Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/xTkTxy2Vgj7Q2dDygns3RB9-ko8.roa
File: xTkTxy2Vgj7Q2dDygns3RB9-ko8.roa (raw, json)
Hash identifier: joYIAObdVWuMg18vFZSSwWRvoSOzSZizKVwQB31Qorg=
Subject key identifier: C5:39:13:C7:2D:95:82:3E:D0:D9:D0:F2:82:7B:37:44:1F:7E:92:8F
Certificate issuer: /CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Certificate serial: 018CC64B588EB0AE9ECF84147C3835A7B96B
Authority key identifier: 17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/xTkTxy2Vgj7Q2dDygns3RB9-ko8.roa
Signing time: Mon 01 Jan 2024 18:31:15 +0000
ROA not before: Mon 01 Jan 2024 18:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57888
IP address blocks: 5.149.78.0/23 maxlen: 23
217.9.20.0/22 maxlen: 22
5.149.80.0/21 maxlen: 21
5.149.80.0/22 maxlen: 22
5.149.84.0/22 maxlen: 22
5.149.92.0/22 maxlen: 22
85.235.84.0/22 maxlen: 22
82.117.232.0/21 maxlen: 21
194.99.16.0/22 maxlen: 22
194.53.156.0/22 maxlen: 22
178.210.184.0/21 maxlen: 21
5.149.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/F1lDaGkInNnH5tAgKPJKL-SbhtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/F1lDaGkInNnH5tAgKPJKL-SbhtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:58:8e:b0:ae:9e:cf:84:14:7c:38:35:a7:b9:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Validity
Not Before: Jan 1 18:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c53913c72d95823ed0d9d0f2827b37441f7e928f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0f:49:8f:5b:79:be:84:ec:8f:62:f1:c4:e0:
6b:d9:a9:ae:47:4b:a1:04:92:08:fe:b6:77:61:6f:
25:a1:d2:aa:c7:4b:74:7e:f6:b8:04:d4:7c:b1:37:
6e:db:cc:7f:60:2e:f4:06:32:19:5a:ac:3a:8d:e7:
1a:3f:1f:9c:c8:a2:b5:97:30:ad:d6:9d:a1:f5:c3:
89:a1:a9:d5:c5:9e:a9:fd:ad:b3:c6:c9:54:89:f0:
e9:19:92:50:b9:78:0e:16:67:cc:8b:c7:a3:b2:1e:
b9:3e:ca:43:63:a4:f0:a6:99:41:a3:3a:34:c6:11:
ae:9c:4e:03:a9:49:6a:c2:ae:09:16:7f:0f:88:0f:
5c:e6:a3:9b:78:44:c5:80:03:18:7c:3a:38:6f:1d:
96:9b:2e:62:0e:ab:d5:d7:66:0a:92:6b:52:0b:62:
1e:fb:c2:2f:09:89:a6:6c:8b:85:81:0c:4d:cc:88:
45:66:a4:02:8f:5f:13:6b:95:01:e7:4a:fd:24:21:
c9:85:af:90:4a:bf:30:00:24:8a:55:13:aa:d9:c0:
c0:73:04:0a:61:79:81:c7:72:b1:37:e6:d8:c0:aa:
6e:24:cf:41:ea:9e:b6:a3:2b:8e:15:1c:78:01:01:
b2:f7:0f:ea:12:39:49:31:e7:b1:99:5b:3b:67:c1:
f7:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:39:13:C7:2D:95:82:3E:D0:D9:D0:F2:82:7B:37:44:1F:7E:92:8F
X509v3 Authority Key Identifier:
keyid:17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/xTkTxy2Vgj7Q2dDygns3RB9-ko8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/F1lDaGkInNnH5tAgKPJKL-SbhtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.64.0-5.149.87.255
5.149.92.0/22
82.117.232.0/21
85.235.84.0/22
