Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/5KdBR_CaVnhEKhwVCZvRsDOq1so.roa
File: 5KdBR_CaVnhEKhwVCZvRsDOq1so.roa (raw, json)
Hash identifier: l+HvT1mL786+eaMQlYeYswVrr2E0ILLQNf/B35VwWCU=
Subject key identifier: E4:A7:41:47:F0:9A:56:78:44:2A:1C:15:09:9B:D1:B0:33:AA:D6:CA
Certificate issuer: /CN=c933481d3fa48710dcb973fdcd29340dedb6229a
Certificate serial: 018CC50140B44A3F6D78137D164FB5936F3E
Authority key identifier: C9:33:48:1D:3F:A4:87:10:DC:B9:73:FD:CD:29:34:0D:ED:B6:22:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/5KdBR_CaVnhEKhwVCZvRsDOq1so.roa
Signing time: Mon 01 Jan 2024 12:30:42 +0000
ROA not before: Mon 01 Jan 2024 12:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32875
IP address blocks: 185.48.205.0/24 maxlen: 24
185.48.207.0/24 maxlen: 24
5.226.169.0/24 maxlen: 24
5.226.170.0/24 maxlen: 24
5.226.174.0/24 maxlen: 24
5.226.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.mft
rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:40:b4:4a:3f:6d:78:13:7d:16:4f:b5:93:6f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c933481d3fa48710dcb973fdcd29340dedb6229a
Validity
Not Before: Jan 1 12:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4a74147f09a5678442a1c15099bd1b033aad6ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:94:06:ea:fe:77:e7:54:15:93:6a:27:0c:40:
47:0d:48:32:68:b9:ab:76:ae:21:bd:9d:aa:cc:a5:
40:25:d8:55:ab:ba:72:ca:72:a8:2a:a3:b0:d6:e2:
85:c9:7b:28:c6:b5:5e:46:c8:af:b9:f2:f9:28:04:
22:f8:20:a2:c6:52:7a:02:fb:12:c7:4f:a4:1c:3b:
0f:7d:2e:63:fe:87:64:9b:7c:16:2c:34:1b:18:ab:
f5:0f:85:00:7b:af:5d:a5:ac:11:55:bf:10:37:e1:
2b:55:52:98:3e:ea:3b:1e:60:19:ba:f7:93:62:df:
4e:5a:5b:1c:57:7e:93:24:a8:59:51:1e:df:79:b6:
b4:8b:f6:79:36:0b:3c:33:d9:55:6b:f6:70:27:a2:
5a:84:f5:ad:68:fb:06:8e:87:b3:19:ee:34:dc:88:
90:ef:51:af:a6:50:c1:a6:bf:46:b7:b3:e1:26:95:
61:67:81:75:2b:8a:2b:4a:22:a5:09:a6:d9:28:3b:
e3:86:93:bb:eb:a9:cb:4a:97:00:4f:70:af:55:b6:
62:58:ec:13:29:60:cd:77:38:0a:93:d0:d4:ca:15:
43:76:9d:ce:b2:06:d7:09:2a:ad:4f:c7:33:29:c9:
83:44:3a:92:e4:93:db:83:41:f8:cb:14:d3:ea:8e:
d7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:A7:41:47:F0:9A:56:78:44:2A:1C:15:09:9B:D1:B0:33:AA:D6:CA
X509v3 Authority Key Identifier:
keyid:C9:33:48:1D:3F:A4:87:10:DC:B9:73:FD:CD:29:34:0D:ED:B6:22:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yTNIHT-khxDcuXP9zSk0De22Ipo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/5KdBR_CaVnhEKhwVCZvRsDOq1so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/732801-6294-412b-955e-fefd37666741/1/yTNIHT-khxDcuXP9zSk0De22Ipo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.169.0-5.226.170.255
