Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/02b357-abf7-408b-8b09-0d59d9d11505/1/5Bt661qfR5rb9KKZqk97lUGYZAw.roa
File: 5Bt661qfR5rb9KKZqk97lUGYZAw.roa (raw, json)
Hash identifier: Gwecprg6ZviqbhmQ/rX9NFsll8ganQl3FvKt2m/ueWY=
Subject key identifier: E4:1B:7A:EB:5A:9F:47:9A:DB:F4:A2:99:AA:4F:7B:95:41:98:64:0C
Certificate issuer: /CN=65fff00136c83f53a38ac3eeac9710a79936b24c
Certificate serial: 018EB431EB0A455F22E209F26D87B77DCB24
Authority key identifier: 65:FF:F0:01:36:C8:3F:53:A3:8A:C3:EE:AC:97:10:A7:99:36:B2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zf_wATbIP1OjisPurJcQp5k2skw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/02b357-abf7-408b-8b09-0d59d9d11505/1/5Bt661qfR5rb9KKZqk97lUGYZAw.roa
Signing time: Sat 06 Apr 2024 16:15:54 +0000
ROA not before: Sat 06 Apr 2024 16:15:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50620
IP address blocks: 109.197.104.0/21 maxlen: 21
193.107.124.0/22 maxlen: 22
2001:67c:2200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/02b357-abf7-408b-8b09-0d59d9d11505/1/Zf_wATbIP1OjisPurJcQp5k2skw.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/02b357-abf7-408b-8b09-0d59d9d11505/1/Zf_wATbIP1OjisPurJcQp5k2skw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zf_wATbIP1OjisPurJcQp5k2skw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b4:31:eb:0a:45:5f:22:e2:09:f2:6d:87:b7:7d:cb:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65fff00136c83f53a38ac3eeac9710a79936b24c
Validity
Not Before: Apr 6 16:15:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e41b7aeb5a9f479adbf4a299aa4f7b954198640c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:c1:9f:5d:e5:ee:00:e7:9f:9a:fe:da:73:2a:
f4:08:8d:c9:15:93:7b:c4:b5:8f:49:e3:4a:ad:8b:
a5:e8:76:85:37:2b:73:58:b5:2e:d3:40:02:51:a0:
01:50:64:3d:dd:f8:36:63:85:fd:56:57:e5:ea:06:
ff:23:7e:40:cf:95:16:5a:6a:a6:26:8e:10:b3:30:
bb:fd:eb:20:54:8f:39:e4:a5:96:04:ec:77:4d:0c:
73:06:06:12:e5:3f:e0:18:1a:d5:71:ac:c5:8b:4e:
c3:bb:b7:9a:34:d1:21:18:c6:5a:cb:87:a4:33:b0:
86:ff:24:ca:4a:d9:53:89:26:90:03:10:a5:bb:6c:
21:83:3d:75:35:61:b9:e7:92:ea:1d:fc:eb:70:3a:
57:95:50:54:ba:79:05:06:d2:46:2c:9b:42:bc:48:
00:aa:cc:05:d0:95:04:c2:b4:b6:b8:8c:2e:79:23:
2d:a1:3a:64:27:04:3d:57:72:c5:56:05:87:e3:26:
8b:6a:61:21:ba:d1:b4:cf:a1:3b:aa:ac:cb:f5:1c:
e3:22:25:ae:b3:9c:e4:c5:24:79:d7:37:87:71:40:
8d:c0:18:de:c8:4b:c5:5a:d4:b4:20:42:e2:b2:c5:
74:ed:bc:9b:c7:98:98:9d:b9:08:61:48:11:a4:05:
2d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1B:7A:EB:5A:9F:47:9A:DB:F4:A2:99:AA:4F:7B:95:41:98:64:0C
X509v3 Authority Key Identifier:
keyid:65:FF:F0:01:36:C8:3F:53:A3:8A:C3:EE:AC:97:10:A7:99:36:B2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zf_wATbIP1OjisPurJcQp5k2skw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/02b357-abf7-408b-8b09-0d59d9d11505/1/5Bt661qfR5rb9KKZqk97lUGYZAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/02b357-abf7-408b-8b09-0d59d9d11505/1/Zf_wATbIP1OjisPurJcQp5k2skw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.104.0/21
