Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/rPlbQ6c9dWHF29Wy4NaJVwBjWXY.roa
File: rPlbQ6c9dWHF29Wy4NaJVwBjWXY.roa (raw, json)
Hash identifier: O/mhWiacQnwRf2uPvdxdK6mxNo31n7+l73Ic6N2s5u0=
Subject key identifier: AC:F9:5B:43:A7:3D:75:61:C5:DB:D5:B2:E0:D6:89:57:00:63:59:76
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 018E428968149659D28B23E857FCC2B69A35
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/rPlbQ6c9dWHF29Wy4NaJVwBjWXY.roa
Signing time: Fri 15 Mar 2024 14:34:45 +0000
ROA not before: Fri 15 Mar 2024 14:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8362
IP address blocks: 5.158.240.0/20 maxlen: 20
37.220.48.0/20 maxlen: 20
46.162.128.0/18 maxlen: 18
62.64.32.0/19 maxlen: 19
79.141.192.0/24 maxlen: 24
79.141.193.0/24 maxlen: 24
79.141.194.0/24 maxlen: 24
79.141.195.0/24 maxlen: 24
79.141.197.0/24 maxlen: 24
79.141.204.0/24 maxlen: 24
79.141.206.0/23 maxlen: 23
195.146.224.0/20 maxlen: 20
195.146.240.0/20 maxlen: 20
2a01:8e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:89:68:14:96:59:d2:8b:23:e8:57:fc:c2:b6:9a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: Mar 15 14:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acf95b43a73d7561c5dbd5b2e0d6895700635976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:80:f3:0e:13:ca:61:29:ca:8f:59:37:d4:a3:
92:75:56:55:11:08:ec:12:b2:04:a0:eb:f4:19:90:
bb:ea:47:a9:17:b2:e9:be:36:e4:de:92:30:6a:79:
65:f1:e0:52:e9:77:67:b9:66:64:14:c9:89:71:ed:
e4:23:5b:fa:bb:5c:ca:d9:d2:6e:05:a0:bf:a6:fc:
b2:fa:1f:8c:71:64:ab:15:15:54:e2:cb:35:0d:96:
20:41:3d:da:f7:8e:72:36:99:78:b9:2f:ae:9f:b1:
9e:a0:ef:50:cb:e3:61:2e:60:16:92:97:e4:72:ae:
64:be:0a:a6:b5:67:b7:4e:03:52:b6:59:ea:f2:14:
23:2c:96:ae:ab:27:ff:a6:33:7e:0a:00:ae:c7:36:
1f:ac:03:4d:2b:66:7c:2e:63:6a:9e:b3:b1:07:44:
77:94:94:41:18:0b:a9:a7:62:e7:b1:ae:a9:f6:37:
54:8b:b3:77:00:08:0c:fd:13:a4:a3:30:bd:eb:f9:
09:b0:9d:48:12:09:f8:75:b4:d9:f0:bb:15:bc:81:
7b:07:9f:cb:6e:6c:e3:80:fc:f0:0c:ae:f9:17:fa:
75:01:55:70:05:e3:9a:79:58:7e:a6:70:5d:7a:66:
78:6a:7d:1a:aa:8d:c8:20:48:51:82:f7:c7:ab:37:
ba:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F9:5B:43:A7:3D:75:61:C5:DB:D5:B2:E0:D6:89:57:00:63:59:76
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/rPlbQ6c9dWHF29Wy4NaJVwBjWXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.240.0/20
37.220.48.0/20
46.162.128.0/18
62.64.32.0/19
