Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/5cpg3KcXdV1WevzdEWlLTIHOcho.roa
File: 5cpg3KcXdV1WevzdEWlLTIHOcho.roa (raw, json)
Hash identifier: Hp/mQBQ8QFFQ/HcqW5Bj+SOKAsy1z8wLrb5CMjYIT5Q=
Subject key identifier: E5:CA:60:DC:A7:17:75:5D:56:7A:FC:DD:11:69:4B:4C:81:CE:72:1A
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 018CD5AAC6EE1A3314E61F0A4A40B04F2FFF
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/5cpg3KcXdV1WevzdEWlLTIHOcho.roa
Signing time: Thu 04 Jan 2024 18:09:48 +0000
ROA not before: Thu 04 Jan 2024 18:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10557
IP address blocks: 84.39.202.0/23 maxlen: 23
84.39.200.0/23 maxlen: 23
92.246.68.0/23 maxlen: 23
92.246.70.0/23 maxlen: 23
193.31.32.0/23 maxlen: 23
193.31.34.0/23 maxlen: 23
2.56.22.0/23 maxlen: 23
2.56.20.0/23 maxlen: 23
195.38.2.0/23 maxlen: 23
195.38.0.0/23 maxlen: 23
194.93.52.0/23 maxlen: 23
194.93.54.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d5:aa:c6:ee:1a:33:14:e6:1f:0a:4a:40:b0:4f:2f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Jan 4 18:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5ca60dca717755d567afcdd11694b4c81ce721a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4e:aa:7c:38:a3:63:ca:71:14:6d:e5:cc:72:
31:b3:48:2c:ff:f6:cd:ae:86:4c:d9:ec:b2:37:99:
14:89:1c:70:d6:9a:5c:8f:72:c5:6c:63:9f:4c:9c:
1e:81:7f:ce:9a:d9:65:ea:0b:69:a7:66:7b:3f:9e:
b7:46:c8:8f:65:35:e0:50:7b:08:ad:3c:b4:5a:ff:
dc:c2:ee:96:fb:f8:e9:9d:ff:2b:eb:19:f8:9c:7d:
c5:2a:af:1d:d4:c5:14:ad:58:b9:59:4b:13:bd:a9:
29:1f:b0:02:b9:b0:59:5f:1b:4a:f1:5d:7f:01:6a:
8d:97:f2:c9:05:c2:53:3d:c7:bd:08:ca:ac:cd:c6:
a4:11:78:83:0f:e8:4f:c0:f1:7c:dc:a4:90:3c:86:
1d:02:fd:f6:4e:4f:84:ce:da:d2:37:07:d0:89:0b:
4c:e1:52:aa:ca:1a:46:6a:cd:33:61:8c:76:80:1d:
e0:9d:6a:cc:76:24:5c:ea:37:2e:19:da:1e:d6:4f:
39:a7:d0:f8:f0:52:4e:b2:9e:31:0d:41:1a:e0:e0:
7c:29:d7:42:2e:a1:46:3b:78:17:93:95:63:4a:45:
50:71:47:8f:11:1f:9e:ff:54:0b:49:ad:45:98:b2:
e9:d7:d3:03:97:d5:45:b1:20:1a:46:ac:6f:e8:13:
22:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:CA:60:DC:A7:17:75:5D:56:7A:FC:DD:11:69:4B:4C:81:CE:72:1A
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/5cpg3KcXdV1WevzdEWlLTIHOcho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.20.0/22
84.39.200.0/22
92.246.68.0/22
193.31.32.0/22
194.93.52.0/22
195.38.0.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:2d:4a:02:08:53:35:2e:4d:f9:6b:73:c9:c0:00:ce:89:81:
50:84:f7:76:a3:1d:37:b5:75:23:93:b1:9d:f3:06:cf:1e:4b:
7f:ba:68:84:aa:b0:ab:68:12:97:ef:98:c8:94:9d:63:db:d5:
0a:ac:ac:f0:b3:d3:6e:53:ea:0e:95:66:5e:87:91:22:fb:39:
3d:85:18:21:1e:bf:ba:dd:0f:a5:79:6d:5d:b5:5b:9a:4a:55:
ce:f1:6a:a0:bd:44:79:f6:09:f3:9b:7e:d0:50:10:4c:ba:85:
16:66:21:57:79:07:03:2c:58:91:2c:e2:a8:0e:e7:d6:4f:41:
3d:57:08:11:1f:63:26:92:79:70:44:db:76:de:e9:a4:6f:c7:
50:e1:39:10:d6:59:34:8f:ae:cf:b1:39:1e:ad:ed:cf:b0:bf:
03:73:07:0d:67:1a:5e:f2:09:6a:48:f0:47:e4:9b:7b:d9:71:
a7:36:e1:d5:36:25:0a:a6:19:6c:5a:5f:a7:ac:6a:a4:d9:ee:
37:35:9a:a4:b7:64:59:9c:4a:62:f5:af:85:43:eb:6f:78:11:
b9:46:8a:50:36:ba:dc:b1:3b:0d:ea:91:97:06:d6:e5:69:74:
82:cc:ff:cf:5d:da:7c:0f:bf:47:e0:7f:3a:ff:43:a0:ed:19:
a9:f5:ba:ce
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzVqsbuGjMU5h8KSkCwTy//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjQwMTA0MTgwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWNhNjBkY2E3MTc3NTVkNTY3YWZjZGQxMTY5NGI0YzgxY2U3MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU6qfDijY8pxFG3lzHIxs0gs//bN
roZM2eyyN5kUiRxw1ppcj3LFbGOfTJwegX/Omtll6gtpp2Z7P563RsiPZTXgUHsI
rTy0Wv/cwu6W+/jpnf8r6xn4nH3FKq8d1MUUrVi5WUsTvakpH7ACubBZXxtK8V1/
AWqNl/LJBcJTPce9CMqszcakEXiDD+hPwPF83KSQPIYdAv32Tk+EztrSNwfQiQtM
4VKqyhpGas0zYYx2gB3gnWrMdiRc6jcuGdoe1k85p9D48FJOsp4xDUEa4OB8KddC
LqFGO3gXk5VjSkVQcUePER+e/1QLSa1FmLLp19MDl9VFsSAaRqxv6BMiJQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOXKYNynF3VdVnr83RFpS0yBznIaMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvNWNwZzNLY1hkVjFXZXZ6ZEVXbExUSUhPY2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCAjgUAwQC
VCfIAwQCXPZEAwQCwR8gAwQCwl00AwQCwyYAMA0GCSqGSIb3DQEBCwUAA4IBAQCy
LUoCCFM1Lk35a3PJwADOiYFQhPd2ox03tXUjk7Gd8wbPHkt/umiEqrCraBKX75jI
lJ1j29UKrKzws9NuU+oOlWZeh5Ei+zk9hRghHr+63Q+leW1dtVuaSlXO8WqgvUR5
9gnzm37QUBBMuoUWZiFXeQcDLFiRLOKoDufWT0E9VwgRH2MmknlwRNt23umkb8dQ
4TkQ1lk0j67PsTkere3PsL8DcwcNZxpe8glqSPBH5Jt72XGnNuHVNiUKphlsWl+n
rGqk2e43NZqkt2RZnEpi9a+FQ+tveBG5RopQNrrcsTsN6pGXBtblaXSCzP/PXdp8
D79H4H86/0Og7Rmp9brO
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:50:06 2024 by rpki-client on console-ams.rpki-client.org