Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Xo8yQKafdeSC5Tw2_3L8XC0DGYM.roa
File: Xo8yQKafdeSC5Tw2_3L8XC0DGYM.roa (raw, json)
Hash identifier: s05mP7z8edhZXz+Y4NC7pxyNuI9paTqfo73/o4ORik8=
Subject key identifier: 5E:8F:32:40:A6:9F:75:E4:82:E5:3C:36:FF:72:FC:5C:2D:03:19:83
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 018CC86F71DD3F27C49DD95D769F1BCBC420
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Xo8yQKafdeSC5Tw2_3L8XC0DGYM.roa
Signing time: Tue 02 Jan 2024 04:29:55 +0000
ROA not before: Tue 02 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206433
IP address blocks: 57.190.0.0/20 maxlen: 20
57.190.0.0/19 maxlen: 19
57.190.16.0/24 maxlen: 24
57.190.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:71:dd:3f:27:c4:9d:d9:5d:76:9f:1b:cb:c4:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jan 2 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e8f3240a69f75e482e53c36ff72fc5c2d031983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ad:1b:4e:2e:0c:79:44:51:4d:d8:e3:b5:22:
8f:95:b3:64:c2:7f:61:8c:0f:c5:fe:ee:3d:25:31:
8f:0e:dd:93:41:3d:9d:dc:8b:ff:ef:1d:0d:f1:83:
87:d4:f4:3c:96:63:21:62:61:70:ed:9f:72:2e:aa:
2c:95:f7:68:67:ed:49:a0:1c:98:9d:37:f3:e7:40:
88:ea:24:48:f6:90:6a:60:46:d4:60:1d:14:bc:f2:
d9:ce:cb:48:06:a0:23:fc:bf:1b:81:2a:a6:2b:ee:
a7:e5:4c:bb:d3:fc:bd:3d:0b:5c:01:98:80:51:67:
4c:40:e9:12:6c:a8:d5:aa:6e:c0:cb:e1:43:0c:d2:
da:d6:e2:11:88:d1:f8:5d:a5:17:63:cb:f2:31:7e:
44:30:6f:b5:1e:95:d1:c2:03:33:4c:f5:2c:06:bf:
69:f3:9c:28:7c:8a:58:1d:17:98:88:18:6a:79:2d:
bc:77:0f:f7:2c:8f:e0:b6:47:8f:f1:08:3d:b8:c6:
e7:31:73:08:90:20:0e:f2:ea:50:54:aa:66:2f:6c:
c4:f1:67:45:9f:71:a0:76:e6:9c:8a:92:90:36:de:
fe:56:f6:0a:ce:af:71:06:e2:65:f6:5d:15:83:37:
86:a3:72:40:2a:db:ea:d0:15:46:9e:e5:10:01:1f:
ea:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:8F:32:40:A6:9F:75:E4:82:E5:3C:36:FF:72:FC:5C:2D:03:19:83
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Xo8yQKafdeSC5Tw2_3L8XC0DGYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.190.0.0/19
Signature Algorithm: sha256WithRSAEncryption
98:28:99:9c:14:7b:4a:2d:96:80:09:39:8d:43:bc:a9:d4:d1:
9d:6b:a8:df:4f:8b:86:24:34:19:c9:6c:69:f2:12:f7:90:6c:
ab:cc:56:f2:02:73:3a:35:ae:72:24:00:3b:12:48:f5:41:c8:
13:7f:e2:08:84:98:53:34:02:1b:5f:1f:b2:fb:f0:a4:9a:18:
b0:74:56:03:ea:1c:e9:57:b7:55:35:d3:2a:60:16:d5:e0:87:
92:2f:9d:3e:d4:7c:57:ce:97:b4:28:7b:35:47:95:8c:be:75:
e3:5a:91:9d:5e:9b:4f:9d:8d:a1:2b:06:67:ae:b3:e7:a5:f3:
ca:4f:29:ca:0b:32:0e:c0:38:70:9b:e5:23:ed:8d:51:41:1a:
89:10:05:9b:26:d2:ad:e4:6c:c9:ab:ec:e5:d1:e4:dc:57:de:
2b:55:4e:5b:8e:30:d8:88:99:e3:52:04:1a:8d:1b:08:fa:56:
d8:cf:6a:aa:49:10:5a:0d:8a:85:cd:cd:38:56:49:77:0a:4f:
0f:58:f2:2d:30:2f:de:16:66:de:54:5e:53:51:78:14:2c:5a:
17:c7:1f:27:54:c4:00:33:10:56:a4:c4:4e:ba:91:4a:24:e4:
92:0a:60:75:18:6c:05:be:9c:ca:47:76:07:72:51:93:db:53:
60:5e:fb:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb3HdPyfEndlddp8by8QgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjQwMTAyMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZThmMzI0MGE2OWY3NWU0ODJlNTNjMzZmZjcyZmM1YzJkMDMxOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq0bTi4MeURRTdjjtSKPlbNkwn9h
jA/F/u49JTGPDt2TQT2d3Iv/7x0N8YOH1PQ8lmMhYmFw7Z9yLqoslfdoZ+1JoByY
nTfz50CI6iRI9pBqYEbUYB0UvPLZzstIBqAj/L8bgSqmK+6n5Uy70/y9PQtcAZiA
UWdMQOkSbKjVqm7Ay+FDDNLa1uIRiNH4XaUXY8vyMX5EMG+1HpXRwgMzTPUsBr9p
85wofIpYHReYiBhqeS28dw/3LI/gtkeP8Qg9uMbnMXMIkCAO8upQVKpmL2zE8WdF
n3GgduacipKQNt7+VvYKzq9xBuJl9l0VgzeGo3JAKtvq0BVGnuUQAR/qhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF6PMkCmn3XkguU8Nv9y/FwtAxmDMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvWG84eVFLYWZkZVNDNVR3Ml8zTDhYQzBER1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFOb4AMA0G
CSqGSIb3DQEBCwUAA4IBAQCYKJmcFHtKLZaACTmNQ7yp1NGda6jfT4uGJDQZyWxp
8hL3kGyrzFbyAnM6Na5yJAA7Ekj1QcgTf+IIhJhTNAIbXx+y+/CkmhiwdFYD6hzp
V7dVNdMqYBbV4IeSL50+1HxXzpe0KHs1R5WMvnXjWpGdXptPnY2hKwZnrrPnpfPK
TynKCzIOwDhwm+Uj7Y1RQRqJEAWbJtKt5GzJq+zl0eTcV94rVU5bjjDYiJnjUgQa
jRsI+lbYz2qqSRBaDYqFzc04Vkl3Ck8PWPItMC/eFmbeVF5TUXgULFoXxx8nVMQA
MxBWpMROupFKJOSSCmB1GGwFvpzKR3YHclGT21NgXvv/
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:55:15 2024 by rpki-client on console-ams.rpki-client.org