Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/G1prV8uFQCx6mEJ5uk0QatrZvtg.roa
File: G1prV8uFQCx6mEJ5uk0QatrZvtg.roa (raw, json)
Hash identifier: dGXIFIfaEzNegxxUDQKbyZKUL+PR5tViKx4oSBsy+7M=
Subject key identifier: 1B:5A:6B:57:CB:85:40:2C:7A:98:42:79:BA:4D:10:6A:DA:D9:BE:D8
Certificate issuer: /CN=330e640f9d63ba943a97b3dc10d4c6844a5d3dc1
Certificate serial: 018CCA2A966C24B2AB04DCA04AC8DDD0CB9A
Authority key identifier: 33:0E:64:0F:9D:63:BA:94:3A:97:B3:DC:10:D4:C6:84:4A:5D:3D:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mw5kD51jupQ6l7PcENTGhEpdPcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/G1prV8uFQCx6mEJ5uk0QatrZvtg.roa
Signing time: Tue 02 Jan 2024 12:33:57 +0000
ROA not before: Tue 02 Jan 2024 12:33:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210278
IP address blocks: 101.56.192.0/18 maxlen: 18
101.56.128.0/18 maxlen: 18
101.59.0.0/16 maxlen: 16
195.162.92.0/22 maxlen: 22
101.56.64.0/18 maxlen: 18
101.63.0.0/16 maxlen: 16
101.58.0.0/16 maxlen: 16
101.58.0.0/15 maxlen: 15
101.56.0.0/18 maxlen: 18
101.62.194.0/23 maxlen: 23
101.62.196.0/23 maxlen: 23
101.56.0.0/15 maxlen: 15
101.62.0.0/16 maxlen: 16
101.62.0.0/15 maxlen: 15
101.57.0.0/16 maxlen: 16
2a0e:400::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/Mw5kD51jupQ6l7PcENTGhEpdPcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/Mw5kD51jupQ6l7PcENTGhEpdPcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mw5kD51jupQ6l7PcENTGhEpdPcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:96:6c:24:b2:ab:04:dc:a0:4a:c8:dd:d0:cb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=330e640f9d63ba943a97b3dc10d4c6844a5d3dc1
Validity
Not Before: Jan 2 12:33:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b5a6b57cb85402c7a984279ba4d106adad9bed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d3:b0:d7:02:1f:b5:53:c8:3b:fb:6d:4c:ce:
e2:da:e9:ae:4b:dd:68:f7:95:3d:4e:64:63:02:12:
05:4a:96:bd:88:82:71:0c:08:08:c1:f1:17:d6:f6:
5d:fd:fe:98:fd:92:13:05:4c:2b:34:1c:a0:5a:fc:
5f:8b:9d:3f:27:01:4e:23:d2:68:f0:89:a2:80:90:
c7:43:18:c2:02:9e:42:92:4a:30:ed:49:81:32:39:
67:e8:e3:d0:f2:55:39:c9:73:75:5d:dc:27:c9:9f:
f0:42:7a:d2:d7:91:23:e7:03:fc:3d:24:55:3d:c8:
f2:8e:8c:87:f2:51:af:17:08:bf:49:f6:39:56:36:
c0:6a:f1:3c:b3:17:91:54:9a:48:28:16:3c:32:b1:
e3:6b:bb:1c:77:a3:c5:e3:95:b5:6f:c8:f7:f3:28:
65:ae:74:50:07:1f:20:58:e8:5e:b8:6e:a8:3d:1f:
d1:f6:5c:d6:3d:d9:d1:33:cb:41:61:a5:56:ae:df:
00:53:5f:04:df:9a:8e:57:15:3e:85:40:b3:ae:ce:
55:22:8e:e0:a8:40:8e:27:3f:39:32:40:3a:79:46:
80:aa:45:30:ed:ac:10:f5:3e:ec:b2:0a:5b:ef:f5:
a1:80:52:6b:7a:6c:e4:17:9c:f9:53:5f:54:3a:2c:
8e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:5A:6B:57:CB:85:40:2C:7A:98:42:79:BA:4D:10:6A:DA:D9:BE:D8
X509v3 Authority Key Identifier:
keyid:33:0E:64:0F:9D:63:BA:94:3A:97:B3:DC:10:D4:C6:84:4A:5D:3D:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw5kD51jupQ6l7PcENTGhEpdPcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/G1prV8uFQCx6mEJ5uk0QatrZvtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e718e4-53b7-47bb-a336-5a17719d449e/1/Mw5kD51jupQ6l7PcENTGhEpdPcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
101.56.0.0/14
101.62.0.0/15
195.162.92.0/22
IPv6:
2a0e:400::/25
Signature Algorithm: sha256WithRSAEncryption
1c:9e:bc:8b:81:7c:06:d1:bd:05:7d:5d:69:93:f3:63:31:bd:
fa:64:ec:35:99:85:81:c2:95:96:61:31:9a:b0:6c:d4:b6:05:
78:b2:c5:31:0b:0b:9c:66:67:84:0f:0b:89:30:77:50:4b:38:
fd:17:74:a6:de:b3:3f:47:6e:7b:eb:3e:be:5b:9b:95:a0:61:
2c:f5:fe:3c:6f:c4:6f:79:02:f0:99:0a:b6:5a:2b:9a:96:0f:
fb:b7:5a:8f:70:e2:0d:3b:32:71:57:39:eb:58:39:37:53:d5:
ef:77:ac:53:55:73:6c:71:54:52:66:64:c3:ee:2f:b2:08:34:
89:19:ed:1c:c3:41:7d:78:a9:6c:e6:d4:87:3c:85:d7:c9:ad:
30:45:96:ca:9b:7a:2c:4b:66:9b:9b:3d:49:db:28:42:12:1d:
62:1b:53:0d:22:3c:ee:d1:81:83:37:ee:d1:83:b9:63:18:fd:
08:0b:55:48:65:b6:a7:9e:7a:c5:00:b2:1a:4c:c0:f1:7b:ea:
ac:01:02:e5:3a:d1:e7:0f:c5:00:0d:48:2d:1d:5c:bf:ee:f2:
35:6d:68:a6:df:b1:6a:55:c6:90:1e:aa:7c:f8:61:39:d0:03:
bd:7e:42:e9:ee:4d:5e:98:7d:6b:d0:e0:23:0f:90:95:ec:94:
02:fe:d0:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzKKpZsJLKrBNygSsjd0MuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMGU2NDBmOWQ2M2JhOTQzYTk3YjNkYzEwZDRjNjg0NGE1
ZDNkYzEwHhcNMjQwMTAyMTIzMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjVhNmI1N2NiODU0MDJjN2E5ODQyNzliYTRkMTA2YWRhZDliZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNOw1wIftVPIO/ttTM7i2umuS91o
95U9TmRjAhIFSpa9iIJxDAgIwfEX1vZd/f6Y/ZITBUwrNBygWvxfi50/JwFOI9Jo
8ImigJDHQxjCAp5Ckkow7UmBMjln6OPQ8lU5yXN1XdwnyZ/wQnrS15Ej5wP8PSRV
PcjyjoyH8lGvFwi/SfY5VjbAavE8sxeRVJpIKBY8MrHja7scd6PF45W1b8j38yhl
rnRQBx8gWOheuG6oPR/R9lzWPdnRM8tBYaVWrt8AU18E35qOVxU+hUCzrs5VIo7g
qECOJz85MkA6eUaAqkUw7awQ9T7ssgpb7/WhgFJremzkF5z5U19UOiyOuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtaa1fLhUAsephCebpNEGra2b7YMB8GA1UdIwQY
MBaAFDMOZA+dY7qUOpez3BDUxoRKXT3BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXc1a0Q1MWp1cFE2bDdQY0VOVEdoRXBkUGNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9lNzE4ZTQtNTNiNy00N2JiLWEzMzYt
NWExNzcxOWQ0NDllLzEvRzFwclY4dUZRQ3g2bUVKNXVrMFFhdHJadnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9lNzE4ZTQtNTNiNy00N2JiLWEzMzYtNWExNzcxOWQ0NDll
LzEvTXc1a0Q1MWp1cFE2bDdQY0VOVEdoRXBkUGNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAWBAIAATAQAwMCZTgDAwFl
PgMEAsOiXDANBAIAAjAHAwUHKg4EADANBgkqhkiG9w0BAQsFAAOCAQEAHJ68i4F8
BtG9BX1daZPzYzG9+mTsNZmFgcKVlmExmrBs1LYFeLLFMQsLnGZnhA8LiTB3UEs4
/Rd0pt6zP0due+s+vlublaBhLPX+PG/Eb3kC8JkKtlormpYP+7daj3DiDTsycVc5
61g5N1PV73esU1VzbHFUUmZkw+4vsgg0iRntHMNBfXipbObUhzyF18mtMEWWypt6
LEtmm5s9SdsoQhIdYhtTDSI87tGBgzfu0YO5Yxj9CAtVSGW2p556xQCyGkzA8Xvq
rAEC5TrR5w/FAA1ILR1cv+7yNW1opt+xalXGkB6qfPhhOdADvX5C6e5NXph9a9Dg
Iw+QleyUAv7Qgw==
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:15:13 2024 by rpki-client on console-fra.rpki-client.org