193.107.124.0/22
IPv6:
2001:67c:2200::/48
Signature Algorithm: sha256WithRSAEncryption
41:36:6b:51:95:16:6b:00:b1:a7:50:24:d4:f9:f9:5a:84:f7:
ae:71:33:0d:2c:0f:08:2c:c2:f4:05:6e:74:63:f1:90:8d:aa:
51:f7:57:dd:82:92:28:2d:74:a3:04:90:74:6f:70:f7:b4:d4:
3f:c0:c7:4a:3b:66:25:4f:db:9d:c0:3c:03:5e:0d:76:0e:e5:
9d:a3:78:a2:8a:dc:e3:e9:ac:40:c8:95:4d:65:6e:e8:f3:38:
7f:4e:c3:f9:f2:63:6f:b5:73:77:e2:3f:a4:f4:9f:3f:a1:6a:
96:9a:e3:f6:43:03:19:78:12:3f:dd:59:16:41:68:06:2a:0e:
5e:7a:5f:2b:11:c3:cd:4a:86:3f:0a:3e:5d:fc:9e:d4:21:01:
fc:7d:1f:b2:fb:76:40:45:be:4c:b0:b6:a8:46:c7:35:a1:65:
bb:91:72:72:12:ad:a6:ab:56:f9:7c:b3:59:84:46:7e:39:4e:
76:bd:5e:ed:c2:4f:d8:60:15:73:82:3b:70:02:78:e3:39:79:
72:f9:eb:d8:41:a9:21:66:0a:27:3e:0f:61:0b:ff:b9:07:5e:
1c:d4:a5:71:62:ef:4c:e9:af:be:bf:71:e0:ef:2a:e6:53:6f:
be:0a:a1:03:4f:5d:9a:75:86:da:65:31:f7:4f:a1:ab:4f:4f:
aa:29:92:52
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY60MesKRV8i4gnybYe3fcskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZmZmMDAxMzZjODNmNTNhMzhhYzNlZWFjOTcxMGE3OTkz
NmIyNGMwHhcNMjQwNDA2MTYxNTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDFiN2FlYjVhOWY0NzlhZGJmNGEyOTlhYTRmN2I5NTQxOTg2NDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcGfXeXuAOefmv7acyr0CI3JFZN7
xLWPSeNKrYul6HaFNytzWLUu00ACUaABUGQ93fg2Y4X9Vlfl6gb/I35Az5UWWmqm
Jo4QszC7/esgVI855KWWBOx3TQxzBgYS5T/gGBrVcazFi07Du7eaNNEhGMZay4ek
M7CG/yTKStlTiSaQAxClu2whgz11NWG555LqHfzrcDpXlVBUunkFBtJGLJtCvEgA
qswF0JUEwrS2uIwueSMtoTpkJwQ9V3LFVgWH4yaLamEhutG0z6E7qqzL9RzjIiWu
s5zkxSR51zeHcUCNwBjeyEvFWtS0IELissV07bybx5iYnbkIYUgRpAUt7QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOQbeutan0ea2/SimapPe5VBmGQMMB8GA1UdIwQY
MBaAFGX/8AE2yD9To4rD7qyXEKeZNrJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmZfd0FUYklQMU9qaXNQdXJKY1FwNWsyc2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8wMmIzNTctYWJmNy00MDhiLThiMDkt
MGQ1OWQ5ZDExNTA1LzEvNUJ0NjYxcWZSNXJiOUtLWnFrOTdsVUdZWkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8wMmIzNTctYWJmNy00MDhiLThiMDktMGQ1OWQ5ZDExNTA1
LzEvWmZfd0FUYklQMU9qaXNQdXJKY1FwNWsyc2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDbcVoAwQC
wWt8MA8EAgACMAkDBwAgAQZ8IgAwDQYJKoZIhvcNAQELBQADggEBAEE2a1GVFmsA
sadQJNT5+VqE965xMw0sDwgswvQFbnRj8ZCNqlH3V92CkigtdKMEkHRvcPe01D/A
x0o7ZiVP253APANeDXYO5Z2jeKKK3OPprEDIlU1lbujzOH9Ow/nyY2+1c3fiP6T0
nz+hapaa4/ZDAxl4Ej/dWRZBaAYqDl56XysRw81Khj8KPl38ntQhAfx9H7L7dkBF
vkywtqhGxzWhZbuRcnISraarVvl8s1mERn45Tna9Xu3CT9hgFXOCO3ACeOM5eXL5
69hBqSFmCic+D2EL/7kHXhzUpXFi70zpr76/ceDvKuZTb74KoQNPXZp1htplMfdP
oatPT6opklI=
-----END CERTIFICATE-----
Generated at Sun Jun 16 13:47:58 2024 by rpki-client on console-fra.rpki-client.org