Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/5hfXeD5ausEWsbLY_pXjT6n0Tlw.roa
File: 5hfXeD5ausEWsbLY_pXjT6n0Tlw.roa (raw, json)
Hash identifier: 7qKFHDoJIA22cNuCGx0Qp/ILYer0GQ2j71dH2GhdF48=
Subject key identifier: E6:17:D7:78:3E:5A:BA:C1:16:B1:B2:D8:FE:95:E3:4F:A9:F4:4E:5C
Certificate issuer: /CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Certificate serial: 018CCA299F3B4D6AFDB9E9147B91AECA8495
Authority key identifier: D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/5hfXeD5ausEWsbLY_pXjT6n0Tlw.roa
Signing time: Tue 02 Jan 2024 12:32:54 +0000
ROA not before: Tue 02 Jan 2024 12:32:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 5.145.119.0/24 maxlen: 24
5.145.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Apr 2024 07:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:9f:3b:4d:6a:fd:b9:e9:14:7b:91:ae:ca:84:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6e2694652aa298511edafbe18d2b1cdbc792638
Validity
Not Before: Jan 2 12:32:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e617d7783e5abac116b1b2d8fe95e34fa9f44e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:1d:2e:02:b1:8a:d6:81:b5:fa:05:b1:48:89:
97:f8:2c:53:19:c7:ac:d3:f2:d5:3c:ee:81:6f:9c:
61:79:49:76:c2:41:16:8b:3a:d6:e3:b2:b0:85:af:
46:63:e4:f1:f1:f1:1f:3b:79:c4:65:cf:59:a7:94:
32:78:fd:35:00:e0:cc:3c:1e:5b:5e:7c:16:c2:c3:
40:52:73:b8:2d:f2:83:2f:31:6b:87:2f:74:bb:7e:
b6:e7:b8:f9:51:fd:92:8a:3e:4d:0a:85:62:63:a3:
eb:e4:10:97:9d:4f:3c:d0:6a:bc:6d:8f:b1:b3:6b:
3a:5e:41:9f:fc:34:8a:ee:20:f5:73:9e:75:09:a9:
de:99:0c:5c:89:83:17:dc:f4:61:e8:60:da:ad:1f:
a6:4b:be:11:0b:42:e0:f6:ab:d5:7b:b8:d6:b6:43:
0f:02:ce:81:d3:f3:3d:f9:08:0a:ea:1c:03:8f:5b:
b8:92:74:c7:54:0c:55:06:42:08:61:e6:80:81:e2:
78:1d:cc:fa:a8:b6:c2:33:f6:94:01:76:cf:45:03:
e6:68:9a:8a:48:76:c6:7c:e7:56:be:93:32:73:e5:
f0:dd:2b:15:0f:af:6f:32:13:2d:42:5c:ec:ad:ff:
9f:a7:de:65:7a:80:f7:7d:5d:fc:e5:38:e3:9f:a4:
50:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:17:D7:78:3E:5A:BA:C1:16:B1:B2:D8:FE:95:E3:4F:A9:F4:4E:5C
X509v3 Authority Key Identifier:
keyid:D6:E2:69:46:52:AA:29:85:11:ED:AF:BE:18:D2:B1:CD:BC:79:26:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1uJpRlKqKYUR7a--GNKxzbx5Jjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/5hfXeD5ausEWsbLY_pXjT6n0Tlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/8cc506-7e71-4705-a289-b42364895083/1/1uJpRlKqKYUR7a--GNKxzbx5Jjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.118.0/23
