Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/5tO77nwKJtjrsg0SvnYN_MDZEt0.roa
File: 5tO77nwKJtjrsg0SvnYN_MDZEt0.roa (raw, json)
Hash identifier: HMMiUV7LaVx74fIwEZhzey34lswgAFAYVn8KjGTNalI=
Subject key identifier: E6:D3:BB:EE:7C:0A:26:D8:EB:B2:0D:12:BE:76:0D:FC:C0:D9:12:DD
Certificate issuer: /CN=0f025fa357c20abbf118426234658e62d7dc7076
Certificate serial: 0192BC5A9480008A707AF9338D6B678F868C
Authority key identifier: 0F:02:5F:A3:57:C2:0A:BB:F1:18:42:62:34:65:8E:62:D7:DC:70:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/5tO77nwKJtjrsg0SvnYN_MDZEt0.roa
Signing time: Thu 24 Oct 2024 02:28:25 +0000
ROA not before: Thu 24 Oct 2024 02:28:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214294
IP address blocks: 123.100.225.0/24 maxlen: 24
2a01:ee80:1::/48 maxlen: 48
2a01:ee80:2::/48 maxlen: 48
2a01:ee80:77::/48 maxlen: 48
2a01:ee80:141::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bc:5a:94:80:00:8a:70:7a:f9:33:8d:6b:67:8f:86:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f025fa357c20abbf118426234658e62d7dc7076
Validity
Not Before: Oct 24 02:28:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6d3bbee7c0a26d8ebb20d12be760dfcc0d912dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1e:4f:2b:59:fc:a5:80:f7:6b:6e:b9:be:79:
12:4f:c4:9d:4a:e6:a3:d3:30:50:64:e9:2d:d0:53:
48:23:26:d1:f2:7d:63:3f:fb:06:bf:a4:f1:66:cb:
cc:a8:11:60:98:b0:8e:85:8d:69:5c:98:9b:40:b1:
bd:85:e8:1f:da:99:17:4e:c5:d0:a0:57:e5:a0:8d:
a3:05:fb:b9:48:8a:72:ba:46:e0:1c:7c:5e:95:08:
1f:11:75:4e:dd:ab:62:6b:c9:cd:ec:60:3a:47:dd:
ed:97:68:cb:df:84:be:3d:7e:46:f0:e7:0e:a5:ab:
fe:71:7c:8e:01:36:f4:29:2d:01:47:86:b4:79:b5:
70:03:9a:35:32:6f:a7:0e:3d:0e:62:f0:ad:32:14:
8c:bb:e1:44:af:d3:b9:ab:11:6e:93:95:60:fa:7e:
35:b6:b7:f6:b0:4b:68:f8:5b:c7:b3:0a:87:d2:96:
00:6a:e9:d9:41:32:61:42:92:ae:c3:84:41:ce:b7:
ad:03:e1:67:bd:73:5c:e0:a3:c5:01:02:5f:e1:13:
98:c1:2d:71:fc:23:49:a9:6d:7f:4b:c8:b3:39:01:
08:fb:59:f3:ac:bc:2f:e7:49:6d:ef:bc:58:7c:38:
5a:07:42:e7:77:af:57:86:6e:4c:be:83:4e:ef:6a:
0b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:D3:BB:EE:7C:0A:26:D8:EB:B2:0D:12:BE:76:0D:FC:C0:D9:12:DD
X509v3 Authority Key Identifier:
keyid:0F:02:5F:A3:57:C2:0A:BB:F1:18:42:62:34:65:8E:62:D7:DC:70:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/5tO77nwKJtjrsg0SvnYN_MDZEt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.100.225.0/24
IPv6:
2a01:ee80:1::-2a01:ee80:2:ffff:ffff:ffff:ffff:ffff
2a01:ee80:77::/48
2a01:ee80:141::/48
