Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/cI7fOXU_mPq6bXH9g9syofs2REc.roa
File: cI7fOXU_mPq6bXH9g9syofs2REc.roa (raw, json)
Hash identifier: gdNDlLHj6WXj4MQJRnE34WHyExBJQGWBa0RwUV5bW3I=
Subject key identifier: 70:8E:DF:39:75:3F:98:FA:BA:6D:71:FD:83:DB:32:A1:FB:36:44:47
Certificate issuer: /CN=219885ea020e65006314ee9480def3b3efc039e3
Certificate serial: 018CC5DC3E69CBB0EBD3FAA6A1EC19342361
Authority key identifier: 21:98:85:EA:02:0E:65:00:63:14:EE:94:80:DE:F3:B3:EF:C0:39:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IZiF6gIOZQBjFO6UgN7zs-_AOeM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/cI7fOXU_mPq6bXH9g9syofs2REc.roa
Signing time: Mon 01 Jan 2024 16:29:54 +0000
ROA not before: Mon 01 Jan 2024 16:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203576
IP address blocks: 5.180.184.0/24 maxlen: 32
5.180.186.0/24 maxlen: 32
5.180.185.0/24 maxlen: 32
5.180.187.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/IZiF6gIOZQBjFO6UgN7zs-_AOeM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/IZiF6gIOZQBjFO6UgN7zs-_AOeM.mft
rsync://rpki.ripe.net/repository/DEFAULT/IZiF6gIOZQBjFO6UgN7zs-_AOeM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 07:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3e:69:cb:b0:eb:d3:fa:a6:a1:ec:19:34:23:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=219885ea020e65006314ee9480def3b3efc039e3
Validity
Not Before: Jan 1 16:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=708edf39753f98faba6d71fd83db32a1fb364447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5f:9d:04:85:1c:45:2a:f7:f6:69:97:1c:97:
63:92:75:b1:a6:3a:47:bc:01:70:a5:25:d3:5a:13:
c2:e9:34:67:7e:81:8c:0f:60:cc:3a:64:de:56:db:
ab:16:91:65:1e:45:9c:81:8e:da:91:af:e3:89:96:
9c:83:de:69:89:10:a9:d7:bc:14:50:e8:55:4b:91:
1d:a6:87:20:07:62:6f:91:f6:51:b3:93:08:29:18:
7b:21:ad:b2:01:e7:e4:cc:a8:25:2c:5e:08:00:c8:
e4:c9:7a:02:88:c5:ab:5e:83:37:8a:53:a7:2c:15:
02:be:04:03:46:85:b3:56:5e:99:8f:8f:9c:3e:ef:
38:59:d2:84:56:46:2c:5d:16:8c:07:87:cc:ec:9c:
2e:5e:dc:0d:38:71:fe:b5:a2:53:a2:04:04:52:1d:
03:0e:e8:b0:47:d2:2e:b7:4f:30:a7:09:23:81:31:
37:74:02:8d:1a:2d:af:e5:1f:6e:52:0b:57:10:82:
f7:48:c4:c3:07:56:e6:56:ba:be:c8:3d:d9:ec:45:
1b:4b:22:94:9b:fe:a2:2f:ba:0b:7a:cc:48:87:0f:
49:64:f8:ba:80:0f:94:7f:c5:75:5f:0c:0c:80:59:
84:15:8d:ae:0b:5b:8a:9b:08:60:a7:8a:41:95:3b:
19:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8E:DF:39:75:3F:98:FA:BA:6D:71:FD:83:DB:32:A1:FB:36:44:47
X509v3 Authority Key Identifier:
keyid:21:98:85:EA:02:0E:65:00:63:14:EE:94:80:DE:F3:B3:EF:C0:39:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IZiF6gIOZQBjFO6UgN7zs-_AOeM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/cI7fOXU_mPq6bXH9g9syofs2REc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/fe04ac-a190-4804-913c-ffc025831f4f/1/IZiF6gIOZQBjFO6UgN7zs-_AOeM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.184.0/22
