Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/hT56JaxrUHJrh6-el9c1EHd8yiE.roa
File: hT56JaxrUHJrh6-el9c1EHd8yiE.roa (raw, json)
Hash identifier: CESkglPRr9mK3MGM7olF6I+qvqPybmfCjf4x0ZQxgl4=
Subject key identifier: 85:3E:7A:25:AC:6B:50:72:6B:87:AF:9E:97:D7:35:10:77:7C:CA:21
Certificate issuer: /CN=c0a233590de586e0c55821c6f6d5732afc841229
Certificate serial: 018FA06852A8F4AF4EF5EDA8C320EC5A4308
Authority key identifier: C0:A2:33:59:0D:E5:86:E0:C5:58:21:C6:F6:D5:73:2A:FC:84:12:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wKIzWQ3lhuDFWCHG9tVzKvyEEik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/hT56JaxrUHJrh6-el9c1EHd8yiE.roa
Signing time: Wed 22 May 2024 13:05:42 +0000
ROA not before: Wed 22 May 2024 13:05:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57630
IP address blocks: 5.152.152.0/23 maxlen: 23
31.12.80.0/22 maxlen: 22
117.55.200.0/23 maxlen: 23
134.65.164.0/22 maxlen: 22
194.179.134.0/23 maxlen: 23
217.11.175.0/24 maxlen: 24
2a02:7e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/wKIzWQ3lhuDFWCHG9tVzKvyEEik.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/wKIzWQ3lhuDFWCHG9tVzKvyEEik.mft
rsync://rpki.ripe.net/repository/DEFAULT/wKIzWQ3lhuDFWCHG9tVzKvyEEik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a0:68:52:a8:f4:af:4e:f5:ed:a8:c3:20:ec:5a:43:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0a233590de586e0c55821c6f6d5732afc841229
Validity
Not Before: May 22 13:05:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=853e7a25ac6b50726b87af9e97d73510777cca21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:fb:4a:a2:35:f5:b8:a4:e7:ff:31:bf:80:a8:
41:67:e3:dd:a0:48:4f:d7:49:f2:03:62:42:cf:7f:
d8:93:ed:cc:2b:33:71:b2:98:e1:2d:b3:d8:2a:10:
31:89:b5:85:15:2f:41:95:20:6e:a3:23:c0:e2:f3:
74:d4:31:21:84:e0:4a:90:5e:88:51:dd:79:bb:b9:
12:a1:cc:27:68:d6:56:59:a7:53:1c:92:d0:9f:f9:
67:53:3b:45:79:56:a8:dc:60:2f:e1:b1:d9:32:10:
80:69:a0:60:15:40:7a:f3:7c:c9:b2:26:6b:a5:65:
db:5a:ae:1e:88:af:3d:1b:77:31:89:b3:32:ae:d3:
ef:d4:80:60:03:f5:02:b6:2f:d0:e5:a0:e4:64:5e:
5c:9f:13:bd:11:e2:96:2c:9c:51:3c:bb:35:6f:42:
90:94:14:9f:c4:e6:95:e0:d9:17:94:aa:03:0c:3f:
f5:f2:9d:48:93:13:b4:d3:96:c9:66:f8:e8:af:e3:
31:80:27:d8:22:51:30:89:b8:b6:a4:3b:fa:c8:88:
d4:fc:fa:73:32:8d:c8:f2:46:e9:cf:ff:52:d6:a0:
00:e7:69:43:e5:bd:7e:82:58:a3:b8:78:0a:14:91:
f6:75:21:d5:09:72:5e:ad:0b:60:9f:0e:9b:01:aa:
9b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3E:7A:25:AC:6B:50:72:6B:87:AF:9E:97:D7:35:10:77:7C:CA:21
X509v3 Authority Key Identifier:
keyid:C0:A2:33:59:0D:E5:86:E0:C5:58:21:C6:F6:D5:73:2A:FC:84:12:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wKIzWQ3lhuDFWCHG9tVzKvyEEik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/hT56JaxrUHJrh6-el9c1EHd8yiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/97b0b7-013d-433e-b538-a84eb411ef8a/1/wKIzWQ3lhuDFWCHG9tVzKvyEEik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.152.152.0/23
