Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/49yXy1IHm8Q1nqbKe9k2OeW1Jws.roa
File: 49yXy1IHm8Q1nqbKe9k2OeW1Jws.roa (raw, json)
Hash identifier: 35km4VSr731qtDJCX0iBhVKw3611Bv5o8xJUNouOOIk=
Subject key identifier: E3:DC:97:CB:52:07:9B:C4:35:9E:A6:CA:7B:D9:36:39:E5:B5:27:0B
Certificate issuer: /CN=5bf81435ed13789895f375dc34d04ce91aca4744
Certificate serial: 018CC793526EA96D78D5FAFAD2CCB84C449E
Authority key identifier: 5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/49yXy1IHm8Q1nqbKe9k2OeW1Jws.roa
Signing time: Tue 02 Jan 2024 00:29:29 +0000
ROA not before: Tue 02 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 158.233.228.0/24 maxlen: 24
158.233.229.0/24 maxlen: 24
158.233.242.0/24 maxlen: 24
158.233.246.0/24 maxlen: 24
158.233.243.0/24 maxlen: 24
158.233.245.0/24 maxlen: 24
158.233.244.0/24 maxlen: 24
158.233.250.0/24 maxlen: 24
158.233.251.0/24 maxlen: 24
158.233.247.0/24 maxlen: 24
158.233.249.0/24 maxlen: 24
158.233.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:52:6e:a9:6d:78:d5:fa:fa:d2:cc:b8:4c:44:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf81435ed13789895f375dc34d04ce91aca4744
Validity
Not Before: Jan 2 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3dc97cb52079bc4359ea6ca7bd93639e5b5270b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:32:4c:a5:f8:25:54:4f:49:0d:6f:d3:2f:1a:
14:81:c0:5b:bd:96:8a:e0:24:f3:dc:28:59:b9:05:
86:b5:0d:22:93:17:8b:3e:0c:8d:60:c5:c9:db:38:
6d:9d:b1:3c:05:b8:d8:ed:36:c4:cd:a1:ca:22:36:
4d:92:e8:93:c7:a4:97:49:2c:ef:f8:0c:4b:f7:ee:
cd:a1:7a:be:76:b5:3f:33:72:81:4c:a5:3f:b1:fb:
c6:dd:cd:61:14:0e:39:5e:d7:4f:2b:9b:7f:02:8a:
40:e0:fe:eb:a6:1f:5c:f0:e1:f3:51:ad:53:40:6f:
52:43:1b:13:5c:9e:ae:a8:9c:39:62:e7:10:1d:90:
0a:c6:91:c4:d8:c6:24:3b:aa:9c:2e:21:5e:96:e2:
80:af:32:f3:ac:cc:e8:03:68:a6:5f:24:30:2c:a7:
de:81:bb:40:1e:60:d7:eb:f1:84:80:3a:2b:de:a2:
43:5e:de:f6:27:a7:7d:aa:df:bc:9e:60:30:68:cd:
b2:f1:90:db:ea:ff:5e:9b:69:74:6f:62:ae:f6:2a:
31:71:27:15:8b:23:28:47:2d:38:ca:9e:84:ea:fa:
2e:c2:14:9f:8d:86:bf:3e:8f:cc:58:8b:67:c8:bd:
ed:8c:d1:38:29:83:63:9b:8d:85:c0:f7:a1:3c:c5:
dc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DC:97:CB:52:07:9B:C4:35:9E:A6:CA:7B:D9:36:39:E5:B5:27:0B
X509v3 Authority Key Identifier:
keyid:5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/49yXy1IHm8Q1nqbKe9k2OeW1Jws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.233.228.0/23
158.233.242.0-158.233.251.255
