Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Xw48Hx4p4iDHQzbUcLv5syDBUAw.roa
File: Xw48Hx4p4iDHQzbUcLv5syDBUAw.roa (raw, json)
Hash identifier: nZqjgMD6uCyLaTrxxje62RLUcHsepT9pAZrFp6r3bJg=
Subject key identifier: 5F:0E:3C:1F:1E:29:E2:20:C7:43:36:D4:70:BB:F9:B3:20:C1:50:0C
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64AE16256BA3D313462FACB878E25CB
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Xw48Hx4p4iDHQzbUcLv5syDBUAw.roa
Signing time: Mon 01 Jan 2024 18:30:45 +0000
ROA not before: Mon 01 Jan 2024 18:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62387
IP address blocks: 5.1.79.0/24 maxlen: 24
2a00:f826:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e1:62:56:ba:3d:31:34:62:fa:cb:87:8e:25:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f0e3c1f1e29e220c74336d470bbf9b320c1500c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:43:32:c1:3b:10:e7:dd:51:b9:77:ff:49:72:
a0:a0:f6:90:31:a8:57:fc:f3:15:23:69:54:d5:a2:
a4:73:b8:22:52:d4:32:be:f6:97:08:7b:0c:aa:df:
54:34:a9:65:8e:32:b4:cd:2f:3d:d7:ee:2b:d6:67:
52:cb:a2:e7:43:15:85:9d:82:7a:32:1f:ef:ad:02:
dd:5d:3d:a7:c9:95:0b:07:6b:5f:41:8f:a8:82:7e:
3c:cb:d3:1f:2c:2a:8e:45:44:96:67:67:bb:f2:3f:
7e:e1:da:ed:d4:fc:93:9a:a6:23:83:2a:dd:d2:29:
d5:57:0b:88:18:af:06:1b:48:c2:ea:70:4e:10:7b:
c5:6c:7f:d4:a9:10:d7:aa:14:55:f6:94:dd:2f:58:
29:71:74:a1:ac:c3:34:9f:19:7c:3d:29:a4:d1:a8:
9f:01:88:1e:25:f5:1e:5b:87:76:65:4e:ff:a0:a9:
21:a3:51:13:96:ef:4b:a0:bf:32:51:d1:0f:75:7b:
22:40:cc:8c:ee:59:e6:f7:e3:84:a1:a4:13:8f:f8:
47:18:06:6b:ab:eb:b4:79:44:38:32:f6:99:0d:dc:
d3:4e:18:f0:40:a6:43:65:94:a3:80:b4:49:1d:3b:
90:9f:12:17:fb:90:78:51:a0:9e:d3:66:92:28:0e:
0c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0E:3C:1F:1E:29:E2:20:C7:43:36:D4:70:BB:F9:B3:20:C1:50:0C
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Xw48Hx4p4iDHQzbUcLv5syDBUAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.79.0/24
IPv6:
2a00:f826:11::/48
Signature Algorithm: sha256WithRSAEncryption
3a:90:da:c4:0d:0d:25:8a:d5:36:7a:59:42:cc:dc:74:ec:31:
e3:58:71:a4:2e:cd:64:0a:8a:0b:69:7d:ee:90:8b:4e:13:36:
6b:d8:b1:f5:b3:cc:56:8f:29:e4:3c:dc:6b:1a:f0:11:89:1a:
2c:52:04:65:b5:2d:dc:26:6e:8b:b6:2c:1c:d8:59:b3:2f:7f:
99:c8:d9:ec:7a:da:54:bf:8f:6f:f9:41:a4:48:82:2e:65:16:
0d:e0:f4:0f:c1:20:0f:19:37:04:c6:a2:df:49:b6:5f:53:2b:
d1:50:cc:43:14:87:47:ea:62:bc:44:fb:78:f8:93:cc:fb:d3:
34:87:96:ec:73:29:6e:10:87:80:3b:08:22:da:88:20:53:dd:
b9:75:60:2e:7c:94:5c:2a:83:59:2a:da:1d:da:8e:cb:4a:63:
8d:44:0c:e5:25:93:31:81:e8:de:9d:53:e1:b7:aa:c9:7b:92:
30:0a:ad:43:c9:4b:87:f8:2c:33:4b:67:58:67:76:84:ca:87:
c0:9a:ad:0e:d7:61:29:7d:1b:00:2f:4c:70:e1:42:6a:83:54:
4f:14:d7:d6:a5:6d:a3:b3:d3:1c:35:24:23:1d:a9:e2:75:81:
00:23:8b:97:8e:a0:68:52:52:34:d5:e4:50:dc:47:90:5f:d7:
25:7f:dc:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGSuFiVro9MTRi+suHjiXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjBlM2MxZjFlMjllMjIwYzc0MzM2ZDQ3MGJiZjliMzIwYzE1MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0MywTsQ591RuXf/SXKgoPaQMahX
/PMVI2lU1aKkc7giUtQyvvaXCHsMqt9UNKlljjK0zS891+4r1mdSy6LnQxWFnYJ6
Mh/vrQLdXT2nyZULB2tfQY+ogn48y9MfLCqORUSWZ2e78j9+4drt1PyTmqYjgyrd
0inVVwuIGK8GG0jC6nBOEHvFbH/UqRDXqhRV9pTdL1gpcXShrMM0nxl8PSmk0aif
AYgeJfUeW4d2ZU7/oKkho1ETlu9LoL8yUdEPdXsiQMyM7lnm9+OEoaQTj/hHGAZr
q+u0eUQ4MvaZDdzTThjwQKZDZZSjgLRJHTuQnxIX+5B4UaCe02aSKA4M5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF8OPB8eKeIgx0M21HC7+bMgwVAMMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvWHc0OEh4NHA0aURIUXpiVWNMdjVzeURCVUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABQFPMA8E
AgACMAkDBwAqAPgmABEwDQYJKoZIhvcNAQELBQADggEBADqQ2sQNDSWK1TZ6WULM
3HTsMeNYcaQuzWQKigtpfe6Qi04TNmvYsfWzzFaPKeQ83Gsa8BGJGixSBGW1Ldwm
bou2LBzYWbMvf5nI2ex62lS/j2/5QaRIgi5lFg3g9A/BIA8ZNwTGot9Jtl9TK9FQ
zEMUh0fqYrxE+3j4k8z70zSHluxzKW4Qh4A7CCLaiCBT3bl1YC58lFwqg1kq2h3a
jstKY41EDOUlkzGB6N6dU+G3qsl7kjAKrUPJS4f4LDNLZ1hndoTKh8CarQ7XYSl9
GwAvTHDhQmqDVE8U19albaOz0xw1JCMdqeJ1gQAji5eOoGhSUjTV5FDcR5Bf1yV/
3DQ=
-----END CERTIFICATE-----
Generated at Tue May 7 13:59:59 2024 by rpki-client on console-fra.rpki-client.org