Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/5HFQoNbqEyIEAoI0x6eGh3Cgf7w.roa
File: 5HFQoNbqEyIEAoI0x6eGh3Cgf7w.roa (raw, json)
Hash identifier: JsKpRia/bCEI9LdomquX90wtKfIK6XJsu2Rxqgrtd8g=
Subject key identifier: E4:71:50:A0:D6:EA:13:22:04:02:82:34:C7:A7:86:87:70:A0:7F:BC
Certificate issuer: /CN=eee416590585a5d351dbbca1f0b3ca9f62ab785d
Certificate serial: 018CC500D322C045037833385976E9D09E84
Authority key identifier: EE:E4:16:59:05:85:A5:D3:51:DB:BC:A1:F0:B3:CA:9F:62:AB:78:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7uQWWQWFpdNR27yh8LPKn2KreF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/5HFQoNbqEyIEAoI0x6eGh3Cgf7w.roa
Signing time: Mon 01 Jan 2024 12:30:14 +0000
ROA not before: Mon 01 Jan 2024 12:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8255
IP address blocks: 193.57.122.0/23 maxlen: 24
193.57.126.0/24 maxlen: 24
193.56.246.0/24 maxlen: 24
193.57.112.0/22 maxlen: 24
193.57.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/7uQWWQWFpdNR27yh8LPKn2KreF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/7uQWWQWFpdNR27yh8LPKn2KreF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/7uQWWQWFpdNR27yh8LPKn2KreF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:d3:22:c0:45:03:78:33:38:59:76:e9:d0:9e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eee416590585a5d351dbbca1f0b3ca9f62ab785d
Validity
Not Before: Jan 1 12:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e47150a0d6ea132204028234c7a7868770a07fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:02:09:ee:80:8d:2d:1b:01:c9:97:af:fb:31:
17:2e:b2:e6:15:cf:dc:c8:8a:4c:13:c8:91:02:30:
88:9a:03:da:52:fb:19:15:c9:39:53:86:d3:a5:09:
b4:93:85:21:a2:1b:f0:f3:48:27:f0:a6:a2:a0:33:
17:39:16:e4:5f:c9:ae:64:0d:41:56:9c:59:fc:2f:
3a:fa:3f:04:98:89:3a:c4:e5:89:37:94:37:28:39:
3a:9f:06:8a:24:5c:e8:e5:4f:8a:82:e4:a1:54:60:
4f:39:62:60:4c:39:27:d0:e9:7d:87:59:84:a6:c7:
1a:7e:30:0e:8c:7a:a2:4d:7e:17:3b:4c:54:94:51:
f3:c2:56:c8:1c:70:78:e7:d5:4a:8b:a3:96:42:1b:
d2:7c:ae:ad:6f:f2:f1:d3:e6:63:68:95:35:de:ee:
76:28:f3:3d:f1:eb:14:8a:ba:52:f3:ae:15:c7:3e:
fe:cf:17:a0:5e:d6:31:7e:69:e8:5f:56:c6:b5:83:
9d:78:13:f6:f8:a9:6c:41:30:d1:f7:a3:6f:4c:e2:
49:99:7b:38:3b:b3:f7:3f:d5:98:7a:ef:84:6d:34:
d2:72:89:29:88:80:2c:95:3d:78:7f:6e:1e:60:a7:
3e:ed:89:92:95:fe:e2:44:d5:f6:17:45:21:55:ea:
b2:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:71:50:A0:D6:EA:13:22:04:02:82:34:C7:A7:86:87:70:A0:7F:BC
X509v3 Authority Key Identifier:
keyid:EE:E4:16:59:05:85:A5:D3:51:DB:BC:A1:F0:B3:CA:9F:62:AB:78:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7uQWWQWFpdNR27yh8LPKn2KreF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/5HFQoNbqEyIEAoI0x6eGh3Cgf7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c6ab94-65b3-471c-b08c-076a750b8541/1/7uQWWQWFpdNR27yh8LPKn2KreF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.246.0/24
