Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/_5DxvreoiR_gEjhH1tzhfehRcLI.roa
File: _5DxvreoiR_gEjhH1tzhfehRcLI.roa (raw, json)
Hash identifier: A+Nf2T+g33EwB3SalIrMQzh/HxEr9PX6iN3KRyusPKA=
Subject key identifier: FF:90:F1:BE:B7:A8:89:1F:E0:12:38:47:D6:DC:E1:7D:E8:51:70:B2
Certificate issuer: /CN=1954e32570bbfb9af11c2381e81c797c2f40087c
Certificate serial: 018CC2DADDE4064C8F5EA70E46DFCD98F761
Authority key identifier: 19:54:E3:25:70:BB:FB:9A:F1:1C:23:81:E8:1C:79:7C:2F:40:08:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/_5DxvreoiR_gEjhH1tzhfehRcLI.roa
Signing time: Mon 01 Jan 2024 02:29:32 +0000
ROA not before: Mon 01 Jan 2024 02:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213050
IP address blocks: 149.3.168.0/24 maxlen: 24
144.2.168.0/22 maxlen: 24
2a0c:6ac0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:dd:e4:06:4c:8f:5e:a7:0e:46:df:cd:98:f7:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1954e32570bbfb9af11c2381e81c797c2f40087c
Validity
Not Before: Jan 1 02:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff90f1beb7a8891fe0123847d6dce17de85170b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:03:dd:bc:db:21:82:4b:19:7e:eb:4c:f9:e9:
76:5d:5b:84:f2:fc:0b:5b:52:ab:09:2f:ce:41:74:
e3:95:cd:d0:00:57:3f:ef:c8:df:50:3b:c3:da:c1:
98:46:96:f6:69:ef:d1:3e:8a:3d:7d:ac:1f:51:0a:
47:03:3c:26:99:2b:c0:e0:08:8d:4f:08:fb:b0:18:
df:9a:c1:58:fc:dc:5e:46:4f:42:d1:b6:b8:01:df:
ca:3b:40:53:36:ef:bc:5c:fa:40:f6:b6:b5:2b:67:
81:7d:e8:9b:33:75:2a:da:a1:b7:bf:30:04:be:c8:
c3:bb:c9:a3:ad:21:c7:49:09:61:b6:e8:f5:40:25:
24:78:f3:d8:c6:19:84:d7:42:3c:a2:09:82:5a:9e:
ea:05:6c:e1:26:44:b5:1d:5c:a1:ae:69:28:9f:a8:
a3:83:db:49:2f:e3:a3:f8:09:1d:27:49:b3:d4:ec:
e1:bc:07:e9:4b:d3:ac:c0:e9:13:68:62:5d:32:25:
87:89:df:fc:da:47:05:51:0f:5e:32:c8:5b:29:d5:
b4:bf:a1:8c:93:af:1a:09:a6:56:ed:ed:41:cf:b1:
6a:c2:70:eb:9b:44:d5:04:d2:f4:98:7d:8e:91:3e:
bf:25:2d:32:59:6d:9d:17:2e:c0:34:6d:bd:ee:23:
8d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:90:F1:BE:B7:A8:89:1F:E0:12:38:47:D6:DC:E1:7D:E8:51:70:B2
X509v3 Authority Key Identifier:
keyid:19:54:E3:25:70:BB:FB:9A:F1:1C:23:81:E8:1C:79:7C:2F:40:08:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/_5DxvreoiR_gEjhH1tzhfehRcLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/5c7c7d-4d2e-483c-89cd-26816ca92ca0/1/GVTjJXC7-5rxHCOB6Bx5fC9ACHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.168.0/22
149.3.168.0/24
IPv6:
2a0c:6ac0::/29
Signature Algorithm: sha256WithRSAEncryption
