Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/5VmvG8tPEU_WQznv-wglMXhdWk4.roa
File: 5VmvG8tPEU_WQznv-wglMXhdWk4.roa (raw, json)
Hash identifier: J1IaR41qhzvjh+ElU0qgku8KgEt+hEOQW43qHqoilrA=
Subject key identifier: E5:59:AF:1B:CB:4F:11:4F:D6:43:39:EF:FB:08:25:31:78:5D:5A:4E
Certificate issuer: /CN=6851a3fee77e924146177123dd6753b06fde2452
Certificate serial: 018CC492DD273A726012F37D983C120DD72B
Authority key identifier: 68:51:A3:FE:E7:7E:92:41:46:17:71:23:DD:67:53:B0:6F:DE:24:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/5VmvG8tPEU_WQznv-wglMXhdWk4.roa
Signing time: Mon 01 Jan 2024 10:30:08 +0000
ROA not before: Mon 01 Jan 2024 10:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 559
IP address blocks: 192.42.192.0/21 maxlen: 21
192.42.200.0/23 maxlen: 23
130.223.0.0/16 maxlen: 16
192.42.180.0/22 maxlen: 22
192.42.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:dd:27:3a:72:60:12:f3:7d:98:3c:12:0d:d7:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6851a3fee77e924146177123dd6753b06fde2452
Validity
Not Before: Jan 1 10:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e559af1bcb4f114fd64339effb082531785d5a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:9e:31:52:01:e7:fd:3c:d8:08:33:da:e4:3b:
82:7d:20:aa:90:df:08:48:99:21:2b:47:79:6a:b0:
7c:04:62:0c:48:0e:2f:4f:23:09:ae:49:6e:31:cd:
11:a3:67:0f:b0:fe:53:c1:08:46:a0:ad:dd:57:53:
0a:18:37:e5:76:08:84:26:ac:de:c5:00:f8:ed:1f:
0e:a5:df:39:19:59:14:5d:ba:5b:00:c5:1d:e8:7b:
4a:44:42:93:ee:b7:8f:65:4e:d8:e0:ad:a4:27:f0:
6e:0c:a8:82:9e:d0:e1:1e:e4:ca:64:36:66:3d:15:
9c:f5:66:5a:71:75:b2:1d:a9:48:5f:d5:5c:ce:09:
75:85:53:bb:7e:fc:e2:c0:80:aa:82:cc:dd:2d:41:
f1:e4:26:a0:2f:91:6c:e6:c9:f6:39:85:b9:0d:6d:
45:1e:d9:e7:f6:6a:8a:a9:c0:d0:88:e7:11:e7:c2:
f8:c8:b7:f7:3d:81:a8:49:f0:00:f5:aa:09:d7:3a:
2b:02:d8:99:ce:93:cd:52:b6:3d:9f:91:10:5d:5e:
78:c6:74:bc:6d:c1:a2:19:6e:4d:9e:53:66:8b:33:
fc:d2:19:0c:73:54:f7:e7:dd:f5:0c:35:c5:c1:5c:
7f:57:4f:53:06:96:f0:aa:c1:47:2f:4a:8a:f0:fe:
d5:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:59:AF:1B:CB:4F:11:4F:D6:43:39:EF:FB:08:25:31:78:5D:5A:4E
X509v3 Authority Key Identifier:
keyid:68:51:A3:FE:E7:7E:92:41:46:17:71:23:DD:67:53:B0:6F:DE:24:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/5VmvG8tPEU_WQznv-wglMXhdWk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/0059b5-f637-4265-a3e4-a3b58628060d/1/aFGj_ud-kkFGF3Ej3WdTsG_eJFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.223.0.0/16
192.42.180.0-192.42.201.255
Signature Algorithm: sha256WithRSAEncryption
