Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/yLKbBpWkt6GHrBTNDPb7luUFKEM.roa
File: yLKbBpWkt6GHrBTNDPb7luUFKEM.roa (raw, json)
Hash identifier: PVOnchFEWho4/0lUBrFgg5K3fzrcaPywvnnjAv/2lqA=
Subject key identifier: C8:B2:9B:06:95:A4:B7:A1:87:AC:14:CD:0C:F6:FB:96:E5:05:28:43
Certificate issuer: /CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Certificate serial: 018CC5DCA464AE06F9BB34AE28A548FA8A22
Authority key identifier: 1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/yLKbBpWkt6GHrBTNDPb7luUFKEM.roa
Signing time: Mon 01 Jan 2024 16:30:20 +0000
ROA not before: Mon 01 Jan 2024 16:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47692
IP address blocks: 5.132.159.0/24 maxlen: 24
5.132.157.0/24 maxlen: 24
5.132.160.0/24 maxlen: 24
5.132.191.0/24 maxlen: 24
2a03:3180:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/HkogILgtApTpCi1rLA8o0Rc7ZGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/HkogILgtApTpCi1rLA8o0Rc7ZGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:a4:64:ae:06:f9:bb:34:ae:28:a5:48:fa:8a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e4a2020b82d0294e90a2d6b2c0f28d1173b6465
Validity
Not Before: Jan 1 16:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8b29b0695a4b7a187ac14cd0cf6fb96e5052843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d2:f8:9b:9f:73:1d:f1:4c:ca:4e:22:12:e9:
65:5a:b1:fe:21:33:2e:66:43:27:a2:cd:ca:f5:e2:
74:72:8a:42:61:29:5f:26:ca:2a:97:6e:23:95:b3:
de:62:91:cd:1b:52:cd:f6:f5:6f:0c:45:cb:ea:92:
e9:f8:c2:86:e1:b7:9c:62:ce:c5:5a:00:bd:41:4e:
0a:3d:1a:80:0d:03:b8:ab:a4:88:16:64:00:6e:06:
e3:89:6e:8e:24:da:45:87:56:96:fc:ad:d7:83:e9:
0d:9c:fd:ec:41:b6:ca:99:53:8d:2d:2b:bb:e5:db:
37:7f:2a:63:bd:7b:be:21:f9:b0:85:45:59:72:84:
ad:6e:88:0e:98:63:9d:98:5f:b9:8f:f8:cf:94:ac:
53:e9:5a:aa:b3:00:c1:25:92:00:7c:ef:6e:42:52:
d5:c4:10:14:98:a9:0e:ec:48:ed:87:39:7c:5a:3a:
04:fc:41:86:b6:a3:f2:54:26:ef:50:36:c8:d3:8f:
a4:5f:f6:4a:17:58:07:5d:c4:2f:2c:58:df:e3:03:
a6:52:0c:de:59:63:0a:9c:81:0f:05:4c:61:ad:35:
72:60:43:46:af:a6:cd:79:81:36:26:26:a9:e8:3c:
f2:63:64:a9:ff:5c:9d:61:0b:31:49:95:71:e6:45:
0c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B2:9B:06:95:A4:B7:A1:87:AC:14:CD:0C:F6:FB:96:E5:05:28:43
X509v3 Authority Key Identifier:
keyid:1E:4A:20:20:B8:2D:02:94:E9:0A:2D:6B:2C:0F:28:D1:17:3B:64:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HkogILgtApTpCi1rLA8o0Rc7ZGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/yLKbBpWkt6GHrBTNDPb7luUFKEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4c48bb-366c-41f5-9b2d-530440c4fa29/1/HkogILgtApTpCi1rLA8o0Rc7ZGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.132.157.0/24
5.132.159.0-5.132.160.255
