Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/XUYcUonvHzFgDAUAcCaqbT8i1eg.roa
File: XUYcUonvHzFgDAUAcCaqbT8i1eg.roa (raw, json)
Hash identifier: fe+XDPOlW1TiaDEjxGyPkR5c+xnKkHSCnaVGX6qbFsQ=
Subject key identifier: 5D:46:1C:52:89:EF:1F:31:60:0C:05:00:70:26:AA:6D:3F:22:D5:E8
Certificate issuer: /CN=e5de0de73e73874bbc66738805d373cab833b7a5
Certificate serial: 0193445DACF881AE0A7F6BE73297E5D3760C
Authority key identifier: E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/XUYcUonvHzFgDAUAcCaqbT8i1eg.roa
Signing time: Tue 19 Nov 2024 12:20:09 +0000
ROA not before: Tue 19 Nov 2024 12:20:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.137.156.0/24 maxlen: 24
2a10:a100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:44:5d:ac:f8:81:ae:0a:7f:6b:e7:32:97:e5:d3:76:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5de0de73e73874bbc66738805d373cab833b7a5
Validity
Not Before: Nov 19 12:20:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d461c5289ef1f31600c05007026aa6d3f22d5e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:60:0e:80:f2:fa:b7:e8:c1:5f:1a:5d:42:b6:
9d:a5:9e:ae:bd:ea:f7:d1:c6:2b:31:b8:1b:a4:e0:
3f:67:24:f5:21:1f:6a:2b:15:14:48:b4:02:12:f8:
bc:61:8c:29:a0:2c:9a:e8:18:81:ee:a4:47:54:b4:
0a:3c:b7:ec:86:d6:c9:e6:cb:6e:aa:a6:ee:68:dc:
50:d6:51:02:eb:64:3e:93:89:aa:55:c0:9d:24:82:
36:3a:b0:19:d4:09:f2:cf:14:f0:fd:94:0d:fa:4c:
2f:10:58:51:0e:49:bf:c6:bd:65:be:39:25:14:f5:
30:1b:6a:c6:07:a9:4f:95:6c:86:e5:cd:6b:6d:7a:
de:3e:63:82:fe:83:22:8e:9e:03:56:8c:b9:ad:0a:
fe:81:93:d7:2f:1e:e5:b5:73:51:37:0a:9c:b7:72:
c4:07:5c:7f:89:46:16:37:4f:c2:59:9d:41:ae:2c:
f9:cf:a6:87:b1:3b:d5:11:e4:af:8c:cb:68:33:4c:
44:de:07:7b:e1:ce:69:ce:a3:fc:be:77:29:0e:5c:
85:1c:9a:4e:f9:3d:ae:7a:b1:83:77:bf:db:0d:9d:
23:5a:5c:4e:9c:d7:ea:6d:f6:6b:17:09:45:59:4e:
71:1f:05:ad:f3:05:18:21:a9:ef:45:df:17:9d:0f:
d5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:46:1C:52:89:EF:1F:31:60:0C:05:00:70:26:AA:6D:3F:22:D5:E8
X509v3 Authority Key Identifier:
keyid:E5:DE:0D:E7:3E:73:87:4B:BC:66:73:88:05:D3:73:CA:B8:33:B7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/XUYcUonvHzFgDAUAcCaqbT8i1eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/55b9d7-f703-45fe-8b63-10534c67bbb8/1/5d4N5z5zh0u8ZnOIBdNzyrgzt6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.156.0/24
IPv6:
2a10:a100::/40
Signature Algorithm: sha256WithRSAEncryption
