Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/A5Xh_cTpnP0QDzLp_nikSm3U1mY.roa
File: A5Xh_cTpnP0QDzLp_nikSm3U1mY.roa (raw, json)
Hash identifier: iqNcRr0ZW/Dp7aLaaEb2qkRmOQR4veF02Sqv4GrOP4A=
Subject key identifier: 03:95:E1:FD:C4:E9:9C:FD:10:0F:32:E9:FE:78:A4:4A:6D:D4:D6:66
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A218E0F00CC356C4F67D61B966395
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/A5Xh_cTpnP0QDzLp_nikSm3U1mY.roa
Signing time: Tue 02 Jan 2024 12:33:27 +0000
ROA not before: Tue 02 Jan 2024 12:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60165
IP address blocks: 31.148.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 00:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:21:8e:0f:00:cc:35:6c:4f:67:d6:1b:96:63:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0395e1fdc4e99cfd100f32e9fe78a44a6dd4d666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a5:60:f0:4a:f2:15:de:69:f3:07:0a:95:12:
11:8a:9d:dc:df:7f:9a:1f:57:7d:59:05:15:ef:89:
38:ae:ec:c8:5a:35:eb:2e:a0:6a:7e:4b:9a:97:58:
d8:5a:5a:87:b5:f2:41:16:d4:b4:7d:0b:f9:cd:7a:
76:2d:05:40:70:bc:d6:0a:86:e2:83:10:63:04:26:
98:90:c3:c9:f5:60:c3:63:7d:57:b5:e8:04:c9:ac:
7e:1f:09:93:57:56:2c:1a:2d:59:fb:6f:6f:16:86:
fc:63:c5:3f:c1:cd:76:bc:5e:4a:0f:7e:54:b3:e0:
94:30:7f:d0:6a:a8:fb:a1:4b:bd:fe:42:52:c4:38:
7b:98:e7:ff:54:64:d8:05:f0:81:93:cb:6b:f4:7c:
ca:f2:ff:18:60:f3:f2:56:24:77:e1:03:ce:0d:c7:
94:d4:24:12:ff:20:8e:46:97:4d:9b:50:5d:35:73:
b2:ff:bd:73:79:7b:7f:32:89:1c:df:fc:27:14:df:
02:34:5a:bb:ac:b4:db:0d:7f:a3:eb:27:c9:92:09:
2f:b1:29:81:e9:e0:36:9e:2f:37:f7:32:ca:6d:ee:
f1:81:94:6c:4e:ee:24:8b:e8:5d:95:4e:bf:79:62:
bc:8a:49:20:f9:a9:f7:11:e9:d8:3f:36:26:e7:74:
4d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:95:E1:FD:C4:E9:9C:FD:10:0F:32:E9:FE:78:A4:4A:6D:D4:D6:66
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/A5Xh_cTpnP0QDzLp_nikSm3U1mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.148.120.0/21
Signature Algorithm: sha256WithRSAEncryption
82:6e:60:6a:c1:f4:60:8f:37:a2:00:44:f1:a6:85:1b:7d:21:
94:ca:90:0a:06:9d:a6:30:81:5c:c1:03:fd:e9:ca:cc:78:80:
b2:9c:5e:f2:8c:8c:07:06:4b:f2:92:9a:27:c5:9c:05:76:00:
96:6d:61:ae:1b:d7:e7:6f:8f:fa:89:08:b7:e7:ba:c0:0a:57:
b1:b3:80:72:93:df:e5:5f:3e:50:dd:fc:81:ae:91:f1:12:d3:
fb:a0:d8:81:8e:08:1a:34:6a:cf:95:15:ef:e1:87:75:db:90:
e0:e2:fd:09:c5:5a:7f:d1:72:9a:aa:bd:e3:12:ec:da:d2:f6:
9d:ba:23:68:d4:54:5d:46:3e:af:bf:49:14:eb:d4:6c:d4:05:
68:9c:8c:e3:d2:e3:69:85:7a:78:4c:23:01:95:17:09:0c:20:
9d:96:59:40:3d:10:d7:ea:d2:dc:9c:17:3a:da:d1:3b:25:63:
eb:6f:7b:61:4d:9e:c1:2b:14:01:6b:80:bc:3c:22:c3:f8:8a:
46:22:e1:f9:3d:58:fb:72:e4:29:f2:c2:a7:34:38:9a:0f:ad:
33:50:2c:f3:9a:fb:67:ff:65:7e:91:cd:07:27:e0:da:96:8b:
c4:5a:7b:5f:ea:09:74:5d:2a:37:5b:00:5f:a0:a5:61:04:90:
d1:b8:09:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKiGODwDMNWxPZ9YblmOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzk1ZTFmZGM0ZTk5Y2ZkMTAwZjMyZTlmZTc4YTQ0YTZkZDRkNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqVg8EryFd5p8wcKlRIRip3c33+a
H1d9WQUV74k4ruzIWjXrLqBqfkual1jYWlqHtfJBFtS0fQv5zXp2LQVAcLzWCobi
gxBjBCaYkMPJ9WDDY31XtegEyax+HwmTV1YsGi1Z+29vFob8Y8U/wc12vF5KD35U
s+CUMH/Qaqj7oUu9/kJSxDh7mOf/VGTYBfCBk8tr9HzK8v8YYPPyViR34QPODceU
1CQS/yCORpdNm1BdNXOy/71zeXt/Mokc3/wnFN8CNFq7rLTbDX+j6yfJkgkvsSmB
6eA2ni839zLKbe7xgZRsTu4ki+hdlU6/eWK8ikkg+an3EenYPzYm53RNEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOV4f3E6Zz9EA8y6f54pEpt1NZmMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQTVYaF9jVHBuUDBRRHpMcF9uaWtTbTNVMW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH5R4MA0G
CSqGSIb3DQEBCwUAA4IBAQCCbmBqwfRgjzeiAETxpoUbfSGUypAKBp2mMIFcwQP9
6crMeICynF7yjIwHBkvykponxZwFdgCWbWGuG9fnb4/6iQi357rAClexs4Byk9/l
Xz5Q3fyBrpHxEtP7oNiBjggaNGrPlRXv4Yd125Dg4v0JxVp/0XKaqr3jEuza0vad
uiNo1FRdRj6vv0kU69Rs1AVonIzj0uNphXp4TCMBlRcJDCCdlllAPRDX6tLcnBc6
2tE7JWPrb3thTZ7BKxQBa4C8PCLD+IpGIuH5PVj7cuQp8sKnNDiaD60zUCzzmvtn
/2V+kc0HJ+DalovEWntf6gl0XSo3WwBfoKVhBJDRuAmG
-----END CERTIFICATE-----
Generated at Wed May 29 09:37:02 2024 by rpki-client on console-fra.rpki-client.org