Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/kUqVwIQaI4i20IqQ5q3Y5pgQbP4.roa
File: kUqVwIQaI4i20IqQ5q3Y5pgQbP4.roa (raw, json)
Hash identifier: q6un4SO/J8o5wXrudHUKwHbOh2WXofqHsYPo5AuG7aU=
Subject key identifier: 91:4A:95:C0:84:1A:23:88:B6:D0:8A:90:E6:AD:D8:E6:98:10:6C:FE
Certificate issuer: /CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Certificate serial: 018CC500EB40B7A835FA2E1DE7C732076A3D
Authority key identifier: 25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/kUqVwIQaI4i20IqQ5q3Y5pgQbP4.roa
Signing time: Mon 01 Jan 2024 12:30:20 +0000
ROA not before: Mon 01 Jan 2024 12:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43160
IP address blocks: 149.62.176.0/21 maxlen: 21
149.62.181.0/24 maxlen: 24
5.158.81.0/24 maxlen: 24
5.158.80.0/24 maxlen: 24
5.158.83.0/24 maxlen: 24
37.235.37.0/24 maxlen: 24
37.235.32.0/21 maxlen: 21
37.235.33.0/24 maxlen: 24
2a01:b5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/Ja5VGvC7XXl36nP2iW8l8eyij50.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/Ja5VGvC7XXl36nP2iW8l8eyij50.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:eb:40:b7:a8:35:fa:2e:1d:e7:c7:32:07:6a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25ae551af0bb5d7977ea73f6896f25f1eca28f9d
Validity
Not Before: Jan 1 12:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=914a95c0841a2388b6d08a90e6add8e698106cfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6e:cf:53:ac:5e:c8:70:16:7d:dc:5f:a1:bd:
72:55:58:b7:73:a4:bb:a6:59:aa:57:e1:79:b2:53:
91:52:fc:f6:eb:09:5d:08:17:1a:c9:94:15:51:dd:
31:de:ed:e4:72:75:a4:ed:55:5a:54:29:b0:a1:f8:
52:ae:e5:0a:f8:52:94:ff:8d:1b:7e:92:f1:93:11:
a6:df:06:5c:c7:d0:b2:8f:d5:61:52:25:ba:2c:29:
ed:11:3b:d0:6a:d3:97:41:61:ac:17:18:6c:fb:5c:
50:b8:30:86:91:8c:9c:17:5b:77:68:26:48:8d:a2:
c8:98:04:95:81:cd:29:f5:ee:9b:41:df:0f:14:d4:
f7:42:13:8c:1b:c3:55:82:4e:90:50:96:d6:6d:64:
6a:06:46:65:0e:49:af:01:eb:49:b9:5a:d9:34:e2:
ce:d2:92:57:d3:f4:7a:1d:00:5a:fb:94:29:cf:2a:
98:a9:da:d0:e2:1a:6c:c1:69:a0:a6:29:09:5b:a8:
5a:8e:d7:99:14:7e:22:c8:8d:23:16:8e:41:0f:c8:
76:f9:29:f4:b2:81:e0:e5:9b:82:6f:7a:99:61:b4:
eb:c4:a5:c8:55:d1:73:0c:71:cf:26:d2:95:9e:a8:
65:8f:8f:d5:1c:a1:c5:5c:c6:6f:fe:f5:47:3c:dc:
52:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4A:95:C0:84:1A:23:88:B6:D0:8A:90:E6:AD:D8:E6:98:10:6C:FE
X509v3 Authority Key Identifier:
keyid:25:AE:55:1A:F0:BB:5D:79:77:EA:73:F6:89:6F:25:F1:EC:A2:8F:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ja5VGvC7XXl36nP2iW8l8eyij50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/kUqVwIQaI4i20IqQ5q3Y5pgQbP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/42f81b-c42c-4254-abb9-2142f8fb676e/1/Ja5VGvC7XXl36nP2iW8l8eyij50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.80.0/23