Signature Algorithm: sha256WithRSAEncryption
06:1f:44:21:f0:91:35:b0:5a:32:7a:5f:5c:a3:8b:12:03:51:
35:47:01:68:97:72:c9:d7:06:4a:8c:d0:ce:2b:db:ad:2c:8a:
e7:ce:ec:40:3a:af:83:59:c3:ee:40:96:10:2a:fb:58:18:91:
36:7b:98:3b:8f:e6:b0:a5:42:e2:72:33:e8:f6:ee:34:ff:ac:
b2:ac:d1:0e:3c:92:00:84:24:9f:b0:c5:fd:63:8b:8b:7c:5a:
fb:9c:46:03:04:79:3a:de:13:73:b0:47:11:fb:07:fd:ad:e0:
db:f3:5d:80:7d:d9:a8:fa:38:72:c5:44:a8:54:29:9f:ab:16:
75:d3:6d:3f:39:63:a9:6f:3f:02:2d:5c:f0:b2:9b:f4:a0:8f:
d8:63:c5:e9:8c:5b:51:5d:5c:77:fd:89:32:fe:20:e3:46:6a:
42:8c:82:7b:42:fc:0f:93:be:57:0b:41:b2:e5:50:fd:66:71:
8d:82:b5:8b:48:3b:fe:ff:1e:e0:13:5b:b5:20:ec:b9:a7:5e:
a6:2a:c3:46:06:48:1e:42:3c:95:59:52:1b:33:c3:53:7e:ea:
09:76:25:b5:3d:08:2a:67:f7:e5:80:12:8d:cc:88:30:4d:eb:
b7:58:e9:07:df:d8:a6:0d:94:91:59:01:ec:d7:45:4b:23:e6:
c8:3b:a2:c4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzHk1JuqW141fr60sy4TESeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjgxNDM1ZWQxMzc4OTg5NWYzNzVkYzM0ZDA0Y2U5MWFj
YTQ3NDQwHhcNMjQwMTAyMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RjOTdjYjUyMDc5YmM0MzU5ZWE2Y2E3YmQ5MzYzOWU1YjUyNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zJMpfglVE9JDW/TLxoUgcBbvZaK
4CTz3ChZuQWGtQ0ikxeLPgyNYMXJ2zhtnbE8BbjY7TbEzaHKIjZNkuiTx6SXSSzv
+AxL9+7NoXq+drU/M3KBTKU/sfvG3c1hFA45XtdPK5t/AopA4P7rph9c8OHzUa1T
QG9SQxsTXJ6uqJw5YucQHZAKxpHE2MYkO6qcLiFeluKArzLzrMzoA2imXyQwLKfe
gbtAHmDX6/GEgDor3qJDXt72J6d9qt+8nmAwaM2y8ZDb6v9em2l0b2Ku9ioxcScV
iyMoRy04yp6E6vouwhSfjYa/Po/MWItnyL3tjNE4KYNjm42FwPehPMXcbQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOPcl8tSB5vENZ6mynvZNjnltScLMB8GA1UdIwQY
MBaAFFv4FDXtE3iYlfN13DTQTOkaykdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEt
NDhlNGNjNmIzM2EzLzEvNDl5WHkxSUhtOFExbnFiS2U5azJPZVcxSndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEtNDhlNGNjNmIzM2Ez
LzEvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBnunkMAwD
BAGe6fIDBAKe6fgwDQYJKoZIhvcNAQELBQADggEBAAYfRCHwkTWwWjJ6X1yjixID
UTVHAWiXcsnXBkqM0M4r260siufO7EA6r4NZw+5AlhAq+1gYkTZ7mDuP5rClQuJy
M+j27jT/rLKs0Q48kgCEJJ+wxf1ji4t8WvucRgMEeTreE3OwRxH7B/2t4NvzXYB9
2aj6OHLFRKhUKZ+rFnXTbT85Y6lvPwItXPCym/Sgj9hjxemMW1FdXHf9iTL+IONG
akKMgntC/A+TvlcLQbLlUP1mcY2CtYtIO/7/HuATW7Ug7LmnXqYqw0YGSB5CPJVZ
Uhszw1N+6gl2JbU9CCpn9+WAEo3MiDBN67dY6Qff2KYNlJFZAezXRUsj5sg7osQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:30:37 2024 by rpki-client on console-fra.rpki-client.org