Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/ymmmTMOjuGw8y3bSiLrYGBxbTqU.roa
File: ymmmTMOjuGw8y3bSiLrYGBxbTqU.roa (raw, json)
Hash identifier: oVcdMx9cjkPth4zxxRQNkD35x4VHhyi1C6lAViqenCM=
Subject key identifier: CA:69:A6:4C:C3:A3:B8:6C:3C:CB:76:D2:88:BA:D8:18:1C:5B:4E:A5
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 018CC6B79FFDF5EFB902ABB80CC5F21F1D82
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/ymmmTMOjuGw8y3bSiLrYGBxbTqU.roa
Signing time: Mon 01 Jan 2024 20:29:31 +0000
ROA not before: Mon 01 Jan 2024 20:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60119
IP address blocks: 5.129.177.0/24 maxlen: 24
5.129.176.0/22 maxlen: 22
5.129.176.0/24 maxlen: 24
5.129.179.0/24 maxlen: 24
5.129.178.0/24 maxlen: 24
5.129.183.0/24 maxlen: 24
5.129.182.0/23 maxlen: 23
5.129.182.0/24 maxlen: 24
5.129.191.0/24 maxlen: 24
5.129.190.0/24 maxlen: 24
5.129.189.0/24 maxlen: 24
5.129.188.0/22 maxlen: 22
5.129.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:9f:fd:f5:ef:b9:02:ab:b8:0c:c5:f2:1f:1d:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Jan 1 20:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca69a64cc3a3b86c3ccb76d288bad8181c5b4ea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3c:81:5f:f2:50:3e:8a:90:d7:15:80:52:e3:
54:49:70:d4:27:61:22:20:e1:db:a0:17:e8:bf:91:
e9:4d:3e:b1:1f:55:8c:43:9a:62:94:7e:a2:2c:9e:
ef:42:1c:11:27:4a:43:a2:69:66:f2:4a:5d:fa:31:
c8:c1:e8:fe:36:f5:9e:d5:3c:b0:ab:3c:70:f7:4b:
61:3c:15:b4:2f:c4:02:ec:32:e8:07:23:1e:d6:15:
01:da:56:46:88:d7:03:a2:80:9c:f6:6c:36:e6:d4:
98:e0:11:0d:82:cf:fc:f0:5b:66:47:bf:1b:a7:73:
86:e6:92:3b:98:29:84:77:86:2e:53:ff:fb:62:79:
cb:72:dc:cf:8c:1d:6a:13:7f:9d:5f:0b:98:68:9c:
5b:33:5d:51:35:0e:34:4e:92:ff:f9:b1:3c:ae:c6:
86:d7:72:dc:73:6f:da:1e:99:52:55:b1:d1:80:0b:
73:d0:82:d8:4f:02:2f:26:37:61:df:46:d8:98:cd:
2b:7d:98:3f:f2:38:aa:aa:07:65:3e:73:87:00:f4:
64:dd:cb:ac:af:90:44:32:84:97:27:38:bc:bd:5f:
48:c5:67:2f:f7:5e:cf:41:e3:92:1b:86:f2:91:ec:
4d:5a:55:37:04:77:63:44:a7:98:f1:75:9d:37:03:
9f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:69:A6:4C:C3:A3:B8:6C:3C:CB:76:D2:88:BA:D8:18:1C:5B:4E:A5
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/ymmmTMOjuGw8y3bSiLrYGBxbTqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.129.176.0/22
5.129.182.0/23
5.129.188.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:20:82:7c:6d:fe:49:ca:df:4d:a1:f6:59:6e:a2:ae:1e:53:
fb:0c:1b:08:af:a9:bf:9f:c7:92:fa:87:10:2d:61:d5:54:42:
49:5c:76:98:00:2d:4f:7d:be:01:f5:f4:aa:39:bd:e9:05:6f:
c1:4b:6f:27:5b:aa:fd:34:83:40:18:07:a0:5b:04:62:59:5a:
45:a3:e6:03:03:f0:cd:ba:0a:93:7d:09:e5:72:7c:2a:c0:40:
86:8a:50:21:6d:fd:b5:ba:d8:ce:d5:02:b8:a3:39:af:1c:9c:
aa:dc:f2:d8:58:db:e8:95:de:ef:b8:8f:58:d0:93:44:2b:e3:
6a:d6:d4:76:88:38:24:56:11:b2:31:26:44:59:f3:58:39:ce:
ab:19:ae:7b:38:c3:12:18:cc:ab:03:a1:56:ac:54:ea:c6:97:
16:4c:d2:72:b9:42:d8:70:03:55:c3:0b:f9:27:74:1c:e0:73:
f0:23:50:07:97:a2:24:3f:ca:dc:ef:48:b1:27:3f:6b:59:52:
53:9b:b6:1c:66:2d:38:36:6b:0a:7b:05:d3:f4:d3:3e:81:b2:
ec:c7:ba:2c:ca:2e:7a:9f:78:b5:24:2e:47:de:e1:66:1d:49:
c3:a7:76:38:8f:3b:d5:15:fd:10:20:12:1d:9b:d3:60:48:36:
3b:0b:39:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGt5/99e+5Aqu4DMXyHx2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjQwMTAxMjAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTY5YTY0Y2MzYTNiODZjM2NjYjc2ZDI4OGJhZDgxODFjNWI0ZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjyBX/JQPoqQ1xWAUuNUSXDUJ2Ei
IOHboBfov5HpTT6xH1WMQ5pilH6iLJ7vQhwRJ0pDomlm8kpd+jHIwej+NvWe1Tyw
qzxw90thPBW0L8QC7DLoByMe1hUB2lZGiNcDooCc9mw25tSY4BENgs/88FtmR78b
p3OG5pI7mCmEd4YuU//7YnnLctzPjB1qE3+dXwuYaJxbM11RNQ40TpL/+bE8rsaG
13Lcc2/aHplSVbHRgAtz0ILYTwIvJjdh30bYmM0rfZg/8jiqqgdlPnOHAPRk3cus
r5BEMoSXJzi8vV9IxWcv917PQeOSG4bykexNWlU3BHdjRKeY8XWdNwOfWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMpppkzDo7hsPMt20oi62BgcW06lMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEveW1tbVRNT2p1R3c4eTNiU2lMcllHQnhiVHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBYGwAwQB
BYG2AwQCBYG8MA0GCSqGSIb3DQEBCwUAA4IBAQALIIJ8bf5Jyt9NofZZbqKuHlP7
DBsIr6m/n8eS+ocQLWHVVEJJXHaYAC1Pfb4B9fSqOb3pBW/BS28nW6r9NINAGAeg
WwRiWVpFo+YDA/DNugqTfQnlcnwqwECGilAhbf21utjO1QK4ozmvHJyq3PLYWNvo
ld7vuI9Y0JNEK+Nq1tR2iDgkVhGyMSZEWfNYOc6rGa57OMMSGMyrA6FWrFTqxpcW
TNJyuULYcANVwwv5J3Qc4HPwI1AHl6IkP8rc70ixJz9rWVJTm7YcZi04NmsKewXT
9NM+gbLsx7osyi56n3i1JC5H3uFmHUnDp3Y4jzvVFf0QIBIdm9NgSDY7Czm8
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:38:35 2024 by rpki-client on console-ams.rpki-client.org