Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/RwVCxXAbrlCe47Q8cByTTlucwBQ.roa
File: RwVCxXAbrlCe47Q8cByTTlucwBQ.roa (raw, json)
Hash identifier: 7W0p5qHus5woM1i5wJ9yfYu2c2JuOJdA3qdPAIYD8rA=
Subject key identifier: 47:05:42:C5:70:1B:AE:50:9E:E3:B4:3C:70:1C:93:4E:5B:9C:C0:14
Certificate issuer: /CN=5e81164ce388259186fba015acc4b0eb48beb552
Certificate serial: 018CC2DB0DD60F645E16B348A2398A0B4E11
Authority key identifier: 5E:81:16:4C:E3:88:25:91:86:FB:A0:15:AC:C4:B0:EB:48:BE:B5:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XoEWTOOIJZGG-6AVrMSw60i-tVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/RwVCxXAbrlCe47Q8cByTTlucwBQ.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197197
IP address blocks: 109.224.64.0/18 maxlen: 18
2a00:7e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/XoEWTOOIJZGG-6AVrMSw60i-tVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/XoEWTOOIJZGG-6AVrMSw60i-tVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/XoEWTOOIJZGG-6AVrMSw60i-tVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0d:d6:0f:64:5e:16:b3:48:a2:39:8a:0b:4e:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e81164ce388259186fba015acc4b0eb48beb552
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=470542c5701bae509ee3b43c701c934e5b9cc014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3e:f4:7a:9b:81:62:cd:69:5c:82:56:7b:cb:
df:10:7c:c0:38:bc:6a:b8:b8:1a:e1:37:68:1b:f3:
ba:c3:fa:83:ec:7e:c6:c2:ea:03:35:cb:8a:7c:60:
d6:94:09:68:21:8a:81:55:77:03:d5:5a:d8:10:f4:
9a:13:32:95:84:d5:14:86:0e:b6:15:fd:7e:80:8e:
6f:87:d4:28:e3:fb:f5:f4:8c:6d:c9:d9:88:a7:ae:
59:37:a9:1e:d6:62:a1:29:85:d9:4d:0f:63:18:74:
70:98:23:cb:5f:a6:72:2e:24:79:21:66:30:7b:ee:
fa:f0:83:83:95:5a:30:e5:70:b7:21:dd:6f:dd:73:
1f:1b:ff:3f:a9:fe:18:87:b2:ef:d6:2d:b1:7c:0b:
e3:88:37:71:23:7b:bd:0c:b2:de:f6:2f:fe:c5:c1:
88:47:ec:e7:43:17:d6:c2:a5:84:3f:0b:78:7d:84:
14:c4:85:e5:fe:ec:cb:5c:0c:21:1e:68:3b:c8:18:
2e:dd:51:e8:97:63:5b:8b:39:7e:17:55:d6:09:ab:
53:3b:ed:9c:a7:51:a5:06:77:41:fc:9b:69:73:de:
bb:74:b0:79:3d:40:c4:79:90:47:b2:49:1c:96:2a:
fe:df:b4:70:b8:43:b2:56:a0:b7:61:b2:0c:ba:cd:
96:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:05:42:C5:70:1B:AE:50:9E:E3:B4:3C:70:1C:93:4E:5B:9C:C0:14
X509v3 Authority Key Identifier:
keyid:5E:81:16:4C:E3:88:25:91:86:FB:A0:15:AC:C4:B0:EB:48:BE:B5:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XoEWTOOIJZGG-6AVrMSw60i-tVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/RwVCxXAbrlCe47Q8cByTTlucwBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/6b9822-2f3e-45ba-a018-88ba02786d0d/1/XoEWTOOIJZGG-6AVrMSw60i-tVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.64.0/18