79.141.192.0/22
79.141.197.0/24
79.141.204.0/24
79.141.206.0/23
195.146.224.0/19
IPv6:
2a01:8e80::/29
Signature Algorithm: sha256WithRSAEncryption
bc:7e:bc:ef:32:54:76:e7:fa:f4:31:03:22:42:23:58:66:4f:
c2:ad:94:f5:ae:5f:a8:8f:66:d1:cc:69:31:f3:80:3d:21:f0:
32:06:ef:43:e5:3c:70:75:83:03:d2:91:33:d4:6a:95:f8:9f:
ce:e4:db:be:84:44:6d:dc:9b:f5:fb:9b:bc:0a:a1:a6:44:53:
23:51:bf:f8:c3:82:9a:9e:00:7f:01:cc:a6:2c:37:cc:18:b2:
99:10:fa:a8:f1:0f:9b:c3:22:66:c1:59:81:14:da:8b:ec:de:
7b:e8:7a:74:ee:db:2c:b3:a5:c5:1a:3e:96:c3:18:a9:66:ff:
c0:83:25:32:f2:1f:4f:e1:30:42:65:a8:30:c1:50:b2:da:63:
82:0b:7e:d3:ff:98:33:23:29:be:11:06:06:5d:79:f3:2c:dc:
ea:91:a6:61:7a:fa:f6:d1:6f:a8:a3:1d:61:92:bf:c8:ad:30:
42:5d:43:29:63:36:9b:55:bc:89:9c:5f:8d:c9:bc:5c:f7:b0:
ee:10:f6:97:8d:da:39:8a:c1:d2:6c:d0:19:a1:20:91:60:f6:
e3:5f:8d:44:60:f2:26:a4:5c:63:12:c0:9c:87:57:0e:dc:cb:
4a:ae:77:f7:7a:e8:4f:93:b7:94:4d:5c:3e:2b:d6:93:b9:a8:
6a:4f:74:64
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAY5CiWgUllnSiyPoV/zCtpo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjQwMzE1MTQzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2Y5NWI0M2E3M2Q3NTYxYzVkYmQ1YjJlMGQ2ODk1NzAwNjM1OTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4DzDhPKYSnKj1k31KOSdVZVEQjs
ErIEoOv0GZC76kepF7Lpvjbk3pIwanll8eBS6XdnuWZkFMmJce3kI1v6u1zK2dJu
BaC/pvyy+h+McWSrFRVU4ss1DZYgQT3a945yNpl4uS+un7GeoO9Qy+NhLmAWkpfk
cq5kvgqmtWe3TgNStlnq8hQjLJauqyf/pjN+CgCuxzYfrANNK2Z8LmNqnrOxB0R3
lJRBGAupp2Lnsa6p9jdUi7N3AAgM/ROkozC96/kJsJ1IEgn4dbTZ8LsVvIF7B5/L
bmzjgPzwDK75F/p1AVVwBeOaeVh+pnBdemZ4an0aqo3IIEhRgvfHqze6LwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKz5W0OnPXVhxdvVsuDWiVcAY1l2MB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvclBsYlE2YzlkV0hGMjlXeTROYUpWd0JqV1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEBZ7wAwQE
JdwwAwQGLqKAAwQFPkAgAwQCT43AAwQAT43FAwQAT43MAwQBT43OAwQFw5LgMA0E
AgACMAcDBQMqAY6AMA0GCSqGSIb3DQEBCwUAA4IBAQC8frzvMlR25/r0MQMiQiNY
Zk/CrZT1rl+oj2bRzGkx84A9IfAyBu9D5TxwdYMD0pEz1GqV+J/O5Nu+hERt3Jv1
+5u8CqGmRFMjUb/4w4KangB/AcymLDfMGLKZEPqo8Q+bwyJmwVmBFNqL7N576Hp0
7tsss6XFGj6WwxipZv/AgyUy8h9P4TBCZagwwVCy2mOCC37T/5gzIym+EQYGXXnz
LNzqkaZhevr20W+oox1hkr/IrTBCXUMpYzabVbyJnF+Nybxc97DuEPaXjdo5isHS
bNAZoSCRYPbjX41EYPImpFxjEsCch1cO3MtKrnf3euhPk7eUTVw+K9aTuahqT3Rk
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:17:19 2024 by rpki-client on console-ams.rpki-client.org