Signature Algorithm: sha256WithRSAEncryption
48:68:5c:b1:d6:eb:be:f7:c9:e1:d2:3c:d8:0a:a1:4b:46:2a:
f8:9c:a5:19:af:f7:dd:ea:5f:24:ff:ca:21:e4:4d:0a:cd:cd:
5e:98:ca:83:c6:f4:c6:51:25:19:0d:a5:df:a3:48:13:f3:28:
96:78:41:68:1a:7e:3d:d9:1f:75:00:01:dd:b5:63:4d:c0:2f:
82:44:3a:0c:b1:06:aa:3d:29:e6:48:94:58:e3:a2:b2:25:1d:
2d:6b:c7:5e:ab:00:79:d3:eb:5e:3b:b0:a5:aa:84:7e:c7:79:
d2:f4:e8:12:63:58:b1:fa:b1:65:10:25:82:8f:bd:32:23:61:
56:c0:df:ce:fc:97:7a:65:e2:21:a3:76:a7:e0:66:fc:6b:0e:
c9:80:bc:21:f6:15:d9:e8:91:56:45:af:c4:8d:5a:18:36:ae:
47:85:d3:ad:25:71:fe:b4:1e:a1:61:7f:b2:38:b7:d3:90:5e:
62:2e:65:fd:6b:6b:fc:61:27:61:ae:bc:5a:58:b4:17:78:60:
f3:3c:f6:74:bf:77:81:51:89:f1:6a:70:ee:d0:50:d7:7f:1e:
e2:4d:12:b4:90:13:3a:36:b6:e5:0d:ef:c0:71:4e:04:23:40:
de:fd:1f:9c:4a:72:c1:60:84:7b:86:40:a7:f8:a8:86:24:ff:
9d:03:65:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKZ87TWr9uekUe5GuyoSVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZTI2OTQ2NTJhYTI5ODUxMWVkYWZiZTE4ZDJiMWNkYmM3
OTI2MzgwHhcNMjQwMTAyMTIzMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjE3ZDc3ODNlNWFiYWMxMTZiMWIyZDhmZTk1ZTM0ZmE5ZjQ0ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgx0uArGK1oG1+gWxSImX+CxTGces
0/LVPO6Bb5xheUl2wkEWizrW47Kwha9GY+Tx8fEfO3nEZc9Zp5QyeP01AODMPB5b
XnwWwsNAUnO4LfKDLzFrhy90u36257j5Uf2Sij5NCoViY6Pr5BCXnU880Gq8bY+x
s2s6XkGf/DSK7iD1c551CanemQxciYMX3PRh6GDarR+mS74RC0Lg9qvVe7jWtkMP
As6B0/M9+QgK6hwDj1u4knTHVAxVBkIIYeaAgeJ4Hcz6qLbCM/aUAXbPRQPmaJqK
SHbGfOdWvpMyc+Xw3SsVD69vMhMtQlzsrf+fp95leoD3fV385Tjjn6RQcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOYX13g+WrrBFrGy2P6V40+p9E5cMB8GA1UdIwQY
MBaAFNbiaUZSqimFEe2vvhjSsc28eSY4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODkt
YjQyMzY0ODk1MDgzLzEvNWhmWGVENWF1c0VXc2JMWV9wWGpUNm4wVGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC84Y2M1MDYtN2U3MS00NzA1LWEyODktYjQyMzY0ODk1MDgz
LzEvMXVKcFJsS3FLWVVSN2EtLUdOS3h6Yng1SmpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBZF2MA0G
CSqGSIb3DQEBCwUAA4IBAQBIaFyx1uu+98nh0jzYCqFLRir4nKUZr/fd6l8k/8oh
5E0Kzc1emMqDxvTGUSUZDaXfo0gT8yiWeEFoGn492R91AAHdtWNNwC+CRDoMsQaq
PSnmSJRY46KyJR0ta8deqwB50+teO7ClqoR+x3nS9OgSY1ix+rFlECWCj70yI2FW
wN/O/Jd6ZeIho3an4Gb8aw7JgLwh9hXZ6JFWRa/EjVoYNq5HhdOtJXH+tB6hYX+y
OLfTkF5iLmX9a2v8YSdhrrxaWLQXeGDzPPZ0v3eBUYnxanDu0FDXfx7iTRK0kBM6
NrblDe/AcU4EI0De/R+cSnLBYIR7hkCn+KiGJP+dA2Wj
-----END CERTIFICATE-----
Generated at Fri Apr 26 12:14:52 2024 by rpki-client on console-ams.rpki-client.org