Signature Algorithm: sha256WithRSAEncryption
61:4f:c6:20:a6:6b:ff:c0:ca:a9:bc:58:d5:2e:0c:33:4d:15:
99:19:e3:57:bb:7c:b5:db:52:7a:48:f2:68:8b:d2:3d:8a:81:
93:b8:67:04:86:eb:52:39:4b:af:dd:b9:49:53:89:48:d0:74:
8c:e5:82:0c:fe:7a:38:16:44:00:15:08:c5:90:17:21:f7:dd:
53:de:f3:82:3a:4a:9c:41:68:37:4a:71:ed:fa:34:66:71:0b:
56:2f:5a:8c:10:a5:45:c2:3a:c1:b8:71:53:65:52:a6:55:50:
99:19:c4:88:9b:d8:7e:6b:db:72:47:2e:54:91:f7:c5:ee:ec:
1b:10:48:f7:e1:f0:63:1c:d1:e2:9b:a8:0b:1d:d6:0d:50:7e:
a9:3c:37:0f:df:b1:86:70:aa:b5:5f:55:3e:b3:a2:6a:97:74:
7e:63:5f:c3:81:14:6d:b6:5c:2d:17:94:a9:10:ba:53:36:17:
a7:be:d7:60:21:f2:cc:db:95:69:b9:37:d9:21:f6:e1:58:47:
78:0e:5d:64:3d:e0:8c:16:6c:fc:3a:0d:85:ea:f6:2c:a5:04:
14:08:30:09:c0:17:99:02:ca:fc:fe:c5:43:1d:c5:f2:d6:1e:
8c:81:8b:75:a8:e5:15:cf:14:5e:e0:1b:e9:67:4f:7e:cd:16:
3c:4a:7f:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3D5py7Dr0/qmoewZNCNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxOTg4NWVhMDIwZTY1MDA2MzE0ZWU5NDgwZGVmM2IzZWZj
MDM5ZTMwHhcNMjQwMTAxMTYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhlZGYzOTc1M2Y5OGZhYmE2ZDcxZmQ4M2RiMzJhMWZiMzY0NDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzF+dBIUcRSr39mmXHJdjknWxpjpH
vAFwpSXTWhPC6TRnfoGMD2DMOmTeVturFpFlHkWcgY7aka/jiZacg95piRCp17wU
UOhVS5EdpocgB2JvkfZRs5MIKRh7Ia2yAefkzKglLF4IAMjkyXoCiMWrXoM3ilOn
LBUCvgQDRoWzVl6Zj4+cPu84WdKEVkYsXRaMB4fM7JwuXtwNOHH+taJTogQEUh0D
DuiwR9Iut08wpwkjgTE3dAKNGi2v5R9uUgtXEIL3SMTDB1bmVrq+yD3Z7EUbSyKU
m/6iL7oLesxIhw9JZPi6gA+Uf8V1XwwMgFmEFY2uC1uKmwhgp4pBlTsZiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHCO3zl1P5j6um1x/YPbMqH7NkRHMB8GA1UdIwQY
MBaAFCGYheoCDmUAYxTulIDe87PvwDnjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVppRjZnSU9aUUJqRk82VWdON3pzLV9BT2VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZTA0YWMtYTE5MC00ODA0LTkxM2Mt
ZmZjMDI1ODMxZjRmLzEvY0k3Zk9YVV9tUHE2YlhIOWc5c3lvZnMyUkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZTA0YWMtYTE5MC00ODA0LTkxM2MtZmZjMDI1ODMxZjRm
LzEvSVppRjZnSU9aUUJqRk82VWdON3pzLV9BT2VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBbS4MA0G
CSqGSIb3DQEBCwUAA4IBAQBhT8Ygpmv/wMqpvFjVLgwzTRWZGeNXu3y121J6SPJo
i9I9ioGTuGcEhutSOUuv3blJU4lI0HSM5YIM/no4FkQAFQjFkBch991T3vOCOkqc
QWg3SnHt+jRmcQtWL1qMEKVFwjrBuHFTZVKmVVCZGcSIm9h+a9tyRy5UkffF7uwb
EEj34fBjHNHim6gLHdYNUH6pPDcP37GGcKq1X1U+s6Jql3R+Y1/DgRRttlwtF5Sp
ELpTNhenvtdgIfLM25VpuTfZIfbhWEd4Dl1kPeCMFmz8Og2F6vYspQQUCDAJwBeZ
Asr8/sVDHcXy1h6MgYt1qOUVzxRe4BvpZ09+zRY8Sn/2
-----END CERTIFICATE-----
Generated at Sat May 18 14:23:54 2024 by rpki-client on console-fra.rpki-client.org