Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/pfDazX5dqtI9dLKqzbEgZmI-Ksw.roa
File: pfDazX5dqtI9dLKqzbEgZmI-Ksw.roa (raw, json)
Hash identifier: 6KGY2PyTQSIjBTERVdh9P9V0pdGpYlABWUEbV0hiaOU=
Subject key identifier: A5:F0:DA:CD:7E:5D:AA:D2:3D:74:B2:AA:CD:B1:20:66:62:3E:2A:CC
Certificate issuer: /CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Certificate serial: 018CC348A02041C1D5CAD8AB70C2BA6E4CD4
Authority key identifier: D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/pfDazX5dqtI9dLKqzbEgZmI-Ksw.roa
Signing time: Mon 01 Jan 2024 04:29:25 +0000
ROA not before: Mon 01 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29601
IP address blocks: 193.24.64.0/24 maxlen: 24
193.24.71.0/24 maxlen: 24
193.24.67.0/24 maxlen: 24
193.24.70.0/24 maxlen: 24
139.123.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:a0:20:41:c1:d5:ca:d8:ab:70:c2:ba:6e:4c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Validity
Not Before: Jan 1 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5f0dacd7e5daad23d74b2aacdb12066623e2acc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5c:86:11:5c:27:92:ef:3e:fb:db:19:a6:70:
15:c4:9c:73:24:91:62:22:0e:3a:0a:68:28:95:cb:
ac:e4:11:1b:ca:2c:a8:a8:49:b1:d3:f1:b6:1b:f2:
50:61:6e:1a:97:1c:a1:ce:e2:9f:80:3f:21:06:f9:
81:27:75:54:62:0c:cb:fe:73:fd:0d:7d:ef:a4:3b:
aa:52:1a:4a:44:c0:4f:11:3d:87:de:8a:90:6e:97:
48:94:94:a4:4f:59:6b:83:b6:4f:0d:c5:23:87:3a:
2b:b9:2a:97:47:79:98:05:80:cb:aa:42:51:62:e0:
02:eb:13:ef:28:32:42:0a:c3:fe:25:fd:d9:4d:51:
f6:28:cb:e4:cf:e3:94:f8:4d:40:4b:a3:7c:4c:ad:
77:af:58:89:fa:0f:56:33:77:8e:33:d0:18:ca:5c:
8e:42:ac:48:68:5d:8d:46:8f:a2:ed:e7:85:9b:ab:
a5:4d:f8:e5:e9:9d:32:68:93:f1:2f:f9:31:b7:0b:
f2:86:a6:24:6c:df:44:bc:56:02:9b:fc:c0:97:f2:
ec:cf:0d:ce:1f:2f:3c:22:e2:de:5e:d7:89:29:34:
85:5f:4c:5e:00:78:3e:aa:b6:1b:5c:e1:b9:65:66:
00:dd:4f:19:75:18:66:e6:fe:3f:4e:55:32:82:ff:
c4:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F0:DA:CD:7E:5D:AA:D2:3D:74:B2:AA:CD:B1:20:66:62:3E:2A:CC
X509v3 Authority Key Identifier:
keyid:D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/pfDazX5dqtI9dLKqzbEgZmI-Ksw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.123.224.0/24
193.24.64.0/24
193.24.67.0/24
193.24.70.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:06:2b:1c:02:f8:ea:4b:68:23:c6:8f:c4:37:ab:0d:0c:65:
f4:fa:ba:a7:af:64:1d:3a:46:ec:69:0a:29:d3:61:8a:3f:2b:
