Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/5KaNzc5VVhRT8ER_9N9DGpGdKZg.roa
File: 5KaNzc5VVhRT8ER_9N9DGpGdKZg.roa (raw, json)
Hash identifier: xic2UxaWUEDYUA7pO+aiXilwJagcp00IsukXxJn8kDM=
Subject key identifier: E4:A6:8D:CD:CE:55:56:14:53:F0:44:7F:F4:DF:43:1A:91:9D:29:98
Certificate issuer: /CN=5cb813e09c9955e0bda7041f8373a8fc5dae6b9d
Certificate serial: 018CC80146E5E5E4CA8A464A43BACA9F7DD3
Authority key identifier: 5C:B8:13:E0:9C:99:55:E0:BD:A7:04:1F:83:73:A8:FC:5D:AE:6B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XLgT4JyZVeC9pwQfg3Oo_F2ua50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/5KaNzc5VVhRT8ER_9N9DGpGdKZg.roa
Signing time: Tue 02 Jan 2024 02:29:35 +0000
ROA not before: Tue 02 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50345
IP address blocks: 2001:67c:1058::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/XLgT4JyZVeC9pwQfg3Oo_F2ua50.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/XLgT4JyZVeC9pwQfg3Oo_F2ua50.mft
rsync://rpki.ripe.net/repository/DEFAULT/XLgT4JyZVeC9pwQfg3Oo_F2ua50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:46:e5:e5:e4:ca:8a:46:4a:43:ba:ca:9f:7d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cb813e09c9955e0bda7041f8373a8fc5dae6b9d
Validity
Not Before: Jan 2 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4a68dcdce55561453f0447ff4df431a919d2998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:86:97:72:1d:17:b6:60:66:fc:a5:dc:59:1f:
6f:78:7e:e1:1c:f2:48:89:4f:fa:7a:b3:85:4d:e1:
56:48:0c:0b:d7:bf:83:41:90:50:86:5f:2a:5f:19:
f1:b0:24:de:af:53:cc:36:90:62:58:a7:9f:aa:66:
d3:29:b5:b2:c6:f2:bd:d9:88:c9:b4:21:69:af:e1:
d6:b3:90:96:7e:52:64:70:1c:6d:28:f3:23:52:82:
5a:a8:7e:71:54:dc:9f:ee:66:a3:7f:65:77:2f:39:
89:21:44:5e:99:a7:cc:86:9c:ec:92:89:78:f6:a2:
de:27:c7:e8:56:2f:4a:6f:97:66:2e:91:41:16:5f:
c3:df:7a:02:6f:d5:7d:97:7f:37:e4:70:3f:73:9d:
46:24:4e:70:dd:84:a7:e9:c3:c8:58:74:d4:9b:35:
91:52:a0:a4:cc:b6:22:3f:3d:da:1e:04:7a:52:57:
6f:c1:19:1b:42:87:7e:fd:2f:7f:4e:87:97:cc:b9:
bb:66:d9:5a:86:8e:b2:1b:28:e6:64:8d:50:85:d0:
51:d3:6e:15:ae:fa:72:76:ab:6b:59:e6:78:75:ff:
5b:a5:37:dc:c4:2a:1e:00:32:97:b1:53:73:68:08:
da:d7:51:43:98:97:08:82:85:52:9d:55:10:9b:be:
d3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A6:8D:CD:CE:55:56:14:53:F0:44:7F:F4:DF:43:1A:91:9D:29:98
X509v3 Authority Key Identifier:
keyid:5C:B8:13:E0:9C:99:55:E0:BD:A7:04:1F:83:73:A8:FC:5D:AE:6B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XLgT4JyZVeC9pwQfg3Oo_F2ua50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/5KaNzc5VVhRT8ER_9N9DGpGdKZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/37205b-fc57-464c-a1c1-6c62b9366705/1/XLgT4JyZVeC9pwQfg3Oo_F2ua50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:1058::/48
