Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/Au16nTRsaZnMyo42IXeN73O5GYY.roa
File: Au16nTRsaZnMyo42IXeN73O5GYY.roa (raw, json)
Hash identifier: p8rwmzJlJL+LP0G9Q9rNWCtW+QS8qY7dRk3wbShYW+U=
Subject key identifier: 02:ED:7A:9D:34:6C:69:99:CC:CA:8E:36:21:77:8D:EF:73:B9:19:86
Certificate issuer: /CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Certificate serial: 018CC2DAB4E19FAD526053B3F14B39F12400
Authority key identifier: 5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/Au16nTRsaZnMyo42IXeN73O5GYY.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39011
IP address blocks: 5.253.188.0/22 maxlen: 22
194.102.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.mft
rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b4:e1:9f:ad:52:60:53:b3:f1:4b:39:f1:24:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d86c47da6d9079347b60f04ed5c5557fe983eb8
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02ed7a9d346c6999ccca8e3621778def73b91986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9f:4b:97:33:36:d7:40:77:a5:db:dd:36:82:
d6:da:1a:15:47:59:b2:20:8a:77:83:84:c7:f4:d7:
09:0b:68:b3:80:8a:31:f8:a8:8a:ce:5c:a2:6b:7c:
62:3b:40:de:5a:4c:bd:38:e1:a9:8f:70:eb:28:2d:
1a:e5:b5:80:96:c3:5f:14:9c:41:31:fa:73:aa:4e:
7f:10:a9:4d:b9:09:09:7b:3b:21:64:e3:ab:49:bc:
15:e8:8b:f7:98:13:d8:87:aa:5b:db:5a:b6:29:d2:
1e:f8:ee:db:9e:3e:f9:ee:aa:ed:9f:73:24:db:76:
d8:1b:7c:92:fa:07:be:cb:ba:9e:30:42:55:55:67:
ea:73:f9:60:ac:27:e1:c0:ef:5b:04:72:ba:96:06:
07:66:9b:34:06:79:7e:cd:b8:5b:a3:58:13:09:fb:
d7:0a:a5:41:5c:61:e6:c4:5c:1a:64:fb:74:d8:94:
2b:c1:dc:94:ac:22:f5:fe:95:e0:0c:d1:e8:25:a0:
f7:d7:e5:77:64:d2:1e:a2:09:10:c8:8d:f3:00:fe:
e5:91:46:dc:62:bd:0e:05:ac:32:52:02:be:47:9c:
c1:81:86:34:97:3a:31:fc:b7:e0:3f:c5:04:5f:b6:
4d:c2:f0:e4:f3:32:21:d3:f5:85:56:6f:49:2c:d1:
cb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:ED:7A:9D:34:6C:69:99:CC:CA:8E:36:21:77:8D:EF:73:B9:19:86
X509v3 Authority Key Identifier:
keyid:5D:86:C4:7D:A6:D9:07:93:47:B6:0F:04:ED:5C:55:57:FE:98:3E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYbEfabZB5NHtg8E7VxVV_6YPrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/Au16nTRsaZnMyo42IXeN73O5GYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/df66a0-c958-4e5c-a6df-fc632841ba3e/1/XYbEfabZB5NHtg8E7VxVV_6YPrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.188.0/22
194.102.204.0/24
Signature Algorithm: sha256WithRSAEncryption
74:ff:43:12:f8:d3:63:21:5d:46:06:cd:a0:7c:e8:e6:ab:56:
dc:89:ba:57:d0:39:2a:5a:b1:59:3d:b2:8d:40:41:98:06:7c:
c5:ef:37:6d:90:ea:71:a0:d8:50:39:2f:8f:1e:17:0a:70:7e:
3a:75:de:c4:61:e7:ca:45:98:b2:0b:10:07:8b:87:78:fe:b7:
c4:47:63:2b:57:3a:26:e8:f9:62:3d:73:f1:01:63:5d:1a:24:
0b:7c:5d:00:31:53:07:8b:1f:09:ed:8f:b5:e3:4e:db:91:51:
4d:15:e8:d2:dc:c9:13:47:16:f6:49:65:c1:54:b5:5e:7b:61:
f2:5b:d7:57:08:b7:94:65:ce:6e:d0:36:fc:ca:df:7c:25:fe:
a7:4b:28:a8:ea:27:4e:fa:e0:51:8e:bb:56:9b:b2:b6:f2:c0:
40:b8:02:d7:66:dd:16:b3:b4:a5:ea:e4:35:4d:a0:16:13:9c:
cd:66:06:8e:40:41:0c:85:af:07:52:1e:35:f5:e3:bb:81:c2:
3b:12:15:6e:c3:7a:ad:c9:e1:e2:14:8e:a9:05:4c:22:da:ef:
fb:b0:9a:eb:43:f5:f8:26:c4:22:cd:63:da:28:b6:bc:64:57:
0a:a5:ac:b5:42:29:a2:bd:20:59:36:3c:e3:5f:fb:c4:48:a9:
2f:a8:a1:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2rThn61SYFOz8Us58SQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkODZjNDdkYTZkOTA3OTM0N2I2MGYwNGVkNWM1NTU3ZmU5
ODNlYjgwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmVkN2E5ZDM0NmM2OTk5Y2NjYThlMzYyMTc3OGRlZjczYjkxOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp9LlzM210B3pdvdNoLW2hoVR1my
IIp3g4TH9NcJC2izgIox+KiKzlyia3xiO0DeWky9OOGpj3DrKC0a5bWAlsNfFJxB
Mfpzqk5/EKlNuQkJezshZOOrSbwV6Iv3mBPYh6pb21q2KdIe+O7bnj757qrtn3Mk
23bYG3yS+ge+y7qeMEJVVWfqc/lgrCfhwO9bBHK6lgYHZps0Bnl+zbhbo1gTCfvX
CqVBXGHmxFwaZPt02JQrwdyUrCL1/pXgDNHoJaD31+V3ZNIeogkQyI3zAP7lkUbc
Yr0OBawyUgK+R5zBgYY0lzox/LfgP8UEX7ZNwvDk8zIh0/WFVm9JLNHLQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFALtep00bGmZzMqONiF3je9zuRmGMB8GA1UdIwQY
MBaAFF2GxH2m2QeTR7YPBO1cVVf+mD64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYt
ZmM2MzI4NDFiYTNlLzEvQXUxNm5UUnNhWm5NeW80MklYZU43M081R1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9kZjY2YTAtYzk1OC00ZTVjLWE2ZGYtZmM2MzI4NDFiYTNl
LzEvWFliRWZhYlpCNU5IdGc4RTdWeFZWXzZZUHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBf28AwQA
wmbMMA0GCSqGSIb3DQEBCwUAA4IBAQB0/0MS+NNjIV1GBs2gfOjmq1bcibpX0Dkq
WrFZPbKNQEGYBnzF7zdtkOpxoNhQOS+PHhcKcH46dd7EYefKRZiyCxAHi4d4/rfE
R2MrVzom6PliPXPxAWNdGiQLfF0AMVMHix8J7Y+1407bkVFNFejS3MkTRxb2SWXB
VLVee2HyW9dXCLeUZc5u0Db8yt98Jf6nSyio6idO+uBRjrtWm7K28sBAuALXZt0W
s7Sl6uQ1TaAWE5zNZgaOQEEMha8HUh419eO7gcI7EhVuw3qtyeHiFI6pBUwi2u/7
sJrrQ/X4JsQizWPaKLa8ZFcKpay1QimivSBZNjzjX/vESKkvqKGt
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:17:49 2024 by rpki-client on console-ams.rpki-client.org