Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/dguiFd5J7in6wsxKSGiIRq1hGkQ.roa
File: dguiFd5J7in6wsxKSGiIRq1hGkQ.roa (raw, json)
Hash identifier: 7FNNfm4mOGGr8PXYch67N2WS8m8nvQWNQpSzeEdIJeQ=
Subject key identifier: 76:0B:A2:15:DE:49:EE:29:FA:C2:CC:4A:48:68:88:46:AD:61:1A:44
Certificate issuer: /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial: 019154DAA0A3CFBA5705F77B3267F1C4E81A
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/dguiFd5J7in6wsxKSGiIRq1hGkQ.roa
Signing time: Thu 15 Aug 2024 07:04:59 +0000
ROA not before: Thu 15 Aug 2024 07:04:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 5.182.22.0/24 maxlen: 24
2a0e:b800:aaaa::/48 maxlen: 48
2a0e:b800:abcd::/48 maxlen: 48
2a0e:b800:bbbb::/48 maxlen: 48
2a0e:b800:cccc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.mft
rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:54:da:a0:a3:cf:ba:57:05:f7:7b:32:67:f1:c4:e8:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Validity
Not Before: Aug 15 07:04:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=760ba215de49ee29fac2cc4a48688846ad611a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8a:7e:a9:ef:18:81:84:34:0d:53:f2:49:c7:
27:f2:66:95:8f:15:26:b1:3d:a6:c5:cd:83:9b:5f:
5f:da:2a:73:e3:f2:54:e4:c9:33:80:f9:52:1c:e1:
f8:c2:d7:d9:4d:7d:81:ea:30:54:eb:7f:13:77:f0:
f5:44:0e:fd:1e:82:14:6e:15:20:52:59:73:44:0f:
c7:d6:d9:66:3f:39:9e:7a:00:8c:9b:74:36:39:e2:
52:56:c6:63:6c:55:2f:93:22:d1:0a:e5:be:b3:76:
b8:e9:a1:36:a6:58:3c:38:46:e1:66:71:b5:10:f2:
4d:3f:90:92:8a:77:0a:06:2d:89:0f:36:d5:61:02:
7c:83:c2:5c:40:6d:15:78:22:57:20:ca:5a:c8:94:
20:5a:bd:cf:82:da:48:ea:00:19:82:3f:16:f4:67:
28:d0:c6:a0:d8:f3:fa:e6:4e:54:09:da:2f:fd:65:
b8:5d:ab:45:c4:45:81:dc:54:56:f9:c4:9c:dc:c2:
e7:93:9c:57:32:be:72:69:18:be:12:40:21:2a:c9:
c5:1a:43:64:ff:b9:34:eb:da:ff:10:e0:9a:6d:d8:
41:64:64:7f:43:8a:80:23:d6:ab:93:fa:61:34:86:
6d:c3:0b:a0:8e:cf:aa:e6:6e:1c:00:87:19:84:bc:
60:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0B:A2:15:DE:49:EE:29:FA:C2:CC:4A:48:68:88:46:AD:61:1A:44
X509v3 Authority Key Identifier:
keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/dguiFd5J7in6wsxKSGiIRq1hGkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.22.0/24
IPv6:
2a0e:b800:aaaa::/48
2a0e:b800:abcd::/48
2a0e:b800:bbbb::/48
2a0e:b800:cccc::/48
Signature Algorithm: sha256WithRSAEncryption
6a:0a:3a:a1:17:58:98:45:95:c4:af:1c:84:94:08:3c:71:0d:
d2:3f:cc:da:5d:74:ae:6c:ad:6f:cd:7e:34:50:1a:b9:a8:c3:
2f:bc:7a:70:c6:9a:8c:8a:61:60:4b:e0:0a:ad:72:1a:4a:f1:
e9:54:f7:a4:83:05:10:b8:bc:f1:40:ec:84:65:54:b1:f6:96:
c1:6b:64:0f:b3:bc:a1:bf:53:d7:5d:81:58:d5:16:7e:1b:46:
1a:ae:79:7d:74:57:c6:d4:44:8f:f0:c2:c7:ff:12:fc:07:5b:
e6:e6:83:b6:9e:22:e2:c8:f7:6a:8b:d1:e9:6e:3a:3c:34:a3:
c6:e6:2a:1a:0c:84:60:9b:46:58:96:6a:a6:59:fa:6c:78:f4:
65:01:44:53:35:56:e4:f5:df:28:3e:f6:ef:01:fe:25:21:6d:
ea:fb:55:9f:57:8e:d2:83:ca:9e:a8:8f:83:3b:61:e3:ac:8e:
59:56:15:a5:d0:85:a6:d4:80:e0:43:8c:98:28:3a:98:7f:97:
85:28:94:2b:3f:1c:26:d2:49:fb:c4:d9:e5:dc:b7:21:05:77:
22:d2:27:3c:c3:de:34:34:2e:a5:f1:ca:2b:8d:42:43:4f:fc:
26:f0:6e:78:c8:10:5a:c7:11:c3:d3:4f:1e:fa:b9:18:d9:98:
ca:60:54:c1
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZFU2qCjz7pXBfd7MmfxxOgaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWQ3NjNiNDllMDI0YTdiNmExOWVhZjdkZmI5ODkxMWE5
Yzk0YzgwHhcNMjQwODE1MDcwNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBiYTIxNWRlNDllZTI5ZmFjMmNjNGE0ODY4ODg0NmFkNjExYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYp+qe8YgYQ0DVPySccn8maVjxUm
sT2mxc2Dm19f2ipz4/JU5MkzgPlSHOH4wtfZTX2B6jBU638Td/D1RA79HoIUbhUg
UllzRA/H1tlmPzmeegCMm3Q2OeJSVsZjbFUvkyLRCuW+s3a46aE2plg8OEbhZnG1
EPJNP5CSincKBi2JDzbVYQJ8g8JcQG0VeCJXIMpayJQgWr3PgtpI6gAZgj8W9Gco
0Mag2PP65k5UCdov/WW4XatFxEWB3FRW+cSc3MLnk5xXMr5yaRi+EkAhKsnFGkNk
/7k069r/EOCabdhBZGR/Q4qAI9ark/phNIZtwwugjs+q5m4cAIcZhLxgpwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFHYLohXeSe4p+sLMSkhoiEatYRpEMB8GA1UdIwQY
MBaAFO+ddjtJ4CSntqGer337mJEanJTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzct
MDg3MGU2NTk2NDViLzEvZGd1aUZkNUo3aW42d3N4S1NHaUlScTFoR2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzctMDg3MGU2NTk2NDVi
LzEvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQABbYWMCoE
AgACMCQDBwAqDrgAqqoDBwAqDrgAq80DBwAqDrgAu7sDBwAqDrgAzMwwDQYJKoZI
hvcNAQELBQADggEBAGoKOqEXWJhFlcSvHISUCDxxDdI/zNpddK5srW/NfjRQGrmo
wy+8enDGmoyKYWBL4AqtchpK8elU96SDBRC4vPFA7IRlVLH2lsFrZA+zvKG/U9dd
gVjVFn4bRhqueX10V8bURI/wwsf/EvwHW+bmg7aeIuLI92qL0eluOjw0o8bmKhoM
hGCbRliWaqZZ+mx49GUBRFM1VuT13yg+9u8B/iUhber7VZ9XjtKDyp6oj4M7YeOs
jllWFaXQhabUgOBDjJgoOph/l4UolCs/HCbSSfvE2eXctyEFdyLSJzzD3jQ0LqXx
yiuNQkNP/CbwbnjIEFrHEcPTTx76uRjZmMpgVME=
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:44:53 2024 by rpki-client on console-fra.rpki-client.org