Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/dd32c3-fe8f-4047-b68a-8ec5f0eea045/1/A9WEbB-i8o5GzOL1FsT6VAtTDwk.roa
File: A9WEbB-i8o5GzOL1FsT6VAtTDwk.roa (raw, json)
Hash identifier: aluYy7INEIaMtfKG8AKBbnLxKeyb98BHZd33AOT9a3E=
Subject key identifier: 03:D5:84:6C:1F:A2:F2:8E:46:CC:E2:F5:16:C4:FA:54:0B:53:0F:09
Certificate issuer: /CN=c61333d0e8107886d0305c7bd81bdd35489527ae
Certificate serial: 018CC3B67C1BFE138C279D5F5D5B28B14165
Authority key identifier: C6:13:33:D0:E8:10:78:86:D0:30:5C:7B:D8:1B:DD:35:48:95:27:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhMz0OgQeIbQMFx72BvdNUiVJ64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/dd32c3-fe8f-4047-b68a-8ec5f0eea045/1/A9WEbB-i8o5GzOL1FsT6VAtTDwk.roa
Signing time: Mon 01 Jan 2024 06:29:25 +0000
ROA not before: Mon 01 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43045
IP address blocks: 5.182.52.0/22 maxlen: 24
46.17.48.0/21 maxlen: 24
89.221.48.0/20 maxlen: 24
2a02:22c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/dd32c3-fe8f-4047-b68a-8ec5f0eea045/1/xhMz0OgQeIbQMFx72BvdNUiVJ64.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/dd32c3-fe8f-4047-b68a-8ec5f0eea045/1/xhMz0OgQeIbQMFx72BvdNUiVJ64.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhMz0OgQeIbQMFx72BvdNUiVJ64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7c:1b:fe:13:8c:27:9d:5f:5d:5b:28:b1:41:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61333d0e8107886d0305c7bd81bdd35489527ae
Validity
Not Before: Jan 1 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=03d5846c1fa2f28e46cce2f516c4fa540b530f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2d:d4:b5:ed:87:53:0a:5d:50:b2:20:50:66:
d0:21:84:b2:3b:8b:f7:28:36:3d:41:a4:2f:cb:a9:
0f:83:7f:f1:f5:90:5f:56:4e:22:3c:62:df:1d:ea:
2b:f7:2f:7d:ca:91:49:7d:02:ee:22:26:79:bd:1c:
d6:d9:da:a7:b6:ef:bc:cb:5c:56:e7:6e:20:3b:85:
e1:e6:f7:85:b3:15:5a:e8:70:90:c0:6d:b6:6b:3a:
2b:7c:f8:d5:dc:2e:1a:f0:2b:de:38:22:b8:e7:94:
fa:ff:e6:77:d5:b0:d3:54:06:d6:f8:18:1a:b3:67:
d3:08:8e:59:f2:80:86:d8:e4:a3:ca:d0:9f:1b:60:
7b:88:d4:47:93:15:51:f5:a2:30:28:e1:f3:99:55:
72:97:29:9e:8f:7f:f0:4b:ec:19:60:4e:41:ea:d8:
9b:e2:42:a6:36:10:25:ab:c5:a3:35:6d:ad:ce:bb:
8d:9f:6c:d1:cd:e2:19:aa:31:10:ea:9f:09:96:ba:
0e:f7:b8:89:8a:6b:47:bb:4d:d1:f6:06:c4:a1:01:
f5:8f:37:a9:51:1a:02:0b:13:87:07:dc:09:4d:81:
53:22:f3:a0:29:89:24:07:3d:c3:c5:42:5e:e4:37:
a3:00:db:85:0b:d2:bc:2d:1a:a9:44:96:59:6d:15:
fa:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D5:84:6C:1F:A2:F2:8E:46:CC:E2:F5:16:C4:FA:54:0B:53:0F:09
X509v3 Authority Key Identifier:
keyid:C6:13:33:D0:E8:10:78:86:D0:30:5C:7B:D8:1B:DD:35:48:95:27:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhMz0OgQeIbQMFx72BvdNUiVJ64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dd32c3-fe8f-4047-b68a-8ec5f0eea045/1/A9WEbB-i8o5GzOL1FsT6VAtTDwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/dd32c3-fe8f-4047-b68a-8ec5f0eea045/1/xhMz0OgQeIbQMFx72BvdNUiVJ64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.52.0/22
