Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/5xyNizGEF54aPo-cNLUbdPLWshI.roa
File: 5xyNizGEF54aPo-cNLUbdPLWshI.roa (raw, json)
Hash identifier: vW/eVLtD4BZAj3MaKUN2SohQ+/6KfkR1t862PicUhmg=
Subject key identifier: E7:1C:8D:8B:31:84:17:9E:1A:3E:8F:9C:34:B5:1B:74:F2:D6:B2:12
Certificate issuer: /CN=50d4ac320965ab4991108501a0602a6893e63fec
Certificate serial: 018D5976C962C545C92B4E82B28B577FFFBB
Authority key identifier: 50:D4:AC:32:09:65:AB:49:91:10:85:01:A0:60:2A:68:93:E6:3F:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNSsMgllq0mREIUBoGAqaJPmP-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/5xyNizGEF54aPo-cNLUbdPLWshI.roa
Signing time: Tue 30 Jan 2024 08:22:53 +0000
ROA not before: Tue 30 Jan 2024 08:22:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24953
IP address blocks: 80.64.140.0/22 maxlen: 22
83.216.192.0/20 maxlen: 20
89.185.96.0/19 maxlen: 19
185.34.196.0/22 maxlen: 22
185.167.240.0/22 maxlen: 24
185.213.124.0/22 maxlen: 22
185.224.120.0/22 maxlen: 22
195.95.163.0/24 maxlen: 24
2001:1ad0::/32 maxlen: 32
2001:1ad0:c4fc::/46 maxlen: 48
2a0b:c200::/29 maxlen: 32
2a0b:c200:cafe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/UNSsMgllq0mREIUBoGAqaJPmP-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/UNSsMgllq0mREIUBoGAqaJPmP-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/UNSsMgllq0mREIUBoGAqaJPmP-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 17:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:76:c9:62:c5:45:c9:2b:4e:82:b2:8b:57:7f:ff:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50d4ac320965ab4991108501a0602a6893e63fec
Validity
Not Before: Jan 30 08:22:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e71c8d8b3184179e1a3e8f9c34b51b74f2d6b212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:73:e7:17:df:af:11:ef:7a:f4:6c:89:7e:7a:
31:d2:ae:a4:a1:e0:b2:de:b2:13:cd:cd:b3:36:cd:
c5:a3:10:79:7d:b4:8d:64:49:5a:bf:d3:a6:0c:3b:
35:f7:d5:e6:92:04:5e:c0:00:7d:ed:13:e4:fa:1a:
ca:00:1c:b7:13:9f:a5:23:d3:73:35:db:8a:b7:b1:
7e:92:c3:b4:54:07:a2:b3:ab:f1:bc:b2:9a:74:99:
cb:42:2b:8c:f2:4b:fc:43:b5:2d:29:64:27:66:4a:
40:6e:fe:52:08:45:82:eb:4f:1e:22:8c:d0:81:ae:
7a:9d:6e:5f:41:d9:9c:73:54:55:4f:56:c1:a6:0b:
16:16:57:5e:61:0f:1c:31:93:9d:b6:0b:ed:b8:01:
8d:35:cc:88:92:cc:e6:b6:69:b2:18:0f:4b:bb:7f:
66:0d:88:2c:16:06:7a:c6:9d:65:57:e2:53:73:e1:
df:67:16:d4:1d:05:c3:76:5a:8c:a3:df:bc:04:62:
fd:c2:86:4d:7b:ae:11:c9:2d:3d:d3:51:77:9c:11:
97:03:5c:c6:21:6f:1c:e4:a7:b6:a5:1c:10:e6:a7:
b7:4d:a9:39:4c:d7:6f:a8:f5:6f:e8:5c:87:ff:6e:
84:71:6f:f3:7b:a3:f7:de:31:a1:cc:f4:66:56:e9:
c2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:1C:8D:8B:31:84:17:9E:1A:3E:8F:9C:34:B5:1B:74:F2:D6:B2:12
X509v3 Authority Key Identifier:
keyid:50:D4:AC:32:09:65:AB:49:91:10:85:01:A0:60:2A:68:93:E6:3F:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNSsMgllq0mREIUBoGAqaJPmP-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/5xyNizGEF54aPo-cNLUbdPLWshI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/403528-9e7c-4b64-9599-ba032323744c/1/UNSsMgllq0mREIUBoGAqaJPmP-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.140.0/22
