Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/5t_HO76BkGg2oGYyMcOOadDacdU.roa
File: 5t_HO76BkGg2oGYyMcOOadDacdU.roa (raw, json)
Hash identifier: v+8M3jqoFG/KSuaFcOdcw8lFgDhhOZnsM5z95ce21zE=
Subject key identifier: E6:DF:C7:3B:BE:81:90:68:36:A0:66:32:31:C3:8E:69:D0:DA:71:D5
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 01925DCF221CFADA81D33ABA84192797D505
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/5t_HO76BkGg2oGYyMcOOadDacdU.roa
Signing time: Sat 05 Oct 2024 17:51:48 +0000
ROA not before: Sat 05 Oct 2024 17:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 138.124.5.0/24 maxlen: 24
138.124.79.0/24 maxlen: 24
138.124.80.0/24 maxlen: 24
138.124.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:5d:cf:22:1c:fa:da:81:d3:3a:ba:84:19:27:97:d5:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Oct 5 17:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6dfc73bbe81906836a0663231c38e69d0da71d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3c:d6:99:7b:38:f5:ea:c9:08:19:c4:d4:74:
1d:a1:4f:14:05:84:03:73:cb:48:15:de:15:ce:80:
f0:47:47:ca:dd:3f:75:8e:0b:4b:b0:79:67:7d:48:
38:b6:a2:e9:9f:17:bc:74:13:d6:55:25:5c:f7:79:
45:01:d8:b6:55:b2:a4:f0:fd:a2:66:93:03:58:ef:
52:f8:17:c4:6c:06:e9:12:23:5d:00:0c:4a:80:22:
8b:49:4f:68:1d:43:fb:ad:ca:38:1a:76:b8:c2:23:
24:a1:98:5f:37:a3:b7:e5:ad:27:9e:d0:91:de:28:
e2:79:47:73:c1:6d:fb:51:d9:34:bc:36:65:3f:5c:
b2:6c:76:29:31:43:6b:3f:09:ac:62:1d:9d:2c:58:
3a:37:f9:d8:47:16:5d:88:2c:87:7f:95:12:a8:d3:
73:3e:a8:74:33:a6:b0:dd:d7:d6:99:0b:b9:a3:ac:
a2:39:94:b8:61:71:a4:d4:55:7f:97:e3:6b:1f:13:
c4:bb:a8:b3:15:cf:3e:dd:ff:39:1d:1d:44:41:38:
eb:19:3b:e7:2c:28:a8:3a:c5:90:30:ce:87:7c:d0:
10:68:5a:69:19:9d:59:12:1c:55:25:81:f8:91:d5:
e7:28:3a:98:b2:b5:07:d9:9a:bd:98:a9:fc:e9:76:
29:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:DF:C7:3B:BE:81:90:68:36:A0:66:32:31:C3:8E:69:D0:DA:71:D5
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/5t_HO76BkGg2oGYyMcOOadDacdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.5.0/24
138.124.79.0-138.124.81.255
Signature Algorithm: sha256WithRSAEncryption
cd:2e:c2:c9:6a:43:fa:ef:1a:e4:be:f6:d6:6a:ac:3d:b4:fa:
6c:4b:97:d2:dc:4c:98:97:b4:11:d3:55:38:8a:a9:6c:54:e0:
28:24:8f:34:1e:e9:0c:c5:b7:f6:bf:ab:8e:9e:37:03:da:65:
c5:b7:a5:d0:dd:9e:e2:e8:37:21:e6:07:a8:53:5d:5e:c8:13:
eb:52:7e:6e:49:53:a3:24:b3:48:5e:16:86:85:4f:a5:41:b2:
84:08:fa:d0:e7:d5:68:c1:ce:ca:bd:f1:db:0f:c1:cb:89:f2:
8c:9d:81:a8:09:b0:03:97:81:65:c7:92:3f:3f:7c:38:b9:e6:
46:23:48:c4:e9:4a:97:89:68:1c:0c:ff:6f:0f:99:77:69:4a:
d1:fb:2f:d4:8c:49:af:79:d4:1c:05:e9:39:db:ee:39:2c:bf:
74:1a:d1:f2:bc:88:06:73:20:5b:17:dd:79:bf:dc:f9:6e:e6:
b2:3f:bb:9e:89:ee:f3:6e:9b:81:8a:0b:49:c4:57:c0:e6:48:
7c:21:5a:85:2d:12:8e:53:80:33:de:2d:af:41:62:a6:7c:87:
2b:25:05:bb:f9:a7:8c:f2:e4:dc:e1:42:3a:e1:57:8e:50:1f:
e0:ad:af:03:27:b6:1b:3f:ae:96:47:ee:06:03:a0:72:f5:be:
04:ca:31:31
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZJdzyIc+tqB0zq6hBknl9UFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQxMDA1MTc1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmRmYzczYmJlODE5MDY4MzZhMDY2MzIzMWMzOGU2OWQwZGE3MWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTzWmXs49erJCBnE1HQdoU8UBYQD
c8tIFd4VzoDwR0fK3T91jgtLsHlnfUg4tqLpnxe8dBPWVSVc93lFAdi2VbKk8P2i
ZpMDWO9S+BfEbAbpEiNdAAxKgCKLSU9oHUP7rco4Gna4wiMkoZhfN6O35a0nntCR
3ijieUdzwW37Udk0vDZlP1yybHYpMUNrPwmsYh2dLFg6N/nYRxZdiCyHf5USqNNz
Pqh0M6aw3dfWmQu5o6yiOZS4YXGk1FV/l+NrHxPEu6izFc8+3f85HR1EQTjrGTvn
LCioOsWQMM6HfNAQaFppGZ1ZEhxVJYH4kdXnKDqYsrUH2Zq9mKn86XYpbQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFObfxzu+gZBoNqBmMjHDjmnQ2nHVMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvNXRfSE83NkJrR2cyb0dZeU1jT09hZERhY2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAinwFMAwD
BACKfE8DBAGKfFAwDQYJKoZIhvcNAQELBQADggEBAM0uwslqQ/rvGuS+9tZqrD20
+mxLl9LcTJiXtBHTVTiKqWxU4CgkjzQe6QzFt/a/q46eNwPaZcW3pdDdnuLoNyHm
B6hTXV7IE+tSfm5JU6Mks0heFoaFT6VBsoQI+tDn1WjBzsq98dsPwcuJ8oydgagJ
sAOXgWXHkj8/fDi55kYjSMTpSpeJaBwM/28PmXdpStH7L9SMSa951BwF6Tnb7jks
v3Qa0fK8iAZzIFsX3Xm/3Plu5rI/u56J7vNum4GKC0nEV8DmSHwhWoUtEo5TgDPe
La9BYqZ8hyslBbv5p4zy5NzhQjrhV45QH+CtrwMnths/rpZH7gYDoHL1vgTKMTE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:14:32 2024 by rpki-client on console-fra.rpki-client.org