Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/5k5MJQ3oDrpAWvHisiqHB1KxzkU.roa
File: 5k5MJQ3oDrpAWvHisiqHB1KxzkU.roa (raw, json)
Hash identifier: sr5zlhvZteADydXdemeMwr5hOYppa9O/htGupMnIoyI=
Subject key identifier: E6:4E:4C:25:0D:E8:0E:BA:40:5A:F1:E2:B2:2A:87:07:52:B1:CE:45
Certificate issuer: /CN=4638bf68b6675e2a5a3a7922f6477d2afb357fac
Certificate serial: 0190A235D26C2C026DA675088F853D2EBEA8
Authority key identifier: 46:38:BF:68:B6:67:5E:2A:5A:3A:79:22:F6:47:7D:2A:FB:35:7F:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/5k5MJQ3oDrpAWvHisiqHB1KxzkU.roa
Signing time: Thu 11 Jul 2024 14:32:34 +0000
ROA not before: Thu 11 Jul 2024 14:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215044
IP address blocks: 45.157.48.0/22 maxlen: 24
2a07:9840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/Rji_aLZnXipaOnki9kd9Kvs1f6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/Rji_aLZnXipaOnki9kd9Kvs1f6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:35:d2:6c:2c:02:6d:a6:75:08:8f:85:3d:2e:be:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4638bf68b6675e2a5a3a7922f6477d2afb357fac
Validity
Not Before: Jul 11 14:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e64e4c250de80eba405af1e2b22a870752b1ce45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8e:7d:55:8d:5c:0d:fb:73:46:00:3a:ad:44:
b4:65:ce:0d:50:20:ba:65:05:f0:cf:0c:ec:72:4b:
4d:17:7d:58:07:38:09:11:83:55:95:45:f5:db:e9:
88:c8:cd:c8:0d:3f:af:cb:91:25:a3:e4:fa:e0:5f:
f8:1c:dd:9b:7a:8f:a9:f5:8b:0a:78:25:b2:92:97:
d6:f3:da:08:b7:38:5e:49:c4:6f:8e:d9:ec:8b:9a:
87:ba:be:e9:ae:18:ff:a6:74:ea:d9:7c:ca:6a:3e:
cd:15:2a:f1:be:51:8d:b2:87:0b:0f:ca:c4:a2:0e:
69:f3:fa:8c:15:60:0c:9f:49:fb:fd:9e:3e:92:22:
34:ff:fb:01:d9:5e:94:b5:bf:b8:71:75:05:f8:93:
97:1b:dc:e5:60:1d:37:4b:be:bc:7d:94:b0:f5:7d:
d1:02:f0:d4:05:5c:9a:71:a6:4e:3c:f6:07:d8:b9:
48:68:01:19:ca:07:22:cc:21:49:0e:59:1e:c8:21:
0e:5c:a3:a1:e9:ad:4c:18:6c:6b:d3:9a:b9:e3:6a:
7f:66:4e:83:3c:1a:9b:48:b5:a0:33:7a:47:b0:4c:
31:24:97:3c:95:6a:78:e4:b7:68:8f:63:2b:18:17:
b0:73:8f:f3:3f:d4:f3:48:25:9d:32:66:bc:22:dc:
e6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:4E:4C:25:0D:E8:0E:BA:40:5A:F1:E2:B2:2A:87:07:52:B1:CE:45
X509v3 Authority Key Identifier:
keyid:46:38:BF:68:B6:67:5E:2A:5A:3A:79:22:F6:47:7D:2A:FB:35:7F:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rji_aLZnXipaOnki9kd9Kvs1f6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/5k5MJQ3oDrpAWvHisiqHB1KxzkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/e2f615-6ca4-4bf5-9f53-87073f434b03/1/Rji_aLZnXipaOnki9kd9Kvs1f6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.48.0/22