83.216.192.0/20
89.185.96.0/19
185.34.196.0/22
185.167.240.0/22
185.213.124.0/22
185.224.120.0/22
195.95.163.0/24
IPv6:
2001:1ad0::/32
2a0b:c200::/29
Signature Algorithm: sha256WithRSAEncryption
70:fa:e9:21:87:f8:45:54:12:a1:3f:cc:e8:57:3a:bd:7c:bf:
4c:76:b0:20:67:26:5e:dc:70:fa:2b:c0:c9:a6:64:88:2b:0f:
91:36:37:22:9d:b5:61:9e:a4:81:02:24:2b:6f:b7:5e:e1:95:
02:dd:a2:b4:ea:27:50:3c:4e:c9:d9:6c:f9:43:eb:8f:fe:a3:
0b:08:c6:56:a9:65:02:9f:fa:16:23:39:ee:23:4f:24:a8:6f:
31:8a:98:9d:40:4d:a1:ff:f3:c5:24:34:c7:55:fb:12:17:29:
a4:54:ff:db:7a:73:4a:c4:47:1c:33:97:1b:fe:a8:b2:6f:7d:
20:7f:b3:11:06:3e:de:e1:b0:40:9e:51:23:10:24:fe:59:d3:
61:7d:b2:71:7b:63:a1:9a:90:82:c0:89:62:f5:98:94:fa:cf:
03:8a:9c:dd:6e:eb:db:5a:f5:fa:8b:ef:02:61:bf:6d:af:6d:
d1:38:89:14:21:75:95:1a:41:55:ea:0d:d6:d4:1e:2a:28:5d:
25:60:d3:62:92:96:ff:d5:0c:ba:94:d4:b2:cf:a0:b1:a0:55:
17:20:ba:e7:a6:ee:54:88:93:83:38:57:d2:45:1e:22:ec:8d:
8e:46:0b:fa:d7:fa:1c:9f:f1:2f:b5:47:1e:2a:6a:e5:e3:42:
0d:2d:ea:38
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAY1ZdslixUXJK06CsotXf/+7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDRhYzMyMDk2NWFiNDk5MTEwODUwMWEwNjAyYTY4OTNl
NjNmZWMwHhcNMjQwMTMwMDgyMjUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzFjOGQ4YjMxODQxNzllMWEzZThmOWMzNGI1MWI3NGYyZDZiMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHPnF9+vEe969GyJfnox0q6koeCy
3rITzc2zNs3FoxB5fbSNZElav9OmDDs199XmkgRewAB97RPk+hrKABy3E5+lI9Nz
NduKt7F+ksO0VAeis6vxvLKadJnLQiuM8kv8Q7UtKWQnZkpAbv5SCEWC608eIozQ
ga56nW5fQdmcc1RVT1bBpgsWFldeYQ8cMZOdtgvtuAGNNcyIkszmtmmyGA9Lu39m
DYgsFgZ6xp1lV+JTc+HfZxbUHQXDdlqMo9+8BGL9woZNe64RyS0901F3nBGXA1zG
IW8c5Ke2pRwQ5qe3Tak5TNdvqPVv6FyH/26EcW/ze6P33jGhzPRmVunCIQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOccjYsxhBeeGj6PnDS1G3Ty1rISMB8GA1UdIwQY
MBaAFFDUrDIJZatJkRCFAaBgKmiT5j/sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5Tc01nbGxxMG1SRUlVQm9HQXFhSlBtUC13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80MDM1MjgtOWU3Yy00YjY0LTk1OTkt
YmEwMzIzMjM3NDRjLzEvNXh5Tml6R0VGNTRhUG8tY05MVWJkUExXc2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80MDM1MjgtOWU3Yy00YjY0LTk1OTktYmEwMzIzMjM3NDRj
LzEvVU5Tc01nbGxxMG1SRUlVQm9HQXFhSlBtUC13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQCUECMAwQE
U9jAAwQFWblgAwQCuSLEAwQCuafwAwQCudV8AwQCueB4AwQAw1+jMBQEAgACMA4D
BQAgARrQAwUDKgvCADANBgkqhkiG9w0BAQsFAAOCAQEAcPrpIYf4RVQSoT/M6Fc6
vXy/THawIGcmXtxw+ivAyaZkiCsPkTY3Ip21YZ6kgQIkK2+3XuGVAt2itOonUDxO
ydls+UPrj/6jCwjGVqllAp/6FiM57iNPJKhvMYqYnUBNof/zxSQ0x1X7EhcppFT/
23pzSsRHHDOXG/6osm99IH+zEQY+3uGwQJ5RIxAk/lnTYX2ycXtjoZqQgsCJYvWY
lPrPA4qc3W7r21r1+ovvAmG/ba9t0TiJFCF1lRpBVeoN1tQeKihdJWDTYpKW/9UM
upTUss+gsaBVFyC656buVIiTgzhX0kUeIuyNjkYL+tf6HJ/xL7VHHipq5eNCDS3q
OA==
-----END CERTIFICATE-----
Generated at Sat Jun 29 01:51:47 2024 by rpki-client on console-ams.rpki-client.org