmNurb3Smhk06Yq+kY9A6RO+KUPmLdAJ8flBEFJ5HQSKbDO3ojlzLVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMN1OERg/kUe6X6jPseRi6NzRCOpMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvdzNVNFJHRC1SUjdwZnFNLXg1R0xvM05FSTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWhLMA0G
CSqGSIb3DQEBCwUAA4IBAQCpPrDOratRbSbV12XuFrxr8oZSbMxDonBH3c+/wk82
e7Oorj8lTi8IgLNNS51IKu11pSBpQDiV5VuKxW0GmTy7LvF68OUyfJrxpRixx8Mp
QZBT3h5Gdp442Cu6qAYCfUuty7wC9rwb64LHQcVhc120GaEM28nnZ7SlUuZu5VZJ
uAcwORH+v2lkUmqKccmABZFCVS8Fzmqs9Uf//t4uDoulU0mUc8f8U3O1bdkgYk6F
BjzhfnNpd82Z0LH1osoOx7LqJIMChdVDboaTJ08Mt9ZJ+6JKclBdgG+6Ite+W0HS
vPqCrRuPL9/aqoA2nyTUUj5cTAEjbh8LcQDEJbUaSA0u
-----END CERTIFICATE-----
Generated at Tue Dec 10 23:04:29 2024 by rpki-client on console-fra.rpki-client.org