Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/5xAiSENvpaQY7HjBK_c7TAIY4vg.roa
File: 5xAiSENvpaQY7HjBK_c7TAIY4vg.roa (raw, json)
Hash identifier: g9OMq/a70KDyagPAvgGWt0zXZoKviJEEC9zQ0mi1T6Q=
Subject key identifier: E7:10:22:48:43:6F:A5:A4:18:EC:78:C1:2B:F7:3B:4C:02:18:E2:F8
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 018CC8018C0152D38EC58BCFD6DD0DFE57E0
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/5xAiSENvpaQY7HjBK_c7TAIY4vg.roa
Signing time: Tue 02 Jan 2024 02:29:53 +0000
ROA not before: Tue 02 Jan 2024 02:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141968
IP address blocks: 103.76.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:8c:01:52:d3:8e:c5:8b:cf:d6:dd:0d:fe:57:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Jan 2 02:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7102248436fa5a418ec78c12bf73b4c0218e2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c6:a5:55:49:9a:e0:10:42:a4:53:c6:30:42:
cf:5d:62:36:ec:e2:be:ae:30:66:6a:77:7f:4b:bd:
3a:59:8c:e7:64:7b:e3:9d:dd:5c:00:6b:a9:43:74:
1d:ed:61:38:6d:a1:b2:16:f8:df:dd:97:e3:b7:af:
d9:3a:38:c3:d3:a3:e8:41:c5:6b:90:35:4e:23:b7:
d6:a7:16:92:67:75:6d:bf:46:ed:94:1c:46:65:90:
ee:65:11:1f:9b:1d:55:11:31:1f:8f:b0:29:7c:3f:
d4:b6:b7:30:cb:28:21:97:42:60:30:a9:2c:b2:1c:
89:b5:65:ef:df:a3:97:5f:71:e3:a4:ca:86:a2:f3:
9c:73:87:14:a5:bb:16:d1:d5:a6:a4:a1:18:8a:c0:
b2:84:e4:e7:9f:f3:47:88:92:66:aa:43:7f:fa:c3:
3f:af:7e:06:1b:ad:8c:ab:4c:e8:cf:be:95:3c:40:
d0:fc:a9:cf:c0:0d:5b:ee:06:9c:4b:98:67:b5:cf:
33:b1:ce:7f:62:e6:c6:40:8a:5d:f0:01:c4:07:e1:
1a:f6:51:10:a8:9c:62:f5:d9:b1:99:21:7a:6d:14:
b2:01:b6:8d:4e:07:a0:ac:dc:05:dd:19:f4:7b:84:
91:fa:37:a5:f9:75:93:05:0a:62:11:5a:6c:fb:f5:
2d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:10:22:48:43:6F:A5:A4:18:EC:78:C1:2B:F7:3B:4C:02:18:E2:F8
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/5xAiSENvpaQY7HjBK_c7TAIY4vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.129.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:40:db:d0:58:31:8d:cf:61:f4:1f:e6:9d:c5:af:6d:f6:16:
45:bd:68:97:b3:65:61:0e:b5:68:23:35:b1:fd:d6:47:8e:de:
0d:a7:d6:c9:df:02:1f:fa:94:bf:3a:e1:a8:d5:73:77:d0:28:
af:60:19:5d:84:88:5e:db:e9:0e:f6:9d:65:b7:d9:2f:ac:e0:
ec:09:6e:5e:0e:10:b6:67:96:22:c8:76:9b:f5:ba:b2:51:69:
d9:df:df:6b:fa:db:87:88:28:1b:a9:50:74:ea:ef:2c:12:54:
9e:31:23:06:28:ab:4a:2e:b1:a4:60:cd:78:5d:0f:21:94:3c:
d2:e2:47:3a:eb:90:89:2c:32:ff:94:fa:c7:37:9f:97:30:6b:
34:94:cb:58:39:1a:50:b9:41:b6:90:71:c0:5b:41:c7:a8:36:
58:aa:ed:55:e4:a0:58:83:15:ff:fd:90:aa:ef:67:f8:7c:03:
5d:4e:ab:41:2b:ff:1c:39:b7:68:01:cf:7b:ba:47:2e:0c:3a:
38:6c:f6:6b:9d:72:8e:ea:c8:6d:5f:6e:c3:a9:aa:da:da:31:
b5:c9:6d:49:18:48:0a:50:3b:11:90:97:82:0a:01:1d:a4:61:
ea:40:4e:2d:ea:a5:3d:3d:46:20:c4:0b:37:c4:ee:1b:14:5a:
28:4d:9e:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAYwBUtOOxYvP1t0N/lfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjQwMTAyMDIyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzEwMjI0ODQzNmZhNWE0MThlYzc4YzEyYmY3M2I0YzAyMThlMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucalVUma4BBCpFPGMELPXWI27OK+
rjBmand/S706WYznZHvjnd1cAGupQ3Qd7WE4baGyFvjf3Zfjt6/ZOjjD06PoQcVr
kDVOI7fWpxaSZ3Vtv0btlBxGZZDuZREfmx1VETEfj7ApfD/Utrcwyyghl0JgMKks
shyJtWXv36OXX3HjpMqGovOcc4cUpbsW0dWmpKEYisCyhOTnn/NHiJJmqkN/+sM/
r34GG62Mq0zoz76VPEDQ/KnPwA1b7gacS5hntc8zsc5/YubGQIpd8AHEB+Ea9lEQ
qJxi9dmxmSF6bRSyAbaNTgegrNwF3Rn0e4SR+jel+XWTBQpiEVps+/UtgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOcQIkhDb6WkGOx4wSv3O0wCGOL4MB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvNXhBaVNFTnZwYVFZN0hqQktfYzdUQUlZNHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0yBMA0G
CSqGSIb3DQEBCwUAA4IBAQBvQNvQWDGNz2H0H+adxa9t9hZFvWiXs2VhDrVoIzWx
/dZHjt4Np9bJ3wIf+pS/OuGo1XN30CivYBldhIhe2+kO9p1lt9kvrODsCW5eDhC2
Z5YiyHab9bqyUWnZ399r+tuHiCgbqVB06u8sElSeMSMGKKtKLrGkYM14XQ8hlDzS
4kc665CJLDL/lPrHN5+XMGs0lMtYORpQuUG2kHHAW0HHqDZYqu1V5KBYgxX//ZCq
72f4fANdTqtBK/8cObdoAc97ukcuDDo4bPZrnXKO6shtX27Dqara2jG1yW1JGEgK
UDsRkJeCCgEdpGHqQE4t6qU9PUYgxAs3xO4bFFooTZ6L
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:53 2024 by rpki-client on console-fra.rpki-client.org