Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/IE096pkiWFZjAHKdOBs1fpVzhhA.roa
File: IE096pkiWFZjAHKdOBs1fpVzhhA.roa (raw, json)
Hash identifier: s7tgeAdN6RBO395tIchbu1dBVmkqACCUF0fiZ6tvslA=
Subject key identifier: 20:4D:3D:EA:99:22:58:56:63:00:72:9D:38:1B:35:7E:95:73:86:10
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 018CC79471EBBF6ACD78CDA52F4B39E536D7
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/IE096pkiWFZjAHKdOBs1fpVzhhA.roa
Signing time: Tue 02 Jan 2024 00:30:43 +0000
ROA not before: Tue 02 Jan 2024 00:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59458
IP address blocks: 5.149.97.0/24 maxlen: 24
5.149.98.0/24 maxlen: 24
5.149.96.0/24 maxlen: 24
5.149.104.0/24 maxlen: 24
5.149.105.0/24 maxlen: 24
5.149.99.0/24 maxlen: 24
5.149.100.0/24 maxlen: 24
5.149.101.0/24 maxlen: 24
5.149.102.0/24 maxlen: 24
5.149.103.0/24 maxlen: 24
5.149.111.0/24 maxlen: 24
5.149.109.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
2a12:2340::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:71:eb:bf:6a:cd:78:cd:a5:2f:4b:39:e5:36:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Jan 2 00:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=204d3dea992258566300729d381b357e95738610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2a:2c:de:c0:57:7c:60:46:93:4a:cc:ef:f1:
5d:20:f1:1d:a5:af:57:02:07:c5:b4:5d:09:af:38:
ea:1e:4e:8e:1b:a2:d8:f1:d3:aa:60:d2:c7:0c:7a:
d1:dd:47:18:6f:b6:da:e0:04:34:d4:28:bb:f8:8a:
33:1a:4b:b8:ce:30:5a:fd:71:3d:9e:d0:56:05:cc:
07:d2:21:f8:e8:ff:8f:f9:bd:b6:1c:6b:e0:96:a7:
7f:1c:44:ae:a8:bc:46:3d:e1:b4:4f:26:9b:f9:6f:
41:05:05:a3:78:cc:92:0d:ce:a5:08:f8:dd:d8:a4:
ec:99:d7:cb:3e:2f:91:b4:dd:f6:22:d6:51:44:fe:
24:6b:3c:bb:4f:c5:ba:c9:27:51:e4:d6:28:31:ae:
4b:9d:21:e4:b3:fd:bd:e8:9d:43:11:7c:3d:53:90:
05:61:97:39:98:81:25:ef:09:ef:b9:a0:64:47:59:
6a:cc:99:e3:9e:1d:38:5d:24:87:39:32:0d:a1:fb:
e1:88:06:ef:23:6c:01:77:ce:ff:e5:6e:39:02:bc:
97:ec:ab:9c:b2:13:8b:2f:2c:ef:0e:82:77:45:ed:
f6:cd:7a:7c:b8:95:73:90:54:cc:62:21:f0:44:88:
57:92:dc:27:9f:d8:c4:ec:01:05:61:bb:9c:7f:09:
27:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:4D:3D:EA:99:22:58:56:63:00:72:9D:38:1B:35:7E:95:73:86:10
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/IE096pkiWFZjAHKdOBs1fpVzhhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0-5.149.105.255
5.149.109.0-5.149.111.255
IPv6:
2a12:2340::/48
Signature Algorithm: sha256WithRSAEncryption
b1:bf:e0:1c:f9:3e:49:e1:e9:e1:79:b9:8e:30:ab:7b:54:10:
c2:b1:a8:27:aa:0c:a2:44:59:73:46:cf:49:6a:ee:e9:44:b8:
be:69:ed:55:cf:35:18:bf:0a:ff:23:9d:de:53:c7:21:2a:e5:
a3:6a:ea:75:80:98:9e:1e:6b:3d:bb:1d:3e:50:83:58:03:69:
86:d5:72:5e:29:51:17:9c:06:ee:14:66:e8:59:1f:4e:47:4a:
75:a9:20:af:34:2f:94:dd:ff:0c:2c:71:aa:30:64:33:3a:04:
a3:6c:00:37:34:7d:18:c3:12:f5:ad:c9:00:04:d3:af:9c:b5:
48:24:c3:bd:98:a0:50:7e:a3:5a:e4:a3:ee:c1:af:b3:37:3a:
9f:b9:3e:8d:6b:1d:f4:41:92:9e:4f:83:cc:e1:d3:63:99:0e:
a9:e7:9f:48:4b:24:19:b5:7f:2a:2b:6d:b6:ee:30:27:de:91:
54:46:e9:1b:1e:67:10:0b:90:86:71:28:77:32:af:06:87:d3:
39:79:7a:9a:1a:11:21:06:be:ec:77:57:eb:9c:98:7c:6b:46:
77:9c:48:1e:21:b3:a1:27:03:27:84:1e:f0:98:3e:39:57:61:
8c:5f:4a:78:f2:db:48:af:04:29:b9:72:73:ce:ac:4f:db:fa:
d1:48:7d:c9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHlHHrv2rNeM2lL0s55TbXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjQwMTAyMDAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDRkM2RlYTk5MjI1ODU2NjMwMDcyOWQzODFiMzU3ZTk1NzM4NjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyos3sBXfGBGk0rM7/FdIPEdpa9X
AgfFtF0JrzjqHk6OG6LY8dOqYNLHDHrR3UcYb7ba4AQ01Ci7+IozGku4zjBa/XE9
ntBWBcwH0iH46P+P+b22HGvglqd/HESuqLxGPeG0Tyab+W9BBQWjeMySDc6lCPjd
2KTsmdfLPi+RtN32ItZRRP4kazy7T8W6ySdR5NYoMa5LnSHks/296J1DEXw9U5AF
YZc5mIEl7wnvuaBkR1lqzJnjnh04XSSHOTINofvhiAbvI2wBd87/5W45AryX7Kuc
shOLLyzvDoJ3Re32zXp8uJVzkFTMYiHwRIhXktwnn9jE7AEFYbucfwknSwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCBNPeqZIlhWYwBynTgbNX6Vc4YQMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvSUUwOTZwa2lXRlpqQUhLZE9CczFmcFZ6aGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAiBAIAATAcMAwDBAUFlWAD
BAEFlWgwDAMEAAWVbQMEBAWVYDAPBAIAAjAJAwcAKhIjQAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQCxv+Ac+T5J4enhebmOMKt7VBDCsagnqgyiRFlzRs9Jau7pRLi+ae1V
zzUYvwr/I53eU8chKuWjaup1gJieHms9ux0+UINYA2mG1XJeKVEXnAbuFGboWR9O
R0p1qSCvNC+U3f8MLHGqMGQzOgSjbAA3NH0YwxL1rckABNOvnLVIJMO9mKBQfqNa
5KPuwa+zNzqfuT6Nax30QZKeT4PM4dNjmQ6p559ISyQZtX8qK2227jAn3pFURukb
HmcQC5CGcSh3Mq8Gh9M5eXqaGhEhBr7sd1frnJh8a0Z3nEgeIbOhJwMnhB7wmD45
V2GMX0p48ttIrwQpuXJzzqxP2/rRSH3J
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:12:41 2024 by rpki-client on console-fra.rpki-client.org