Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5ELd4_NlRowNtHaIESAPUWgkF1E.roa
File: 5ELd4_NlRowNtHaIESAPUWgkF1E.roa (raw, json)
Hash identifier: hGDKiJx+cdpI7/AYqSwBIg0pne35S3xdf1clkD84dbA=
Subject key identifier: E4:42:DD:E3:F3:65:46:8C:0D:B4:76:88:11:20:0F:51:68:24:17:51
Certificate issuer: /CN=e541a4c152b5f786d623d85c41465299cdda3389
Certificate serial: 018CC7257A2FBAD4CCE4DDFA9088B371F4EE
Authority key identifier: E5:41:A4:C1:52:B5:F7:86:D6:23:D8:5C:41:46:52:99:CD:DA:33:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5ELd4_NlRowNtHaIESAPUWgkF1E.roa
Signing time: Mon 01 Jan 2024 22:29:31 +0000
ROA not before: Mon 01 Jan 2024 22:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60955
IP address blocks: 31.172.112.0/23 maxlen: 23
31.172.112.0/20 maxlen: 20
31.172.114.0/24 maxlen: 24
31.172.115.0/24 maxlen: 24
31.172.116.0/22 maxlen: 22
185.22.220.0/22 maxlen: 24
193.192.40.0/23 maxlen: 23
2a04:2200::/29 maxlen: 29
2a04:2201::/32 maxlen: 32
2a04:2200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:7a:2f:ba:d4:cc:e4:dd:fa:90:88:b3:71:f4:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e541a4c152b5f786d623d85c41465299cdda3389
Validity
Not Before: Jan 1 22:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e442dde3f365468c0db4768811200f5168241751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1e:6d:63:77:47:cd:da:f3:aa:80:b7:c7:9f:
96:e4:f0:c0:31:ea:fb:9e:a9:7d:07:07:a8:2b:2d:
73:b6:fc:10:40:bb:67:ec:3c:9e:27:87:43:08:49:
f0:84:06:92:af:d2:87:0d:01:54:c6:75:f6:aa:4e:
7f:64:20:58:3a:2a:ba:aa:44:30:64:ed:56:0d:8f:
a2:a5:c4:e0:e6:48:fe:d0:7d:19:8f:fd:76:ae:75:
ba:ed:e1:52:6f:10:67:9f:f1:09:92:ef:ba:c1:02:
8b:6f:94:31:e2:0e:74:b1:3f:a2:9b:5f:af:a9:0b:
7b:e9:2b:4f:3f:2c:53:24:6a:04:d6:f0:24:21:a6:
59:c4:ad:dc:06:72:49:18:9b:95:4d:6e:70:eb:0b:
4d:e0:ab:55:6c:b4:c8:26:bf:42:35:62:55:b9:9e:
9d:8b:68:c1:9a:30:09:92:e0:55:0c:54:de:71:18:
40:e2:bc:6c:64:78:88:4a:d1:45:77:f0:1d:0c:f0:
79:42:81:68:3c:58:14:4e:1e:93:eb:75:3d:47:ca:
10:fb:b6:0e:49:c6:1a:1c:ed:9d:e7:44:41:de:ea:
ff:93:f1:55:d1:99:37:ee:8a:35:8c:06:0b:fa:be:
db:39:e3:26:e0:8f:94:06:01:1e:29:35:8f:45:af:
84:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:42:DD:E3:F3:65:46:8C:0D:B4:76:88:11:20:0F:51:68:24:17:51
X509v3 Authority Key Identifier:
keyid:E5:41:A4:C1:52:B5:F7:86:D6:23:D8:5C:41:46:52:99:CD:DA:33:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5UGkwVK194bWI9hcQUZSmc3aM4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5ELd4_NlRowNtHaIESAPUWgkF1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/d71269-4b56-4572-a711-d84ecb2505c4/1/5UGkwVK194bWI9hcQUZSmc3aM4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.112.0/20
