Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/yl4KazKTEiUB-yzUHjPH522YvIQ.roa
File: yl4KazKTEiUB-yzUHjPH522YvIQ.roa (raw, json)
Hash identifier: euIOJZq9WziKiL8r7AiqVO21da4uc3kcFU2nQ/iQKd0=
Subject key identifier: CA:5E:0A:6B:32:93:12:25:01:FB:2C:D4:1E:33:C7:E7:6D:98:BC:84
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E0B83F1A227FC0206B4D7FBDB8F42
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/yl4KazKTEiUB-yzUHjPH522YvIQ.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 201.49.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0b:83:f1:a2:27:fc:02:06:b4:d7:fb:db:8f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca5e0a6b3293122501fb2cd41e33c7e76d98bc84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3c:b3:4f:22:80:79:f9:6b:ef:fb:3a:f7:da:
41:4d:83:51:d0:d0:d0:16:5f:64:62:85:21:9a:40:
b0:55:d6:17:88:37:9b:02:33:58:b6:37:dd:1e:18:
d3:2d:27:13:2f:7f:04:25:63:2b:6f:ad:2b:7e:30:
9c:e1:71:a8:39:c3:23:ed:f6:11:d2:a1:61:e4:07:
37:a7:1e:59:a1:05:41:66:81:50:cd:a9:c0:b2:9b:
1e:df:d7:33:79:92:a2:ea:9d:41:9d:42:a0:db:69:
47:3a:8a:32:28:ca:80:de:1a:fc:c2:80:fb:5a:7f:
cc:54:f4:88:27:28:66:54:5f:19:f5:fe:08:ca:41:
6d:33:65:e7:76:10:05:e5:4d:03:d3:0d:1d:a3:ed:
d6:54:f2:39:b2:d0:30:31:af:3e:98:4e:4e:0c:70:
fb:39:8e:1b:5a:b9:40:0f:44:28:05:be:0c:68:1f:
45:ed:f9:2a:1f:39:f2:a0:29:1a:4e:05:9f:e2:db:
21:a2:10:90:b7:27:53:85:f1:25:b4:89:3c:86:0f:
0d:34:f2:f2:a4:8e:94:3d:67:d2:b8:c9:04:d6:7f:
e2:46:d2:98:5c:95:9b:e6:0d:a5:8d:a7:b2:8c:26:
68:18:23:38:5a:4a:d0:4d:8d:5d:21:dc:80:16:a0:
e4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:5E:0A:6B:32:93:12:25:01:FB:2C:D4:1E:33:C7:E7:6D:98:BC:84
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/yl4KazKTEiUB-yzUHjPH522YvIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
201.49.189.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:e0:72:21:0f:a7:da:e4:83:cb:6d:bf:9b:28:bf:34:3b:8a:
b8:79:4f:7f:21:9e:f8:5a:47:ec:70:ee:97:d4:28:af:6d:40:
bf:ff:8a:db:d8:18:fb:31:c1:fa:7d:5e:cd:90:40:6a:0e:59:
1b:f5:59:e0:3e:de:4d:95:74:6f:3e:64:e3:b0:88:7e:9d:87:
43:94:d1:16:7b:58:d1:d3:46:22:84:0b:d9:ee:41:bc:b0:e2:
10:6f:6c:41:15:9f:48:72:11:88:01:ad:4f:d5:f9:07:15:b1:
71:52:2f:0e:4e:08:f2:f1:e3:50:4e:2f:5b:bf:eb:41:e9:3b:
3e:66:90:6a:64:cd:11:a8:14:bb:eb:92:c5:8b:7f:0a:30:16:
ca:b4:71:13:43:e4:93:ef:07:5a:93:86:4c:06:a8:0d:5e:a4:
34:95:63:43:fa:83:92:fd:dc:ef:c8:28:7e:6b:7b:3f:ab:ef:
76:1c:b4:5b:9e:ee:4e:d8:21:bd:7f:6d:7f:21:3d:b1:2c:01:
71:42:68:b2:c5:60:83:5c:31:37:5d:36:93:46:48:76:3c:f4:
5f:5b:fd:73:52:a9:55:c7:64:f3:03:44:69:b4:03:e1:9b:47:
b8:d4:78:09:40:63:6b:f8:6e:94:8b:19:92:84:7e:d3:13:0b:
8a:8a:1a:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbguD8aIn/AIGtNf7249CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTVlMGE2YjMyOTMxMjI1MDFmYjJjZDQxZTMzYzdlNzZkOThiYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjyzTyKAeflr7/s699pBTYNR0NDQ
Fl9kYoUhmkCwVdYXiDebAjNYtjfdHhjTLScTL38EJWMrb60rfjCc4XGoOcMj7fYR
0qFh5Ac3px5ZoQVBZoFQzanAspse39czeZKi6p1BnUKg22lHOooyKMqA3hr8woD7
Wn/MVPSIJyhmVF8Z9f4IykFtM2XndhAF5U0D0w0do+3WVPI5stAwMa8+mE5ODHD7
OY4bWrlAD0QoBb4MaB9F7fkqHznyoCkaTgWf4tshohCQtydThfEltIk8hg8NNPLy
pI6UPWfSuMkE1n/iRtKYXJWb5g2ljaeyjCZoGCM4WkrQTY1dIdyAFqDkvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMpeCmsykxIlAfss1B4zx+dtmLyEMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEveWw0S2F6S1RFaVVCLXl6VUhqUEg1MjJZdklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyTG9MA0G
CSqGSIb3DQEBCwUAA4IBAQCw4HIhD6fa5IPLbb+bKL80O4q4eU9/IZ74WkfscO6X
1CivbUC//4rb2Bj7McH6fV7NkEBqDlkb9VngPt5NlXRvPmTjsIh+nYdDlNEWe1jR
00YihAvZ7kG8sOIQb2xBFZ9IchGIAa1P1fkHFbFxUi8OTgjy8eNQTi9bv+tB6Ts+
ZpBqZM0RqBS765LFi38KMBbKtHETQ+ST7wdak4ZMBqgNXqQ0lWND+oOS/dzvyCh+
a3s/q+92HLRbnu5O2CG9f21/IT2xLAFxQmiyxWCDXDE3XTaTRkh2PPRfW/1zUqlV
x2TzA0RptAPhm0e41HgJQGNr+G6UixmShH7TEwuKihr2
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:13:11 2024 by rpki-client on console-ams.rpki-client.org