25:b3:4b:fd:3d:07:60:a4:1e:af:25:89:c3:64:11:7b:b3:a8:
c1:88:6e:e6:65:8c:ce:5c:39:0b:c0:e1:9f:93:74:3b:a9:07:
0f:9b:05:8b:88:eb:ae:fa:d2:48:03:08:85:a6:25:cb:92:21:
fe:f1:65:d1:c2:ea:8b:e5:1c:84:8c:8b:c3:0a:3e:42:ac:2b:
eb:1e:3a:1a:b6:70:24:21:aa:89:a2:20:cf:7b:59:92:b2:80:
22:0f:7c:00:55:c6:55:c7:cd:41:2d:b8:40:a9:19:39:38:2a:
a0:8a:1b:32:25:cf:50:9b:94:c9:88:ab:c2:2e:dc:86:d2:e3:
fc:ed:e4:1e:dd:3b:91:10:b0:6b:cb:cc:b4:60:1d:94:53:04:
30:6d:e5:d4:b6:15:a7:c4:01:51:1d:d3:25:16:84:e3:7d:60:
c9:9d:cc:4a:39:b8:ac:6f:84:93:ce:d0:bc:7c:fc:d2:25:21:
66:89:68:29:1c:27:7e:e4:f2:f0:16:c9:28:17:84:df:6a:b9:
8e:88:68:df:2b:76:1e:7d:f7:58:0d:de:15:8c:43:66:40:e5:
82:08:83:f8:62:5a:07:4b:41:c2:97:0d:a2:ab:fb:ec:67:a7:
3f:10:b1:e0:16:9a:de:9d:58:0a:5d:54:34:ec:58:c6:1a:c5:
8b:ea:ea:0f
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZNEXaz4ga4Kf2vnMpfl03YMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZGUwZGU3M2U3Mzg3NGJiYzY2NzM4ODA1ZDM3M2NhYjgz
M2I3YTUwHhcNMjQxMTE5MTIyMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQ2MWM1Mjg5ZWYxZjMxNjAwYzA1MDA3MDI2YWE2ZDNmMjJkNWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02AOgPL6t+jBXxpdQradpZ6uver3
0cYrMbgbpOA/ZyT1IR9qKxUUSLQCEvi8YYwpoCya6BiB7qRHVLQKPLfshtbJ5stu
qqbuaNxQ1lEC62Q+k4mqVcCdJII2OrAZ1AnyzxTw/ZQN+kwvEFhRDkm/xr1lvjkl
FPUwG2rGB6lPlWyG5c1rbXrePmOC/oMijp4DVoy5rQr+gZPXLx7ltXNRNwqct3LE
B1x/iUYWN0/CWZ1Briz5z6aHsTvVEeSvjMtoM0xE3gd74c5pzqP8vncpDlyFHJpO
+T2uerGDd7/bDZ0jWlxOnNfqbfZrFwlFWU5xHwWt8wUYIanvRd8XnQ/VCwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF1GHFKJ7x8xYAwFAHAmqm0/ItXoMB8GA1UdIwQY
MBaAFOXeDec+c4dLvGZziAXTc8q4M7elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMt
MTA1MzRjNjdiYmI4LzEvWFVZY1VvbnZIekZnREFVQWNDYXFiVDhpMWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81NWI5ZDctZjcwMy00NWZlLThiNjMtMTA1MzRjNjdiYmI4
LzEvNWQ0TjV6NXpoMHU4Wm5PSUJkTnp5cmd6dDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuYmcMA4E
AgACMAgDBgAqEKEAADANBgkqhkiG9w0BAQsFAAOCAQEAJbNL/T0HYKQeryWJw2QR
e7OowYhu5mWMzlw5C8Dhn5N0O6kHD5sFi4jrrvrSSAMIhaYly5Ih/vFl0cLqi+Uc
hIyLwwo+Qqwr6x46GrZwJCGqiaIgz3tZkrKAIg98AFXGVcfNQS24QKkZOTgqoIob
MiXPUJuUyYirwi7chtLj/O3kHt07kRCwa8vMtGAdlFMEMG3l1LYVp8QBUR3TJRaE
431gyZ3MSjm4rG+Ek87QvHz80iUhZoloKRwnfuTy8BbJKBeE32q5joho3yt2Hn33
WA3eFYxDZkDlggiD+GJaB0tBwpcNoqv77GenPxCx4Baa3p1YCl1UNOxYxhrFi+rq
Dw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:27:27 2024 by rpki-client on console-ams.rpki-client.org