Signature Algorithm: sha256WithRSAEncryption
6c:84:8e:96:30:29:f1:7c:05:f2:1d:c7:ba:83:ca:3f:f2:a2:
74:0c:7c:51:35:fb:69:92:90:ad:97:9f:c0:77:92:74:04:93:
9e:c6:b0:d3:ce:f7:98:89:fd:bf:db:af:6e:9a:01:32:ef:08:
89:66:d6:e1:6e:d7:62:ec:53:06:75:b4:7a:0b:cf:91:48:90:
48:7d:0f:f0:b9:7e:64:2b:dc:fd:69:27:6f:c5:29:88:1e:5b:
4a:a1:5e:f8:2d:e4:63:cb:2d:78:c1:44:26:54:3a:c4:c2:72:
d9:1c:ce:cf:42:92:23:8b:d9:9e:e0:55:a2:ae:01:51:79:45:
7a:5b:ff:94:ce:4f:e3:35:90:b4:07:2f:9a:6a:a1:07:6d:94:
84:2a:1e:0f:bc:e8:42:6f:00:b2:59:f3:35:db:f0:7d:e8:34:
79:f0:28:2e:94:90:83:8d:5f:7a:20:8e:1b:5c:47:63:60:7e:
dd:fa:5d:3a:91:68:71:78:98:7f:c9:9e:83:d5:7e:88:7a:d3:
a0:68:d0:4c:42:c9:19:f6:b7:94:19:26:84:9d:54:c2:02:89:
a6:ba:5d:09:f9:bc:ae:56:da:18:47:5c:fa:dc:b2:d8:bf:9d:
c8:66:7d:a6:af:ab:53:3c:f7:25:a5:31:dd:b3:17:34:03:54:
7b:fc:9b:8c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzIAUbl5eTKikZKQ7rKn33TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYjgxM2UwOWM5OTU1ZTBiZGE3MDQxZjgzNzNhOGZjNWRh
ZTZiOWQwHhcNMjQwMTAyMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGE2OGRjZGNlNTU1NjE0NTNmMDQ0N2ZmNGRmNDMxYTkxOWQyOTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoaXch0XtmBm/KXcWR9veH7hHPJI
iU/6erOFTeFWSAwL17+DQZBQhl8qXxnxsCTer1PMNpBiWKefqmbTKbWyxvK92YjJ
tCFpr+HWs5CWflJkcBxtKPMjUoJaqH5xVNyf7majf2V3LzmJIURemafMhpzskol4
9qLeJ8foVi9Kb5dmLpFBFl/D33oCb9V9l3835HA/c51GJE5w3YSn6cPIWHTUmzWR
UqCkzLYiPz3aHgR6UldvwRkbQod+/S9/ToeXzLm7Ztlaho6yGyjmZI1QhdBR024V
rvpydqtrWeZ4df9bpTfcxCoeADKXsVNzaAja11FDmJcIgoVSnVUQm77TtwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOSmjc3OVVYUU/BEf/TfQxqRnSmYMB8GA1UdIwQY
MBaAFFy4E+CcmVXgvacEH4NzqPxdrmudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWExnVDRKeVpWZUM5cHdRZmczT29fRjJ1YTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zNzIwNWItZmM1Ny00NjRjLWExYzEt
NmM2MmI5MzY2NzA1LzEvNUthTnpjNVZWaFJUOEVSXzlOOURHcEdkS1pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zNzIwNWItZmM1Ny00NjRjLWExYzEtNmM2MmI5MzY2NzA1
LzEvWExnVDRKeVpWZUM5cHdRZmczT29fRjJ1YTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBBY
MA0GCSqGSIb3DQEBCwUAA4IBAQBshI6WMCnxfAXyHce6g8o/8qJ0DHxRNftpkpCt
l5/Ad5J0BJOexrDTzveYif2/269umgEy7wiJZtbhbtdi7FMGdbR6C8+RSJBIfQ/w
uX5kK9z9aSdvxSmIHltKoV74LeRjyy14wUQmVDrEwnLZHM7PQpIji9me4FWirgFR
eUV6W/+Uzk/jNZC0By+aaqEHbZSEKh4PvOhCbwCyWfM12/B96DR58CgulJCDjV96
II4bXEdjYH7d+l06kWhxeJh/yZ6D1X6IetOgaNBMQskZ9reUGSaEnVTCAommul0J
+byuVtoYR1z63LLYv53IZn2mr6tTPPclpTHdsxc0A1R7/JuM
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:33 2024 by rpki-client on console-ams.rpki-client.org