Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/ozTJ3vPkk1voQMWvygr_AXy6xMk.roa
File: ozTJ3vPkk1voQMWvygr_AXy6xMk.roa (raw, json)
Hash identifier: FuBj1zy4SXYWwVNluyzgET72x7Se/Xus2gosM1tq4kg=
Subject key identifier: A3:34:C9:DE:F3:E4:93:5B:E8:40:C5:AF:CA:0A:FF:01:7C:BA:C4:C9
Certificate issuer: /CN=6f5de9f9dbbd4618857b58105c6743720a11bc6e
Certificate serial: 018CCA29C6C0E27695BD09BB509238FFB990
Authority key identifier: 6F:5D:E9:F9:DB:BD:46:18:85:7B:58:10:5C:67:43:72:0A:11:BC:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b13p-du9RhiFe1gQXGdDcgoRvG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/ozTJ3vPkk1voQMWvygr_AXy6xMk.roa
Signing time: Tue 02 Jan 2024 12:33:04 +0000
ROA not before: Tue 02 Jan 2024 12:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199092
IP address blocks: 5.187.56.0/23 maxlen: 23
5.187.56.0/21 maxlen: 21
5.187.58.0/24 maxlen: 24
5.187.63.0/24 maxlen: 24
2a01:41c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/b13p-du9RhiFe1gQXGdDcgoRvG4.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/b13p-du9RhiFe1gQXGdDcgoRvG4.mft
rsync://rpki.ripe.net/repository/DEFAULT/b13p-du9RhiFe1gQXGdDcgoRvG4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:c6:c0:e2:76:95:bd:09:bb:50:92:38:ff:b9:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5de9f9dbbd4618857b58105c6743720a11bc6e
Validity
Not Before: Jan 2 12:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a334c9def3e4935be840c5afca0aff017cbac4c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:d0:2b:a1:ea:e9:df:9b:34:90:36:56:83:e6:
14:3d:a4:a1:f4:fd:da:9d:66:c3:cf:a7:0f:2e:23:
a8:c3:0d:3d:86:68:bb:8d:b6:b3:7e:f6:ba:2e:c6:
cc:18:40:44:74:fd:fe:9a:d9:83:d4:59:43:33:4f:
5b:b5:90:4e:91:71:a6:6c:e4:05:3e:28:a9:f9:42:
a8:fb:c9:4c:84:2a:ce:54:ca:18:da:5c:3d:95:02:
15:5d:42:70:49:24:34:a8:c6:f0:84:65:85:71:e7:
5c:fc:0c:48:5c:e3:72:76:4b:e7:7d:1b:31:7f:78:
e4:0a:7c:6d:fb:72:6e:47:26:b5:4d:7c:61:e1:ae:
2b:cc:23:a2:23:44:13:24:44:76:45:0b:d9:91:f4:
17:1b:a4:c7:2a:5f:b4:31:96:3a:3e:a4:ed:c0:c3:
df:3b:90:a5:75:e2:22:3f:13:86:d5:c1:60:1b:b5:
19:e2:e3:47:75:12:2c:50:28:9c:2e:dc:88:d9:53:
f2:51:7b:da:f4:52:26:18:22:3f:c5:f5:10:29:d5:
fa:cc:63:34:bd:51:1a:6d:1c:fc:eb:c0:28:a8:8d:
f7:48:37:7e:dd:a1:8e:0b:de:a0:87:3e:cd:42:7f:
8d:7c:b2:29:b8:34:21:81:5d:ee:37:a0:ec:70:6f:
3e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:34:C9:DE:F3:E4:93:5B:E8:40:C5:AF:CA:0A:FF:01:7C:BA:C4:C9
X509v3 Authority Key Identifier:
keyid:6F:5D:E9:F9:DB:BD:46:18:85:7B:58:10:5C:67:43:72:0A:11:BC:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b13p-du9RhiFe1gQXGdDcgoRvG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/ozTJ3vPkk1voQMWvygr_AXy6xMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/61fcb4-5574-4e2e-b259-ae05794c8e13/1/b13p-du9RhiFe1gQXGdDcgoRvG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.56.0/21
