Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wPhM8B04Wp-ryXuEhy5E1lwMZqo.roa
File: wPhM8B04Wp-ryXuEhy5E1lwMZqo.roa (raw, json)
Hash identifier: 02Y+cQKKhBD2acEIF3roavNO0E1icCnELGKeRy4SCaQ=
Subject key identifier: C0:F8:4C:F0:1D:38:5A:9F:AB:C9:7B:84:87:2E:44:D6:5C:0C:66:AA
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B4B23A398BE0D5264ED4A18FB6D8B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wPhM8B04Wp-ryXuEhy5E1lwMZqo.roa
Signing time: Tue 02 Jan 2024 12:34:44 +0000
ROA not before: Tue 02 Jan 2024 12:34:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 5.183.207.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:4b:23:a3:98:be:0d:52:64:ed:4a:18:fb:6d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c0f84cf01d385a9fabc97b84872e44d65c0c66aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b4:d2:f6:f8:7e:bd:f2:4a:ab:a9:5b:86:52:
7b:e2:c8:91:f0:e3:00:ba:69:f7:b2:65:2d:1e:bb:
78:8b:34:27:81:9f:b1:65:59:15:c9:67:fc:9c:c1:
22:df:4f:4a:6d:cb:61:12:08:aa:3c:03:ce:fe:8e:
a8:51:b7:47:8c:ca:11:20:e4:aa:f0:ed:c1:fc:f6:
6e:6f:b6:da:9e:7c:1c:09:ca:d0:65:1b:05:57:3e:
13:94:cc:d1:1b:6e:ca:1f:3c:f2:52:84:bb:c5:53:
f7:e4:06:75:f8:47:4b:63:4a:57:c2:5c:56:ba:78:
61:4f:d8:ed:79:4e:ac:86:56:00:53:79:2e:97:bb:
2f:c2:d6:a7:16:60:60:6e:fa:71:e9:31:e4:52:80:
f2:ca:3a:55:26:f9:b4:ad:4b:29:6d:56:47:bd:7e:
9a:c8:19:b1:40:65:db:bc:9f:21:e2:4e:4b:6a:a9:
cb:17:e2:41:83:02:63:93:62:d5:15:66:ee:3c:c6:
e8:aa:68:9d:50:23:09:f4:de:69:3b:67:7d:5f:c8:
61:be:e9:d0:b3:3e:4b:9c:98:97:1c:ae:27:3e:b7:
66:35:8c:2d:63:98:a2:9e:dc:2d:ed:e0:a2:cc:28:
60:7b:55:c9:b6:94:50:d5:f7:1f:e0:2d:f6:e3:8f:
29:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:F8:4C:F0:1D:38:5A:9F:AB:C9:7B:84:87:2E:44:D6:5C:0C:66:AA
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wPhM8B04Wp-ryXuEhy5E1lwMZqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.207.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:44:39:3f:da:b1:95:a7:c2:f7:c9:d3:10:cb:84:14:23:00:
9f:e9:38:af:5a:ac:48:3f:03:cb:38:6d:10:92:7d:d0:58:be:
81:70:a9:cb:5c:b3:8f:72:45:62:9b:00:11:bf:10:7d:eb:97:
01:93:71:49:e4:82:ab:0a:8d:a0:0b:20:54:af:5d:ab:8b:a8:
2d:86:f9:58:1f:bf:ec:2d:91:c8:f5:23:f2:1b:37:04:09:9b:
18:ac:36:2e:38:6f:5a:76:18:c2:17:8d:6c:7a:e3:ad:48:e9:
4c:49:6b:9b:cd:87:e7:56:f7:68:f7:ca:6a:e2:9c:a1:ac:f9:
44:ed:31:d5:f0:94:0b:a7:6a:45:c3:72:c9:53:31:9b:91:a1:
91:98:8e:94:8d:83:ba:cf:a7:9e:12:b2:7b:c3:cf:2c:bc:2f:
33:aa:a5:48:d2:95:e6:3d:81:b3:49:05:3f:46:a3:ad:cb:35:
b7:de:ad:b2:1c:07:29:5f:49:27:4d:3f:78:13:c2:a9:c2:7b:
ed:9e:b2:ac:37:ce:e8:da:94:95:21:03:b8:5b:2a:49:7a:b8:
9c:17:3b:dc:9d:55:5c:bb:1a:90:1a:62:7a:11:c9:40:55:32:
86:f1:f7:de:0d:3b:14:e0:63:fb:45:2e:7e:18:1c:95:36:4d:
96:57:d5:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK0sjo5i+DVJk7UoY+22LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGY4NGNmMDFkMzg1YTlmYWJjOTdiODQ4NzJlNDRkNjVjMGM2NmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrTS9vh+vfJKq6lbhlJ74siR8OMA
umn3smUtHrt4izQngZ+xZVkVyWf8nMEi309KbcthEgiqPAPO/o6oUbdHjMoRIOSq
8O3B/PZub7bannwcCcrQZRsFVz4TlMzRG27KHzzyUoS7xVP35AZ1+EdLY0pXwlxW
unhhT9jteU6shlYAU3kul7svwtanFmBgbvpx6THkUoDyyjpVJvm0rUspbVZHvX6a
yBmxQGXbvJ8h4k5LaqnLF+JBgwJjk2LVFWbuPMboqmidUCMJ9N5pO2d9X8hhvunQ
sz5LnJiXHK4nPrdmNYwtY5iintwt7eCizChge1XJtpRQ1fcf4C32448pjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMD4TPAdOFqfq8l7hIcuRNZcDGaqMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvd1BoTThCMDRXcC1yeVh1RWh5NUUxbHdNWnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbfPMA0G
CSqGSIb3DQEBCwUAA4IBAQC6RDk/2rGVp8L3ydMQy4QUIwCf6TivWqxIPwPLOG0Q
kn3QWL6BcKnLXLOPckVimwARvxB965cBk3FJ5IKrCo2gCyBUr12ri6gthvlYH7/s
LZHI9SPyGzcECZsYrDYuOG9adhjCF41seuOtSOlMSWubzYfnVvdo98pq4pyhrPlE
7THV8JQLp2pFw3LJUzGbkaGRmI6UjYO6z6eeErJ7w88svC8zqqVI0pXmPYGzSQU/
RqOtyzW33q2yHAcpX0knTT94E8KpwnvtnrKsN87o2pSVIQO4WypJericFzvcnVVc
uxqQGmJ6EclAVTKG8ffeDTsU4GP7RS5+GByVNk2WV9XO
-----END CERTIFICATE-----
Generated at Wed May 1 21:49:27 2024 by rpki-client on console-ams.rpki-client.org