7c:23:52:c2:dd:15:c8:32:62:af:2a:fe:52:af:df:bb:fa:39:
48:52:7c:46:e1:44:45:2a:3a:53:97:19:a0:c5:b5:3b:f1:24:
c4:cb:79:1b:9f:b8:0b:5b:55:3f:44:87:5e:14:db:02:0c:07:
08:05:c1:06:f6:e8:a3:b6:6b:ea:1f:af:08:4f:77:33:4c:9c:
da:7d:63:36:a3:b5:ef:f4:ab:d4:fc:01:c7:d4:9b:14:a8:11:
e9:18:01:08:40:9f:12:83:93:1d:58:83:8a:2a:c3:b4:01:1d:
69:81:c8:88:56:f3:e9:d5:eb:f5:5a:2d:2d:f0:da:e6:d0:20:
59:71:10:d3:54:22:e6:1f:27:0f:0b:74:d3:15:a4:1c:da:d5:
24:14:6c:db:8f:58:2a:2e:ee:6d:37:6a:1e:d9:f3:e9:7b:fe:
34:2a:b8:f9:ed:85:a4:fd:68:e9:0a:74:b4:14:e3:b5:57:67:
5f:ed:41:d5:53:f8:eb:32:5a:63:ce:af:6c:85:1c:7e:a9:6e:
06:53:94:87:29:8e:8c:d9:dd:4c:88:ed:ed:c4:f3:5e:53:15:
4e:35:67:d6:cb:69:e9:a6:39:9b:0a:36:fc:4a:ac:63:e8:a5:
5b:5d:33:20:89:41:5b:7f:d9:6d:8d:93:88:2f:75:da:fb:9e:
84:3b:42:6d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2t3kBkyPXqcORt/NmPdhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NTRlMzI1NzBiYmZiOWFmMTFjMjM4MWU4MWM3OTdjMmY0
MDA4N2MwHhcNMjQwMTAxMDIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjkwZjFiZWI3YTg4OTFmZTAxMjM4NDdkNmRjZTE3ZGU4NTE3MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwPdvNshgksZfutM+el2XVuE8vwL
W1KrCS/OQXTjlc3QAFc/78jfUDvD2sGYRpb2ae/RPoo9fawfUQpHAzwmmSvA4AiN
Twj7sBjfmsFY/NxeRk9C0ba4Ad/KO0BTNu+8XPpA9ra1K2eBfeibM3Uq2qG3vzAE
vsjDu8mjrSHHSQlhtuj1QCUkePPYxhmE10I8ogmCWp7qBWzhJkS1HVyhrmkon6ij
g9tJL+Oj+AkdJ0mz1OzhvAfpS9OswOkTaGJdMiWHid/82kcFUQ9eMshbKdW0v6GM
k68aCaZW7e1Bz7FqwnDrm0TVBNL0mH2OkT6/JS0yWW2dFy7ANG297iONdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFP+Q8b63qIkf4BI4R9bc4X3oUXCyMB8GA1UdIwQY
MBaAFBlU4yVwu/ua8RwjgegceXwvQAh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1ZUakpYQzctNXJ4SENPQjZCeDVmQzlBQ0h3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81YzdjN2QtNGQyZS00ODNjLTg5Y2Qt
MjY4MTZjYTkyY2EwLzEvXzVEeHZyZW9pUl9nRWpoSDF0emhmZWhSY0xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81YzdjN2QtNGQyZS00ODNjLTg5Y2QtMjY4MTZjYTkyY2Ew
LzEvR1ZUakpYQzctNXJ4SENPQjZCeDVmQzlBQ0h3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCkAKoAwQA
lQOoMA0EAgACMAcDBQMqDGrAMA0GCSqGSIb3DQEBCwUAA4IBAQB8I1LC3RXIMmKv
Kv5Sr9+7+jlIUnxG4URFKjpTlxmgxbU78STEy3kbn7gLW1U/RIdeFNsCDAcIBcEG
9uijtmvqH68IT3czTJzafWM2o7Xv9KvU/AHH1JsUqBHpGAEIQJ8Sg5MdWIOKKsO0
AR1pgciIVvPp1ev1Wi0t8Nrm0CBZcRDTVCLmHycPC3TTFaQc2tUkFGzbj1gqLu5t
N2oe2fPpe/40Krj57YWk/WjpCnS0FOO1V2df7UHVU/jrMlpjzq9shRx+qW4GU5SH
KY6M2d1MiO3txPNeUxVONWfWy2nppjmbCjb8Sqxj6KVbXTMgiUFbf9ltjZOIL3Xa
+56EO0Jt
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:06 2024 by rpki-client on console-ams.rpki-client.org