Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/486c96-8e0f-4161-a00e-b8ea18eb75f4/1/m7kZHk5Pb1qSXSwi709DcHbPWPg.roa
File: m7kZHk5Pb1qSXSwi709DcHbPWPg.roa (raw, json)
Hash identifier: c0a0Bo+qqCJdFeMlZnmxcq9/9va6LKKWAfoMXVmAt+Y=
Subject key identifier: 9B:B9:19:1E:4E:4F:6F:5A:92:5D:2C:22:EF:4F:43:70:76:CF:58:F8
Certificate issuer: /CN=c6a707934a762bbdf34fc0148f265ce124577213
Certificate serial: 018CC64B2F66354A88C00F7B17E776B2337C
Authority key identifier: C6:A7:07:93:4A:76:2B:BD:F3:4F:C0:14:8F:26:5C:E1:24:57:72:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqcHk0p2K73zT8AUjyZc4SRXchM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/486c96-8e0f-4161-a00e-b8ea18eb75f4/1/m7kZHk5Pb1qSXSwi709DcHbPWPg.roa
Signing time: Mon 01 Jan 2024 18:31:05 +0000
ROA not before: Mon 01 Jan 2024 18:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 5.252.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/486c96-8e0f-4161-a00e-b8ea18eb75f4/1/xqcHk0p2K73zT8AUjyZc4SRXchM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/486c96-8e0f-4161-a00e-b8ea18eb75f4/1/xqcHk0p2K73zT8AUjyZc4SRXchM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqcHk0p2K73zT8AUjyZc4SRXchM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 04:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:2f:66:35:4a:88:c0:0f:7b:17:e7:76:b2:33:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a707934a762bbdf34fc0148f265ce124577213
Validity
Not Before: Jan 1 18:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bb9191e4e4f6f5a925d2c22ef4f437076cf58f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dd:5b:85:67:62:a2:32:e3:52:07:3e:75:82:
3a:30:14:ca:0d:16:83:bb:5d:ca:8c:d0:3f:82:49:
3c:5e:ec:03:8c:59:3f:cc:49:b0:aa:b0:61:b4:c4:
75:e5:e1:12:01:6f:34:3e:59:85:4d:40:a9:0a:46:
63:3f:aa:62:6a:df:20:66:e8:3f:27:7f:7c:ea:8c:
96:1f:bd:45:d7:9b:74:3a:32:41:23:9b:16:26:5e:
62:f7:68:30:59:7f:d6:2e:c0:86:e9:71:2c:4d:72:
98:15:dc:75:b4:96:20:25:f4:2f:0f:7e:f6:68:49:
3c:83:80:b9:2a:ce:d2:05:22:78:6b:04:9a:76:da:
86:32:c3:c1:3d:aa:d6:a5:b2:58:15:35:86:ca:14:
3a:0a:80:ee:76:26:6c:79:87:00:90:1d:10:ef:9b:
c0:2c:59:4e:2b:ab:a0:11:20:59:c9:96:ae:f5:d2:
c6:d5:bb:77:52:68:0d:9f:ca:3d:60:cf:63:9a:74:
5e:b6:71:d2:ba:0b:52:47:ce:5c:ba:3e:4b:12:2a:
e8:54:0a:d5:33:60:b5:bb:43:a0:5d:be:2a:a7:16:
f8:70:da:fa:ba:94:01:cc:3b:11:9a:fb:6f:9a:c9:
84:b2:82:0f:c8:ed:5a:40:1b:16:9d:3f:90:f8:91:
27:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:B9:19:1E:4E:4F:6F:5A:92:5D:2C:22:EF:4F:43:70:76:CF:58:F8
X509v3 Authority Key Identifier:
keyid:C6:A7:07:93:4A:76:2B:BD:F3:4F:C0:14:8F:26:5C:E1:24:57:72:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqcHk0p2K73zT8AUjyZc4SRXchM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/486c96-8e0f-4161-a00e-b8ea18eb75f4/1/m7kZHk5Pb1qSXSwi709DcHbPWPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/486c96-8e0f-4161-a00e-b8ea18eb75f4/1/xqcHk0p2K73zT8AUjyZc4SRXchM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.152.0/24
