Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/1YLEReoTsoIiTdjxeJTGKhPr3V4.roa
File: 1YLEReoTsoIiTdjxeJTGKhPr3V4.roa (raw, json)
Hash identifier: 5fECA8Btkf5VayIY5gExJe6XMIB2GNwjWAXLak/5BzE=
Subject key identifier: D5:82:C4:45:EA:13:B2:82:22:4D:D8:F1:78:94:C6:2A:13:EB:DD:5E
Certificate issuer: /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial: 018CC6B827900D5A591ADF8A7A3C36AE5395
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/1YLEReoTsoIiTdjxeJTGKhPr3V4.roa
Signing time: Mon 01 Jan 2024 20:30:06 +0000
ROA not before: Mon 01 Jan 2024 20:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 27471
IP address blocks: 109.68.58.0/24 maxlen: 24
109.68.57.0/24 maxlen: 24
109.68.56.0/24 maxlen: 24
109.68.61.0/24 maxlen: 24
109.68.60.0/24 maxlen: 24
109.68.59.0/24 maxlen: 24
109.68.63.0/24 maxlen: 24
109.68.62.0/24 maxlen: 24
193.151.72.0/24 maxlen: 24
193.151.75.0/24 maxlen: 24
193.151.74.0/24 maxlen: 24
193.151.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:27:90:0d:5a:59:1a:df:8a:7a:3c:36:ae:53:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Validity
Not Before: Jan 1 20:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d582c445ea13b282224dd8f17894c62a13ebdd5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:39:96:ff:5b:5a:06:2b:b6:98:d1:67:64:1e:
26:45:94:0b:45:ce:f3:7d:24:2f:09:0c:df:64:8d:
51:77:02:8d:a1:52:e4:52:e8:f9:2a:95:0f:a0:be:
a6:1d:d3:6c:ad:e9:36:1a:2a:a5:9a:c7:d9:df:cf:
31:d9:24:1f:4a:3c:19:34:ef:bf:f9:88:00:66:ac:
c9:1c:92:83:73:af:99:25:d9:3a:9c:92:88:41:39:
07:f6:3e:94:89:80:36:a9:43:ae:61:6c:93:53:ab:
78:f0:7f:84:00:0b:1f:92:92:cd:85:33:dd:4a:29:
7c:c1:e4:fb:a7:ec:9e:72:80:42:df:2d:0a:91:01:
68:c4:78:6b:55:cb:b2:4d:c3:a4:db:1d:74:79:07:
c3:f1:c2:e5:ce:1f:d3:96:60:5a:c8:86:82:e6:22:
e5:07:00:6d:e4:18:6d:f5:9f:7f:a6:08:7d:1a:07:
05:72:78:10:7a:2a:22:32:5d:a0:d3:53:22:78:03:
22:69:30:54:4b:ab:27:20:ec:b6:57:6e:cb:4f:d4:
24:98:77:71:83:8d:24:ec:44:83:d7:bd:63:50:04:
fb:1f:7c:31:09:3d:fa:95:ef:02:1b:49:ea:9a:da:
23:6b:0c:d0:4c:e7:82:61:b3:ec:16:b5:58:17:78:
c4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:82:C4:45:EA:13:B2:82:22:4D:D8:F1:78:94:C6:2A:13:EB:DD:5E
X509v3 Authority Key Identifier:
keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/1YLEReoTsoIiTdjxeJTGKhPr3V4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.56.0/21
193.151.72.0/22
Signature Algorithm: sha256WithRSAEncryption
78:f1:76:12:8c:4b:de:3d:18:e0:6d:59:89:6b:43:54:f8:44:
92:01:ae:5d:55:bf:20:38:7d:4e:f8:1e:28:83:97:15:77:9e:
86:ae:51:8f:ce:a9:8c:21:bc:98:68:b7:17:b6:23:53:88:41:
e1:62:18:a7:b4:20:e6:ef:58:83:7f:6e:bf:46:91:e4:23:ef:
b9:94:63:62:2b:f2:ea:dc:cd:da:dd:31:e3:85:ea:4f:3a:51:
cb:90:d2:18:c6:ca:b2:2a:ff:3e:89:26:63:90:db:89:85:4b:
41:1c:9b:72:9a:d0:3d:08:9e:35:40:cb:93:3a:4e:b7:82:50:
52:8a:0d:a6:b0:f8:17:9d:a2:ff:03:25:fa:fd:7e:89:e1:6c:
47:38:54:01:19:8e:98:a8:32:03:42:90:3b:ef:ca:4d:35:52:
06:f6:9c:87:9f:80:a7:7f:f9:ca:cd:bb:4f:02:84:32:df:b2:
4a:2e:86:76:a2:66:85:f4:ca:3b:73:89:85:68:09:58:57:65:
46:96:ec:77:d7:cf:39:fa:e5:cb:f5:d7:2d:1e:3a:be:47:22:
6e:1f:b9:c1:a3:a6:74:96:82:ed:ea:80:88:1e:30:a9:0d:d7:
a2:e9:1f:bd:8e:da:81:69:3f:b7:be:46:ac:06:99:9e:d8:3d:
f3:ec:ba:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuCeQDVpZGt+Kejw2rlOVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDczMzZmYTkxNTcyMWNlM2JmZWUyMTdmNGU5OTE2NGRi
OTUzMmIwHhcNMjQwMTAxMjAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTgyYzQ0NWVhMTNiMjgyMjI0ZGQ4ZjE3ODk0YzYyYTEzZWJkZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjmW/1taBiu2mNFnZB4mRZQLRc7z
fSQvCQzfZI1RdwKNoVLkUuj5KpUPoL6mHdNsrek2GiqlmsfZ388x2SQfSjwZNO+/
+YgAZqzJHJKDc6+ZJdk6nJKIQTkH9j6UiYA2qUOuYWyTU6t48H+EAAsfkpLNhTPd
Sil8weT7p+yecoBC3y0KkQFoxHhrVcuyTcOk2x10eQfD8cLlzh/TlmBayIaC5iLl
BwBt5Bht9Z9/pgh9GgcFcngQeioiMl2g01MieAMiaTBUS6snIOy2V27LT9QkmHdx
g40k7ESD171jUAT7H3wxCT36le8CG0nqmtojawzQTOeCYbPsFrVYF3jExwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNWCxEXqE7KCIk3Y8XiUxioT691eMB8GA1UdIwQY
MBaAFF3XM2+pFXIc47/uIX9OmRZNuVMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEt
OGM0YmM0NTkyN2EzLzEvMVlMRVJlb1Rzb0lpVGRqeGVKVEdLaFByM1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEtOGM0YmM0NTkyN2Ez
LzEvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbUQ4AwQC
wZdIMA0GCSqGSIb3DQEBCwUAA4IBAQB48XYSjEvePRjgbVmJa0NU+ESSAa5dVb8g
OH1O+B4og5cVd56GrlGPzqmMIbyYaLcXtiNTiEHhYhintCDm71iDf26/RpHkI++5
lGNiK/Lq3M3a3THjhepPOlHLkNIYxsqyKv8+iSZjkNuJhUtBHJtymtA9CJ41QMuT
Ok63glBSig2msPgXnaL/AyX6/X6J4WxHOFQBGY6YqDIDQpA778pNNVIG9pyHn4Cn
f/nKzbtPAoQy37JKLoZ2omaF9Mo7c4mFaAlYV2VGlux31885+uXL9dctHjq+RyJu
H7nBo6Z0loLt6oCIHjCpDdei6R+9jtqBaT+3vkasBpme2D3z7Lr0
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:36 2024 by rpki-client on console-fra.rpki-client.org