5.226.174.0/23
185.48.205.0/24
185.48.207.0/24
Signature Algorithm: sha256WithRSAEncryption
19:4e:30:02:20:45:46:0d:a7:cb:73:89:2d:de:c4:c4:1a:6b:
7b:72:c0:6c:d7:78:e1:23:74:ca:e1:2a:84:e5:27:79:51:be:
0f:6a:08:7d:79:18:49:02:a9:78:01:48:44:9a:f6:91:33:b3:
37:80:5e:29:00:bc:cf:ab:ce:fa:d0:4d:84:29:48:ca:d4:69:
25:37:36:bd:12:5b:76:86:42:4f:2d:b3:4f:ea:09:f9:46:14:
2c:97:36:e3:82:ee:11:e9:03:d5:e7:2a:44:57:13:10:1f:3f:
a8:74:ba:46:87:e8:6a:b9:76:72:94:9e:39:bf:fc:7b:c7:1d:
64:bd:af:83:04:18:a1:ff:7b:e8:15:53:a2:b7:59:af:34:08:
92:de:61:d4:b5:22:a0:b1:3f:15:cc:d8:d6:19:79:3d:a8:0b:
57:9e:db:50:70:03:1a:7b:c2:e9:25:e7:92:6f:ba:38:d3:34:
55:a8:9d:8f:eb:06:6a:5c:56:00:2b:f1:8d:24:64:69:b0:b0:
e6:24:7b:73:82:7b:d4:96:c3:75:56:43:31:c6:72:90:1a:5e:
75:b6:d5:ec:2f:62:a6:b8:f2:80:21:55:a7:52:67:fb:ce:27:
96:cd:0d:ad:5e:ed:2a:ec:d0:54:7f:f9:e3:4e:fc:e9:de:a7:
dd:88:87:fb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFAUC0Sj9teBN9Fk+1k28+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MzM0ODFkM2ZhNDg3MTBkY2I5NzNmZGNkMjkzNDBkZWRi
NjIyOWEwHhcNMjQwMTAxMTIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGE3NDE0N2YwOWE1Njc4NDQyYTFjMTUwOTliZDFiMDMzYWFkNmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpQG6v5351QVk2onDEBHDUgyaLmr
dq4hvZ2qzKVAJdhVq7pyynKoKqOw1uKFyXsoxrVeRsivufL5KAQi+CCixlJ6AvsS
x0+kHDsPfS5j/odkm3wWLDQbGKv1D4UAe69dpawRVb8QN+ErVVKYPuo7HmAZuveT
Yt9OWlscV36TJKhZUR7feba0i/Z5Ngs8M9lVa/ZwJ6JahPWtaPsGjoezGe403IiQ
71GvplDBpr9Gt7PhJpVhZ4F1K4orSiKlCabZKDvjhpO766nLSpcAT3CvVbZiWOwT
KWDNdzgKk9DUyhVDdp3OsgbXCSqtT8czKcmDRDqS5JPbg0H4yxTT6o7X3wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOSnQUfwmlZ4RCocFQmb0bAzqtbKMB8GA1UdIwQY
MBaAFMkzSB0/pIcQ3Llz/c0pNA3ttiKaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVROSUhULWtoeERjdVhQOXpTazBEZTIySXBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS83MzI4MDEtNjI5NC00MTJiLTk1NWUt
ZmVmZDM3NjY2NzQxLzEvNUtkQlJfQ2FWbmhFS2h3VkNadlJzRE9xMXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS83MzI4MDEtNjI5NC00MTJiLTk1NWUtZmVmZDM3NjY2NzQx
LzEveVROSUhULWtoeERjdVhQOXpTazBEZTIySXBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAF4qkD
BAAF4qoDBAEF4q4DBAC5MM0DBAC5MM8wDQYJKoZIhvcNAQELBQADggEBABlOMAIg
RUYNp8tziS3exMQaa3tywGzXeOEjdMrhKoTlJ3lRvg9qCH15GEkCqXgBSESa9pEz
szeAXikAvM+rzvrQTYQpSMrUaSU3Nr0SW3aGQk8ts0/qCflGFCyXNuOC7hHpA9Xn
KkRXExAfP6h0ukaH6Gq5dnKUnjm//HvHHWS9r4MEGKH/e+gVU6K3Wa80CJLeYdS1
IqCxPxXM2NYZeT2oC1ee21BwAxp7wukl55JvujjTNFWonY/rBmpcVgAr8Y0kZGmw
sOYke3OCe9SWw3VWQzHGcpAaXnW21ewvYqa48oAhVadSZ/vOJ5bNDa1e7Srs0FR/
+eNO/Onep92Ih/s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:58:55 2024 by rpki-client on console-ams.rpki-client.org