Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/A1fGjJOtLO2TSqPUST45Zwclgi0.roa
File: A1fGjJOtLO2TSqPUST45Zwclgi0.roa (raw, json)
Hash identifier: aKu9Q/8BOu5SPTyVzzKGhZVQp/cLVSqb+JVfqlX60so=
Subject key identifier: 03:57:C6:8C:93:AD:2C:ED:93:4A:A3:D4:49:3E:39:67:07:25:82:2D
Certificate issuer: /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial: 01932B3231D8F7B1F52812F8E58429615219
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/A1fGjJOtLO2TSqPUST45Zwclgi0.roa
Signing time: Thu 14 Nov 2024 15:02:09 +0000
ROA not before: Thu 14 Nov 2024 15:02:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201019
IP address blocks: 5.173.224.0/19 maxlen: 19
5.173.224.0/20 maxlen: 20
5.173.240.0/20 maxlen: 20
185.89.184.0/22 maxlen: 22
188.33.0.0/18 maxlen: 18
188.33.64.0/18 maxlen: 18
188.33.128.0/17 maxlen: 17
2a00:1982::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2b:32:31:d8:f7:b1:f5:28:12:f8:e5:84:29:61:52:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Validity
Not Before: Nov 14 15:02:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0357c68c93ad2ced934aa3d4493e39670725822d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:28:37:0d:c0:3c:79:eb:de:fe:7c:08:6d:2a:
53:22:3b:61:23:47:7d:9c:f7:70:71:0a:68:07:19:
8e:2d:80:66:07:c9:13:76:8a:3f:b2:3f:a6:0d:fe:
28:79:e5:72:90:da:3b:72:1e:fb:81:67:d9:84:e6:
8a:7c:5a:7c:42:db:cb:6d:56:30:fd:ab:0b:fe:42:
93:3b:28:32:cc:b0:ef:c2:e9:54:f1:03:14:9c:89:
72:7d:75:1e:bb:12:c9:29:b4:be:9a:52:7c:fe:e7:
21:8a:41:81:ea:42:c3:ae:61:7b:d5:92:ee:20:aa:
b7:29:67:57:73:5e:bc:55:83:d7:7b:e6:d5:34:d6:
f3:0c:bd:ad:6a:a5:e4:a7:e4:27:c9:22:7c:de:09:
d3:53:39:38:e5:1c:71:c5:76:7e:57:3b:02:bb:84:
11:52:e2:76:13:15:71:6b:6c:33:85:7c:a9:46:c9:
7c:76:80:af:b8:50:6a:32:05:ed:43:ce:00:8c:4d:
5f:83:60:e0:41:f9:a5:fa:67:b7:af:77:27:0e:fc:
af:17:cc:f9:14:cd:a0:45:82:c2:ac:a4:d7:f2:c9:
fe:1a:00:d0:f4:7f:71:f8:30:59:00:d9:91:c5:59:
3b:2e:e7:e7:f2:c0:3f:9f:14:e5:8c:04:35:a8:51:
3e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:57:C6:8C:93:AD:2C:ED:93:4A:A3:D4:49:3E:39:67:07:25:82:2D
X509v3 Authority Key Identifier:
keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/A1fGjJOtLO2TSqPUST45Zwclgi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.173.224.0/19
185.89.184.0/22
188.33.0.0/16
IPv6:
2a00:1982::/32
Signature Algorithm: sha256WithRSAEncryption
