Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/5tgvBqAn45q56volhgsie_7CV2M.roa
File: 5tgvBqAn45q56volhgsie_7CV2M.roa (raw, json)
Hash identifier: mOVCJg54wvWm5Bo6SQOd2fn6Aprl0DBUEjycsY1KAFo=
Subject key identifier: E6:D8:2F:06:A0:27:E3:9A:B9:EA:FA:25:86:0B:22:7B:FE:C2:57:63
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 018CC64AAEEB25710C2F25788066305511E5
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/5tgvBqAn45q56volhgsie_7CV2M.roa
Signing time: Mon 01 Jan 2024 18:30:32 +0000
ROA not before: Mon 01 Jan 2024 18:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198192
IP address blocks: 45.131.54.0/23 maxlen: 23
45.131.52.0/23 maxlen: 23
185.92.237.0/24 maxlen: 24
158.255.236.0/23 maxlen: 23
45.10.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ae:eb:25:71:0c:2f:25:78:80:66:30:55:11:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Jan 1 18:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6d82f06a027e39ab9eafa25860b227bfec25763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7a:69:a5:74:6f:c1:29:bc:4e:ab:30:37:10:
56:36:35:b5:75:e0:ba:41:31:17:62:39:2a:09:6f:
bf:a2:44:c9:11:b5:7b:bb:0e:d0:d6:1f:8c:be:45:
a1:f7:52:aa:ae:32:5c:21:0b:f1:bc:2a:01:60:b3:
d0:07:43:65:0c:2e:ce:fb:2d:66:8b:38:c9:b2:a3:
0a:30:d3:3c:e9:8a:8a:13:2d:de:21:70:6d:5e:b0:
f3:62:e8:02:9b:9e:49:9c:b0:8d:b1:a4:1b:b3:f7:
75:84:57:9e:63:d9:87:a5:63:23:bb:b9:53:5d:8e:
4e:dc:b4:5d:bd:1e:81:bb:a8:b0:53:41:36:df:d0:
f0:1d:38:6f:f1:c6:8a:9d:ce:e0:24:1b:99:f3:cc:
34:52:fc:7a:7d:a0:19:a3:6e:cd:d7:ab:37:9d:bd:
42:33:7e:f4:1b:ac:34:dc:dc:8b:b8:e1:cb:4f:88:
73:4c:5a:9c:f9:9e:4f:e2:40:f7:d8:94:9d:ff:73:
26:82:49:99:de:e8:3c:94:ea:29:d8:38:9a:e4:39:
b9:39:c7:28:7d:ce:cf:20:77:0d:0e:6e:81:c5:8b:
97:52:c7:c7:93:9d:4b:1a:48:5f:ae:1d:53:a0:fb:
d8:e3:d0:f1:06:57:c4:3a:51:3d:96:46:b6:e4:a5:
59:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D8:2F:06:A0:27:E3:9A:B9:EA:FA:25:86:0B:22:7B:FE:C2:57:63
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/5tgvBqAn45q56volhgsie_7CV2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.128.0/24
45.131.52.0/22
158.255.236.0/23
185.92.237.0/24
Signature Algorithm: sha256WithRSAEncryption
59:e4:3e:8a:13:5e:a0:17:9c:9f:ae:d4:68:f3:e7:7a:12:c0:
ed:4c:44:05:51:28:89:eb:8f:6e:fb:03:0b:e9:b5:a7:e1:40:
31:4a:57:4c:cb:72:9d:68:8a:06:c3:2c:35:91:4a:e6:04:f6:
49:2a:e7:08:79:89:60:a6:a6:18:84:e9:87:a7:14:a1:99:8c:
ac:d8:e4:5e:b3:07:2e:02:59:31:22:18:66:33:3e:a4:26:58:
fb:1b:3d:cf:d6:62:c5:da:ec:04:4e:1c:62:b4:d2:48:4a:3c:
65:cb:7e:cf:c7:3f:d8:9b:f9:d3:d2:32:fa:1a:3a:80:79:5f:
22:c4:e5:e9:35:c2:2d:0e:88:8a:ab:b9:0d:16:51:99:fc:d0:
63:24:99:3e:35:57:45:16:4b:7e:3c:53:6c:da:47:ff:21:fc:
39:82:82:53:7f:90:94:96:31:eb:09:e4:60:6f:fd:c1:23:54:
30:df:88:6e:86:85:97:ec:9d:49:dc:4e:2d:5a:78:d7:aa:d5:
ae:11:99:11:37:40:8d:59:49:aa:c5:16:87:01:a6:e2:26:63:
2d:4a:02:73:29:ec:6e:5d:bf:11:27:5d:bb:e3:61:6e:d7:85:
f1:81:b8:1a:1e:e9:27:38:a8:f7:76:8f:c2:fe:ce:79:9c:fe:
2e:e2:2d:50
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSq7rJXEMLyV4gGYwVRHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQwMTAxMTgzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQ4MmYwNmEwMjdlMzlhYjllYWZhMjU4NjBiMjI3YmZlYzI1NzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXpppXRvwSm8TqswNxBWNjW1deC6
QTEXYjkqCW+/okTJEbV7uw7Q1h+MvkWh91KqrjJcIQvxvCoBYLPQB0NlDC7O+y1m
izjJsqMKMNM86YqKEy3eIXBtXrDzYugCm55JnLCNsaQbs/d1hFeeY9mHpWMju7lT
XY5O3LRdvR6Bu6iwU0E239DwHThv8caKnc7gJBuZ88w0Uvx6faAZo27N16s3nb1C
M370G6w03NyLuOHLT4hzTFqc+Z5P4kD32JSd/3MmgkmZ3ug8lOop2Dia5Dm5Occo
fc7PIHcNDm6BxYuXUsfHk51LGkhfrh1ToPvY49DxBlfEOlE9lka25KVZbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFObYLwagJ+Oauer6JYYLInv+wldjMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvNXRndkJxQW40NXE1NnZvbGhnc2llXzdDVjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQqAAwQC
LYM0AwQBnv/sAwQAuVztMA0GCSqGSIb3DQEBCwUAA4IBAQBZ5D6KE16gF5yfrtRo
8+d6EsDtTEQFUSiJ649u+wML6bWn4UAxSldMy3KdaIoGwyw1kUrmBPZJKucIeYlg
pqYYhOmHpxShmYys2OReswcuAlkxIhhmMz6kJlj7Gz3P1mLF2uwEThxitNJISjxl
y37Pxz/Ym/nT0jL6GjqAeV8ixOXpNcItDoiKq7kNFlGZ/NBjJJk+NVdFFkt+PFNs
2kf/Ifw5goJTf5CUljHrCeRgb/3BI1Qw34huhoWX7J1J3E4tWnjXqtWuEZkRN0CN
WUmqxRaHAabiJmMtSgJzKexuXb8RJ12742Fu14XxgbgaHuknOKj3do/C/s55nP4u
4i1Q
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:10:45 2024 by rpki-client on console-ams.rpki-client.org