Signature Algorithm: sha256WithRSAEncryption
90:2e:df:fe:3b:51:4d:cd:20:31:05:e6:fe:79:ec:12:63:da:
e4:2f:f0:c2:e6:94:e2:1a:ab:0a:fa:77:5c:62:cf:0a:40:f3:
1d:e0:24:8f:22:3a:db:ae:1b:88:fb:1b:cb:d3:e4:b6:f8:74:
4d:39:34:24:34:93:dd:81:c1:fc:9f:b7:7a:d7:87:97:9c:06:
fd:ef:da:be:ed:f5:fc:ba:11:4a:91:d4:87:f1:4c:92:38:69:
ce:3b:ad:a0:2f:98:21:1d:8b:20:8a:3d:16:4a:d2:4b:b2:38:
8b:92:a2:b0:60:36:e2:1c:19:de:dd:14:0e:2c:7d:82:dd:46:
33:1b:b9:f4:1a:2f:91:7f:d2:cf:38:f7:4d:f2:dd:c4:d5:3a:
b5:0b:02:ac:2d:c8:ee:4e:b2:ab:75:0d:77:89:86:9d:e0:08:
12:2c:49:91:09:47:4e:0a:a1:a2:74:ae:60:4d:9d:81:ed:ae:
e5:d7:ba:5d:13:d6:e8:a4:4e:24:13:15:e2:fe:10:36:ed:ca:
fd:6c:1e:ed:f2:7a:82:8b:17:82:c4:6a:26:cf:68:01:8f:60:
47:f6:3d:f0:bd:c2:6e:9a:0b:44:a0:48:ec:c8:7d:22:39:70:
27:12:fe:58:44:cf:94:fa:8a:aa:09:5a:75:a7:a9:12:62:63:
da:fa:89:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSy9mNUqIwA97F+d2sjN8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTcwNzkzNGE3NjJiYmRmMzRmYzAxNDhmMjY1Y2UxMjQ1
NzcyMTMwHhcNMjQwMTAxMTgzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI5MTkxZTRlNGY2ZjVhOTI1ZDJjMjJlZjRmNDM3MDc2Y2Y1OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt1bhWdiojLjUgc+dYI6MBTKDRaD
u13KjNA/gkk8XuwDjFk/zEmwqrBhtMR15eESAW80PlmFTUCpCkZjP6piat8gZug/
J3986oyWH71F15t0OjJBI5sWJl5i92gwWX/WLsCG6XEsTXKYFdx1tJYgJfQvD372
aEk8g4C5Ks7SBSJ4awSadtqGMsPBParWpbJYFTWGyhQ6CoDudiZseYcAkB0Q75vA
LFlOK6ugESBZyZau9dLG1bt3UmgNn8o9YM9jmnRetnHSugtSR85cuj5LEiroVArV
M2C1u0OgXb4qpxb4cNr6upQBzDsRmvtvmsmEsoIPyO1aQBsWnT+Q+JEnnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJu5GR5OT29akl0sIu9PQ3B2z1j4MB8GA1UdIwQY
MBaAFManB5NKdiu980/AFI8mXOEkV3ITMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFjSGswcDJLNzN6VDhBVWp5WmM0U1JYY2hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi80ODZjOTYtOGUwZi00MTYxLWEwMGUt
YjhlYTE4ZWI3NWY0LzEvbTdrWkhrNVBiMXFTWFN3aTcwOURjSGJQV1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi80ODZjOTYtOGUwZi00MTYxLWEwMGUtYjhlYTE4ZWI3NWY0
LzEveHFjSGswcDJLNzN6VDhBVWp5WmM0U1JYY2hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfyYMA0G
CSqGSIb3DQEBCwUAA4IBAQCQLt/+O1FNzSAxBeb+eewSY9rkL/DC5pTiGqsK+ndc
Ys8KQPMd4CSPIjrbrhuI+xvL0+S2+HRNOTQkNJPdgcH8n7d614eXnAb979q+7fX8
uhFKkdSH8UySOGnOO62gL5ghHYsgij0WStJLsjiLkqKwYDbiHBne3RQOLH2C3UYz
G7n0Gi+Rf9LPOPdN8t3E1Tq1CwKsLcjuTrKrdQ13iYad4AgSLEmRCUdOCqGidK5g
TZ2B7a7l17pdE9bopE4kExXi/hA27cr9bB7t8nqCixeCxGomz2gBj2BH9j3wvcJu
mgtEoEjsyH0iOXAnEv5YRM+U+oqqCVp1p6kSYmPa+omO
-----END CERTIFICATE-----
Generated at Tue May 7 13:55:43 2024 by rpki-client on console-fra.rpki-client.org