Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/oervT6pgbuMVQFW57I2J5v6OJd4.roa
File: oervT6pgbuMVQFW57I2J5v6OJd4.roa (raw, json)
Hash identifier: VplIScza1me2Wcy77F+Gy7o39j+sO2G/yMbGk0gSaEc=
Subject key identifier: A1:EA:EF:4F:AA:60:6E:E3:15:40:55:B9:EC:8D:89:E6:FE:8E:25:DE
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 018FA048485BDAE9F209F834DFAED15B3697
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/oervT6pgbuMVQFW57I2J5v6OJd4.roa
Signing time: Wed 22 May 2024 12:30:42 +0000
ROA not before: Wed 22 May 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41039
IP address blocks: 5.153.176.0/23 maxlen: 23
5.153.178.0/24 maxlen: 24
5.153.179.0/24 maxlen: 24
5.153.181.0/24 maxlen: 24
5.153.185.0/24 maxlen: 24
5.153.186.0/24 maxlen: 24
5.153.187.0/24 maxlen: 24
5.153.188.0/24 maxlen: 24
92.242.96.0/19 maxlen: 24
128.0.93.0/24 maxlen: 24
195.184.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:48:48:5b:da:e9:f2:09:f8:34:df:ae:d1:5b:36:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: May 22 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1eaef4faa606ee3154055b9ec8d89e6fe8e25de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:47:83:e4:2e:b4:5e:3d:39:36:f0:ed:e7:3e:
41:be:95:ca:d8:cc:ce:1b:8e:86:61:98:6e:72:5e:
94:dc:ca:ab:29:dc:7f:ac:93:ee:9e:6a:2e:35:32:
b5:11:2d:89:83:32:4e:50:70:0d:fa:cd:d2:ac:a7:
3f:8f:3e:7c:93:65:f4:79:f5:23:45:27:a9:8c:61:
15:09:99:4e:86:f3:b0:cb:61:84:1f:8c:8f:02:c2:
6a:53:e9:4e:67:e8:75:1e:c7:89:ab:dc:5c:32:0e:
15:76:37:b7:e2:3c:54:24:a2:19:39:eb:68:25:e9:
36:e2:94:da:16:99:1c:b4:32:81:64:f3:89:e1:72:
96:21:be:63:97:d8:02:87:df:9a:d8:c8:1a:5f:ae:
8d:16:80:48:41:67:ab:be:eb:84:eb:b4:d6:7d:b3:
2e:4c:f8:ba:e8:45:ed:db:47:80:2d:c4:bb:0f:01:
04:4d:a9:0a:47:2e:b4:a2:db:ff:d9:75:f7:40:c3:
66:c5:14:01:dc:d0:5d:e9:6d:3b:67:d8:29:89:a6:
fb:d4:7e:89:94:bf:86:d2:79:2e:5d:ad:8b:0a:ca:
dc:b5:6d:36:4d:a8:15:ee:38:7a:83:10:a8:4c:92:
f7:bc:6b:7b:07:b5:6d:4c:05:86:67:39:e8:95:43:
19:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:EA:EF:4F:AA:60:6E:E3:15:40:55:B9:EC:8D:89:E6:FE:8E:25:DE
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/oervT6pgbuMVQFW57I2J5v6OJd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.176.0/22
5.153.181.0/24
5.153.185.0-5.153.188.255
92.242.96.0/19
128.0.93.0/24
195.184.192.0/19
Signature Algorithm: sha256WithRSAEncryption
4e:63:ff:d3:53:d1:00:33:ae:12:8f:ae:eb:85:6f:1e:06:eb:
54:c2:e7:82:cb:9e:57:3e:d7:6e:cd:e6:cf:3f:db:cf:b1:24:
b7:1b:af:3a:7a:47:bc:83:81:5c:b7:4b:10:41:bf:e2:43:91:
18:08:1f:a6:5d:ac:04:b5:d4:6b:02:74:bc:d3:57:8f:02:bc:
f0:4c:9f:c8:ad:f1:ef:dc:a9:25:cd:4e:0c:b9:de:dd:7d:b6:
1d:aa:cb:0b:6a:51:42:7c:98:9c:9e:aa:04:f5:53:e4:b7:c2:
4b:06:3d:ef:d5:64:a8:e6:6b:81:85:c7:19:54:6d:29:e5:4c:
fe:43:0e:40:90:0d:61:83:f3:7f:f1:b3:e4:f6:c3:8a:0a:3e:
5a:3e:10:46:37:25:40:cf:8c:61:eb:2b:8e:fd:54:86:54:3c:
3b:e9:50:b4:aa:42:e6:08:17:0e:b8:2e:87:7a:96:a1:00:f7:
91:55:79:8e:67:59:0d:23:5d:fe:50:ac:e9:d1:21:3a:d4:d5:
ed:b6:d3:66:46:2b:e3:fb:84:ca:4c:70:33:ab:0e:ae:0c:28:
4e:5b:ae:c7:08:f5:09:52:18:4b:87:4c:5f:ee:c2:3e:b4:1d:
77:6c:4f:a4:42:a4:08:e4:11:e4:e4:62:2a:66:bb:c3:ec:cc:
93:64:bb:86
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY+gSEhb2unyCfg0367RWzaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjQwNTIyMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWVhZWY0ZmFhNjA2ZWUzMTU0MDU1YjllYzhkODllNmZlOGUyNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0eD5C60Xj05NvDt5z5BvpXK2MzO
G46GYZhucl6U3MqrKdx/rJPunmouNTK1ES2JgzJOUHAN+s3SrKc/jz58k2X0efUj
RSepjGEVCZlOhvOwy2GEH4yPAsJqU+lOZ+h1HseJq9xcMg4Vdje34jxUJKIZOeto
Jek24pTaFpkctDKBZPOJ4XKWIb5jl9gCh9+a2MgaX66NFoBIQWervuuE67TWfbMu
TPi66EXt20eALcS7DwEETakKRy60otv/2XX3QMNmxRQB3NBd6W07Z9gpiab71H6J
lL+G0nkuXa2LCsrctW02TagV7jh6gxCoTJL3vGt7B7VtTAWGZznolUMZKwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKHq70+qYG7jFUBVueyNieb+jiXeMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvb2VydlQ2cGdidU1WUUZXNTdJMko1djZPSmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBZmwAwQA
BZm1MAwDBAAFmbkDBAAFmbwDBAVc8mADBACAAF0DBAXDuMAwDQYJKoZIhvcNAQEL
BQADggEBAE5j/9NT0QAzrhKPruuFbx4G61TC54LLnlc+127N5s8/28+xJLcbrzp6
R7yDgVy3SxBBv+JDkRgIH6ZdrAS11GsCdLzTV48CvPBMn8it8e/cqSXNTgy53t19
th2qywtqUUJ8mJyeqgT1U+S3wksGPe/VZKjma4GFxxlUbSnlTP5DDkCQDWGD83/x
s+T2w4oKPlo+EEY3JUDPjGHrK479VIZUPDvpULSqQuYIFw64Lod6lqEA95FVeY5n
WQ0jXf5QrOnRITrU1e2202ZGK+P7hMpMcDOrDq4MKE5brscI9QlSGEuHTF/uwj60
HXdsT6RCpAjkEeTkYipmu8PszJNku4Y=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:34 2024 by rpki-client on console-fra.rpki-client.org