Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/5dRUaiAbsApMZZU9uQV5VnD0O2o.roa
File: 5dRUaiAbsApMZZU9uQV5VnD0O2o.roa (raw, json)
Hash identifier: /fA3RLFbDZSvplf/CZpKN1BPjI7I85ymUxR5JWCXbT0=
Subject key identifier: E5:D4:54:6A:20:1B:B0:0A:4C:65:95:3D:B9:05:79:56:70:F4:3B:6A
Certificate issuer: /CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Certificate serial: 018CC2DAF117A2B38E39016E5E52F34E618E
Authority key identifier: 67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/5dRUaiAbsApMZZU9uQV5VnD0O2o.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35205
IP address blocks: 194.126.129.0/24 maxlen: 24
2a05:3700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f1:17:a2:b3:8e:39:01:6e:5e:52:f3:4e:61:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5d4546a201bb00a4c65953db905795670f43b6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:76:4e:c5:60:14:a8:79:b3:ae:14:2e:0c:58:
02:8f:45:aa:2c:4e:43:2d:80:ba:d9:bc:40:f9:29:
70:a4:21:bb:b2:93:6e:6d:b7:24:f4:84:f4:4a:d9:
e7:82:2c:90:42:92:a2:cc:86:ac:c1:9c:cf:36:40:
90:f8:8c:96:e0:89:b9:1a:5e:ce:68:61:67:8d:2e:
9c:a9:07:50:3f:1e:65:5f:ce:ba:1a:c5:24:12:96:
cd:67:5c:de:9a:35:76:60:9a:41:29:7a:6d:29:da:
a9:60:54:e2:69:02:ec:03:3e:d5:f8:05:15:dd:15:
c6:b9:03:7f:34:93:46:88:90:24:93:ef:c1:d9:db:
ce:93:2b:23:e2:bf:2e:18:f9:38:95:14:86:aa:bc:
9f:66:5a:41:7b:1a:20:75:61:37:fc:7d:44:92:36:
68:bf:9e:a8:2e:54:e4:3b:8d:5a:91:07:7c:ec:0d:
74:34:48:5b:1c:c6:9a:14:f8:85:b0:4c:a6:0c:af:
41:b1:9a:f8:30:c2:e1:90:75:f8:83:1e:5a:bd:db:
01:c8:6d:12:1b:6d:73:f7:88:b6:b7:08:2a:09:7a:
1f:ab:c1:de:3f:29:aa:a2:33:e0:dd:cf:bd:88:b5:
9f:33:c0:6a:02:62:24:0f:86:6c:e1:4f:d5:46:4d:
89:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D4:54:6A:20:1B:B0:0A:4C:65:95:3D:B9:05:79:56:70:F4:3B:6A
X509v3 Authority Key Identifier:
keyid:67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/5dRUaiAbsApMZZU9uQV5VnD0O2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.129.0/24
IPv6:
2a05:3700::/29
Signature Algorithm: sha256WithRSAEncryption
6f:48:2d:8a:bc:d0:5a:4e:a9:54:e1:8a:a7:1b:c6:05:d1:bf:
7e:ec:3b:24:16:13:c3:7a:e3:12:06:27:36:64:f4:1f:fa:0b:
f1:83:da:88:7f:e3:6e:65:1e:3f:83:5b:3f:b5:bc:10:74:f9:
95:a7:89:8e:46:0a:6a:c5:dc:a3:a2:06:c1:08:9f:d7:a7:1b:
45:57:88:32:97:06:a5:d4:07:97:9b:e9:54:87:f2:14:f0:03:
75:23:eb:b1:d7:7f:7b:62:c6:ac:b5:78:92:a9:11:cd:9b:9f:
51:5f:af:9a:c8:3e:11:08:39:18:be:c2:a8:4b:56:bb:fb:57:
16:d2:de:fa:5b:fd:2b:de:f4:ef:43:8b:db:a3:97:06:97:0d:
ed:d3:a7:72:a4:f7:24:86:48:3e:2d:02:7d:3b:ea:81:5c:ea:
c7:01:94:90:12:c5:d4:58:cf:d2:c8:77:25:13:c6:7a:93:86:
49:e6:f3:21:2b:be:e2:b8:d0:c3:66:46:fe:3e:4f:02:b2:d0:
01:42:68:81:2f:fd:67:75:9c:a7:c6:a0:e6:32:ff:53:04:b1:
5e:c7:73:21:5f:c6:8a:a9:89:bc:d0:7e:70:ab:f0:07:bc:7c:
ac:67:fe:73:df:74:7e:f2:92:63:1a:82:20:30:bf:24:b1:94:
f6:1f:39:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2vEXorOOOQFuXlLzTmGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTFjZWRmZTA4MjZmMGY5Nzc1YmRmYThlOTQyNTMwMGJk
ZTlmMTMwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQ0NTQ2YTIwMWJiMDBhNGM2NTk1M2RiOTA1Nzk1NjcwZjQzYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3ZOxWAUqHmzrhQuDFgCj0WqLE5D
LYC62bxA+SlwpCG7spNubbck9IT0StnngiyQQpKizIaswZzPNkCQ+IyW4Im5Gl7O
aGFnjS6cqQdQPx5lX866GsUkEpbNZ1zemjV2YJpBKXptKdqpYFTiaQLsAz7V+AUV
3RXGuQN/NJNGiJAkk+/B2dvOkysj4r8uGPk4lRSGqryfZlpBexogdWE3/H1EkjZo
v56oLlTkO41akQd87A10NEhbHMaaFPiFsEymDK9BsZr4MMLhkHX4gx5avdsByG0S
G21z94i2twgqCXofq8HePymqojPg3c+9iLWfM8BqAmIkD4Zs4U/VRk2JPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOXUVGogG7AKTGWVPbkFeVZw9DtqMB8GA1UdIwQY
MBaAFGfhzt/ggm8Pl3W9+o6UJTAL3p8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEt
ZWM5Yjc1NTIxMjk3LzEvNWRSVWFpQWJzQXBNWlpVOXVRVjVWbkQwTzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEtZWM5Yjc1NTIxMjk3
LzEvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwn6BMA0E
AgACMAcDBQMqBTcAMA0GCSqGSIb3DQEBCwUAA4IBAQBvSC2KvNBaTqlU4YqnG8YF
0b9+7DskFhPDeuMSBic2ZPQf+gvxg9qIf+NuZR4/g1s/tbwQdPmVp4mORgpqxdyj
ogbBCJ/XpxtFV4gylwal1AeXm+lUh/IU8AN1I+ux1397YsastXiSqRHNm59RX6+a
yD4RCDkYvsKoS1a7+1cW0t76W/0r3vTvQ4vbo5cGlw3t06dypPckhkg+LQJ9O+qB
XOrHAZSQEsXUWM/SyHclE8Z6k4ZJ5vMhK77iuNDDZkb+Pk8CstABQmiBL/1ndZyn
xqDmMv9TBLFex3MhX8aKqYm80H5wq/AHvHysZ/5z33R+8pJjGoIgML8ksZT2Hzml
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:28 2024 by rpki-client on console-ams.rpki-client.org