Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xCoQoW-n5NoTLRQ0YJcZEWlym4U.roa
File: xCoQoW-n5NoTLRQ0YJcZEWlym4U.roa (raw, json)
Hash identifier: uNXcmfV/3xoKULMHzm4MJKtxEYv5gCQBpUaQqAE6gf8=
Subject key identifier: C4:2A:10:A1:6F:A7:E4:DA:13:2D:14:34:60:97:19:11:69:72:9B:85
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01914D981AFC2D5BAAB1C7B3CFB14A8AF58D
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xCoQoW-n5NoTLRQ0YJcZEWlym4U.roa
Signing time: Tue 13 Aug 2024 21:14:59 +0000
ROA not before: Tue 13 Aug 2024 21:14:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 5.226.54.0/24 maxlen: 24
46.249.109.0/24 maxlen: 24
82.115.28.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4d:98:1a:fc:2d:5b:aa:b1:c7:b3:cf:b1:4a:8a:f5:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 13 21:14:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c42a10a16fa7e4da132d14346097191169729b85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3e:01:55:5c:f6:42:ed:91:b5:e5:d4:ab:f4:
31:e0:a0:fd:c1:48:eb:59:04:cd:ca:11:47:7f:43:
1b:2e:8b:d8:b1:2e:5f:59:5c:ea:17:14:51:db:9f:
4c:9d:46:15:68:66:87:ab:e1:dc:08:c0:79:f7:20:
cf:96:55:fa:94:ad:96:f5:7f:2b:3d:a7:29:73:d1:
0a:99:7c:49:6f:ec:1d:ed:ad:a1:bb:34:39:85:cb:
cf:57:e6:ad:a2:43:7b:96:00:80:2b:04:e0:2b:11:
2b:91:fc:48:b6:6f:e9:48:dc:77:d0:e6:a7:0d:e5:
81:11:27:db:e0:fa:62:58:34:91:35:11:c2:9b:dd:
39:d6:9e:93:66:c9:2b:06:3c:f2:73:8a:7b:36:a2:
08:9c:25:da:25:6a:45:92:b3:b0:d2:d7:ca:63:10:
5a:1b:da:a3:ca:cd:e1:c2:74:8b:5d:56:b6:e8:da:
50:4a:37:f4:54:52:f6:96:af:51:29:1e:35:63:6f:
09:64:ae:c9:0d:2c:6c:0a:89:f9:9f:e0:0e:32:44:
51:83:88:b1:24:1d:2a:e2:79:aa:94:72:cd:5e:fe:
4e:66:9e:c0:c4:e9:69:fd:43:6e:1c:a5:3a:86:70:
25:22:38:ec:ed:d9:70:e5:c6:8c:25:1a:8c:9d:df:
1b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:2A:10:A1:6F:A7:E4:DA:13:2D:14:34:60:97:19:11:69:72:9B:85
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xCoQoW-n5NoTLRQ0YJcZEWlym4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.54.0/24
46.249.109.0/24
82.115.28.0/24
89.251.10.0/24
Signature Algorithm: sha256WithRSAEncryption
55:21:20:32:d8:3e:6e:fc:62:cd:fe:a5:97:92:63:bc:7e:d2:
3e:d7:50:b5:27:7c:c7:68:3d:85:e8:4b:11:77:1b:53:de:23:
4f:35:0b:75:4f:f7:22:80:14:8c:38:f6:9f:88:49:f5:82:b8:
d8:d6:ed:66:fe:ec:f8:c5:8a:d9:16:21:35:28:d0:17:0e:ee:
cb:33:66:e3:7d:01:bb:04:84:c4:8f:a7:da:58:0c:86:37:9a:
dc:c2:c1:75:89:ca:d7:ce:2b:89:00:5e:4b:7c:8e:37:53:aa:
33:65:7f:33:dd:b6:63:fe:74:fe:d4:47:25:24:f8:77:f4:4e:
41:c2:b7:40:38:c4:d1:b8:57:f1:6d:16:34:19:81:c3:a2:bc:
c9:4d:26:2f:f5:c3:a2:be:ff:15:7d:76:f1:ed:2a:7d:45:87:
38:44:24:6f:a1:64:e3:9d:b2:d0:1d:f1:d4:f5:cc:68:a2:05:
a5:4c:88:36:e6:c7:3e:78:68:d3:2f:b6:0c:3c:70:8c:f9:1a:
b6:f7:3b:12:07:6e:63:47:b3:ac:51:c4:28:f2:9c:2d:6d:c0:
4b:8e:8f:e3:e4:d2:42:3d:16:24:7c:8f:01:cc:c0:dc:0a:c3:
c0:7b:9f:0a:32:1c:a1:37:d2:91:fe:50:06:1c:26:d2:a9:32:
8d:99:a9:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZFNmBr8LVuqscezz7FKivWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwODEzMjExNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDJhMTBhMTZmYTdlNGRhMTMyZDE0MzQ2MDk3MTkxMTY5NzI5Yjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD4BVVz2Qu2RteXUq/Qx4KD9wUjr
WQTNyhFHf0MbLovYsS5fWVzqFxRR259MnUYVaGaHq+HcCMB59yDPllX6lK2W9X8r
Pacpc9EKmXxJb+wd7a2huzQ5hcvPV+atokN7lgCAKwTgKxErkfxItm/pSNx30Oan
DeWBESfb4PpiWDSRNRHCm9051p6TZskrBjzyc4p7NqIInCXaJWpFkrOw0tfKYxBa
G9qjys3hwnSLXVa26NpQSjf0VFL2lq9RKR41Y28JZK7JDSxsCon5n+AOMkRRg4ix
JB0q4nmqlHLNXv5OZp7AxOlp/UNuHKU6hnAlIjjs7dlw5caMJRqMnd8bmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMQqEKFvp+TaEy0UNGCXGRFpcpuFMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEveENvUW9XLW41Tm9UTFJRMFlKY1pFV2x5bTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABeI2AwQA
LvltAwQAUnMcAwQAWfsKMA0GCSqGSIb3DQEBCwUAA4IBAQBVISAy2D5u/GLN/qWX
kmO8ftI+11C1J3zHaD2F6EsRdxtT3iNPNQt1T/cigBSMOPafiEn1grjY1u1m/uz4
xYrZFiE1KNAXDu7LM2bjfQG7BITEj6faWAyGN5rcwsF1icrXziuJAF5LfI43U6oz
ZX8z3bZj/nT+1EclJPh39E5BwrdAOMTRuFfxbRY0GYHDorzJTSYv9cOivv8VfXbx
7Sp9RYc4RCRvoWTjnbLQHfHU9cxoogWlTIg25sc+eGjTL7YMPHCM+Rq29zsSB25j
R7OsUcQo8pwtbcBLjo/j5NJCPRYkfI8BzMDcCsPAe58KMhyhN9KR/lAGHCbSqTKN
man0
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:55:05 2024 by rpki-client on console-fra.rpki-client.org