5.158.83.0/24
37.235.32.0/21
149.62.176.0/21
IPv6:
2a01:b5c0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:3a:c1:93:0a:26:b7:6f:66:bb:ad:78:f1:4a:e7:86:a3:7d:
25:ea:11:fc:9c:c6:ed:aa:5a:8e:b0:b6:c4:04:6b:c4:ce:e7:
93:57:c8:8e:89:2d:e0:b7:57:4c:86:f5:5d:e4:dd:19:52:f4:
cd:95:c3:9a:40:c0:24:c1:7f:f7:4c:c6:03:e8:b5:ad:2f:fd:
f6:4b:b4:77:ab:42:cd:db:57:0b:8c:fd:fd:22:f3:85:7e:f1:
1a:da:b0:39:7b:90:ed:b5:a6:4b:e7:ba:bf:de:01:fa:a5:01:
e9:71:59:be:e8:1d:b3:1f:c8:e1:68:3c:51:43:4f:bb:1d:46:
f4:fa:4b:60:25:a9:5b:4d:18:87:14:a6:96:d8:8d:59:9e:22:
91:dc:6e:f8:30:c4:15:70:e8:6f:ba:69:56:ed:95:45:fb:33:
c0:98:13:ae:40:80:63:61:70:11:e1:e3:71:5f:e4:7d:79:77:
b5:5f:95:dc:81:b3:13:fd:98:93:dd:d9:cc:00:14:e6:45:df:
fd:13:06:6c:d3:32:5e:af:9d:64:e3:ba:58:93:4d:82:0a:34:
9b:11:bf:f2:57:7b:07:f2:04:5b:1b:9d:c8:ed:e3:f3:f3:64:
1b:65:2a:e9:c8:77:0d:b7:33:82:98:e3:f0:f4:ce:07:77:c2:
bb:a6:4a:32
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAOtAt6g1+i4d58cyB2o9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YWU1NTFhZjBiYjVkNzk3N2VhNzNmNjg5NmYyNWYxZWNh
MjhmOWQwHhcNMjQwMTAxMTIzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRhOTVjMDg0MWEyMzg4YjZkMDhhOTBlNmFkZDhlNjk4MTA2Y2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG7PU6xeyHAWfdxfob1yVVi3c6S7
plmqV+F5slORUvz26wldCBcayZQVUd0x3u3kcnWk7VVaVCmwofhSruUK+FKU/40b
fpLxkxGm3wZcx9Cyj9VhUiW6LCntETvQatOXQWGsFxhs+1xQuDCGkYycF1t3aCZI
jaLImASVgc0p9e6bQd8PFNT3QhOMG8NVgk6QUJbWbWRqBkZlDkmvAetJuVrZNOLO
0pJX0/R6HQBa+5QpzyqYqdrQ4hpswWmgpikJW6hajteZFH4iyI0jFo5BD8h2+Sn0
soHg5ZuCb3qZYbTrxKXIVdFzDHHPJtKVnqhlj4/VHKHFXMZv/vVHPNxSrwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJFKlcCEGiOIttCKkOat2OaYEGz+MB8GA1UdIwQY
MBaAFCWuVRrwu115d+pz9olvJfHsoo+dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmE1Vkd2QzdYWGwzNm5QMmlXOGw4ZXlpajUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80MmY4MWItYzQyYy00MjU0LWFiYjkt
MjE0MmY4ZmI2NzZlLzEva1VxVndJUWFJNGkyMElxUTVxM1k1cGdRYlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80MmY4MWItYzQyYy00MjU0LWFiYjktMjE0MmY4ZmI2NzZl
LzEvSmE1Vkd2QzdYWGwzNm5QMmlXOGw4ZXlpajUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBBZ5QAwQA
BZ5TAwQDJesgAwQDlT6wMA0EAgACMAcDBQAqAbXAMA0GCSqGSIb3DQEBCwUAA4IB
AQAtOsGTCia3b2a7rXjxSueGo30l6hH8nMbtqlqOsLbEBGvEzueTV8iOiS3gt1dM
hvVd5N0ZUvTNlcOaQMAkwX/3TMYD6LWtL/32S7R3q0LN21cLjP39IvOFfvEa2rA5
e5DttaZL57q/3gH6pQHpcVm+6B2zH8jhaDxRQ0+7HUb0+ktgJalbTRiHFKaW2I1Z
niKR3G74MMQVcOhvumlW7ZVF+zPAmBOuQIBjYXAR4eNxX+R9eXe1X5XcgbMT/ZiT
3dnMABTmRd/9EwZs0zJer51k47pYk02CCjSbEb/yV3sH8gRbG53I7ePz82QbZSrp
yHcNtzOCmOPw9M4Hd8K7pkoy
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:01 2024 by rpki-client on console-fra.rpki-client.org