Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/5yLA-3E75mxZ6L39i4BU-pLzy7E.roa
File: 5yLA-3E75mxZ6L39i4BU-pLzy7E.roa (raw, json)
Hash identifier: +x4tLUzRfMhOOijhO4xbor2VoZt00YijzQROIpmNE9U=
Subject key identifier: E7:22:C0:FB:71:3B:E6:6C:59:E8:BD:FD:8B:80:54:FA:92:F3:CB:B1
Certificate issuer: /CN=b5344218a4880b500c033321e76bd78b4f3c1658
Certificate serial: 018EAEE347DDB80643DC9CF80743710C5B29
Authority key identifier: B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/5yLA-3E75mxZ6L39i4BU-pLzy7E.roa
Signing time: Fri 05 Apr 2024 15:31:54 +0000
ROA not before: Fri 05 Apr 2024 15:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34615
IP address blocks: 192.109.30.0/24 maxlen: 24
192.109.37.0/24 maxlen: 24
192.109.38.0/24 maxlen: 24
2a0f:6c40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.mft
rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 06:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:e3:47:dd:b8:06:43:dc:9c:f8:07:43:71:0c:5b:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5344218a4880b500c033321e76bd78b4f3c1658
Validity
Not Before: Apr 5 15:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e722c0fb713be66c59e8bdfd8b8054fa92f3cbb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:79:81:64:ab:fd:96:d5:36:11:e0:be:68:1c:
59:d4:80:1d:e6:b5:b0:b8:81:d5:b6:e3:a3:7b:ab:
4c:e4:21:ae:d8:4b:36:c3:95:1d:97:61:1a:33:fe:
09:4a:62:41:a2:ea:d4:d3:4e:74:dc:29:69:3e:72:
74:ec:48:1a:1b:69:f4:53:fc:3b:b3:e4:5c:58:55:
6c:d7:fb:f5:e9:93:a9:55:a7:7e:7e:59:67:11:b6:
b0:37:5d:a0:50:43:4e:d1:b3:bb:fe:c9:ca:6d:9f:
70:f8:96:b6:0e:63:a1:53:4d:12:82:08:74:6b:f3:
99:27:c1:58:e2:d2:22:ce:51:15:bd:38:5a:f3:c8:
0b:ad:ec:94:8b:d5:3e:14:58:86:d9:3e:76:e9:47:
66:a2:3a:07:d2:7a:73:57:8f:82:e1:1a:0d:0d:05:
4f:f4:20:2a:3a:bb:cc:71:de:ef:a3:bc:0a:b4:2a:
b5:f5:1b:ae:a4:36:22:94:9a:ee:20:d8:98:e1:ad:
20:6e:fa:57:29:36:e2:1a:77:bb:c1:7e:b6:d9:7e:
8a:9d:15:3e:b1:c6:27:03:38:63:1b:45:61:d7:98:
9a:fc:aa:f0:27:5a:04:28:0a:ac:53:53:86:66:1f:
11:71:de:58:51:96:5b:7b:a6:99:4e:17:0f:29:6b:
9f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:22:C0:FB:71:3B:E6:6C:59:E8:BD:FD:8B:80:54:FA:92:F3:CB:B1
X509v3 Authority Key Identifier:
keyid:B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/5yLA-3E75mxZ6L39i4BU-pLzy7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.30.0/24
192.109.37.0-192.109.38.255
IPv6:
2a0f:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
48:a4:01:f8:71:b3:5a:6b:77:2a:2f:59:f6:cc:13:f3:b3:a1:
04:c8:98:f4:e7:db:87:c4:1b:a9:31:21:71:99:2d:10:a8:70:
21:e1:9e:7e:d4:0b:ae:dd:94:c7:1a:fb:b8:a7:b3:8b:b2:55:
25:35:3b:ee:89:d7:c8:0b:0f:bd:53:3a:09:34:b2:f7:ab:65:
29:e1:49:96:45:0e:cc:41:6f:fe:78:05:58:07:cc:c7:1f:3d:
d4:16:86:09:1c:95:6b:75:34:a3:fb:31:e1:37:f7:b3:2f:74:
92:6c:c5:69:5b:43:d3:2a:f9:21:98:25:76:e1:97:05:3d:9f:
a1:36:c3:bf:12:6d:41:66:5c:47:00:eb:1d:65:9f:07:ae:25:
47:b2:8d:70:67:1d:9b:a7:ca:e3:5b:9b:ed:12:da:26:99:a8:
ea:71:74:5f:87:71:69:5d:fa:c4:1a:a9:90:d6:0d:fa:11:a4:
92:73:b6:da:20:38:c0:fe:75:23:87:7e:c4:f1:42:5b:65:db:
14:51:08:98:4e:a4:35:5f:f0:95:08:8f:49:63:f1:cd:da:f5:
22:32:af:c6:70:33:74:70:59:73:65:83:16:2f:a5:d1:08:75:
57:0c:25:c3:a7:f3:c1:c3:70:ed:45:c9:cf:b4:8a:d9:2e:35:
05:df:7d:0f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY6u40fduAZD3Jz4B0NxDFspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzQ0MjE4YTQ4ODBiNTAwYzAzMzMyMWU3NmJkNzhiNGYz
YzE2NTgwHhcNMjQwNDA1MTUzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzIyYzBmYjcxM2JlNjZjNTllOGJkZmQ4YjgwNTRmYTkyZjNjYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3mBZKv9ltU2EeC+aBxZ1IAd5rWw
uIHVtuOje6tM5CGu2Es2w5Udl2EaM/4JSmJBourU00503ClpPnJ07EgaG2n0U/w7
s+RcWFVs1/v16ZOpVad+fllnEbawN12gUENO0bO7/snKbZ9w+Ja2DmOhU00Sggh0
a/OZJ8FY4tIizlEVvTha88gLreyUi9U+FFiG2T526UdmojoH0npzV4+C4RoNDQVP
9CAqOrvMcd7vo7wKtCq19RuupDYilJruINiY4a0gbvpXKTbiGne7wX622X6KnRU+
scYnAzhjG0Vh15ia/KrwJ1oEKAqsU1OGZh8Rcd5YUZZbe6aZThcPKWuf0wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOciwPtxO+ZsWei9/YuAVPqS88uxMB8GA1UdIwQY
MBaAFLU0QhikiAtQDAMzIedr14tPPBZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQt
Y2ZhYjEwZDMwNjkzLzEvNXlMQS0zRTc1bXhaNkwzOWk0QlUtcEx6eTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQtY2ZhYjEwZDMwNjkz
LzEvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAwG0eMAwD
BADAbSUDBADAbSYwDQQCAAIwBwMFAyoPbEAwDQYJKoZIhvcNAQELBQADggEBAEik
Afhxs1prdyovWfbME/OzoQTImPTn24fEG6kxIXGZLRCocCHhnn7UC67dlMca+7in
s4uyVSU1O+6J18gLD71TOgk0sverZSnhSZZFDsxBb/54BVgHzMcfPdQWhgkclWt1
NKP7MeE397MvdJJsxWlbQ9Mq+SGYJXbhlwU9n6E2w78SbUFmXEcA6x1lnweuJUey
jXBnHZunyuNbm+0S2iaZqOpxdF+HcWld+sQaqZDWDfoRpJJzttogOMD+dSOHfsTx
Qltl2xRRCJhOpDVf8JUIj0lj8c3a9SIyr8ZwM3RwWXNlgxYvpdEIdVcMJcOn88HD
cO1Fyc+0itkuNQXffQ8=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:11:41 2024 by rpki-client on console-ams.rpki-client.org