178.210.184.0/21
194.53.156.0/22
194.99.16.0/22
217.9.20.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:42:e9:c4:cb:eb:49:19:60:23:ac:be:f3:bd:62:e4:48:f2:
e5:fc:99:30:14:ca:84:68:88:2f:6d:31:5a:6c:22:1e:43:ca:
3b:22:8d:e7:88:74:77:49:91:0e:6e:26:dc:0d:e9:fa:f6:3f:
c3:2b:f4:27:6f:55:20:0b:24:44:2b:54:c6:9a:1f:df:dc:b2:
cc:c7:a3:8b:86:81:20:4e:98:3b:6a:b7:c0:b7:96:59:a4:e8:
1f:97:43:43:e8:fa:8d:20:49:f3:a0:d5:ad:8c:15:8f:74:09:
de:5a:a7:ba:fa:ea:f6:4e:35:3c:4a:7e:97:a7:ff:1c:86:5d:
90:15:f6:41:8c:04:7d:34:99:a0:21:cb:46:96:96:06:7f:88:
7e:ad:a3:50:54:12:83:4a:ca:74:0c:29:b3:2a:b7:11:2c:b7:
cc:0a:90:7d:ba:9a:43:fa:a8:02:f6:5b:93:08:1e:d0:58:83:
f3:11:23:3e:53:e5:b8:8c:68:c8:e6:e2:d2:16:f9:93:89:07:
6f:61:f4:d9:c3:6f:b2:03:3b:20:f8:d4:80:47:31:d3:0d:c0:
5d:7b:2c:56:49:7c:af:b7:eb:6e:63:ba:72:ad:87:49:78:61:
10:40:e5:05:c9:8b:9f:63:ed:96:f1:4c:98:83:da:56:07:71:
65:94:0f:de
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzGS1iOsK6ez4QUfDg1p7lrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTk0MzY4NjkwODljZDljN2U2ZDAyMDI4ZjI0YTJmZTQ5
Yjg2ZDUwHhcNMjQwMTAxMTgzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTM5MTNjNzJkOTU4MjNlZDBkOWQwZjI4MjdiMzc0NDFmN2U5MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw9Jj1t5voTsj2LxxOBr2amuR0uh
BJII/rZ3YW8lodKqx0t0fva4BNR8sTdu28x/YC70BjIZWqw6jecaPx+cyKK1lzCt
1p2h9cOJoanVxZ6p/a2zxslUifDpGZJQuXgOFmfMi8ejsh65PspDY6TwpplBozo0
xhGunE4DqUlqwq4JFn8PiA9c5qObeETFgAMYfDo4bx2Wmy5iDqvV12YKkmtSC2Ie
+8IvCYmmbIuFgQxNzIhFZqQCj18Ta5UB50r9JCHJha+QSr8wACSKVROq2cDAcwQK
YXmBx3KxN+bYwKpuJM9B6p62oyuOFRx4AQGy9w/qEjlJMeexmVs7Z8H3AQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMU5E8ctlYI+0NnQ8oJ7N0QffpKPMB8GA1UdIwQY
MBaAFBdZQ2hpCJzZx+bQICjySi/km4bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFsRGFHa0luTm5INXRBZ0tQSktMLVNiaHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83MjQ3ZDItMGEyOC00ZTRhLWFhMGMt
ZmVmNDFkZDg3NmMwLzEveFRrVHh5MlZnajdRMmREeWduczNSQjkta284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83MjQ3ZDItMGEyOC00ZTRhLWFhMGMtZmVmNDFkZDg3NmMw
LzEvRjFsRGFHa0luTm5INXRBZ0tQSktMLVNiaHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAYFlUAD
BAMFlVADBAIFlVwDBANSdegDBAJV61QDBAOy0rgDBALCNZwDBALCYxADBALZCRQw
DQYJKoZIhvcNAQELBQADggEBAC9C6cTL60kZYCOsvvO9YuRI8uX8mTAUyoRoiC9t
MVpsIh5DyjsijeeIdHdJkQ5uJtwN6fr2P8Mr9CdvVSALJEQrVMaaH9/csszHo4uG
gSBOmDtqt8C3llmk6B+XQ0Po+o0gSfOg1a2MFY90Cd5ap7r66vZONTxKfpen/xyG
XZAV9kGMBH00maAhy0aWlgZ/iH6to1BUEoNKynQMKbMqtxEst8wKkH26mkP6qAL2
W5MIHtBYg/MRIz5T5biMaMjm4tIW+ZOJB29h9NnDb7IDOyD41IBHMdMNwF17LFZJ
fK+3625junKth0l4YRBA5QXJi59j7ZbxTJiD2lYHcWWUD94=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:56 2024 by rpki-client on console-ams.rpki-client.org