Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/oVbTtg2AmujFGInh3pTm6dWJjkg.roa
File: oVbTtg2AmujFGInh3pTm6dWJjkg.roa (raw, json)
Hash identifier: d4vgLjOLZ4PcDoHipzL4/LXVgZkDYAVITfoBWNxPAR4=
Subject key identifier: A1:56:D3:B6:0D:80:9A:E8:C5:18:89:E1:DE:94:E6:E9:D5:89:8E:48
Certificate issuer: /CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Certificate serial: 018CC348F5948374DC91A0DC36921AE5C84E
Authority key identifier: 91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/oVbTtg2AmujFGInh3pTm6dWJjkg.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56902
IP address blocks: 45.142.138.0/24 maxlen: 24
45.142.137.0/24 maxlen: 24
45.142.139.0/24 maxlen: 24
45.142.136.0/24 maxlen: 24
5.100.240.0/24 maxlen: 24
5.100.243.0/24 maxlen: 24
5.100.242.0/24 maxlen: 24
5.100.241.0/24 maxlen: 24
185.128.125.0/24 maxlen: 24
185.128.124.0/24 maxlen: 24
185.187.129.0/24 maxlen: 24
185.187.128.0/24 maxlen: 24
185.187.131.0/24 maxlen: 24
185.187.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.mft
rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f5:94:83:74:dc:91:a0:dc:36:92:1a:e5:c8:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a156d3b60d809ae8c51889e1de94e6e9d5898e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:98:e2:45:b2:82:7d:41:60:3f:7b:47:43:55:
2e:88:3f:d0:93:30:79:9f:e1:f0:22:10:92:60:24:
a1:14:8e:4d:c7:07:45:e7:cb:03:39:65:d0:39:b1:
3a:0f:29:46:77:27:fa:2d:9b:f3:40:9b:aa:a2:f9:
e7:e9:83:93:d0:ee:b1:da:cf:92:da:4b:9b:34:16:
3e:ad:8e:da:73:6c:72:99:f9:74:9e:1e:7a:6e:11:
02:13:90:0f:40:f9:af:bc:54:37:fc:a1:93:56:c5:
06:62:5c:41:3b:47:59:c6:d2:da:7c:14:d3:26:7c:
64:96:4a:ac:09:98:55:9c:e8:9c:88:e0:f7:93:e9:
42:de:e1:e6:01:78:86:07:b0:70:91:39:6c:87:84:
b0:c6:d7:f2:ef:68:bd:51:62:52:f0:c9:74:0a:60:
25:65:52:17:76:a5:ed:dc:c2:4e:aa:73:24:8b:69:
90:a0:91:f9:32:9a:a0:e0:9a:f7:c7:7b:72:40:c9:
c6:19:de:bf:6c:b8:ef:bd:a2:fe:3d:0a:0e:ee:41:
f3:01:e5:c0:5c:1c:60:40:3c:f1:7c:26:0a:57:c9:
4e:99:c7:8e:2a:f5:b8:67:4b:0a:72:34:ef:a7:ba:
bb:93:7e:76:f2:5f:9f:66:3e:6a:c0:87:81:3f:5e:
b4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:56:D3:B6:0D:80:9A:E8:C5:18:89:E1:DE:94:E6:E9:D5:89:8E:48
X509v3 Authority Key Identifier:
keyid:91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/oVbTtg2AmujFGInh3pTm6dWJjkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.240.0/22
45.142.136.0/22
185.128.124.0/23
185.187.128.0/22