185.22.220.0/22
193.192.40.0/23
IPv6:
2a04:2200::/29
Signature Algorithm: sha256WithRSAEncryption
49:df:f3:db:b0:ee:bd:53:65:b9:df:7d:33:9b:36:63:2f:8e:
17:4b:03:f0:57:8a:08:7e:62:d1:64:19:89:11:c2:0c:97:95:
4a:f9:6c:71:d5:1d:f4:1c:9d:9f:8f:89:10:94:74:03:fe:c5:
ec:93:9c:a2:c1:8b:52:78:3d:62:85:ce:62:3f:91:f8:96:1c:
4a:8c:16:e5:60:34:ee:b8:16:93:ba:21:f7:b2:9e:aa:a3:47:
44:98:05:be:7d:52:7a:ad:f0:0e:0b:57:27:4d:f0:44:7d:ab:
e3:81:03:77:12:1a:2d:ae:44:66:a1:25:cd:a2:6e:3a:b6:fe:
77:d1:da:3a:81:f4:e8:b6:5b:69:65:56:f3:8e:7b:90:c7:84:
4a:1e:82:1d:71:70:d1:de:00:33:03:c4:e6:06:38:79:76:ac:
44:f3:09:95:1b:16:ed:cd:06:3e:a1:e7:20:d1:66:02:42:b1:
97:94:e1:3b:07:e1:67:a0:8e:52:50:90:94:a9:06:d7:bb:9e:
5a:08:90:6b:33:38:22:86:8c:fc:b7:2b:c2:dc:ae:5a:6a:4d:
65:6c:55:67:2a:1a:4f:31:2a:99:06:ce:91:fd:21:bf:66:6b:
06:6d:a8:ef:b0:3a:cb:d1:30:c7:f1:13:b2:a7:0f:89:74:e3:
4b:b3:ba:4b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJXovutTM5N36kIizcfTuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NDFhNGMxNTJiNWY3ODZkNjIzZDg1YzQxNDY1Mjk5Y2Rk
YTMzODkwHhcNMjQwMTAxMjIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDQyZGRlM2YzNjU0NjhjMGRiNDc2ODgxMTIwMGY1MTY4MjQxNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR5tY3dHzdrzqoC3x5+W5PDAMer7
nql9BweoKy1ztvwQQLtn7DyeJ4dDCEnwhAaSr9KHDQFUxnX2qk5/ZCBYOiq6qkQw
ZO1WDY+ipcTg5kj+0H0Zj/12rnW67eFSbxBnn/EJku+6wQKLb5Qx4g50sT+im1+v
qQt76StPPyxTJGoE1vAkIaZZxK3cBnJJGJuVTW5w6wtN4KtVbLTIJr9CNWJVuZ6d
i2jBmjAJkuBVDFTecRhA4rxsZHiIStFFd/AdDPB5QoFoPFgUTh6T63U9R8oQ+7YO
ScYaHO2d50RB3ur/k/FV0Zk37oo1jAYL+r7bOeMm4I+UBgEeKTWPRa+EmQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFORC3ePzZUaMDbR2iBEgD1FoJBdRMB8GA1UdIwQY
MBaAFOVBpMFStfeG1iPYXEFGUpnN2jOJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVVHa3dWSzE5NGJXSTloY1FVWlNtYzNhTTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kNzEyNjktNGI1Ni00NTcyLWE3MTEt
ZDg0ZWNiMjUwNWM0LzEvNUVMZDRfTmxSb3dOdEhhSUVTQVBVV2drRjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kNzEyNjktNGI1Ni00NTcyLWE3MTEtZDg0ZWNiMjUwNWM0
LzEvNVVHa3dWSzE5NGJXSTloY1FVWlNtYzNhTTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEH6xwAwQC
uRbcAwQBwcAoMA0EAgACMAcDBQMqBCIAMA0GCSqGSIb3DQEBCwUAA4IBAQBJ3/Pb
sO69U2W5330zmzZjL44XSwPwV4oIfmLRZBmJEcIMl5VK+Wxx1R30HJ2fj4kQlHQD
/sXsk5yiwYtSeD1ihc5iP5H4lhxKjBblYDTuuBaTuiH3sp6qo0dEmAW+fVJ6rfAO
C1cnTfBEfavjgQN3EhotrkRmoSXNom46tv530do6gfTotltpZVbzjnuQx4RKHoId
cXDR3gAzA8TmBjh5dqxE8wmVGxbtzQY+oecg0WYCQrGXlOE7B+FnoI5SUJCUqQbX
u55aCJBrMzgihoz8tyvC3K5aak1lbFVnKhpPMSqZBs6R/SG/ZmsGbajvsDrL0TDH
8ROypw+JdONLs7pL
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:26 2024 by rpki-client on console-ams.rpki-client.org