46.17.48.0/21
89.221.48.0/20
IPv6:
2a02:22c0::/32
Signature Algorithm: sha256WithRSAEncryption
26:e6:74:ec:3f:79:f7:bd:10:cc:cb:66:28:79:cc:5c:df:c5:
27:0a:f9:4c:00:6e:a9:7a:86:55:3e:4f:32:12:32:eb:01:12:
11:42:7d:98:d8:ac:9c:50:ab:91:1c:50:ab:a5:c1:ce:60:9b:
07:b8:a7:7c:15:47:e7:4a:fd:3f:f0:6b:a6:3b:6b:03:05:e9:
cb:86:70:de:12:35:b9:e7:0f:ea:7a:28:c7:8e:24:4d:c1:10:
17:96:1f:6a:28:6e:1c:6a:26:76:ef:66:b2:1f:a9:99:45:b9:
0a:80:f4:94:c9:d8:32:b3:0d:4e:ec:1f:65:fe:0a:f2:0f:ae:
3a:e4:6b:46:f5:fb:e5:8b:b6:41:d9:e3:09:ac:11:c1:da:9b:
71:e3:65:ab:a3:76:64:a2:b8:9c:a5:94:34:a0:68:3d:58:84:
e8:31:25:05:0a:b4:c2:61:68:bc:22:ca:83:5b:9f:0c:dd:0f:
54:85:97:12:c2:b9:2a:de:4a:8a:9d:fd:c5:e4:ef:4a:27:2f:
f4:7e:bd:0f:ed:f7:08:48:35:94:ff:d5:1a:4a:70:6e:db:61:
b0:f3:a1:c9:9c:b2:90:65:a9:9f:35:c8:d7:91:2c:97:aa:65:
28:a9:4f:56:c6:ab:fb:99:71:27:15:6f:7f:36:88:9a:b7:d2:
7c:65:3c:d4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtnwb/hOMJ51fXVsosUFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTMzM2QwZTgxMDc4ODZkMDMwNWM3YmQ4MWJkZDM1NDg5
NTI3YWUwHhcNMjQwMTAxMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Q1ODQ2YzFmYTJmMjhlNDZjY2UyZjUxNmM0ZmE1NDBiNTMwZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS3Ute2HUwpdULIgUGbQIYSyO4v3
KDY9QaQvy6kPg3/x9ZBfVk4iPGLfHeor9y99ypFJfQLuIiZ5vRzW2dqntu+8y1xW
524gO4Xh5veFsxVa6HCQwG22azorfPjV3C4a8CveOCK455T6/+Z31bDTVAbW+Bga
s2fTCI5Z8oCG2OSjytCfG2B7iNRHkxVR9aIwKOHzmVVylymej3/wS+wZYE5B6tib
4kKmNhAlq8WjNW2tzruNn2zRzeIZqjEQ6p8JlroO97iJimtHu03R9gbEoQH1jzep
URoCCxOHB9wJTYFTIvOgKYkkBz3DxUJe5DejANuFC9K8LRqpRJZZbRX6CwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAPVhGwfovKORszi9RbE+lQLUw8JMB8GA1UdIwQY
MBaAFMYTM9DoEHiG0DBce9gb3TVIlSeuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhNejBPZ1FlSWJRTUZ4NzJCdmROVWlWSjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9kZDMyYzMtZmU4Zi00MDQ3LWI2OGEt
OGVjNWYwZWVhMDQ1LzEvQTlXRWJCLWk4bzVHek9MMUZzVDZWQXRURHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9kZDMyYzMtZmU4Zi00MDQ3LWI2OGEtOGVjNWYwZWVhMDQ1
LzEveGhNejBPZ1FlSWJRTUZ4NzJCdmROVWlWSjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCBbY0AwQD
LhEwAwQEWd0wMA0EAgACMAcDBQAqAiLAMA0GCSqGSIb3DQEBCwUAA4IBAQAm5nTs
P3n3vRDMy2Yoecxc38UnCvlMAG6peoZVPk8yEjLrARIRQn2Y2KycUKuRHFCrpcHO
YJsHuKd8FUfnSv0/8GumO2sDBenLhnDeEjW55w/qeijHjiRNwRAXlh9qKG4caiZ2
72ayH6mZRbkKgPSUydgysw1O7B9l/gryD6465GtG9fvli7ZB2eMJrBHB2ptx42Wr
o3ZkoricpZQ0oGg9WIToMSUFCrTCYWi8IsqDW58M3Q9UhZcSwrkq3kqKnf3F5O9K
Jy/0fr0P7fcISDWU/9UaSnBu22Gw86HJnLKQZamfNcjXkSyXqmUoqU9Wxqv7mXEn
FW9/Noiat9J8ZTzU
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:35 2024 by rpki-client on console-ams.rpki-client.org