Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/b62878-ccc8-4d57-9fe0-7a104b80cd71/1/hAOCFxctsf8THjG7FiO9erQQBBU.roa
File: hAOCFxctsf8THjG7FiO9erQQBBU.roa (raw, json)
Hash identifier: e3iNN7RSx3W1fZxm/+KBoNrcFtU5VuGWcJkYK5nFLG8=
Subject key identifier: 84:03:82:17:17:2D:B1:FF:13:1E:31:BB:16:23:BD:7A:B4:10:04:15
Certificate issuer: /CN=0aeeaee0863d1dca624f61f39b2181c7db6cba3f
Certificate serial: 018CC86F5D559124C293CF9BFD9E7BB3EDA9
Authority key identifier: 0A:EE:AE:E0:86:3D:1D:CA:62:4F:61:F3:9B:21:81:C7:DB:6C:BA:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cu6u4IY9HcpiT2HzmyGBx9tsuj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/b62878-ccc8-4d57-9fe0-7a104b80cd71/1/hAOCFxctsf8THjG7FiO9erQQBBU.roa
Signing time: Tue 02 Jan 2024 04:29:50 +0000
ROA not before: Tue 02 Jan 2024 04:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57332
IP address blocks: 5.206.240.0/20 maxlen: 20
45.85.8.0/22 maxlen: 22
159.255.176.0/20 maxlen: 20
159.255.186.0/24 maxlen: 24
159.255.180.0/23 maxlen: 23
159.255.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/b62878-ccc8-4d57-9fe0-7a104b80cd71/1/Cu6u4IY9HcpiT2HzmyGBx9tsuj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/b62878-ccc8-4d57-9fe0-7a104b80cd71/1/Cu6u4IY9HcpiT2HzmyGBx9tsuj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cu6u4IY9HcpiT2HzmyGBx9tsuj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:5d:55:91:24:c2:93:cf:9b:fd:9e:7b:b3:ed:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0aeeaee0863d1dca624f61f39b2181c7db6cba3f
Validity
Not Before: Jan 2 04:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84038217172db1ff131e31bb1623bd7ab4100415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e4:f0:d4:08:43:ff:14:c1:2e:79:e6:86:54:
43:0a:9c:58:5d:40:68:2b:d6:23:c3:5c:b0:e5:13:
1f:a2:04:a4:ce:4c:08:a9:5c:51:d5:4e:08:bc:62:
5f:27:e8:42:28:96:03:32:de:a5:e5:f0:74:52:0a:
43:41:6b:f9:a0:52:52:53:c2:e5:d7:c1:34:03:e6:
e7:df:b3:8e:fc:65:eb:f0:86:51:41:e3:6e:19:36:
f3:b6:10:46:81:1a:0f:d3:82:3e:17:32:81:ce:e7:
33:5c:ba:de:15:5a:71:b5:7e:34:4f:7e:a1:78:e6:
88:03:7b:f6:53:be:80:1d:c9:31:0f:eb:5b:6b:6d:
1e:87:d1:ec:0b:c3:4f:75:23:53:1b:2c:78:28:b6:
fb:61:55:ae:e9:ab:c1:cf:8a:4a:60:96:e2:d4:58:
99:5f:72:70:87:71:36:7d:ea:54:3c:e7:a1:df:b4:
f9:5d:e6:87:1a:74:2f:07:92:0f:05:cc:12:39:05:
d8:1f:58:30:20:9b:da:e5:c3:cc:8b:f2:c5:05:2c:
e0:89:e9:b8:56:7a:78:cc:79:65:8d:c3:2b:57:76:
3f:43:7a:6b:ed:4b:71:10:23:28:f9:40:7a:7e:3f:
89:c3:79:0b:6e:73:24:c5:b7:bc:c6:1b:8a:29:0b:
40:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:03:82:17:17:2D:B1:FF:13:1E:31:BB:16:23:BD:7A:B4:10:04:15
X509v3 Authority Key Identifier:
keyid:0A:EE:AE:E0:86:3D:1D:CA:62:4F:61:F3:9B:21:81:C7:DB:6C:BA:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cu6u4IY9HcpiT2HzmyGBx9tsuj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/b62878-ccc8-4d57-9fe0-7a104b80cd71/1/hAOCFxctsf8THjG7FiO9erQQBBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/b62878-ccc8-4d57-9fe0-7a104b80cd71/1/Cu6u4IY9HcpiT2HzmyGBx9tsuj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.240.0/20
45.85.8.0/22
159.255.176.0/20
Signature Algorithm: sha256WithRSAEncryption
52:37:17:d8:6c:f5:8e:df:76:09:12:6c:30:e6:8b:63:66:cb:
f3:c2:86:68:bc:09:70:03:a0:aa:89:dc:34:3d:13:ac:ce:95:
b2:5b:b2:3c:78:dd:04:fa:b6:fe:09:94:7e:3d:b1:7c:d8:0b:
c6:53:1c:48:ff:53:21:62:3f:8a:c2:f5:87:8c:66:e9:33:56:
05:a2:b7:83:c8:0f:a6:f7:54:c5:9f:97:39:70:4c:ae:01:a2:
3f:95:dd:4a:66:c6:57:06:b6:fc:96:a6:87:97:50:d2:17:7a:
21:1c:8f:a3:0c:6d:1a:01:b2:e5:46:01:4e:d1:22:3d:06:bb:
b7:c9:2d:a1:91:5d:04:c8:8a:e8:57:af:df:d5:0b:d6:6f:a8:
5f:0c:9d:0b:a0:c8:b1:a0:57:a5:40:2c:d5:10:fd:2d:78:9d:
3d:49:02:e5:52:d3:77:fc:98:7b:85:4e:dd:56:5e:25:83:9c:
08:8a:44:78:de:3a:0c:e5:81:fc:8c:fc:13:01:07:27:69:4c:
0c:84:4e:39:0e:e1:43:ac:52:49:ac:52:92:c0:b3:dc:7f:28:
4e:df:82:f4:16:e9:67:cb:40:5f:8e:8f:c3:47:e0:2b:5b:6b:
31:67:24:00:bd:67:03:b7:61:a7:a5:1c:5f:7e:8f:cd:38:20:
29:ff:1f:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb11VkSTCk8+b/Z57s+2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZWVhZWUwODYzZDFkY2E2MjRmNjFmMzliMjE4MWM3ZGI2
Y2JhM2YwHhcNMjQwMTAyMDQyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDAzODIxNzE3MmRiMWZmMTMxZTMxYmIxNjIzYmQ3YWI0MTAwNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+Tw1AhD/xTBLnnmhlRDCpxYXUBo
K9Yjw1yw5RMfogSkzkwIqVxR1U4IvGJfJ+hCKJYDMt6l5fB0UgpDQWv5oFJSU8Ll
18E0A+bn37OO/GXr8IZRQeNuGTbzthBGgRoP04I+FzKBzuczXLreFVpxtX40T36h
eOaIA3v2U76AHckxD+tba20eh9HsC8NPdSNTGyx4KLb7YVWu6avBz4pKYJbi1FiZ
X3Jwh3E2fepUPOeh37T5XeaHGnQvB5IPBcwSOQXYH1gwIJva5cPMi/LFBSzgiem4
Vnp4zHlljcMrV3Y/Q3pr7UtxECMo+UB6fj+Jw3kLbnMkxbe8xhuKKQtAiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIQDghcXLbH/Ex4xuxYjvXq0EAQVMB8GA1UdIwQY
MBaAFAruruCGPR3KYk9h85shgcfbbLo/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3U2dTRJWTlIY3BpVDJIem15R0J4OXRzdWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9iNjI4NzgtY2NjOC00ZDU3LTlmZTAt
N2ExMDRiODBjZDcxLzEvaEFPQ0Z4Y3RzZjhUSGpHN0ZpTzllclFRQkJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9iNjI4NzgtY2NjOC00ZDU3LTlmZTAtN2ExMDRiODBjZDcx
LzEvQ3U2dTRJWTlIY3BpVDJIem15R0J4OXRzdWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBc7wAwQC
LVUIAwQEn/+wMA0GCSqGSIb3DQEBCwUAA4IBAQBSNxfYbPWO33YJEmww5otjZsvz
woZovAlwA6Cqidw0PROszpWyW7I8eN0E+rb+CZR+PbF82AvGUxxI/1MhYj+KwvWH
jGbpM1YForeDyA+m91TFn5c5cEyuAaI/ld1KZsZXBrb8lqaHl1DSF3ohHI+jDG0a
AbLlRgFO0SI9Bru3yS2hkV0EyIroV6/f1QvWb6hfDJ0LoMixoFelQCzVEP0teJ09
SQLlUtN3/Jh7hU7dVl4lg5wIikR43joM5YH8jPwTAQcnaUwMhE45DuFDrFJJrFKS
wLPcfyhO34L0Fulny0Bfjo/DR+ArW2sxZyQAvWcDt2GnpRxffo/NOCAp/x+8
-----END CERTIFICATE-----
Generated at Sun May 19 14:16:34 2024 by rpki-client on console-fra.rpki-client.org