Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/fgu5dgD_bZzMUgMaxK7eMWI9HXw.roa
File: fgu5dgD_bZzMUgMaxK7eMWI9HXw.roa (raw, json)
Hash identifier: Uf6pNSaJZ1OV7ZdEAhCNTQR1FNnVMnQPnEaN0diGj/Y=
Subject key identifier: 7E:0B:B9:76:00:FF:6D:9C:CC:52:03:1A:C4:AE:DE:31:62:3D:1D:7C
Certificate issuer: /CN=7c9126732c2f0193bc3de4e8d3abc15f4baed62d
Certificate serial: 0191368496B52EE59A43D9ECB6D4C3C515FA
Authority key identifier: 7C:91:26:73:2C:2F:01:93:BC:3D:E4:E8:D3:AB:C1:5F:4B:AE:D6:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fJEmcywvAZO8PeTo06vBX0uu1i0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/fgu5dgD_bZzMUgMaxK7eMWI9HXw.roa
Signing time: Fri 09 Aug 2024 09:42:24 +0000
ROA not before: Fri 09 Aug 2024 09:42:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215927
IP address blocks: 5.252.8.0/23 maxlen: 23
5.252.8.0/24 maxlen: 24
5.252.9.0/24 maxlen: 24
5.252.10.0/23 maxlen: 23
5.252.10.0/24 maxlen: 24
5.252.11.0/24 maxlen: 24
45.156.176.0/23 maxlen: 23
45.156.176.0/24 maxlen: 24
45.156.177.0/24 maxlen: 24
45.156.178.0/23 maxlen: 23
45.156.178.0/24 maxlen: 24
45.156.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/fJEmcywvAZO8PeTo06vBX0uu1i0.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/fJEmcywvAZO8PeTo06vBX0uu1i0.mft
rsync://rpki.ripe.net/repository/DEFAULT/fJEmcywvAZO8PeTo06vBX0uu1i0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:36:84:96:b5:2e:e5:9a:43:d9:ec:b6:d4:c3:c5:15:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c9126732c2f0193bc3de4e8d3abc15f4baed62d
Validity
Not Before: Aug 9 09:42:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e0bb97600ff6d9ccc52031ac4aede31623d1d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d6:46:1f:0a:8f:f9:7d:3f:ca:38:ee:6d:65:
10:73:35:b8:91:f6:54:e6:47:ae:45:70:ba:62:85:
54:63:a7:5e:6b:c7:44:b5:1d:da:16:08:19:b6:0f:
a5:41:dd:bf:25:01:ae:9d:72:f2:e8:5c:9a:47:46:
6e:13:91:88:75:79:6c:18:24:f4:3a:be:3c:74:f2:
bb:62:38:16:54:5f:3a:c0:12:33:86:02:8e:3e:74:
9d:68:b8:91:ef:27:44:92:8c:75:84:f4:6e:1a:c6:
d4:19:97:6d:a5:3a:5e:26:31:b3:99:db:8b:4c:6c:
09:28:bf:ad:45:69:e8:b1:bf:f8:c4:84:b9:87:14:
22:91:a2:18:fc:8d:90:3f:29:39:79:d1:46:74:db:
3a:97:b9:4c:35:7e:41:22:40:b6:c9:c4:48:e2:0a:
aa:89:ac:c8:f1:de:e3:fe:c0:74:2a:82:4c:6d:1c:
3d:d2:4c:49:62:ba:18:bb:2d:98:71:65:86:87:79:
b7:a6:2a:4c:bf:f5:6d:c0:d0:2e:ae:d2:88:0b:4f:
94:8c:18:f7:25:68:75:c5:fc:75:32:ea:b8:7f:f8:
82:d0:09:8c:2d:fd:23:93:7e:03:26:8c:1f:9f:da:
a7:a3:44:1b:9a:2f:cd:58:0a:29:01:c3:ed:80:34:
6f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:0B:B9:76:00:FF:6D:9C:CC:52:03:1A:C4:AE:DE:31:62:3D:1D:7C
X509v3 Authority Key Identifier:
keyid:7C:91:26:73:2C:2F:01:93:BC:3D:E4:E8:D3:AB:C1:5F:4B:AE:D6:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fJEmcywvAZO8PeTo06vBX0uu1i0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/fgu5dgD_bZzMUgMaxK7eMWI9HXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/94632e-99d3-4c21-b67d-d6b730266e76/1/fJEmcywvAZO8PeTo06vBX0uu1i0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.8.0/22
45.156.176.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:c0:ab:52:f0:e7:12:b5:7d:4a:33:9b:39:37:fc:98:b7:ae:
ac:47:0a:21:9b:54:ac:7a:b0:e3:b5:8a:d7:12:35:16:8d:45:
b7:76:15:3b:cc:09:6d:87:f0:03:ff:ef:55:e1:64:d3:37:10:
1a:18:63:26:14:aa:85:4a:d6:37:63:19:fa:14:b5:8e:8b:0a:
79:a6:d6:11:1d:3b:56:b9:ce:ca:34:24:dc:06:e2:9b:e9:19:
d9:85:28:c1:03:47:99:fb:f4:83:e6:1e:cf:63:c0:70:33:d5:
2b:c8:6a:dc:cf:67:a3:1c:33:b6:a9:52:d6:11:30:c8:fe:1b:
5c:4b:cf:02:32:23:ae:2e:08:1d:ee:da:79:75:d8:3f:94:f1:
80:b7:3f:79:95:5c:bd:ee:08:2a:50:a9:6d:75:14:4d:0e:ac:
5e:2c:28:62:bb:c7:32:44:fa:c6:16:9a:56:2e:75:47:f4:24:
7a:f6:51:10:b1:20:0b:6a:85:da:ac:c0:9d:ca:2d:82:27:3c:
5a:24:36:4f:1b:dc:30:cf:bf:6c:56:73:30:cc:be:ea:37:ac:
f9:c0:eb:c4:76:89:4d:46:dd:15:38:30:a5:ae:ac:7b:1e:e0:
ae:d8:7c:55:87:7b:5d:9f:39:2c:7b:dd:4e:24:57:d2:db:ad:
e7:94:9a:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZE2hJa1LuWaQ9nsttTDxRX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjOTEyNjczMmMyZjAxOTNiYzNkZTRlOGQzYWJjMTVmNGJh
ZWQ2MmQwHhcNMjQwODA5MDk0MjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTBiYjk3NjAwZmY2ZDljY2M1MjAzMWFjNGFlZGUzMTYyM2QxZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdZGHwqP+X0/yjjubWUQczW4kfZU
5keuRXC6YoVUY6dea8dEtR3aFggZtg+lQd2/JQGunXLy6FyaR0ZuE5GIdXlsGCT0
Or48dPK7YjgWVF86wBIzhgKOPnSdaLiR7ydEkox1hPRuGsbUGZdtpTpeJjGzmduL
TGwJKL+tRWnosb/4xIS5hxQikaIY/I2QPyk5edFGdNs6l7lMNX5BIkC2ycRI4gqq
iazI8d7j/sB0KoJMbRw90kxJYroYuy2YcWWGh3m3pipMv/VtwNAurtKIC0+UjBj3
JWh1xfx1Muq4f/iC0AmMLf0jk34DJowfn9qno0Qbmi/NWAopAcPtgDRvDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH4LuXYA/22czFIDGsSu3jFiPR18MB8GA1UdIwQY
MBaAFHyRJnMsLwGTvD3k6NOrwV9LrtYtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkpFbWN5d3ZBWk84UGVUbzA2dkJYMHV1MWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi85NDYzMmUtOTlkMy00YzIxLWI2N2Qt
ZDZiNzMwMjY2ZTc2LzEvZmd1NWRnRF9iWnpNVWdNYXhLN2VNV0k5SFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi85NDYzMmUtOTlkMy00YzIxLWI2N2QtZDZiNzMwMjY2ZTc2
LzEvZkpFbWN5d3ZBWk84UGVUbzA2dkJYMHV1MWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBfwIAwQC
LZywMA0GCSqGSIb3DQEBCwUAA4IBAQAewKtS8OcStX1KM5s5N/yYt66sRwohm1Ss
erDjtYrXEjUWjUW3dhU7zAlth/AD/+9V4WTTNxAaGGMmFKqFStY3Yxn6FLWOiwp5
ptYRHTtWuc7KNCTcBuKb6RnZhSjBA0eZ+/SD5h7PY8BwM9UryGrcz2ejHDO2qVLW
ETDI/htcS88CMiOuLggd7tp5ddg/lPGAtz95lVy97ggqUKltdRRNDqxeLChiu8cy
RPrGFppWLnVH9CR69lEQsSALaoXarMCdyi2CJzxaJDZPG9wwz79sVnMwzL7qN6z5
wOvEdolNRt0VODClrqx7HuCu2HxVh3tdnzkse91OJFfS263nlJpn
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:02 2024 by rpki-client on console-ams.rpki-client.org