Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/cx5MnDkWtCTVYwugY5MQWLryIjg.roa
File: cx5MnDkWtCTVYwugY5MQWLryIjg.roa (raw, json)
Hash identifier: XOw00r7YimDcUHhDfY12Cib4cfdJ6+Gg2+/tzNfmA7w=
Subject key identifier: 73:1E:4C:9C:39:16:B4:24:D5:63:0B:A0:63:93:10:58:BA:F2:22:38
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018FBFC4981B65D049DAAA8F587301E06B5B
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/cx5MnDkWtCTVYwugY5MQWLryIjg.roa
Signing time: Tue 28 May 2024 15:14:43 +0000
ROA not before: Tue 28 May 2024 15:14:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 147.136.64.0/24 maxlen: 24
168.199.132.0/24 maxlen: 24
168.199.186.0/24 maxlen: 24
168.199.227.0/24 maxlen: 24
192.95.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:c4:98:1b:65:d0:49:da:aa:8f:58:73:01:e0:6b:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: May 28 15:14:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=731e4c9c3916b424d5630ba063931058baf22238
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:78:13:2a:83:19:67:8f:4d:8c:4e:4d:eb:4a:
8a:29:14:ff:19:6d:0d:96:0f:81:c5:6d:7d:1e:e3:
e9:18:75:db:2f:50:6f:f0:28:95:26:29:19:77:87:
b7:ef:21:74:23:fd:ac:65:48:d2:69:87:15:1e:8d:
b2:29:fb:21:28:b5:7c:42:5e:51:af:08:e7:dd:ca:
e3:ba:fe:ea:d2:60:32:f1:e9:a4:d1:3f:e1:69:08:
92:eb:27:c6:b6:0c:75:da:d4:a2:34:9f:df:23:80:
22:56:63:b6:75:63:f5:0a:e6:a3:ba:1b:8a:0b:bb:
58:42:3e:9c:f4:6a:e0:97:49:f2:f5:e2:1a:b1:5e:
24:8b:84:b1:e4:1c:06:a0:99:16:5b:ed:88:0d:55:
0f:d7:23:75:54:86:2e:57:83:6e:2b:d5:49:38:f0:
7e:7c:fc:4a:bd:3b:65:04:65:e1:d6:e8:ca:ab:7a:
49:3d:86:a7:72:20:5e:df:f5:1b:be:80:bb:fe:6b:
b8:12:9f:c5:23:fd:e8:68:6b:7d:85:01:8f:31:f7:
41:e3:3b:17:aa:2a:a8:d0:dd:3e:a8:47:e4:8c:93:
83:08:03:dc:b7:8a:d4:bd:fc:b3:e2:25:ec:4a:7a:
ed:95:02:b2:c6:68:4d:e9:8d:1c:80:6e:9a:cd:4a:
c8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1E:4C:9C:39:16:B4:24:D5:63:0B:A0:63:93:10:58:BA:F2:22:38
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/cx5MnDkWtCTVYwugY5MQWLryIjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.64.0/24
168.199.132.0/24
168.199.186.0/24
168.199.227.0/24
192.95.80.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:08:3e:50:27:7c:79:a0:f1:cc:66:d8:67:c0:dc:93:b7:da:
0a:0a:a7:b4:35:d5:44:6d:aa:db:8c:20:65:0d:9b:23:bb:db:
8f:bd:24:f9:7b:21:8f:d2:a9:0d:51:0c:c0:49:d7:c0:af:54:
2e:55:ed:d4:67:42:3d:1f:0e:26:da:da:e1:bb:fd:58:c3:98:
c2:3d:6f:02:3b:fe:c6:7f:ee:ea:12:8f:db:d2:8e:cc:41:06:
4b:97:fa:0e:96:60:ed:fc:f6:09:65:8b:cd:e4:2a:33:b0:01:
52:f2:92:b6:58:18:30:b8:2c:4b:17:c8:78:96:19:3c:4b:93:
80:6e:32:4e:ec:4a:bf:71:9f:73:85:12:bc:d8:f8:48:8c:49:
4a:48:1d:d7:4e:a6:dc:01:84:ef:19:38:68:15:a4:94:25:62:
e2:84:79:64:b7:72:1b:af:a3:63:7e:fb:71:3c:c3:c1:5b:e7:
34:e6:f1:20:e6:82:1b:20:be:e2:9c:60:cc:8a:09:c9:b0:da:
2c:87:0b:52:dc:8a:bb:b7:a7:2e:69:4f:50:41:51:77:f1:a6:
c8:b6:47:d3:cf:35:be:8d:4b:ce:e1:ea:ea:fd:a7:3a:2d:a5:
0b:9d:f5:bc:67:0f:33:59:01:b2:c7:55:78:c8:c9:ff:1e:ec:
e9:37:6d:82
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+/xJgbZdBJ2qqPWHMB4GtbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwNTI4MTUxNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzFlNGM5YzM5MTZiNDI0ZDU2MzBiYTA2MzkzMTA1OGJhZjIyMjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXgTKoMZZ49NjE5N60qKKRT/GW0N
lg+BxW19HuPpGHXbL1Bv8CiVJikZd4e37yF0I/2sZUjSaYcVHo2yKfshKLV8Ql5R
rwjn3crjuv7q0mAy8emk0T/haQiS6yfGtgx12tSiNJ/fI4AiVmO2dWP1CuajuhuK
C7tYQj6c9Grgl0ny9eIasV4ki4Sx5BwGoJkWW+2IDVUP1yN1VIYuV4NuK9VJOPB+
fPxKvTtlBGXh1ujKq3pJPYanciBe3/UbvoC7/mu4Ep/FI/3oaGt9hQGPMfdB4zsX
qiqo0N0+qEfkjJODCAPct4rUvfyz4iXsSnrtlQKyxmhN6Y0cgG6azUrI7wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHMeTJw5FrQk1WMLoGOTEFi68iI4MB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvY3g1TW5Ea1d0Q1RWWXd1Z1k1TVFXTHJ5SWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAk4hAAwQA
qMeEAwQAqMe6AwQAqMfjAwQAwF9QMA0GCSqGSIb3DQEBCwUAA4IBAQCtCD5QJ3x5
oPHMZthnwNyTt9oKCqe0NdVEbarbjCBlDZsju9uPvST5eyGP0qkNUQzASdfAr1Qu
Ve3UZ0I9Hw4m2trhu/1Yw5jCPW8CO/7Gf+7qEo/b0o7MQQZLl/oOlmDt/PYJZYvN
5CozsAFS8pK2WBgwuCxLF8h4lhk8S5OAbjJO7Eq/cZ9zhRK82PhIjElKSB3XTqbc
AYTvGThoFaSUJWLihHlkt3Ibr6NjfvtxPMPBW+c05vEg5oIbIL7inGDMignJsNos
hwtS3Iq7t6cuaU9QQVF38abItkfTzzW+jUvO4erq/ac6LaULnfW8Zw8zWQGyx1V4
yMn/HuzpN22C
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:12 2024 by rpki-client on console-ams.rpki-client.org