Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/rLZGLT8dF0NmUHBTvGTUgLbN5sM.roa
File: rLZGLT8dF0NmUHBTvGTUgLbN5sM.roa (raw, json)
Hash identifier: FnNYUjY1bidLh7OmIvFH5no5YMXIdn7y1I3V1422kAA=
Subject key identifier: AC:B6:46:2D:3F:1D:17:43:66:50:70:53:BC:64:D4:80:B6:CD:E6:C3
Certificate issuer: /CN=5bb1c57055c29d669f289a9f68f392823942132a
Certificate serial: 018CC2DAE5F8D1DA1CF3AF76F231B76A61E0
Authority key identifier: 5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/rLZGLT8dF0NmUHBTvGTUgLbN5sM.roa
Signing time: Mon 01 Jan 2024 02:29:34 +0000
ROA not before: Mon 01 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44084
IP address blocks: 5.253.212.0/23 maxlen: 24
2a09:5dc0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W7HFcFXCnWafKJqfaPOSgjlCEyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W7HFcFXCnWafKJqfaPOSgjlCEyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e5:f8:d1:da:1c:f3:af:76:f2:31:b7:6a:61:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bb1c57055c29d669f289a9f68f392823942132a
Validity
Not Before: Jan 1 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acb6462d3f1d174366507053bc64d480b6cde6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bf:62:12:d7:a6:fb:eb:7f:0f:15:07:d1:01:
98:c3:8a:a5:23:6b:a9:f7:f6:7f:1a:b8:82:74:18:
f5:68:7c:87:14:ed:96:89:a5:6d:4f:5a:33:97:d1:
52:44:00:e1:dc:62:d5:7f:5c:e4:d9:fc:e4:16:1c:
a9:5c:5c:88:df:51:31:9e:9b:80:23:72:8d:21:bd:
3c:58:9f:ef:68:34:88:ff:89:70:28:48:e8:16:fc:
d8:d2:83:c3:43:2f:3d:d1:c7:86:6b:70:f2:8a:90:
8c:5a:90:0d:8b:5e:48:d6:0f:87:4e:5f:41:3f:81:
b2:70:61:df:8c:23:50:e9:0d:03:8b:1c:81:19:be:
4c:86:98:b0:4d:73:4e:8d:2b:18:32:32:b7:90:24:
b5:c3:a5:cf:4f:96:41:96:b8:c6:94:2f:b5:eb:44:
91:d0:62:ab:24:13:62:8f:d6:9f:99:3c:5f:ce:ad:
28:a8:b4:d4:72:70:4c:90:df:5d:d7:85:fa:08:48:
2b:ea:ed:a3:87:fa:da:cf:ce:81:93:4e:7f:ef:19:
da:50:90:a0:bd:f6:24:c7:41:b4:d3:89:ce:0d:86:
da:a6:8f:24:63:a1:0a:fd:43:06:cc:f6:f6:e8:53:
41:71:83:a7:82:f5:86:73:30:85:a9:8f:c6:f8:f6:
8d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B6:46:2D:3F:1D:17:43:66:50:70:53:BC:64:D4:80:B6:CD:E6:C3
X509v3 Authority Key Identifier:
keyid:5B:B1:C5:70:55:C2:9D:66:9F:28:9A:9F:68:F3:92:82:39:42:13:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W7HFcFXCnWafKJqfaPOSgjlCEyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/rLZGLT8dF0NmUHBTvGTUgLbN5sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/822376-808a-465c-a87f-5ceae19f94f9/1/W7HFcFXCnWafKJqfaPOSgjlCEyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.212.0/23
IPv6:
2a09:5dc0::/30
