Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/99qWPUL_82E6cRmXQyd-PXKLR7w.roa
File: 99qWPUL_82E6cRmXQyd-PXKLR7w.roa (raw, json)
Hash identifier: h716kbN54VFu845Ep0/KgpG1ZUdyhdzQp9rh7G1yvqc=
Subject key identifier: F7:DA:96:3D:42:FF:F3:61:3A:71:19:97:43:27:7E:3D:72:8B:47:BC
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 018E9E8C18374DEACE49FCB1042DE9274F4B
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/99qWPUL_82E6cRmXQyd-PXKLR7w.roa
Signing time: Tue 02 Apr 2024 11:22:45 +0000
ROA not before: Tue 02 Apr 2024 11:22:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204963
IP address blocks: 5.255.84.0/24 maxlen: 24
5.255.89.0/24 maxlen: 24
2a00:1ca8:84::/48 maxlen: 48
2a00:1ca8:89::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:8c:18:37:4d:ea:ce:49:fc:b1:04:2d:e9:27:4f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Apr 2 11:22:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7da963d42fff3613a71199743277e3d728b47bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:42:d2:eb:d3:e9:88:2f:f4:0b:e7:45:00:b0:
79:5f:90:fb:c9:ac:e4:a6:db:d8:cb:a3:c1:1c:97:
6f:ad:e1:a7:e0:e8:a3:81:fe:82:d5:e1:00:df:90:
7c:a4:0a:46:55:1e:e2:30:b6:e6:db:c7:d6:50:18:
b8:72:54:af:c8:67:23:46:23:f8:92:db:63:07:d4:
5d:c3:5a:ed:42:83:c5:c7:9f:a5:04:9d:1c:ca:3e:
92:1a:60:cb:d1:02:ff:28:dc:85:77:23:e1:d0:4e:
3b:15:c3:2a:37:00:66:31:74:14:82:36:82:43:97:
c2:8a:a3:98:d8:51:50:d2:23:9d:43:7c:cf:84:42:
26:21:eb:b6:81:c4:38:19:7c:82:17:c9:6f:55:e0:
7a:36:d3:0c:22:91:b3:a1:fb:9d:e7:c8:d3:1a:e7:
f3:40:e9:d1:7d:75:08:1e:e4:e7:c4:e1:6d:02:ef:
6a:38:be:94:f0:d4:dc:e4:16:ca:42:80:d3:1a:66:
f3:60:ff:82:9c:b4:21:2b:4f:77:30:e4:a6:4f:e0:
35:08:6b:2e:68:e5:20:e1:be:9e:de:d5:92:7c:04:
26:e4:4e:48:69:2a:10:7f:18:b3:bb:7d:f0:a7:af:
f5:69:5c:48:c0:3e:a6:66:b3:cd:50:60:ae:5a:23:
ac:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:DA:96:3D:42:FF:F3:61:3A:71:19:97:43:27:7E:3D:72:8B:47:BC
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/99qWPUL_82E6cRmXQyd-PXKLR7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.84.0/24
5.255.89.0/24
IPv6:
2a00:1ca8:84::/48
2a00:1ca8:89::/48
Signature Algorithm: sha256WithRSAEncryption
3a:fa:7a:97:dc:24:48:05:d4:97:e3:86:fd:e8:40:9d:ca:39:
4d:b2:b2:47:79:25:ef:ff:a9:66:22:17:6d:94:b6:fa:a6:30:
b7:36:a3:3a:52:96:3e:04:83:8d:73:18:b9:94:a4:18:e4:df:
6d:be:26:d9:43:25:de:54:e5:fa:03:d8:0d:10:e8:c3:22:09:
4b:cb:e5:ab:d4:e4:92:76:38:e9:96:6f:0e:7b:f7:a0:70:3b:
f5:c5:29:7a:3f:d4:eb:83:93:41:87:35:66:c5:c5:0a:49:72:
c9:b5:cf:e4:af:90:e3:2b:c3:fa:b3:a0:26:bf:96:bc:a3:76:
85:0b:01:8e:63:e0:87:34:de:f9:d7:9d:90:61:1e:f9:b9:8e:
d5:ea:be:f1:73:e9:36:4f:35:cd:c8:9b:8b:01:19:a6:4c:71:
94:ec:80:ca:aa:a7:33:a8:1e:7b:54:d2:f8:74:81:a8:35:0d:
4e:18:dc:df:03:01:42:06:53:51:12:28:b8:1f:b4:ec:d6:95:
5c:af:dc:97:4e:64:81:23:d5:dd:33:c6:a6:7d:2e:20:ab:fe:
b2:73:ee:15:bd:72:04:1c:00:cf:db:7d:d4:80:87:c0:2d:33:
8c:ce:a0:32:f5:b2:df:f0:03:b6:6f:b6:3d:41:25:b0:80:96:
58:ba:bc:10
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY6ejBg3TerOSfyxBC3pJ09LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2MzExNjZkZTc4NWEzNTMxYmRjODM2MWYxMTkwYTgzNjlh
N2VkNmEwHhcNMjQwNDAyMTEyMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2RhOTYzZDQyZmZmMzYxM2E3MTE5OTc0MzI3N2UzZDcyOGI0N2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0LS69PpiC/0C+dFALB5X5D7yazk
ptvYy6PBHJdvreGn4Oijgf6C1eEA35B8pApGVR7iMLbm28fWUBi4clSvyGcjRiP4
kttjB9Rdw1rtQoPFx5+lBJ0cyj6SGmDL0QL/KNyFdyPh0E47FcMqNwBmMXQUgjaC
Q5fCiqOY2FFQ0iOdQ3zPhEImIeu2gcQ4GXyCF8lvVeB6NtMMIpGzofud58jTGufz
QOnRfXUIHuTnxOFtAu9qOL6U8NTc5BbKQoDTGmbzYP+CnLQhK093MOSmT+A1CGsu
aOUg4b6e3tWSfAQm5E5IaSoQfxizu33wp6/1aVxIwD6mZrPNUGCuWiOsKwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPfalj1C//NhOnEZl0Mnfj1yi0e8MB8GA1UdIwQY
MBaAFCYxFm3nhaNTG9yDYfEZCoNpp+1qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUt
Yjg5YTI2MTk5OTc2LzEvOTlxV1BVTF84MkU2Y1JtWFF5ZC1QWEtMUjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9mYjAxNTctNjc0Ni00YjAwLThmOGUtYjg5YTI2MTk5OTc2
LzEvSmpFV2JlZUZvMU1iM0lOaDhSa0tnMm1uN1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQABf9UAwQA
Bf9ZMBgEAgACMBIDBwAqAByoAIQDBwAqAByoAIkwDQYJKoZIhvcNAQELBQADggEB
ADr6epfcJEgF1Jfjhv3oQJ3KOU2yskd5Je//qWYiF22UtvqmMLc2ozpSlj4Eg41z
GLmUpBjk322+JtlDJd5U5foD2A0Q6MMiCUvL5avU5JJ2OOmWbw5796BwO/XFKXo/
1OuDk0GHNWbFxQpJcsm1z+SvkOMrw/qzoCa/lryjdoULAY5j4Ic03vnXnZBhHvm5
jtXqvvFz6TZPNc3Im4sBGaZMcZTsgMqqpzOoHntU0vh0gag1DU4Y3N8DAUIGU1ES
KLgftOzWlVyv3JdOZIEj1d0zxqZ9LiCr/rJz7hW9cgQcAM/bfdSAh8AtM4zOoDL1
st/wA7Zvtj1BJbCAlli6vBA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:24 2024 by rpki-client on console-fra.rpki-client.org