Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/iIJJPC8kG_pPGvQ-7G6gzyN8sXg.roa
File: iIJJPC8kG_pPGvQ-7G6gzyN8sXg.roa (raw, json)
Hash identifier: 8hRrWX9G4swjN1faSHy6uvbf91Xy4ANfXfCXnojux8c=
Subject key identifier: 88:82:49:3C:2F:24:1B:FA:4F:1A:F4:3E:EC:6E:A0:CF:23:7C:B1:78
Certificate issuer: /CN=137f3372df57c814aba8b51a907861d92b9e4f55
Certificate serial: 018CC5DC04C48651B3A29C468EA409DEC4EC
Authority key identifier: 13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/iIJJPC8kG_pPGvQ-7G6gzyN8sXg.roa
Signing time: Mon 01 Jan 2024 16:29:39 +0000
ROA not before: Mon 01 Jan 2024 16:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208006
IP address blocks: 5.253.24.0/24 maxlen: 24
5.253.27.0/24 maxlen: 24
5.253.26.0/24 maxlen: 24
5.253.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.mft
rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 May 2024 22:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:04:c4:86:51:b3:a2:9c:46:8e:a4:09:de:c4:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=137f3372df57c814aba8b51a907861d92b9e4f55
Validity
Not Before: Jan 1 16:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8882493c2f241bfa4f1af43eec6ea0cf237cb178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c1:c8:7a:9a:69:6c:e5:75:0e:28:dd:5d:df:
96:6c:c0:9d:05:c2:21:9b:15:cd:28:6a:58:f3:9a:
57:6c:ec:ca:42:4a:e8:b2:b2:3b:7f:fb:98:41:18:
d3:79:26:63:01:89:77:59:87:31:e6:0f:0b:35:0e:
17:c8:de:e6:31:9f:21:f2:28:a1:4b:82:3d:d0:cc:
8c:8e:16:60:d2:9c:a7:dd:e6:ad:e7:39:65:03:34:
e0:bd:24:57:26:6f:0e:b8:6b:5b:67:92:48:1f:c8:
8d:3a:1e:50:1c:2b:3d:de:3f:5e:af:ef:8b:05:fe:
d3:f4:be:3f:72:4c:b6:da:9a:58:aa:a9:38:25:c8:
06:9f:2b:1c:6a:c1:e7:db:b0:ff:aa:ee:97:75:30:
db:03:e5:60:4c:52:c7:2e:ff:cb:41:69:7d:c2:16:
00:47:2d:32:b8:76:b9:c2:0d:40:fe:32:1f:3c:4f:
a7:d1:59:7f:51:ec:69:3d:b5:dd:96:f6:a6:a8:2c:
f7:cb:c1:de:30:1b:87:71:56:74:ae:8c:dd:2a:b6:
57:31:80:3e:a7:6e:57:07:bc:aa:60:cf:e4:ce:15:
64:db:91:a6:20:53:b9:8e:6f:34:d5:ca:64:56:4a:
0b:36:81:3c:07:11:23:2a:04:f8:17:41:db:65:52:
43:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:82:49:3C:2F:24:1B:FA:4F:1A:F4:3E:EC:6E:A0:CF:23:7C:B1:78
X509v3 Authority Key Identifier:
keyid:13:7F:33:72:DF:57:C8:14:AB:A8:B5:1A:90:78:61:D9:2B:9E:4F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38zct9XyBSrqLUakHhh2SueT1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/iIJJPC8kG_pPGvQ-7G6gzyN8sXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/8b141b-494e-466b-a22c-a224fefac218/1/E38zct9XyBSrqLUakHhh2SueT1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.24.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:52:25:d3:ab:56:1b:18:36:26:a4:8c:cf:72:4e:6f:a0:fa:
