Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/F7CQdriO4AQSvGw-jV6JVg5tqy4.roa
File: F7CQdriO4AQSvGw-jV6JVg5tqy4.roa (raw, json)
Hash identifier: 2FOrwS4sRdUMvFqL+1gUboGg84rY0oxJG0k7fDTLDh4=
Subject key identifier: 17:B0:90:76:B8:8E:E0:04:12:BC:6C:3E:8D:5E:89:56:0E:6D:AB:2E
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018DEA894CA72AF5BDCB3C1321DD294CB173
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/F7CQdriO4AQSvGw-jV6JVg5tqy4.roa
Signing time: Tue 27 Feb 2024 12:28:03 +0000
ROA not before: Tue 27 Feb 2024 12:28:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 5.180.234.0/24 maxlen: 24
2a06:e5c0::/29 maxlen: 48
2a09:96c0::/29 maxlen: 48
2a09:ae80::/29 maxlen: 48
2a09:b440::/48 maxlen: 48
2a13:4bc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:89:4c:a7:2a:f5:bd:cb:3c:13:21:dd:29:4c:b1:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 27 12:28:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17b09076b88ee00412bc6c3e8d5e89560e6dab2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:60:94:f5:9a:4c:7b:1d:7f:0e:6b:89:b9:e8:
fd:8b:d7:d8:1d:c1:5b:4e:75:49:a9:ee:41:b6:13:
28:0c:bb:fc:c7:64:86:c7:ec:f6:c2:cc:ff:f4:e5:
1d:73:c5:71:49:e2:cf:63:7c:83:7f:ac:d0:3d:71:
41:d5:d5:f9:ce:7e:78:cd:d6:80:63:d0:41:82:7d:
cd:97:bf:5d:65:d6:fc:09:33:a4:23:15:96:b2:78:
bd:67:9e:6c:b7:e8:5b:68:19:28:1b:3f:0b:d4:c9:
08:b8:6a:0a:ca:b5:0e:a5:e6:40:14:6d:f0:ed:fb:
37:f0:f5:8e:be:e9:51:e0:88:ae:72:d4:ee:e1:64:
e4:9f:9a:05:80:7d:6f:e7:fa:ba:62:8f:98:26:60:
f0:c8:68:5e:53:d4:ed:8f:32:16:bc:0d:5e:ec:42:
c5:39:f8:a3:0b:34:a5:35:78:69:4d:32:f6:8b:00:
d2:2f:39:df:0a:d9:6a:7b:52:20:7e:79:42:7a:ed:
0d:4e:95:92:a3:c5:d2:93:5c:5d:28:ad:80:d2:54:
5b:c6:6f:79:34:7e:7b:44:82:aa:08:51:70:29:f0:
50:d5:39:3c:51:0f:d1:46:a5:6f:da:a1:9f:d7:85:
b6:33:34:d3:30:43:98:31:a6:c6:2a:53:2d:52:c1:
ee:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:B0:90:76:B8:8E:E0:04:12:BC:6C:3E:8D:5E:89:56:0E:6D:AB:2E
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/F7CQdriO4AQSvGw-jV6JVg5tqy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.234.0/24
IPv6:
2a06:e5c0::/29
2a09:96c0::/29
2a09:ae80::/29
2a09:b440::/48
2a13:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
83:46:25:bf:1c:fd:b6:03:69:b1:8a:a4:cb:09:ad:08:53:1b:
66:ae:4c:24:12:b4:33:00:cf:5f:8f:f7:45:1d:d1:2a:30:b6:
31:01:39:49:95:26:b5:ee:97:3f:16:7b:4c:d1:db:fb:8d:6e:
5a:3b:c2:09:1e:3e:cc:93:fe:b1:59:a4:80:3b:8f:b3:67:b7:
c2:6e:de:30:af:d0:08:fc:76:48:b5:52:46:21:6c:24:36:9f:
a1:ca:d8:16:56:f2:06:97:c7:7e:c2:06:ef:95:75:10:f1:73:
42:5a:8f:03:a4:89:25:26:6f:d0:72:d3:93:07:96:7d:c8:48:
1c:e6:94:df:5b:74:c9:2c:3c:ab:44:dd:a8:d0:c6:33:6d:67:
f7:a6:f6:29:e4:79:34:29:af:db:b1:33:71:a2:2c:e5:a3:45:
66:ee:d2:a7:af:93:e6:a3:39:25:60:20:63:32:33:74:53:83:
17:59:14:c7:eb:73:47:ac:f7:04:e9:a9:3d:d4:53:a7:bf:d6:
f3:92:0a:6c:23:a5:f6:8f:73:34:b9:39:25:cd:9a:8f:82:7e:
3e:a7:87:a7:65:3c:f9:99:14:2d:6d:a6:e0:ac:47:19:3c:c0:
a2:d7:64:37:12:62:49:ac:16:18:a9:0d:3f:10:56:a6:ef:4a:
52:e2:a3:4c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAY3qiUynKvW9yzwTId0pTLFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMjI3MTIyODAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2IwOTA3NmI4OGVlMDA0MTJiYzZjM2U4ZDVlODk1NjBlNmRhYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mCU9ZpMex1/DmuJuej9i9fYHcFb
TnVJqe5BthMoDLv8x2SGx+z2wsz/9OUdc8VxSeLPY3yDf6zQPXFB1dX5zn54zdaA
Y9BBgn3Nl79dZdb8CTOkIxWWsni9Z55st+hbaBkoGz8L1MkIuGoKyrUOpeZAFG3w
7fs38PWOvulR4IiuctTu4WTkn5oFgH1v5/q6Yo+YJmDwyGheU9TtjzIWvA1e7ELF
OfijCzSlNXhpTTL2iwDSLznfCtlqe1IgfnlCeu0NTpWSo8XSk1xdKK2A0lRbxm95
NH57RIKqCFFwKfBQ1Tk8UQ/RRqVv2qGf14W2MzTTMEOYMabGKlMtUsHuvQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFBewkHa4juAEErxsPo1eiVYObasuMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvRjdDUWRyaU80QVFTdkd3LWpWNkpWZzV0cXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAMBAIAATAGAwQABbTqMCsE
AgACMCUDBQMqBuXAAwUDKgmWwAMFAyoJroADBwAqCbRAAAADBQMqE0vAMA0GCSqG
SIb3DQEBCwUAA4IBAQCDRiW/HP22A2mxiqTLCa0IUxtmrkwkErQzAM9fj/dFHdEq
MLYxATlJlSa17pc/FntM0dv7jW5aO8IJHj7Mk/6xWaSAO4+zZ7fCbt4wr9AI/HZI
tVJGIWwkNp+hytgWVvIGl8d+wgbvlXUQ8XNCWo8DpIklJm/QctOTB5Z9yEgc5pTf
W3TJLDyrRN2o0MYzbWf3pvYp5Hk0Ka/bsTNxoizlo0Vm7tKnr5PmozklYCBjMjN0
U4MXWRTH63NHrPcE6ak91FOnv9bzkgpsI6X2j3M0uTklzZqPgn4+p4enZTz5mRQt
babgrEcZPMCi12Q3EmJJrBYYqQ0/EFam70pS4qNM
-----END CERTIFICATE-----
Generated at Mon May 6 13:41:41 2024 by rpki-client on console-ams.rpki-client.org