Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/oy2d6Y4j-m_pA9RDliFgFrw6A6U.roa
File: oy2d6Y4j-m_pA9RDliFgFrw6A6U.roa (raw, json)
Hash identifier: bAhyAwK1QHMt/4s3SGNJXld7jXuSnUVMTbpIWk0tTZ8=
Subject key identifier: A3:2D:9D:E9:8E:23:FA:6F:E9:03:D4:43:96:21:60:16:BC:3A:03:A5
Certificate issuer: /CN=83eba25c4a1c86ce75a24b76e78558c92f8a0372
Certificate serial: 018CC3B68BCE370738D9B458D2E964DE8F98
Authority key identifier: 83:EB:A2:5C:4A:1C:86:CE:75:A2:4B:76:E7:85:58:C9:2F:8A:03:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g-uiXEochs51okt254VYyS-KA3I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/oy2d6Y4j-m_pA9RDliFgFrw6A6U.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203165
IP address blocks: 5.145.104.0/21 maxlen: 21
5.145.104.0/22 maxlen: 22
5.145.108.0/22 maxlen: 22
2a01:8b40::/32 maxlen: 32
2a01:8b40:1000::/36 maxlen: 36
2a01:8b40::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/g-uiXEochs51okt254VYyS-KA3I.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/g-uiXEochs51okt254VYyS-KA3I.mft
rsync://rpki.ripe.net/repository/DEFAULT/g-uiXEochs51okt254VYyS-KA3I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8b:ce:37:07:38:d9:b4:58:d2:e9:64:de:8f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83eba25c4a1c86ce75a24b76e78558c92f8a0372
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a32d9de98e23fa6fe903d44396216016bc3a03a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:97:a5:36:71:4d:c7:55:47:36:c9:68:42:31:
1d:76:43:bb:1a:5a:62:1b:4a:a2:a6:2b:9e:e4:ca:
fc:d3:fe:1b:78:69:c4:b8:fa:93:bf:50:1c:28:7d:
dc:1e:09:d3:0c:3a:7f:6f:75:97:bb:23:72:98:bd:
a7:3e:30:1f:b8:d8:68:7e:06:3b:13:11:db:2d:c1:
8c:80:e3:8a:ee:20:dc:c5:f3:30:44:8b:91:64:65:
dc:dc:bb:eb:a6:78:7d:28:12:97:6e:15:58:e9:1f:
09:9d:5f:b4:cb:73:6e:f4:13:a2:f8:d8:e3:9b:2d:
d2:ce:ed:c5:72:62:f6:3f:2f:d8:74:db:36:8d:f2:
eb:e2:ac:e7:5d:f1:d0:c0:ad:03:bd:31:f6:d3:75:
69:f8:56:42:10:76:42:a0:2d:7b:21:f2:09:fb:2c:
23:aa:7b:fd:b4:c2:bb:1a:5f:b7:bb:2f:16:f0:e3:
f0:d0:2e:a1:e2:5d:82:3d:e7:28:9a:2e:1d:c3:60:
81:2e:09:d3:86:ce:5a:be:66:cc:41:c7:1d:46:37:
03:d6:f4:be:78:4a:4b:2c:40:69:1a:59:45:0f:b9:
7a:f0:5a:93:8c:c0:06:45:a0:65:a1:97:1f:3c:60:
73:64:16:6a:67:d9:97:4a:96:14:4b:19:f9:f9:c1:
4c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:2D:9D:E9:8E:23:FA:6F:E9:03:D4:43:96:21:60:16:BC:3A:03:A5
X509v3 Authority Key Identifier:
keyid:83:EB:A2:5C:4A:1C:86:CE:75:A2:4B:76:E7:85:58:C9:2F:8A:03:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-uiXEochs51okt254VYyS-KA3I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/oy2d6Y4j-m_pA9RDliFgFrw6A6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c5612d-e81b-43be-ae7c-577faf855399/1/g-uiXEochs51okt254VYyS-KA3I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.104.0/21