5.132.191.0/24
IPv6:
2a03:3180:f::/48
Signature Algorithm: sha256WithRSAEncryption
48:3b:e7:8b:2e:48:91:bc:3b:ff:75:c5:2d:66:4d:56:c1:2f:
0a:bb:66:18:ad:4c:53:48:4d:6c:83:d5:78:81:0d:0c:5e:7c:
75:d5:b4:fc:47:d7:5d:76:b0:70:1a:a8:53:19:fd:e7:75:6e:
c0:bf:64:46:bf:7b:7e:4d:cb:65:7a:01:05:ae:2e:c6:a6:48:
f1:d5:ec:fb:a5:6b:9b:c9:f8:6d:01:4a:ab:f4:94:7d:5d:78:
85:d5:0d:13:b1:e2:ab:72:cc:f5:35:9d:f0:e6:dc:e5:48:4c:
1f:b7:73:2e:bd:5a:15:3c:f3:bb:bb:2e:b9:4c:74:43:cf:45:
46:66:78:c0:df:99:a8:a0:01:52:98:62:28:bf:49:64:1d:40:
53:b8:b1:be:dc:04:ce:bc:4b:06:c1:ba:df:01:94:59:f6:5b:
77:cd:18:3d:ce:fa:ea:cd:c3:14:4b:af:3a:f3:bd:a2:f7:aa:
94:be:f2:3c:09:fb:77:64:6d:34:5c:23:44:b8:cf:21:70:5b:
6a:29:7f:f9:27:cb:aa:09:e6:8b:67:7a:21:b9:7f:a1:36:d2:
a0:9a:34:f4:1c:45:98:f5:86:c0:5f:61:08:45:8a:ef:8d:63:
f6:15:1b:53:e6:47:e2:f8:7f:67:89:87:47:9d:b6:f7:ac:c0:
cf:6b:3b:14
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzF3KRkrgb5uzSuKKVI+ooiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNGEyMDIwYjgyZDAyOTRlOTBhMmQ2YjJjMGYyOGQxMTcz
YjY0NjUwHhcNMjQwMTAxMTYzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGIyOWIwNjk1YTRiN2ExODdhYzE0Y2QwY2Y2ZmI5NmU1MDUyODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitL4m59zHfFMyk4iEullWrH+ITMu
ZkMnos3K9eJ0copCYSlfJsoql24jlbPeYpHNG1LN9vVvDEXL6pLp+MKG4becYs7F
WgC9QU4KPRqADQO4q6SIFmQAbgbjiW6OJNpFh1aW/K3Xg+kNnP3sQbbKmVONLSu7
5ds3fypjvXu+IfmwhUVZcoStbogOmGOdmF+5j/jPlKxT6VqqswDBJZIAfO9uQlLV
xBAUmKkO7Ejthzl8WjoE/EGGtqPyVCbvUDbI04+kX/ZKF1gHXcQvLFjf4wOmUgze
WWMKnIEPBUxhrTVyYENGr6bNeYE2Jiap6DzyY2Sp/1ydYQsxSZVx5kUMMwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFMiymwaVpLehh6wUzQz2+5blBShDMB8GA1UdIwQY
MBaAFB5KICC4LQKU6QotaywPKNEXO2RlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtvZ0lMZ3RBcFRwQ2kxckxBOG8wUmM3WkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80YzQ4YmItMzY2Yy00MWY1LTliMmQt
NTMwNDQwYzRmYTI5LzEveUxLYkJwV2t0NkdIckJUTkRQYjdsdVVGS0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80YzQ4YmItMzY2Yy00MWY1LTliMmQtNTMwNDQwYzRmYTI5
LzEvSGtvZ0lMZ3RBcFRwQ2kxckxBOG8wUmM3WkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQABYSdMAwD
BAAFhJ8DBAAFhKADBAAFhL8wDwQCAAIwCQMHACoDMYAADzANBgkqhkiG9w0BAQsF
AAOCAQEASDvniy5Ikbw7/3XFLWZNVsEvCrtmGK1MU0hNbIPVeIENDF58ddW0/EfX
XXawcBqoUxn953VuwL9kRr97fk3LZXoBBa4uxqZI8dXs+6Vrm8n4bQFKq/SUfV14
hdUNE7Hiq3LM9TWd8Obc5UhMH7dzLr1aFTzzu7suuUx0Q89FRmZ4wN+ZqKABUphi
KL9JZB1AU7ixvtwEzrxLBsG63wGUWfZbd80YPc766s3DFEuvOvO9oveqlL7yPAn7
d2RtNFwjRLjPIXBbail/+SfLqgnmi2d6Ibl/oTbSoJo09BxFmPWGwF9hCEWK741j
9hUbU+ZH4vh/Z4mHR52296zAz2s7FA==
-----END CERTIFICATE-----
Generated at Sat May 18 02:13:37 2024 by rpki-client on console-fra.rpki-client.org