Signature Algorithm: sha256WithRSAEncryption
76:4b:13:3f:d9:d6:a3:26:6a:94:c5:f1:b2:c9:c8:a2:94:ca:
15:82:21:54:18:8a:e1:0f:bf:b2:2a:73:db:04:0a:7e:50:7f:
6b:31:28:7b:e8:ad:1b:98:a6:45:56:75:00:cc:c0:12:b5:17:
c8:4e:c2:57:7a:cf:05:ea:14:d0:8d:e3:b4:d8:7f:ab:55:3f:
33:04:0b:93:e3:7d:aa:bc:d4:af:c8:83:68:94:d4:47:5a:f6:
35:00:dd:a7:0c:5e:31:c7:26:b4:70:92:88:b5:6a:3d:ed:61:
4f:31:4c:75:89:69:c3:e6:f7:d3:33:0e:9f:47:37:b1:9c:b4:
fb:c7:c6:40:59:6c:81:92:51:2e:78:49:7f:36:cf:2a:d0:0b:
91:91:f7:80:af:b6:7a:78:6b:4e:72:09:77:73:b2:42:49:ff:
72:66:b2:8d:31:5e:8a:5c:c6:af:d3:0c:ea:eb:b3:b1:0b:a8:
c8:e5:b2:89:5e:c4:3d:29:63:57:6b:1f:13:a0:79:58:8a:6d:
71:b3:54:c5:c1:a9:60:e5:97:fb:4e:6f:0a:0d:38:6e:6a:c8:
ed:98:9e:09:fd:7c:3b:75:2e:30:54:9f:cb:9e:1e:a6:7b:93:
ab:7a:60:74:0c:fb:96:41:33:e6:41:52:ef:f8:6b:8a:e0:09:
3e:3b:26:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSPWUg3TckaDcNpIa5chOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODkwMTY2MmE4ZWM1ZmY0ZDNmNDhkMjkwOTkyMzBhMDU3
NWVjOGEwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTU2ZDNiNjBkODA5YWU4YzUxODg5ZTFkZTk0ZTZlOWQ1ODk4ZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZjiRbKCfUFgP3tHQ1UuiD/QkzB5
n+HwIhCSYCShFI5NxwdF58sDOWXQObE6DylGdyf6LZvzQJuqovnn6YOT0O6x2s+S
2kubNBY+rY7ac2xymfl0nh56bhECE5APQPmvvFQ3/KGTVsUGYlxBO0dZxtLafBTT
JnxklkqsCZhVnOiciOD3k+lC3uHmAXiGB7BwkTlsh4Swxtfy72i9UWJS8Ml0CmAl
ZVIXdqXt3MJOqnMki2mQoJH5Mpqg4Jr3x3tyQMnGGd6/bLjvvaL+PQoO7kHzAeXA
XBxgQDzxfCYKV8lOmceOKvW4Z0sKcjTvp7q7k3528l+fZj5qwIeBP160WQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKFW07YNgJroxRiJ4d6U5unViY5IMB8GA1UdIwQY
MBaAFJGJAWYqjsX/TT9I0pCZIwoFdeyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQt
ZTgxMWUyM2MxODA0LzEvb1ZiVHRnMkFtdWpGR0luaDNwVG02ZFdKamtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQtZTgxMWUyM2MxODA0
LzEva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBWTwAwQC
LY6IAwQBuYB8AwQCubuAMA0GCSqGSIb3DQEBCwUAA4IBAQB2SxM/2dajJmqUxfGy
yciilMoVgiFUGIrhD7+yKnPbBAp+UH9rMSh76K0bmKZFVnUAzMAStRfITsJXes8F
6hTQjeO02H+rVT8zBAuT432qvNSvyINolNRHWvY1AN2nDF4xxya0cJKItWo97WFP
MUx1iWnD5vfTMw6fRzexnLT7x8ZAWWyBklEueEl/Ns8q0AuRkfeAr7Z6eGtOcgl3
c7JCSf9yZrKNMV6KXMav0wzq67OxC6jI5bKJXsQ9KWNXax8ToHlYim1xs1TFwalg
5Zf7Tm8KDThuasjtmJ4J/Xw7dS4wVJ/Lnh6me5OremB0DPuWQTPmQVLv+GuK4Ak+
OyZb
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:51 2024 by rpki-client on console-ams.rpki-client.org