Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/pd5TnWPJMzOK0nqPGhUZJwspVxE.roa
File: pd5TnWPJMzOK0nqPGhUZJwspVxE.roa (raw, json)
Hash identifier: EY1cyRpugte6BacYRXyxnB66dMWIq5hbKee1pnSLh2c=
Subject key identifier: A5:DE:53:9D:63:C9:33:33:8A:D2:7A:8F:1A:15:19:27:0B:29:57:11
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 018CC3B6D51D5E2E66D34C9ECFA3A60227C6
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/pd5TnWPJMzOK0nqPGhUZJwspVxE.roa
Signing time: Mon 01 Jan 2024 06:29:48 +0000
ROA not before: Mon 01 Jan 2024 06:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 178.171.50.0/23 maxlen: 23
178.171.48.0/23 maxlen: 23
178.171.62.0/23 maxlen: 23
178.171.60.0/23 maxlen: 23
158.46.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d5:1d:5e:2e:66:d3:4c:9e:cf:a3:a6:02:27:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Jan 1 06:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5de539d63c933338ad27a8f1a1519270b295711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3f:76:0b:db:11:de:02:fb:d5:fe:46:f9:60:
20:11:11:90:13:30:0f:9d:05:f9:9a:e2:d3:a5:aa:
8c:f3:eb:a3:ec:c1:a1:11:37:22:10:4d:8c:c7:42:
ea:72:71:36:a2:e4:ff:4a:a2:6c:97:d5:bc:e0:49:
95:75:76:e2:18:c9:55:19:b4:78:9a:10:c1:cb:42:
84:14:95:5e:74:24:4f:8c:40:56:dc:ad:16:6f:de:
10:53:e7:99:2d:1e:d8:1f:61:ba:29:11:89:2e:13:
25:4d:f6:4a:4c:60:21:3a:69:45:d4:4b:50:d5:50:
83:7f:2b:15:2f:86:54:b8:c2:ad:9e:99:09:df:89:
ec:49:10:63:9b:e0:e9:bd:e5:a3:8c:05:ce:3e:16:
61:6c:1e:22:1a:c3:4b:68:a4:a0:91:c4:7f:d1:45:
b2:59:4b:99:a5:67:ab:c4:3c:90:ea:b6:ff:89:7e:
df:e0:ad:6c:40:66:62:bb:74:a9:50:88:f2:22:70:
cb:0a:d1:9b:1d:17:dd:b7:62:5f:d7:bb:61:a9:ef:
40:e1:60:aa:aa:f6:52:ee:89:ac:f5:50:11:bb:ad:
c7:cd:d5:b7:1a:2d:db:1a:39:30:8c:bd:1d:58:b5:
54:ec:90:b0:91:83:17:a9:25:15:b9:0c:fe:00:2e:
44:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:DE:53:9D:63:C9:33:33:8A:D2:7A:8F:1A:15:19:27:0B:29:57:11
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/pd5TnWPJMzOK0nqPGhUZJwspVxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.176.0/22
178.171.48.0/22
178.171.60.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:77:cb:cd:a6:18:2b:f7:d3:62:5c:3c:83:94:68:dc:90:b8:
3f:d1:53:3e:33:ec:f5:bd:91:8c:18:8f:81:0f:45:fa:a0:cb:
0a:75:4c:c4:02:20:41:30:f7:8b:67:92:23:3b:7a:9e:51:a3:
ca:ca:47:5a:a9:a9:5f:16:1a:80:86:76:39:c4:57:8e:71:83:
22:aa:fe:20:49:ce:2c:fc:54:58:82:cd:e7:26:08:34:ab:91:
75:b8:b8:8e:ff:7b:9e:af:c0:d6:76:a1:45:cd:62:11:33:a7:
8b:0f:ff:b4:ab:a7:2c:81:99:a7:0d:8b:af:9a:d2:5a:5b:0e:
e4:4c:66:38:23:b4:01:f9:a9:78:d7:1b:e0:02:fe:60:91:79:
af:ec:ec:bb:18:31:07:b1:f2:a2:07:c8:19:36:ed:e6:28:fd:
c3:64:a3:1b:7b:57:bd:6d:8d:46:c8:3d:b1:94:4b:4c:e2:97:
40:8c:c3:40:a4:35:ff:4d:9e:40:79:7b:32:ad:1a:eb:28:fd:
2e:c9:5c:f5:9f:c9:09:3f:49:95:97:5b:b3:72:a8:7c:fa:2b:
83:f6:2c:88:50:4d:14:52:fa:e1:0d:00:64:42:28:8b:41:dd:
2f:ca:a0:f9:aa:82:61:97:17:b9:fb:bb:64:2f:6c:ad:6f:df:
94:c7:23:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDttUdXi5m00yez6OmAifGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjQwMTAxMDYyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWRlNTM5ZDYzYzkzMzMzOGFkMjdhOGYxYTE1MTkyNzBiMjk1NzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj92C9sR3gL71f5G+WAgERGQEzAP
nQX5muLTpaqM8+uj7MGhETciEE2Mx0LqcnE2ouT/SqJsl9W84EmVdXbiGMlVGbR4
mhDBy0KEFJVedCRPjEBW3K0Wb94QU+eZLR7YH2G6KRGJLhMlTfZKTGAhOmlF1EtQ
1VCDfysVL4ZUuMKtnpkJ34nsSRBjm+DpveWjjAXOPhZhbB4iGsNLaKSgkcR/0UWy
WUuZpWerxDyQ6rb/iX7f4K1sQGZiu3SpUIjyInDLCtGbHRfdt2Jf17thqe9A4WCq
qvZS7oms9VARu63HzdW3Gi3bGjkwjL0dWLVU7JCwkYMXqSUVuQz+AC5EpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKXeU51jyTMzitJ6jxoVGScLKVcRMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvcGQ1VG5XUEpNek9LMG5xUEdoVVpKd3NwVnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCni6wAwQC
sqswAwQCsqs8MA0GCSqGSIb3DQEBCwUAA4IBAQCcd8vNphgr99NiXDyDlGjckLg/
0VM+M+z1vZGMGI+BD0X6oMsKdUzEAiBBMPeLZ5IjO3qeUaPKykdaqalfFhqAhnY5
xFeOcYMiqv4gSc4s/FRYgs3nJgg0q5F1uLiO/3uer8DWdqFFzWIRM6eLD/+0q6cs
gZmnDYuvmtJaWw7kTGY4I7QB+al41xvgAv5gkXmv7Oy7GDEHsfKiB8gZNu3mKP3D
ZKMbe1e9bY1GyD2xlEtM4pdAjMNApDX/TZ5AeXsyrRrrKP0uyVz1n8kJP0mVl1uz
cqh8+iuD9iyIUE0UUvrhDQBkQiiLQd0vyqD5qoJhlxe5+7tkL2ytb9+UxyNT
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:40:25 2024 by rpki-client on console-fra.rpki-client.org