Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/CGaa6tvEVSBTPsSE3fL8x2gdBXA.roa
File: CGaa6tvEVSBTPsSE3fL8x2gdBXA.roa (raw, json)
Hash identifier: 3mGj3ygN8Ht6WmGCXdzDXzId8rip6qJ5ynnvfFyhopw=
Subject key identifier: 08:66:9A:EA:DB:C4:55:20:53:3E:C4:84:DD:F2:FC:C7:68:1D:05:70
Certificate issuer: /CN=49f093bb8e8ad11c4c834edfd2df54d41cb49f79
Certificate serial: 019030A5406D45013186D0C6CA4222293126
Authority key identifier: 49:F0:93:BB:8E:8A:D1:1C:4C:83:4E:DF:D2:DF:54:D4:1C:B4:9F:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/CGaa6tvEVSBTPsSE3fL8x2gdBXA.roa
Signing time: Wed 19 Jun 2024 13:17:34 +0000
ROA not before: Wed 19 Jun 2024 13:17:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198904
IP address blocks: 5.32.184.0/24 maxlen: 24
5.32.185.0/24 maxlen: 24
5.32.186.0/24 maxlen: 24
5.32.187.0/24 maxlen: 24
5.32.188.0/24 maxlen: 24
2a01:6ec0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 16:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:30:a5:40:6d:45:01:31:86:d0:c6:ca:42:22:29:31:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f093bb8e8ad11c4c834edfd2df54d41cb49f79
Validity
Not Before: Jun 19 13:17:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08669aeadbc45520533ec484ddf2fcc7681d0570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2c:68:bf:a5:39:fc:60:fb:8e:a0:c2:a6:eb:
72:61:3a:fc:72:e2:d0:7d:97:dc:08:cb:10:7a:ce:
61:e8:a7:97:0c:7f:6f:45:f4:ee:98:71:b9:e9:01:
21:1b:5e:c5:1c:16:a9:3a:36:8a:51:95:6e:db:35:
37:ab:8c:b2:9d:26:54:3f:35:fe:e4:01:bc:1d:60:
b2:5e:57:44:9a:81:7b:46:d6:f5:7b:0b:30:80:dc:
27:fe:98:2d:33:13:41:22:7b:66:72:eb:26:56:86:
8d:6a:d3:e9:a8:3a:e7:78:f4:18:2d:91:7b:db:b2:
64:6a:27:91:35:13:af:3a:40:3f:ce:08:b9:c1:4d:
21:8c:93:76:8d:05:ec:3c:12:44:24:8a:25:56:bc:
82:75:82:86:44:50:16:b9:9f:5e:c8:84:94:1d:f9:
5b:fc:83:4f:03:d1:31:f7:ca:9e:d1:98:e3:b1:59:
9c:d2:08:2a:a9:d7:b0:68:5d:f1:dd:d7:61:2c:17:
59:01:73:aa:90:90:39:3c:2b:16:b8:be:93:6d:e6:
57:34:7d:b8:37:da:2a:09:6b:04:f4:08:0d:60:c5:
3b:3a:56:a4:96:9c:21:7f:27:ce:f6:43:4f:f2:95:
0d:0f:fb:e2:23:62:7d:c6:b7:4e:b9:28:2d:cb:1f:
d6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:66:9A:EA:DB:C4:55:20:53:3E:C4:84:DD:F2:FC:C7:68:1D:05:70
X509v3 Authority Key Identifier:
keyid:49:F0:93:BB:8E:8A:D1:1C:4C:83:4E:DF:D2:DF:54:D4:1C:B4:9F:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/CGaa6tvEVSBTPsSE3fL8x2gdBXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.184.0-5.32.188.255
IPv6:
2a01:6ec0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:a2:95:34:25:2f:04:12:69:d8:21:c9:58:e8:ca:0e:f9:59:
d4:8b:5f:70:af:bf:6a:89:37:66:e3:e2:15:ac:f2:d9:55:f6:
aa:e5:0d:f3:3e:54:79:c8:0d:36:ed:4f:38:3a:64:e8:f8:55:
40:a1:75:27:62:56:1e:99:b0:ac:4d:0c:75:3e:7b:ac:b9:79:
3b:fb:e5:98:79:f2:5e:82:06:a2:fd:76:23:96:02:ef:e7:46:
0e:d4:02:83:e8:aa:38:a2:71:db:74:1a:7a:e6:5b:34:f8:18:
e8:82:ab:3f:e8:2d:58:f6:b8:f4:4a:08:c2:da:5e:d9:19:27:
b9:13:fb:8d:35:fe:77:7b:99:b7:57:cb:d0:4a:59:d6:bb:eb:
aa:fb:51:db:d4:55:eb:f1:70:bf:81:12:1a:f9:0b:9e:08:ca:
1e:85:ee:c6:3c:b6:62:4d:8c:19:9f:8a:32:54:04:5b:60:f4:
34:c0:9a:e9:67:06:f9:02:77:82:3d:2a:2b:e2:89:6a:7a:ba:
9b:c9:bf:32:b9:f2:12:35:b1:41:1d:d6:10:d6:19:d8:c6:fb:
5e:6a:db:16:20:66:ab:3b:65:c9:b6:05:10:c9:c1:1e:30:78:
00:f4:73:74:a0:38:2f:e4:34:39:cb:1e:ba:4f:7e:c9:3b:dd:
40:f4:95:f6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZAwpUBtRQExhtDGykIiKTEmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjA5M2JiOGU4YWQxMWM0YzgzNGVkZmQyZGY1NGQ0MWNi
NDlmNzkwHhcNMjQwNjE5MTMxNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY2OWFlYWRiYzQ1NTIwNTMzZWM0ODRkZGYyZmNjNzY4MWQwNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCxov6U5/GD7jqDCputyYTr8cuLQ
fZfcCMsQes5h6KeXDH9vRfTumHG56QEhG17FHBapOjaKUZVu2zU3q4yynSZUPzX+
5AG8HWCyXldEmoF7Rtb1ewswgNwn/pgtMxNBIntmcusmVoaNatPpqDrnePQYLZF7
27JkaieRNROvOkA/zgi5wU0hjJN2jQXsPBJEJIolVryCdYKGRFAWuZ9eyISUHflb
/INPA9Ex98qe0ZjjsVmc0ggqqdewaF3x3ddhLBdZAXOqkJA5PCsWuL6TbeZXNH24
N9oqCWsE9AgNYMU7OlaklpwhfyfO9kNP8pUND/viI2J9xrdOuSgtyx/WkQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAhmmurbxFUgUz7EhN3y/MdoHQVwMB8GA1UdIwQY
MBaAFEnwk7uOitEcTINO39LfVNQctJ95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZDVHU0NkswUnhNZzA3ZjB0OVUxQnkwbjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80ZmZlOTItMDBjZS00ZmFhLTg4NWMt
ZTk2MTdkNjZhNzRiLzEvQ0dhYTZ0dkVWU0JUUHNTRTNmTDh4MmdkQlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80ZmZlOTItMDBjZS00ZmFhLTg4NWMtZTk2MTdkNjZhNzRi
LzEvU2ZDVHU0NkswUnhNZzA3ZjB0OVUxQnkwbjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAMFILgD
BAAFILwwDQQCAAIwBwMFACoBbsAwDQYJKoZIhvcNAQELBQADggEBAAqilTQlLwQS
adghyVjoyg75WdSLX3Cvv2qJN2bj4hWs8tlV9qrlDfM+VHnIDTbtTzg6ZOj4VUCh
dSdiVh6ZsKxNDHU+e6y5eTv75Zh58l6CBqL9diOWAu/nRg7UAoPoqjiicdt0Gnrm
WzT4GOiCqz/oLVj2uPRKCMLaXtkZJ7kT+401/nd7mbdXy9BKWda766r7UdvUVevx
cL+BEhr5C54Iyh6F7sY8tmJNjBmfijJUBFtg9DTAmulnBvkCd4I9KiviiWp6upvJ
vzK58hI1sUEd1hDWGdjG+15q2xYgZqs7Zcm2BRDJwR4weAD0c3SgOC/kNDnLHrpP
fsk73UD0lfY=
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:43:32 2024 by rpki-client on console-fra.rpki-client.org