31.12.80.0/22
117.55.200.0/23
134.65.164.0/22
194.179.134.0/23
217.11.175.0/24
IPv6:
2a02:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
cf:32:35:83:41:15:81:1e:84:dd:0e:f9:4c:e3:56:68:0d:52:
b8:2a:50:6d:11:ff:bb:cf:c8:2f:0a:22:db:c5:6f:b9:9c:4f:
01:de:c1:b5:61:0f:c4:4c:c4:05:4f:d5:ca:65:56:99:49:45:
e1:c7:b5:7c:f3:da:0e:e9:96:c0:a1:1c:81:da:53:eb:6b:5c:
26:1c:fd:cc:16:e4:a6:c3:5f:53:d2:60:16:f6:f9:ae:e0:90:
89:fa:f5:65:82:db:d8:22:bb:eb:47:af:10:09:d9:c2:0a:9b:
ea:54:22:77:95:95:f8:3d:e3:92:90:a0:d7:ef:bb:83:07:0b:
fa:a7:ed:3f:30:54:43:72:8a:14:19:8d:ac:7a:b5:33:74:8c:
78:a4:49:ec:76:cf:40:4a:42:2b:72:1a:58:52:52:0e:4f:16:
9b:f0:ff:49:d7:f5:2e:52:dc:e7:35:2b:5c:e9:1c:b5:4d:81:
f3:91:f5:8d:15:02:0f:c3:66:ac:36:9f:20:4f:3e:7a:de:d0:
ce:a9:52:f4:29:b5:ce:d5:64:72:15:81:b7:ec:96:a5:a9:8a:
46:4b:2f:c3:f1:33:e8:f1:ae:55:29:1f:e9:a2:a1:25:bd:0c:
fe:a4:c6:27:ba:f4:32:51:14:44:48:56:ef:fa:3e:81:eb:1d:
68:01:7a:cf
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY+gaFKo9K9O9e2owyDsWkMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYTIzMzU5MGRlNTg2ZTBjNTU4MjFjNmY2ZDU3MzJhZmM4
NDEyMjkwHhcNMjQwNTIyMTMwNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTNlN2EyNWFjNmI1MDcyNmI4N2FmOWU5N2Q3MzUxMDc3N2NjYTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+vtKojX1uKTn/zG/gKhBZ+PdoEhP
10nyA2JCz3/Yk+3MKzNxspjhLbPYKhAxibWFFS9BlSBuoyPA4vN01DEhhOBKkF6I
Ud15u7kSocwnaNZWWadTHJLQn/lnUztFeVao3GAv4bHZMhCAaaBgFUB683zJsiZr
pWXbWq4eiK89G3cxibMyrtPv1IBgA/UCti/Q5aDkZF5cnxO9EeKWLJxRPLs1b0KQ
lBSfxOaV4NkXlKoDDD/18p1IkxO005bJZvjor+MxgCfYIlEwibi2pDv6yIjU/Ppz
Mo3I8kbpz/9S1qAA52lD5b1+glijuHgKFJH2dSHVCXJerQtgnw6bAaqbLwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIU+eiWsa1Bya4evnpfXNRB3fMohMB8GA1UdIwQY
MBaAFMCiM1kN5YbgxVghxvbVcyr8hBIpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0tJeldRM2xodURGV0NIRzl0VnpLdnlFRWlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85N2IwYjctMDEzZC00MzNlLWI1Mzgt
YTg0ZWI0MTFlZjhhLzEvaFQ1NkpheHJVSEpyaDYtZWw5YzFFSGQ4eWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy85N2IwYjctMDEzZC00MzNlLWI1MzgtYTg0ZWI0MTFlZjhh
LzEvd0tJeldRM2xodURGV0NIRzl0VnpLdnlFRWlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBBZiYAwQC
HwxQAwQBdTfIAwQChkGkAwQBwrOGAwQA2QuvMA0EAgACMAcDBQMqAn4AMA0GCSqG
SIb3DQEBCwUAA4IBAQDPMjWDQRWBHoTdDvlM41ZoDVK4KlBtEf+7z8gvCiLbxW+5
nE8B3sG1YQ/ETMQFT9XKZVaZSUXhx7V889oO6ZbAoRyB2lPra1wmHP3MFuSmw19T
0mAW9vmu4JCJ+vVlgtvYIrvrR68QCdnCCpvqVCJ3lZX4PeOSkKDX77uDBwv6p+0/
MFRDcooUGY2serUzdIx4pEnsds9ASkIrchpYUlIOTxab8P9J1/UuUtznNStc6Ry1
TYHzkfWNFQIPw2asNp8gTz563tDOqVL0KbXO1WRyFYG37JalqYpGSy/D8TPo8a5V
KR/poqElvQz+pMYnuvQyURRESFbv+j6B6x1oAXrP
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:04 2024 by rpki-client on console-fra.rpki-client.org