50:c6:8b:d3:76:f0:d5:f3:2d:fb:ac:86:d0:71:4c:a9:76:0c:
c1:e2:cd:4a:ac:8e:79:21:36:3f:aa:7c:2a:2e:00:61:c6:44:
6c:f5:12:9f:66:c0:90:f1:6b:cb:e9:87:2c:a3:ed:ec:c2:c4:
0c:2f:33:06:d7:5d:26:39:52:63:b0:19:21:46:02:fd:90:6b:
f3:32:54:ea:12:99:2c:e2:b0:01:53:9f:e3:04:17:3c:1d:45:
22:a1:23:90:80:85:5b:41:a4:80:5f:77:6f:8c:10:0d:b7:a7:
41:6e:0d:12:4b:c4:a0:61:e8:bc:c5:67:db:f0:8c:39:48:43:
8d:69:1a:2c:6d:9c:c1:db:1c:02:41:42:80:96:9e:09:50:2d:
98:16:d5:e3:4d:37:33:85:07:a9:5e:23:08:95:0b:5a:e9:91:
a0:db:d0:65:87:3e:26:45:2c:74:7e:45:60:e0:44:5f:55:1c:
06:9d:23:9b:1c:f6:cc:42:e9:95:06:3d:13:2b:28:35:c8:81:
29:7a:7b:65:b7:e5:27:28:6b:d4:46:b9:8c:9e:e2:8e:d4:7d:
16:f1:7e:4e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDSKAgQcHVytircMK6bkzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzcyYWFjMWI2MmI4N2Q2YjAxZDU3YTFhMDBhNmE3MmI4
YTdkYTYwHhcNMjQwMTAxMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWYwZGFjZDdlNWRhYWQyM2Q3NGIyYWFjZGIxMjA2NjYyM2UyYWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1yGEVwnku8++9sZpnAVxJxzJJFi
Ig46Cmgolcus5BEbyiyoqEmx0/G2G/JQYW4alxyhzuKfgD8hBvmBJ3VUYgzL/nP9
DX3vpDuqUhpKRMBPET2H3oqQbpdIlJSkT1lrg7ZPDcUjhzoruSqXR3mYBYDLqkJR
YuAC6xPvKDJCCsP+Jf3ZTVH2KMvkz+OU+E1AS6N8TK13r1iJ+g9WM3eOM9AYylyO
QqxIaF2NRo+i7eeFm6ulTfjl6Z0yaJPxL/kxtwvyhqYkbN9EvFYCm/zAl/Lszw3O
Hy88IuLeXteJKTSFX0xeAHg+qrYbXOG5ZWYA3U8ZdRhm5v4/TlUygv/ERwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKXw2s1+XarSPXSyqs2xIGZiPirMMB8GA1UdIwQY
MBaAFNh3KqwbYrh9awHVehoApqcrin2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhjcXJCdGl1SDFyQWRWNkdnQ21weXVLZmFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82MTZhNTgtNTM0Mi00MzJjLWE5YzUt
MzMzYmVlY2ZmNmY0LzEvcGZEYXpYNWRxdEk5ZExLcXpiRWdabUktS3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82MTZhNTgtNTM0Mi00MzJjLWE5YzUtMzMzYmVlY2ZmNmY0
LzEvMkhjcXJCdGl1SDFyQWRWNkdnQ21weXVLZmFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAi3vgAwQA
wRhAAwQAwRhDAwQBwRhGMA0GCSqGSIb3DQEBCwUAA4IBAQBeBiscAvjqS2gjxo/E
N6sNDGX0+rqnr2QdOkbsaQop02GKPytQxovTdvDV8y37rIbQcUypdgzB4s1KrI55
ITY/qnwqLgBhxkRs9RKfZsCQ8WvL6Ycso+3swsQMLzMG110mOVJjsBkhRgL9kGvz
MlTqEpks4rABU5/jBBc8HUUioSOQgIVbQaSAX3dvjBANt6dBbg0SS8SgYei8xWfb
8Iw5SEONaRosbZzB2xwCQUKAlp4JUC2YFtXjTTczhQepXiMIlQta6ZGg29Blhz4m
RSx0fkVg4ERfVRwGnSObHPbMQumVBj0TKyg1yIEpentlt+UnKGvURrmMnuKO1H0W
8X5O
-----END CERTIFICATE-----
Generated at Sat May 18 05:55:08 2024 by rpki-client on console-ams.rpki-client.org