193.57.112.0/21
193.57.122.0/23
193.57.126.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:52:87:37:16:bc:f6:89:6a:2b:ef:d6:06:37:96:ef:59:d5:
4b:08:f3:4d:26:13:b0:d8:79:fe:e7:de:f7:2d:a8:ec:9b:09:
c8:a3:40:f6:0d:a1:05:25:76:c7:a5:2d:e3:24:5b:b4:b2:99:
ff:02:24:e9:3a:a5:45:c9:62:2f:2d:91:be:f8:b1:ca:1b:e0:
9b:3e:62:95:ca:3b:37:65:df:cd:82:cd:09:ea:9c:b8:20:71:
16:2d:86:85:6c:02:b4:52:21:3b:b1:71:a0:4d:01:69:3e:00:
ed:2d:f9:d8:9e:99:38:33:32:12:e2:75:f9:39:ee:d9:ca:00:
ec:c0:0a:c1:9b:a1:0d:08:0d:53:02:99:e6:54:d3:96:0b:58:
45:4f:d9:c0:bd:61:91:f1:75:03:f9:b8:aa:58:6e:50:a3:4f:
b4:cf:46:50:3e:0b:96:4c:49:00:f6:6a:a5:f4:ae:db:38:a6:
b4:55:b6:3c:92:5a:57:88:a9:1a:69:54:21:8b:f8:97:ca:1f:
a2:b7:32:39:15:5a:21:2b:d0:c3:58:f5:bb:18:5f:29:9b:26:
5e:2a:24:4d:b9:60:b3:9a:36:6b:a9:18:60:66:7a:77:e5:38:
64:01:5e:0e:d6:76:fd:8f:4f:b1:9b:66:1e:a7:ab:b9:e8:65:
ab:a3:4c:36
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFANMiwEUDeDM4WXbp0J6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZTQxNjU5MDU4NWE1ZDM1MWRiYmNhMWYwYjNjYTlmNjJh
Yjc4NWQwHhcNMjQwMTAxMTIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDcxNTBhMGQ2ZWExMzIyMDQwMjgyMzRjN2E3ODY4NzcwYTA3ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAIJ7oCNLRsByZev+zEXLrLmFc/c
yIpME8iRAjCImgPaUvsZFck5U4bTpQm0k4Uhohvw80gn8KaioDMXORbkX8muZA1B
VpxZ/C86+j8EmIk6xOWJN5Q3KDk6nwaKJFzo5U+KguShVGBPOWJgTDkn0Ol9h1mE
pscafjAOjHqiTX4XO0xUlFHzwlbIHHB459VKi6OWQhvSfK6tb/Lx0+ZjaJU13u52
KPM98esUirpS864Vxz7+zxegXtYxfmnoX1bGtYOdeBP2+KlsQTDR96NvTOJJmXs4
O7P3P9WYeu+EbTTScokpiIAslT14f24eYKc+7YmSlf7iRNX2F0UhVeqyAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFORxUKDW6hMiBAKCNMenhodwoH+8MB8GA1UdIwQY
MBaAFO7kFlkFhaXTUdu8ofCzyp9iq3hdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3VRV1dRV0ZwZE5SMjd5aDhMUEtuMktyZUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jNmFiOTQtNjViMy00NzFjLWIwOGMt
MDc2YTc1MGI4NTQxLzEvNUhGUW9OYnFFeUlFQW9JMHg2ZUdoM0NnZjd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jNmFiOTQtNjViMy00NzFjLWIwOGMtMDc2YTc1MGI4NTQx
LzEvN3VRV1dRV0ZwZE5SMjd5aDhMUEtuMktyZUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwTj2AwQD
wTlwAwQBwTl6AwQAwTl+MA0GCSqGSIb3DQEBCwUAA4IBAQBdUoc3Frz2iWor79YG
N5bvWdVLCPNNJhOw2Hn+5973LajsmwnIo0D2DaEFJXbHpS3jJFu0spn/AiTpOqVF
yWIvLZG++LHKG+CbPmKVyjs3Zd/Ngs0J6py4IHEWLYaFbAK0UiE7sXGgTQFpPgDt
LfnYnpk4MzIS4nX5Oe7ZygDswArBm6ENCA1TApnmVNOWC1hFT9nAvWGR8XUD+biq
WG5Qo0+0z0ZQPguWTEkA9mql9K7bOKa0VbY8klpXiKkaaVQhi/iXyh+itzI5FVoh
K9DDWPW7GF8pmyZeKiRNuWCzmjZrqRhgZnp35ThkAV4O1nb9j0+xm2Yep6u56GWr
o0w2
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:53:30 2024 by rpki-client on console-ams.rpki-client.org