Signature Algorithm: sha256WithRSAEncryption
3e:77:41:2d:03:d8:0e:ff:f5:18:94:03:4d:d8:14:87:96:00:
98:be:a7:25:1e:e0:8e:7d:71:59:48:49:1d:bf:59:b5:de:f8:
31:9c:00:5d:87:fa:4d:40:54:40:6a:72:74:9a:67:cc:31:13:
dc:2d:12:8b:b4:e6:27:d4:ad:63:dd:0b:fe:84:67:b8:16:a4:
8e:5e:10:36:3d:1a:97:53:d9:55:f4:a4:ac:96:cb:70:76:03:
8d:1e:f5:3e:37:b4:cb:bc:51:39:68:a9:7b:22:59:e7:1a:59:
84:74:e6:1c:76:71:5c:a4:56:7f:12:7b:1b:31:5f:24:34:cb:
0b:42:0e:4d:df:90:1b:fa:bd:31:73:57:e9:86:34:ec:d1:b6:
40:5a:18:2b:ab:57:4d:f2:24:49:29:80:8b:8a:81:88:bd:2e:
40:05:0d:c1:0c:9d:12:00:e4:f5:44:3e:76:7a:1a:21:52:a1:
87:08:46:d4:2c:b2:e4:1a:bb:ac:3b:26:0a:9b:39:a8:72:6d:
7c:47:c4:30:45:5a:7f:c2:68:cf:63:e0:17:5a:48:00:1b:cd:
ba:70:dc:00:24:f5:16:7d:fd:89:e9:7b:c5:83:6b:73:09:fa:
d8:51:cd:79:5e:58:d7:fd:f4:da:6a:f5:1c:1b:f1:c2:18:f3:
7b:63:03:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2uX40doc86928jG3amHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYjFjNTcwNTVjMjlkNjY5ZjI4OWE5ZjY4ZjM5MjgyMzk0
MjEzMmEwHhcNMjQwMTAxMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2I2NDYyZDNmMWQxNzQzNjY1MDcwNTNiYzY0ZDQ4MGI2Y2RlNmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo79iEtem++t/DxUH0QGYw4qlI2up
9/Z/GriCdBj1aHyHFO2WiaVtT1ozl9FSRADh3GLVf1zk2fzkFhypXFyI31ExnpuA
I3KNIb08WJ/vaDSI/4lwKEjoFvzY0oPDQy890ceGa3DyipCMWpANi15I1g+HTl9B
P4GycGHfjCNQ6Q0DixyBGb5MhpiwTXNOjSsYMjK3kCS1w6XPT5ZBlrjGlC+160SR
0GKrJBNij9afmTxfzq0oqLTUcnBMkN9d14X6CEgr6u2jh/raz86Bk05/7xnaUJCg
vfYkx0G004nODYbapo8kY6EK/UMGzPb26FNBcYOngvWGczCFqY/G+PaNmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKy2Ri0/HRdDZlBwU7xk1IC2zebDMB8GA1UdIwQY
MBaAFFuxxXBVwp1mnyian2jzkoI5QhMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzdIRmNGWENuV2FmS0pxZmFQT1NnamxDRXlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS84MjIzNzYtODA4YS00NjVjLWE4N2Yt
NWNlYWUxOWY5NGY5LzEvckxaR0xUOGRGME5tVUhCVHZHVFVnTGJONXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS84MjIzNzYtODA4YS00NjVjLWE4N2YtNWNlYWUxOWY5NGY5
LzEvVzdIRmNGWENuV2FmS0pxZmFQT1NnamxDRXlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBBf3UMA0E
AgACMAcDBQIqCV3AMA0GCSqGSIb3DQEBCwUAA4IBAQA+d0EtA9gO//UYlANN2BSH
lgCYvqclHuCOfXFZSEkdv1m13vgxnABdh/pNQFRAanJ0mmfMMRPcLRKLtOYn1K1j
3Qv+hGe4FqSOXhA2PRqXU9lV9KSslstwdgONHvU+N7TLvFE5aKl7IlnnGlmEdOYc
dnFcpFZ/EnsbMV8kNMsLQg5N35Ab+r0xc1fphjTs0bZAWhgrq1dN8iRJKYCLioGI
vS5ABQ3BDJ0SAOT1RD52ehohUqGHCEbULLLkGrusOyYKmzmocm18R8QwRVp/wmjP
Y+AXWkgAG826cNwAJPUWff2J6XvFg2tzCfrYUc15XljX/fTaavUcG/HCGPN7YwMu
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:44:54 2024 by rpki-client on console-ams.rpki-client.org