IPv6:
2a01:8b40::/32
Signature Algorithm: sha256WithRSAEncryption
c2:7f:0a:b8:d3:3b:a6:e4:c5:52:29:1f:3b:6f:7a:9b:cf:5f:
65:b4:d4:ab:e2:24:f4:4e:fd:6e:4f:ec:0f:91:12:e2:be:a5:
0c:ee:e2:15:7a:db:8a:87:5c:f4:d1:00:ff:e1:d7:39:15:e8:
0c:ac:84:63:d3:9e:3e:02:3e:42:e6:57:a5:b3:2c:ad:16:f5:
52:a9:a6:8b:1f:41:4a:19:a1:f5:45:2d:fe:f7:ee:f2:b4:6c:
fc:7a:a6:ef:d5:99:03:21:a2:12:da:b1:fb:ba:10:95:86:1f:
2f:12:16:52:a4:fe:b6:7b:0d:98:7b:91:0b:80:77:99:24:9c:
1b:e5:12:05:46:8f:c0:29:5c:c6:42:de:20:c3:82:39:47:ef:
52:d4:1f:36:bf:a4:d1:e0:aa:de:a9:47:57:5a:7a:4d:c8:d1:
07:b8:bf:1d:c4:37:61:a6:cd:ba:7e:c3:07:e1:40:d8:e2:67:
33:0a:f7:55:32:e0:f1:f0:5d:63:54:5c:3a:d7:87:a9:ae:db:
ab:c0:9e:6c:92:fa:eb:1e:b8:f3:c7:79:35:41:6b:0f:b0:52:
ea:ea:fd:23:33:f2:3c:09:18:6d:d3:3a:93:17:d2:dc:ac:5f:
cc:2c:43:4c:5e:e5:81:f9:db:ae:b1:39:cf:38:77:64:ca:ef:
9d:4f:7e:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtovONwc42bRY0ulk3o+YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZWJhMjVjNGExYzg2Y2U3NWEyNGI3NmU3ODU1OGM5MmY4
YTAzNzIwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzJkOWRlOThlMjNmYTZmZTkwM2Q0NDM5NjIxNjAxNmJjM2EwM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopelNnFNx1VHNsloQjEddkO7Glpi
G0qipiue5Mr80/4beGnEuPqTv1AcKH3cHgnTDDp/b3WXuyNymL2nPjAfuNhofgY7
ExHbLcGMgOOK7iDcxfMwRIuRZGXc3Lvrpnh9KBKXbhVY6R8JnV+0y3Nu9BOi+Njj
my3Szu3FcmL2Py/YdNs2jfLr4qznXfHQwK0DvTH203Vp+FZCEHZCoC17IfIJ+ywj
qnv9tMK7Gl+3uy8W8OPw0C6h4l2CPecomi4dw2CBLgnThs5avmbMQccdRjcD1vS+
eEpLLEBpGllFD7l68FqTjMAGRaBloZcfPGBzZBZqZ9mXSpYUSxn5+cFMAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKMtnemOI/pv6QPUQ5YhYBa8OgOlMB8GA1UdIwQY
MBaAFIProlxKHIbOdaJLdueFWMkvigNyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy11aVhFb2NoczUxb2t0MjU0Vll5Uy1LQTNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNTYxMmQtZTgxYi00M2JlLWFlN2Mt
NTc3ZmFmODU1Mzk5LzEvb3kyZDZZNGotbV9wQTlSRGxpRmdGcnc2QTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jNTYxMmQtZTgxYi00M2JlLWFlN2MtNTc3ZmFmODU1Mzk5
LzEvZy11aVhFb2NoczUxb2t0MjU0Vll5Uy1LQTNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBZFoMA0E
AgACMAcDBQAqAYtAMA0GCSqGSIb3DQEBCwUAA4IBAQDCfwq40zum5MVSKR87b3qb
z19ltNSr4iT0Tv1uT+wPkRLivqUM7uIVetuKh1z00QD/4dc5FegMrIRj054+Aj5C
5lelsyytFvVSqaaLH0FKGaH1RS3+9+7ytGz8eqbv1ZkDIaIS2rH7uhCVhh8vEhZS
pP62ew2Ye5ELgHeZJJwb5RIFRo/AKVzGQt4gw4I5R+9S1B82v6TR4KreqUdXWnpN
yNEHuL8dxDdhps26fsMH4UDY4mczCvdVMuDx8F1jVFw614eprturwJ5skvrrHrjz
x3k1QWsPsFLq6v0jM/I8CRht0zqTF9LcrF/MLENMXuWB+duusTnPOHdkyu+dT358
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:50:28 2024 by rpki-client on console-fra.rpki-client.org