IPv6:
2a01:41c0::/32
Signature Algorithm: sha256WithRSAEncryption
52:5c:bf:b6:1c:fb:6b:ac:db:44:f5:8c:29:b5:20:91:a8:79:
cb:fc:da:fc:10:14:5d:32:04:dd:57:e2:7d:ff:90:bc:9d:36:
55:98:a2:ea:8d:b4:9b:ba:76:56:e5:dd:e9:87:2f:99:bd:a6:
db:14:14:a6:59:22:70:e3:0f:d3:03:39:5b:fd:78:40:01:18:
97:12:ed:56:c1:9c:19:a9:87:bd:b6:e1:76:53:82:0f:9d:0c:
5e:6e:8c:05:a0:1d:6c:4d:0c:39:1d:50:f3:6e:56:6b:3e:1b:
59:32:c4:41:ce:b3:e4:eb:98:94:53:4e:17:a9:23:0d:64:60:
3c:de:9b:24:cd:12:28:ec:50:c3:4e:a4:13:66:d5:37:c5:2d:
78:45:3b:fa:17:8b:60:c0:4f:dc:92:02:53:d8:05:5f:e7:d8:
09:d2:32:da:64:d4:0d:d3:88:30:b0:4e:f7:4b:92:3c:0b:c5:
96:d0:72:bf:ae:3b:2e:50:3d:21:77:ff:19:29:99:5a:6c:f7:
66:9e:e2:7b:48:c4:f3:22:81:6d:10:e3:58:4b:d9:e5:ac:6c:
29:b6:df:1a:bc:dd:2b:c2:22:95:04:e8:1b:64:7d:61:8e:2f:
48:69:6b:ce:90:29:a5:37:3e:db:dc:4b:f7:13:22:4a:68:72:
20:f9:f2:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKcbA4naVvQm7UJI4/7mQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWRlOWY5ZGJiZDQ2MTg4NTdiNTgxMDVjNjc0MzcyMGEx
MWJjNmUwHhcNMjQwMTAyMTIzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzM0YzlkZWYzZTQ5MzViZTg0MGM1YWZjYTBhZmYwMTdjYmFjNGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+tAroerp35s0kDZWg+YUPaSh9P3a
nWbDz6cPLiOoww09hmi7jbazfva6LsbMGEBEdP3+mtmD1FlDM09btZBOkXGmbOQF
Piip+UKo+8lMhCrOVMoY2lw9lQIVXUJwSSQ0qMbwhGWFcedc/AxIXONydkvnfRsx
f3jkCnxt+3JuRya1TXxh4a4rzCOiI0QTJER2RQvZkfQXG6THKl+0MZY6PqTtwMPf
O5CldeIiPxOG1cFgG7UZ4uNHdRIsUCicLtyI2VPyUXva9FImGCI/xfUQKdX6zGM0
vVEabRz868AoqI33SDd+3aGOC96ghz7NQn+NfLIpuDQhgV3uN6DscG8++wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKM0yd7z5JNb6EDFr8oK/wF8usTJMB8GA1UdIwQY
MBaAFG9d6fnbvUYYhXtYEFxnQ3IKEbxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjEzcC1kdTlSaGlGZTFnUVhHZERjZ29Sdkc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC82MWZjYjQtNTU3NC00ZTJlLWIyNTkt
YWUwNTc5NGM4ZTEzLzEvb3pUSjN2UGtrMXZvUU1Xdnlncl9BWHk2eE1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC82MWZjYjQtNTU3NC00ZTJlLWIyNTktYWUwNTc5NGM4ZTEz
LzEvYjEzcC1kdTlSaGlGZTFnUVhHZERjZ29Sdkc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBbs4MA0E
AgACMAcDBQAqAUHAMA0GCSqGSIb3DQEBCwUAA4IBAQBSXL+2HPtrrNtE9YwptSCR
qHnL/Nr8EBRdMgTdV+J9/5C8nTZVmKLqjbSbunZW5d3phy+ZvabbFBSmWSJw4w/T
Azlb/XhAARiXEu1WwZwZqYe9tuF2U4IPnQxebowFoB1sTQw5HVDzblZrPhtZMsRB
zrPk65iUU04XqSMNZGA83pskzRIo7FDDTqQTZtU3xS14RTv6F4tgwE/ckgJT2AVf
59gJ0jLaZNQN04gwsE73S5I8C8WW0HK/rjsuUD0hd/8ZKZlabPdmnuJ7SMTzIoFt
EONYS9nlrGwptt8avN0rwiKVBOgbZH1hji9IaWvOkCmlNz7b3Ev3EyJKaHIg+fKr
-----END CERTIFICATE-----
Generated at Tue Nov 26 20:00:13 2024 by rpki-client on console-ams.rpki-client.org