IPv6:
2a07:9840::/29
Signature Algorithm: sha256WithRSAEncryption
42:b2:2b:ae:31:d8:a3:5d:c2:d8:dd:c9:51:0c:8b:5d:5f:bd:
93:59:ae:93:59:43:d0:b5:ed:80:1c:a5:0b:dc:e4:ae:62:57:
81:c6:b1:e5:07:14:1b:f7:24:4b:c3:21:70:a9:0d:b4:0e:3c:
c7:e2:2b:e9:43:d5:1e:b8:54:9f:12:89:c6:f2:ac:09:cc:54:
ee:e6:85:ff:4d:fd:b3:43:90:e8:da:01:95:71:00:11:56:ff:
2b:08:54:09:de:48:87:55:f2:35:ac:8b:23:f1:ca:c6:ce:f0:
37:7d:98:fd:98:ba:02:c8:a9:55:1f:3a:fd:25:66:53:84:39:
86:3d:b3:6f:53:31:23:ce:f6:5f:e9:66:66:7b:df:1e:c3:9c:
b6:6a:2d:8b:1d:1b:71:93:82:71:14:69:d4:89:fa:21:c7:51:
25:3d:76:40:1d:de:97:55:2f:39:3e:8c:ab:30:fb:d7:ec:73:
a2:1d:c8:86:71:2c:47:a5:7e:eb:15:8b:00:92:a1:22:70:0d:
38:39:12:a3:a8:0f:65:ed:c7:09:2e:0b:a2:06:35:bd:4a:98:
7b:9f:6a:ff:02:36:83:3e:b9:c0:95:63:da:50:31:bb:fd:5a:
b6:a7:19:de:08:f4:35:db:a8:70:ca:fc:79:45:66:e7:0f:01:
bb:23:cc:b0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZCiNdJsLAJtpnUIj4U9Lr6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MzhiZjY4YjY2NzVlMmE1YTNhNzkyMmY2NDc3ZDJhZmIz
NTdmYWMwHhcNMjQwNzExMTQzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjRlNGMyNTBkZTgwZWJhNDA1YWYxZTJiMjJhODcwNzUyYjFjZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Y59VY1cDftzRgA6rUS0Zc4NUCC6
ZQXwzwzscktNF31YBzgJEYNVlUX12+mIyM3IDT+vy5Elo+T64F/4HN2beo+p9YsK
eCWykpfW89oItzheScRvjtnsi5qHur7prhj/pnTq2XzKaj7NFSrxvlGNsocLD8rE
og5p8/qMFWAMn0n7/Z4+kiI0//sB2V6Utb+4cXUF+JOXG9zlYB03S768fZSw9X3R
AvDUBVyacaZOPPYH2LlIaAEZygcizCFJDlkeyCEOXKOh6a1MGGxr05q542p/Zk6D
PBqbSLWgM3pHsEwxJJc8lWp45Ldoj2MrGBewc4/zP9TzSCWdMma8ItzmHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOZOTCUN6A66QFrx4rIqhwdSsc5FMB8GA1UdIwQY
MBaAFEY4v2i2Z14qWjp5IvZHfSr7NX+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmppX2FMWm5YaXBhT25raTlrZDlLdnMxZjZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9lMmY2MTUtNmNhNC00YmY1LTlmNTMt
ODcwNzNmNDM0YjAzLzEvNWs1TUpRM29EcnBBV3ZIaXNpcUhCMUt4emtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9lMmY2MTUtNmNhNC00YmY1LTlmNTMtODcwNzNmNDM0YjAz
LzEvUmppX2FMWm5YaXBhT25raTlrZDlLdnMxZjZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZ0wMA0E
AgACMAcDBQMqB5hAMA0GCSqGSIb3DQEBCwUAA4IBAQBCsiuuMdijXcLY3clRDItd
X72TWa6TWUPQte2AHKUL3OSuYleBxrHlBxQb9yRLwyFwqQ20DjzH4ivpQ9UeuFSf
EonG8qwJzFTu5oX/Tf2zQ5Do2gGVcQARVv8rCFQJ3kiHVfI1rIsj8crGzvA3fZj9
mLoCyKlVHzr9JWZThDmGPbNvUzEjzvZf6WZme98ew5y2ai2LHRtxk4JxFGnUifoh
x1ElPXZAHd6XVS85PoyrMPvX7HOiHciGcSxHpX7rFYsAkqEicA04ORKjqA9l7ccJ
LguiBjW9Sph7n2r/AjaDPrnAlWPaUDG7/Vq2pxneCPQ126hwyvx5RWbnDwG7I8yw
-----END CERTIFICATE-----
Generated at Tue Nov 26 12:44:45 2024 by rpki-client on console-ams.rpki-client.org