Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/1-WHTTId8GQ53rTOXzkfgHEYl3aQ.roa
File: 1-WHTTId8GQ53rTOXzkfgHEYl3aQ.roa (raw, json)
Hash identifier: WPgHCz/lj/QfKwGgAii26zngT6tnVoom5HKoWRGlx8c=
Subject key identifier: F9:61:D3:4C:87:7C:19:0E:77:AD:33:97:CE:47:E0:1C:46:25:DD:A4
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 01918190E723D19BD42D500D990F858C6CE3
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/1-WHTTId8GQ53rTOXzkfgHEYl3aQ.roa
Signing time: Fri 23 Aug 2024 23:27:22 +0000
ROA not before: Fri 23 Aug 2024 23:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197328
IP address blocks: 5.255.57.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.62.0/24 maxlen: 24
5.255.63.0/24 maxlen: 24
23.252.66.0/24 maxlen: 24
91.92.113.0/24 maxlen: 24
185.4.227.0/24 maxlen: 24
185.150.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:81:90:e7:23:d1:9b:d4:2d:50:0d:99:0f:85:8c:6c:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Aug 23 23:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f961d34c877c190e77ad3397ce47e01c4625dda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f6:c7:58:dc:d0:bb:6c:4d:59:f8:99:73:74:
39:20:c6:8e:dc:f9:4d:c3:94:30:c0:da:f3:6e:66:
7d:cf:87:95:bd:ac:cf:47:70:b0:3e:df:56:0a:2f:
cd:a5:1d:46:c5:3a:93:5f:f2:fb:ba:96:55:5d:16:
d7:7c:fc:69:8b:74:5d:b2:78:e0:36:79:76:ff:37:
0a:74:aa:39:45:f9:62:52:d7:70:24:6d:84:b9:77:
ea:39:b6:b1:0c:00:fe:06:b6:b5:03:ea:4f:5e:fc:
e8:76:d5:e3:b8:ea:ea:07:07:5d:5b:fc:ea:27:b0:
12:9e:dd:8d:57:fc:aa:a4:ad:fc:50:c1:cd:95:53:
d4:02:15:6a:b1:d7:fc:59:cf:c3:b3:5c:21:dd:9b:
ab:57:b1:82:11:93:41:f6:15:bb:89:9f:e4:c7:bf:
b2:0f:64:1c:8f:f3:06:71:c7:5b:19:cf:cf:74:94:
6c:fc:fa:e2:44:f0:ab:a3:93:1b:9f:ce:f7:06:c7:
6a:71:0a:4b:3b:cb:ea:c1:4c:24:a3:a9:e5:12:de:
93:f2:8e:e9:bf:59:29:c4:10:1b:6b:98:09:57:b4:
cf:a5:db:e8:8b:87:5c:a1:b9:f8:c9:b1:96:0c:ce:
be:f4:e9:a1:b3:19:57:18:4a:f9:ef:6e:d5:ec:8a:
48:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:61:D3:4C:87:7C:19:0E:77:AD:33:97:CE:47:E0:1C:46:25:DD:A4
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/1-WHTTId8GQ53rTOXzkfgHEYl3aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0/24
91.92.113.0/24
185.4.227.0/24
185.150.2.0/24
Signature Algorithm: sha256WithRSAEncryption
50:62:d1:a0:16:f3:c4:02:bd:a3:44:d7:9e:7e:53:3d:22:3c:
23:4f:41:33:ad:67:e6:a9:d7:7d:db:f6:42:a6:be:2d:f4:a6:
6f:dc:5d:2c:dd:59:92:76:91:ca:c2:2e:af:ce:2c:f2:68:5a:
b6:c9:45:6a:c1:b2:c1:36:86:d7:e2:b7:50:5b:b7:21:47:06:
19:b1:8e:f1:63:d7:80:bc:59:63:72:b5:99:54:83:38:37:ad:
18:80:67:11:4d:e5:38:a2:f4:dd:6f:44:5c:2f:a9:32:3a:50:
3c:f2:a8:b4:38:45:74:cd:90:17:56:91:b6:2c:c8:f0:ec:f0:
6b:5d:e4:85:eb:37:37:a8:76:a6:33:d9:06:fc:33:d6:16:7d:
67:ba:79:e0:04:c1:11:5a:8d:ce:49:41:16:69:f2:6b:a3:6d:
05:b6:07:30:77:2f:44:90:61:30:a4:ae:11:80:ee:01:45:11:
19:d8:00:27:25:83:b2:3e:07:ad:95:43:49:ab:30:03:4f:7d:
d8:36:5e:2b:29:b9:2f:bd:70:3d:1c:c4:38:c6:3d:95:3d:e8:
19:e1:56:30:e7:19:3a:75:10:7d:27:c5:f5:67:79:52:7a:5a:
6e:4c:2c:dd:e7:4c:39:9e:ca:21:aa:9a:f3:a0:bb:51:a6:01:
e7:0f:c2:f2
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZGBkOcj0ZvULVANmQ+FjGzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjQwODIzMjMyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTYxZDM0Yzg3N2MxOTBlNzdhZDMzOTdjZTQ3ZTAxYzQ2MjVkZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvbHWNzQu2xNWfiZc3Q5IMaO3PlN
w5QwwNrzbmZ9z4eVvazPR3CwPt9WCi/NpR1GxTqTX/L7upZVXRbXfPxpi3Rdsnjg
Nnl2/zcKdKo5RfliUtdwJG2EuXfqObaxDAD+Bra1A+pPXvzodtXjuOrqBwddW/zq
J7ASnt2NV/yqpK38UMHNlVPUAhVqsdf8Wc/Ds1wh3ZurV7GCEZNB9hW7iZ/kx7+y
D2Qcj/MGccdbGc/PdJRs/PriRPCro5Mbn873BsdqcQpLO8vqwUwko6nlEt6T8o7p
v1kpxBAba5gJV7TPpdvoi4dcobn4ybGWDM6+9OmhsxlXGEr5727V7IpIwwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPlh00yHfBkOd60zl85H4BxGJd2kMB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvMS1XSFRUSWQ4R1E1M3JUT1h6a2ZnSEVZbDNhUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvZGM3MDMwLTc4Y2MtNDgwMC04ODhkLTE0MjdkZDE2ZWZh
NC8xL0xqYUxDdXhzZjlTTkRaYTBCM29qLVFhb2FrZy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAAX/OTAM
AwQABf89AwQGBf8AAwQAF/xCAwQAW1xxAwQAuQTjAwQAuZYCMA0GCSqGSIb3DQEB
CwUAA4IBAQBQYtGgFvPEAr2jRNeeflM9IjwjT0EzrWfmqdd92/ZCpr4t9KZv3F0s
3VmSdpHKwi6vzizyaFq2yUVqwbLBNobX4rdQW7chRwYZsY7xY9eAvFljcrWZVIM4
N60YgGcRTeU4ovTdb0RcL6kyOlA88qi0OEV0zZAXVpG2LMjw7PBrXeSF6zc3qHam
M9kG/DPWFn1nunngBMERWo3OSUEWafJro20Ftgcwdy9EkGEwpK4RgO4BRREZ2AAn
JYOyPgetlUNJqzADT33YNl4rKbkvvXA9HMQ4xj2VPegZ4VYw5xk6dRB9J8X1Z3lS
elpuTCzd50w5nsohqprzoLtRpgHnD8Ly
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:45:22 2024 by rpki-client on console-ams.rpki-client.org