96:5e:59:9e:bd:70:70:46:89:75:b5:48:58:92:dc:a4:1b:6c:
a2:dc:0e:68:00:af:94:7e:f2:82:50:de:04:c6:5e:de:58:4b:
3c:67:dc:c3:41:e3:7a:70:9c:10:f9:d9:ad:0b:f1:9f:ed:8d:
3b:ca:cf:50:2a:e7:df:36:6d:d0:ba:b4:24:99:97:84:4f:1b:
b1:49:4a:38:6b:a6:74:26:48:03:7d:39:5a:d5:6c:5a:ea:1c:
9b:3a:cb:3b:ec:90:bf:83:34:12:cb:25:91:b1:50:4d:57:fb:
1d:92:06:7b:7b:26:ec:e7:fa:4b:f8:66:d3:cc:26:37:0f:1e:
29:da:77:5a:fe:46:cc:18:34:1e:d4:84:a3:cc:3f:f2:fc:88:
73:9b:a3:b2:61:a7:5f:d2:40:74:81:27:63:cd:2f:e8:76:16:
09:eb:ca:b5:84:cd:24:ad:2a:a1:01:a1:6c:da:c4:a9:9a:dd:
e7:33:74:05:bb:31:8c:f0:23:a3:50:70:eb:8c:fe:8e:3e:78:
1d:af:1e:cc:79:0e:85:7f:dd:85:df:08:b0:45:54:9c:38:79:
6d:51:c0:e9:7c:c5:99:cb:d1:6e:81:85:da:13:67:4c:b8:82:
86:52:45:c4:35:de:b1:36:d0:b2:41:94:a1:0e:dc:d0:ba:d3:
32:7a:b0:2e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZMrMjHY97H1KBL45YQpYVIZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWMwN2M5NTE0ODhmMDRjYjNiMGZkMzM4YWY4NGQ3N2U0
NmJmNTIwHhcNMjQxMTE0MTUwMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzU3YzY4YzkzYWQyY2VkOTM0YWEzZDQ0OTNlMzk2NzA3MjU4MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSg3DcA8eeve/nwIbSpTIjthI0d9
nPdwcQpoBxmOLYBmB8kTdoo/sj+mDf4oeeVykNo7ch77gWfZhOaKfFp8QtvLbVYw
/asL/kKTOygyzLDvwulU8QMUnIlyfXUeuxLJKbS+mlJ8/uchikGB6kLDrmF71ZLu
IKq3KWdXc168VYPXe+bVNNbzDL2taqXkp+QnySJ83gnTUzk45RxxxXZ+VzsCu4QR
UuJ2ExVxa2wzhXypRsl8doCvuFBqMgXtQ84AjE1fg2DgQfml+me3r3cnDvyvF8z5
FM2gRYLCrKTX8sn+GgDQ9H9x+DBZANmRxVk7Lufn8sA/nxTljAQ1qFE+MQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFANXxoyTrSztk0qj1Ek+OWcHJYItMB8GA1UdIwQY
MBaAFOYcB8lRSI8EyzsP0zivhNd+Rr9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWIt
NmE4NDc3Y2I2YzJhLzEvQTFmR2pKT3RMTzJUU3FQVVNUNDVad2NsZ2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWItNmE4NDc3Y2I2YzJh
LzEvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQFBa3gAwQC
uVm4AwMAvCEwDQQCAAIwBwMFACoAGYIwDQYJKoZIhvcNAQELBQADggEBAJZeWZ69
cHBGiXW1SFiS3KQbbKLcDmgAr5R+8oJQ3gTGXt5YSzxn3MNB43pwnBD52a0L8Z/t
jTvKz1Aq5982bdC6tCSZl4RPG7FJSjhrpnQmSAN9OVrVbFrqHJs6yzvskL+DNBLL
JZGxUE1X+x2SBnt7Juzn+kv4ZtPMJjcPHinad1r+RswYNB7UhKPMP/L8iHObo7Jh
p1/SQHSBJ2PNL+h2FgnryrWEzSStKqEBoWzaxKma3eczdAW7MYzwI6NQcOuM/o4+
eB2vHsx5DoV/3YXfCLBFVJw4eW1RwOl8xZnL0W6BhdoTZ0y4goZSRcQ13rE20LJB
lKEO3NC60zJ6sC4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:51:15 2024 by rpki-client on console-ams.rpki-client.org