IPv6:
2a00:7e80::/32
Signature Algorithm: sha256WithRSAEncryption
2a:e5:29:a9:1a:c2:a1:52:ce:62:d6:3b:af:20:9d:7a:2c:5f:
3d:65:59:a4:40:92:a3:af:03:b5:9d:52:ee:5a:26:e5:a8:c0:
aa:84:b0:33:dc:32:cf:7d:c9:4a:ad:75:45:f0:7d:29:eb:bf:
bd:a7:33:96:26:c4:35:b2:8d:65:ec:5a:2b:ea:24:c7:4d:96:
be:f2:7d:10:88:7d:2c:38:96:d5:58:96:5c:10:5d:c1:ae:ba:
8d:81:01:a4:04:a4:22:85:cc:2c:1f:6d:8e:3f:9c:88:a7:29:
15:fd:42:f2:94:62:d1:f1:43:50:b8:88:ab:a6:32:ef:76:9b:
ab:fb:34:67:ca:a7:19:8c:98:c3:2f:cb:00:be:f1:a4:02:7b:
37:e3:21:42:b0:ea:be:48:d7:e1:7f:21:b9:1d:9d:c4:4c:43:
5e:09:47:d4:fc:b8:61:f3:95:0d:ed:7e:5e:42:12:94:13:9e:
83:c4:aa:78:68:8f:39:05:dc:5d:9c:ac:83:7e:4b:4c:ac:1e:
b8:18:38:a1:70:aa:52:5e:33:14:a3:ba:bc:80:ef:31:f7:30:
f8:ba:d4:ad:ab:8b:7c:aa:35:23:d6:b2:0d:57:a9:60:8f:45:
f4:f7:28:63:bf:2f:1e:13:05:e5:3b:94:0c:56:d0:59:f5:f5:
1b:e2:62:4c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2w3WD2ReFrNIojmKC04RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlODExNjRjZTM4ODI1OTE4NmZiYTAxNWFjYzRiMGViNDhi
ZWI1NTIwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzA1NDJjNTcwMWJhZTUwOWVlM2I0M2M3MDFjOTM0ZTViOWNjMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApT70epuBYs1pXIJWe8vfEHzAOLxq
uLga4TdoG/O6w/qD7H7GwuoDNcuKfGDWlAloIYqBVXcD1VrYEPSaEzKVhNUUhg62
Ff1+gI5vh9Qo4/v19IxtydmIp65ZN6ke1mKhKYXZTQ9jGHRwmCPLX6ZyLiR5IWYw
e+768IODlVow5XC3Id1v3XMfG/8/qf4Yh7Lv1i2xfAvjiDdxI3u9DLLe9i/+xcGI
R+znQxfWwqWEPwt4fYQUxIXl/uzLXAwhHmg7yBgu3VHol2Nbizl+F1XWCatTO+2c
p1GlBndB/Jtpc967dLB5PUDEeZBHskkclir+37RwuEOyVqC3YbIMus2WHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEcFQsVwG65QnuO0PHAck05bnMAUMB8GA1UdIwQY
MBaAFF6BFkzjiCWRhvugFazEsOtIvrVSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG9FV1RPT0lKWkdHLTZBVnJNU3c2MGktdFZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82Yjk4MjItMmYzZS00NWJhLWEwMTgt
ODhiYTAyNzg2ZDBkLzEvUndWQ3hYQWJybENlNDdROGNCeVRUbHVjd0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82Yjk4MjItMmYzZS00NWJhLWEwMTgtODhiYTAyNzg2ZDBk
LzEvWG9FV1RPT0lKWkdHLTZBVnJNU3c2MGktdFZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQGbeBAMA0E
AgACMAcDBQAqAH6AMA0GCSqGSIb3DQEBCwUAA4IBAQAq5SmpGsKhUs5i1juvIJ16
LF89ZVmkQJKjrwO1nVLuWiblqMCqhLAz3DLPfclKrXVF8H0p67+9pzOWJsQ1so1l
7For6iTHTZa+8n0QiH0sOJbVWJZcEF3BrrqNgQGkBKQihcwsH22OP5yIpykV/ULy
lGLR8UNQuIirpjLvdpur+zRnyqcZjJjDL8sAvvGkAns34yFCsOq+SNfhfyG5HZ3E
TENeCUfU/Lhh85UN7X5eQhKUE56DxKp4aI85BdxdnKyDfktMrB64GDihcKpSXjMU
o7q8gO8x9zD4utStq4t8qjUj1rINV6lgj0X09yhjvy8eEwXlO5QMVtBZ9fUb4mJM
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:20:06 2024 by rpki-client on console-ams.rpki-client.org