Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/1-MoXbYkycRx6r22NvA1fC-51OOk.roa
File: 1-MoXbYkycRx6r22NvA1fC-51OOk.roa (raw, json)
Hash identifier: MouAziIIVf/R3lT67whdDCFw/2js2rcCU2Tv3tLWvPg=
Subject key identifier: F8:CA:17:6D:89:32:71:1C:7A:AF:6D:8D:BC:0D:5F:0B:EE:75:38:E9
Certificate issuer: /CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96
Certificate serial: 018CC50155C81D9F09253134413FF30AE37A
Authority key identifier: 5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/1-MoXbYkycRx6r22NvA1fC-51OOk.roa
Signing time: Mon 01 Jan 2024 12:30:48 +0000
ROA not before: Mon 01 Jan 2024 12:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9031
IP address blocks: 94.105.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:55:c8:1d:9f:09:25:31:34:41:3f:f3:0a:e3:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d3bb84891651f2039cd81b0b60912f7c0e5cf96
Validity
Not Before: Jan 1 12:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8ca176d8932711c7aaf6d8dbc0d5f0bee7538e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:36:f0:3a:86:c1:5d:e1:1c:49:7e:95:35:8a:
a8:44:53:be:3f:63:41:93:50:aa:ec:c2:8e:bd:86:
c4:7e:78:f8:4d:e6:95:8c:69:86:c1:64:f6:68:69:
c6:ce:74:89:ef:d9:51:1f:9a:f4:64:92:2d:cb:c3:
3e:70:c6:3d:a7:05:98:d3:0b:55:dd:33:60:6e:20:
03:2d:7c:64:15:52:8a:aa:58:61:64:19:8d:dc:74:
b1:d6:1e:2b:5f:b4:2f:d2:ad:b1:4a:ad:95:48:89:
58:92:e7:6c:59:78:25:9b:10:7d:56:6a:be:50:c1:
90:8d:cd:b3:a5:b2:46:37:af:d9:86:bc:42:4a:0f:
60:e2:84:8f:f8:00:0e:5f:7e:5c:47:c5:4f:2d:0c:
f8:29:28:98:c6:a6:ac:64:37:1a:67:d5:36:8b:57:
2e:4b:d1:15:6d:2e:63:01:80:22:25:aa:f1:cd:2a:
ac:b3:d0:2d:21:3d:1f:8e:ad:44:e3:46:03:0a:99:
0c:58:9c:5d:5a:55:61:e9:89:10:d5:32:5b:be:e5:
18:65:6a:26:60:7b:d0:74:24:95:6b:93:a3:cf:86:
88:7a:1a:35:21:97:97:1b:b2:0b:dd:55:ae:ac:49:
87:82:62:5c:16:76:5b:59:ce:05:46:13:27:84:36:
5a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:CA:17:6D:89:32:71:1C:7A:AF:6D:8D:BC:0D:5F:0B:EE:75:38:E9
X509v3 Authority Key Identifier:
keyid:5D:3B:B8:48:91:65:1F:20:39:CD:81:B0:B6:09:12:F7:C0:E5:CF:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/1-MoXbYkycRx6r22NvA1fC-51OOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/587f7e-60cc-41a0-8869-4f8c638a72e1/1/XTu4SJFlHyA5zYGwtgkS98Dlz5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.105.96.0/19
Signature Algorithm: sha256WithRSAEncryption
71:bf:b6:50:2f:7d:4e:42:e6:1f:00:5a:99:4f:6b:d9:3a:9e:
4d:43:a4:a7:14:a3:26:7a:50:97:c7:b3:8e:61:09:79:0c:a8:
54:6e:2e:24:c9:21:dc:b2:27:1d:d9:b2:e0:99:df:a4:14:6b:
68:62:23:b9:cf:77:0c:34:13:04:29:d6:ff:77:28:62:1b:52:
2f:53:73:e7:bd:09:87:34:3a:ff:36:94:f5:30:ee:79:ac:99:
ae:ad:1d:6e:df:3f:e1:05:82:ea:64:02:9e:da:12:2c:75:a2:
5c:fc:bb:3c:ee:11:03:eb:f7:22:11:7f:bc:93:cb:83:ad:38:
f5:15:84:6b:4f:85:d5:6e:c5:41:6e:7d:6f:29:87:8e:94:f2:
ca:d5:b4:fa:8d:11:27:ea:d4:4d:36:35:c3:44:b4:31:9f:75:
8d:ff:74:c7:23:68:23:68:41:8f:e6:6c:68:09:71:9c:b4:a6:
80:21:d1:e8:14:a4:5b:ff:7a:da:5a:98:72:00:4a:50:f8:cf:
93:01:09:50:d5:76:e4:99:30:ab:18:4c:8f:ae:35:1e:e9:dd:
8c:f1:40:53:9a:07:fe:b9:22:c0:e7:30:1a:d0:84:14:1b:1a:
bd:4c:bf:b2:f1:f0:16:ab:13:a5:be:96:b5:d3:a0:e6:92:90:
94:b9:d0:4a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzFAVXIHZ8JJTE0QT/zCuN6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkM2JiODQ4OTE2NTFmMjAzOWNkODFiMGI2MDkxMmY3YzBl
NWNmOTYwHhcNMjQwMTAxMTIzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGNhMTc2ZDg5MzI3MTFjN2FhZjZkOGRiYzBkNWYwYmVlNzUzOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzbwOobBXeEcSX6VNYqoRFO+P2NB
k1Cq7MKOvYbEfnj4TeaVjGmGwWT2aGnGznSJ79lRH5r0ZJIty8M+cMY9pwWY0wtV
3TNgbiADLXxkFVKKqlhhZBmN3HSx1h4rX7Qv0q2xSq2VSIlYkudsWXglmxB9Vmq+
UMGQjc2zpbJGN6/ZhrxCSg9g4oSP+AAOX35cR8VPLQz4KSiYxqasZDcaZ9U2i1cu
S9EVbS5jAYAiJarxzSqss9AtIT0fjq1E40YDCpkMWJxdWlVh6YkQ1TJbvuUYZWom
YHvQdCSVa5Ojz4aIeho1IZeXG7IL3VWurEmHgmJcFnZbWc4FRhMnhDZaawIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjKF22JMnEceq9tjbwNXwvudTjpMB8GA1UdIwQY
MBaAFF07uEiRZR8gOc2BsLYJEvfA5c+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFR1NFNKRmxIeUE1ellHd3Rna1M5OERsejVZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81ODdmN2UtNjBjYy00MWEwLTg4Njkt
NGY4YzYzOGE3MmUxLzEvMS1Nb1hiWWt5Y1J4NnIyMk52QTFmQy01MU9Pay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWEvNTg3ZjdlLTYwY2MtNDFhMC04ODY5LTRmOGM2MzhhNzJl
MS8xL1hUdTRTSkZsSHlBNXpZR3d0Z2tTOThEbHo1WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBV5pYDAN
BgkqhkiG9w0BAQsFAAOCAQEAcb+2UC99TkLmHwBamU9r2TqeTUOkpxSjJnpQl8ez
jmEJeQyoVG4uJMkh3LInHdmy4JnfpBRraGIjuc93DDQTBCnW/3coYhtSL1Nz570J
hzQ6/zaU9TDueayZrq0dbt8/4QWC6mQCntoSLHWiXPy7PO4RA+v3IhF/vJPLg604
9RWEa0+F1W7FQW59bymHjpTyytW0+o0RJ+rUTTY1w0S0MZ91jf90xyNoI2hBj+Zs
aAlxnLSmgCHR6BSkW/962lqYcgBKUPjPkwEJUNV25JkwqxhMj641HundjPFAU5oH
/rkiwOcwGtCEFBsavUy/svHwFqsTpb6WtdOg5pKQlLnQSg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:53:03 2024 by rpki-client on console-ams.rpki-client.org