15:55:7c:4d:93:6c:b2:b6:db:63:6f:d5:d6:27:e9:91:9e:9f:
ee:24:f9:94:de:3a:81:01:70:2a:45:17:56:a5:c4:fd:0a:30:
ad:21:9c:20:35:61:7c:48:1f:21:bc:eb:a6:b2:00:7c:fa:50:
b1:ef:fd:cc:04:07:09:34:6b:e3:c0:f6:4e:26:20:76:7f:69:
1b:5a:c2:97:78:e5:89:cc:a9:12:d4:df:f2:ee:8b:7a:71:d7:
c6:5b:7e:d6:a4:aa:45:d2:cc:73:7a:f6:b9:82:fe:d6:04:7e:
3d:47:92:eb:26:3f:b2:c4:00:87:ea:13:7e:2f:f6:80:e4:52:
94:09:5c:4c:7b:86:c4:3b:34:9a:a7:ff:37:4a:c1:48:72:a1:
bb:6a:ed:74:35:66:bc:db:93:4f:5d:9f:8d:31:f9:87:95:6a:
c7:4b:b2:81:3d:b4:f1:c0:f5:bf:9d:88:26:91:8d:87:da:5a:
67:ea:52:c4:2c:0f:58:a9:b9:13:f5:b0:48:65:d3:0a:55:90:
85:94:fb:f7:5d:e5:93:95:48:21:d2:b8:13:27:df:57:68:5d:
50:6d:88:19:c9:7f:f2:23:57:3b:78:ff:85:43:34:82:60:77:
e3:e4:3a:f9:23:4d:70:12:6a:f0:e1:70:7f:9a:fa:9b:85:5c:
9c:ef:79:f4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYzEkt0nOnJgEvN9mDwSDdcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NTFhM2ZlZTc3ZTkyNDE0NjE3NzEyM2RkNjc1M2IwNmZk
ZTI0NTIwHhcNMjQwMTAxMTAzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTU5YWYxYmNiNGYxMTRmZDY0MzM5ZWZmYjA4MjUzMTc4NWQ1YTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk54xUgHn/TzYCDPa5DuCfSCqkN8I
SJkhK0d5arB8BGIMSA4vTyMJrkluMc0Ro2cPsP5TwQhGoK3dV1MKGDfldgiEJqze
xQD47R8Opd85GVkUXbpbAMUd6HtKREKT7rePZU7Y4K2kJ/BuDKiCntDhHuTKZDZm
PRWc9WZacXWyHalIX9Vczgl1hVO7fvziwICqgszdLUHx5CagL5Fs5sn2OYW5DW1F
Htnn9mqKqcDQiOcR58L4yLf3PYGoSfAA9aoJ1zorAtiZzpPNUrY9n5EQXV54xnS8
bcGiGW5NnlNmizP80hkMc1T35931DDXFwVx/V09TBpbwqsFHL0qK8P7VnwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFOVZrxvLTxFP1kM57/sIJTF4XVpOMB8GA1UdIwQY
MBaAFGhRo/7nfpJBRhdxI91nU7Bv3iRSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUZHal91ZC1ra0ZHRjNFajNXZFRzR19lSkZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8wMDU5YjUtZjYzNy00MjY1LWEzZTQt
YTNiNTg2MjgwNjBkLzEvNVZtdkc4dFBFVV9XUXpudi13Z2xNWGhkV2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8wMDU5YjUtZjYzNy00MjY1LWEzZTQtYTNiNTg2MjgwNjBk
LzEvYUZHal91ZC1ra0ZHRjNFajNXZFRzR19lSkZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAgt8wDAME
AsAqtAMEAcAqyDANBgkqhkiG9w0BAQsFAAOCAQEAFVV8TZNssrbbY2/V1ifpkZ6f
7iT5lN46gQFwKkUXVqXE/QowrSGcIDVhfEgfIbzrprIAfPpQse/9zAQHCTRr48D2
TiYgdn9pG1rCl3jlicypEtTf8u6LenHXxlt+1qSqRdLMc3r2uYL+1gR+PUeS6yY/
ssQAh+oTfi/2gORSlAlcTHuGxDs0mqf/N0rBSHKhu2rtdDVmvNuTT12fjTH5h5Vq
x0uygT208cD1v52IJpGNh9paZ+pSxCwPWKm5E/WwSGXTClWQhZT7913lk5VIIdK4
EyffV2hdUG2IGcl/8iNXO3j/hUM0gmB34+Q6+SNNcBJq8OFwf5r6m4VcnO959A==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:28:47 2024 by rpki-client on console-fra.rpki-client.org