90:39:b9:14:4a:0a:03:0c:bb:e3:09:68:66:18:99:f2:48:fa:
6d:d4:04:76:a7:9c:a6:81:71:f2:ba:f0:8a:0a:31:8b:c0:3b:
69:08:b5:43:6c:32:f2:ef:9a:72:81:dd:b0:a1:bc:cb:d4:4d:
04:e6:0a:6f:ba:5d:95:9e:c0:c9:6b:7b:64:22:be:f4:81:2b:
27:69:96:d1:ce:f0:5d:f8:65:d7:70:c0:55:f6:85:0c:bf:92:
d8:49:16:69:c0:9f:42:d8:c5:d9:50:48:bb:11:a8:02:37:15:
ed:de:84:f1:e0:26:3e:5d:b4:18:7c:e9:a4:09:de:8d:b7:14:
b5:37:e2:ee:a6:14:ac:5a:b7:a6:2d:87:f5:d2:11:64:ad:77:
06:77:3e:f9:dc:08:ff:db:a1:38:25:b8:70:c2:e6:43:6a:3c:
ab:5d:e1:27:28:3f:1f:82:16:96:ef:d8:cc:01:f0:43:04:95:
3b:6e:ec:cc:1c:1c:fe:3f:2f:51:c5:04:4a:09:bf:c7:5d:7c:
f7:f2:3f:40:cd:d9:e0:6b:f1:80:7c:1b:23:15:0f:81:4d:4d:
18:92:87:94:d5:cc:df:c9:33:92:c1:29:c8:c6:c4:23:ee:54:
cc:41:1b:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3ATEhlGzopxGjqQJ3sTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzN2YzMzcyZGY1N2M4MTRhYmE4YjUxYTkwNzg2MWQ5MmI5
ZTRmNTUwHhcNMjQwMTAxMTYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODgyNDkzYzJmMjQxYmZhNGYxYWY0M2VlYzZlYTBjZjIzN2NiMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sHIepppbOV1DijdXd+WbMCdBcIh
mxXNKGpY85pXbOzKQkrosrI7f/uYQRjTeSZjAYl3WYcx5g8LNQ4XyN7mMZ8h8iih
S4I90MyMjhZg0pyn3eat5zllAzTgvSRXJm8OuGtbZ5JIH8iNOh5QHCs93j9er++L
Bf7T9L4/cky22ppYqqk4JcgGnyscasHn27D/qu6XdTDbA+VgTFLHLv/LQWl9whYA
Ry0yuHa5wg1A/jIfPE+n0Vl/UexpPbXdlvamqCz3y8HeMBuHcVZ0rozdKrZXMYA+
p25XB7yqYM/kzhVk25GmIFO5jm801cpkVkoLNoE8BxEjKgT4F0HbZVJDhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiCSTwvJBv6Txr0PuxuoM8jfLF4MB8GA1UdIwQY
MBaAFBN/M3LfV8gUq6i1GpB4Ydkrnk9VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMt
YTIyNGZlZmFjMjE4LzEvaUlKSlBDOGtHX3BQR3ZRLTdHNmd6eU44c1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy84YjE0MWItNDk0ZS00NjZiLWEyMmMtYTIyNGZlZmFjMjE4
LzEvRTM4emN0OVh5QlNycUxVYWtIaGgyU3VlVDFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0YMA0G
CSqGSIb3DQEBCwUAA4IBAQA/UiXTq1YbGDYmpIzPck5voPqQObkUSgoDDLvjCWhm
GJnySPpt1AR2p5ymgXHyuvCKCjGLwDtpCLVDbDLy75pygd2wobzL1E0E5gpvul2V
nsDJa3tkIr70gSsnaZbRzvBd+GXXcMBV9oUMv5LYSRZpwJ9C2MXZUEi7EagCNxXt
3oTx4CY+XbQYfOmkCd6NtxS1N+LuphSsWremLYf10hFkrXcGdz753Aj/26E4Jbhw
wuZDajyrXeEnKD8fghaW79jMAfBDBJU7buzMHBz+Py9RxQRKCb/HXXz38j9Azdng
a/GAfBsjFQ+BTU0YkoeU1czfyTOSwSnIxsQj7lTMQRs9
-----END CERTIFICATE-----
Generated at Fri May 24 07:05:42 2024 by rpki-client on console-ams.rpki-client.org