Signature Algorithm: sha256WithRSAEncryption
01:8f:97:81:3c:65:9a:d3:4a:5f:30:a9:f1:41:32:ec:b9:0f:
ab:0d:a4:95:c6:29:60:54:d1:11:0e:d1:9e:ba:f3:9f:a2:3d:
79:30:8a:26:71:1c:53:92:a6:18:c3:50:9d:65:64:ed:d5:b8:
a3:91:d8:6a:e4:fc:62:64:a0:4f:5b:c3:c3:9a:53:f9:b4:cb:
d6:10:92:81:ac:65:35:4d:92:66:0d:bb:73:4f:f3:ab:bb:6c:
3a:8a:63:52:16:f1:fa:c3:74:9c:8f:9b:83:e8:d2:7d:cb:d0:
7a:37:08:77:58:b9:0d:e0:bf:b7:56:a8:74:b5:79:64:cd:dc:
98:08:ae:b1:87:d0:59:49:2c:1e:b4:ac:b2:62:4c:83:ef:df:
4b:c5:78:83:ac:73:23:72:de:93:c9:33:45:aa:72:2f:9b:ad:
24:55:f9:f2:74:d6:1c:08:17:e5:e2:1a:cd:93:a0:84:f1:bc:
d8:33:59:16:d3:16:1d:40:62:36:a1:0f:7a:0c:92:ae:be:5e:
6f:a2:6d:cc:8e:e0:17:b8:cd:69:a2:45:0c:82:62:f2:d6:3a:
75:d2:06:b9:30:e0:d6:bf:a9:90:59:df:87:d6:74:f6:85:97:
93:6a:53:f9:be:7c:59:ef:86:a3:2d:04:be:04:7c:32:fa:1b:
e7:97:37:ee
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZK8WpSAAIpwevkzjWtnj4aMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDI1ZmEzNTdjMjBhYmJmMTE4NDI2MjM0NjU4ZTYyZDdk
YzcwNzYwHhcNMjQxMDI0MDIyODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmQzYmJlZTdjMGEyNmQ4ZWJiMjBkMTJiZTc2MGRmY2MwZDkxMmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR5PK1n8pYD3a265vnkST8SdSuaj
0zBQZOkt0FNIIybR8n1jP/sGv6TxZsvMqBFgmLCOhY1pXJibQLG9hegf2pkXTsXQ
oFfloI2jBfu5SIpyukbgHHxelQgfEXVO3atia8nN7GA6R93tl2jL34S+PX5G8OcO
pav+cXyOATb0KS0BR4a0ebVwA5o1Mm+nDj0OYvCtMhSMu+FEr9O5qxFuk5Vg+n41
trf2sEto+FvHswqH0pYAaunZQTJhQpKuw4RBzretA+FnvXNc4KPFAQJf4ROYwS1x
/CNJqW1/S8izOQEI+1nzrLwv50lt77xYfDhaB0Lnd69Xhm5MvoNO72oLYQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFObTu+58CibY67INEr52DfzA2RLdMB8GA1UdIwQY
MBaAFA8CX6NXwgq78RhCYjRljmLX3HB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdKZm8xZkNDcnZ4R0VKaU5HV09ZdGZjY0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xMTRhMTAtOGVmNy00OTAzLTk2M2Ut
ZDRkNTlhMDk1YzdmLzEvNXRPNzdud0tKdGpyc2cwU3ZuWU5fTURaRXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xMTRhMTAtOGVmNy00OTAzLTk2M2UtZDRkNTlhMDk1Yzdm
LzEvRHdKZm8xZkNDcnZ4R0VKaU5HV09ZdGZjY0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAMBAIAATAGAwQAe2ThMCwE
AgACMCYwEgMHACoB7oAAAQMHACoB7oAAAgMHACoB7oAAdwMHACoB7oABQTANBgkq
hkiG9w0BAQsFAAOCAQEAAY+XgTxlmtNKXzCp8UEy7LkPqw2klcYpYFTREQ7Rnrrz
n6I9eTCKJnEcU5KmGMNQnWVk7dW4o5HYauT8YmSgT1vDw5pT+bTL1hCSgaxlNU2S
Zg27c0/zq7tsOopjUhbx+sN0nI+bg+jSfcvQejcId1i5DeC/t1aodLV5ZM3cmAiu
sYfQWUksHrSssmJMg+/fS8V4g6xzI3Lek8kzRapyL5utJFX58nTWHAgX5eIazZOg
hPG82DNZFtMWHUBiNqEPegySrr5eb6JtzI7gF7jNaaJFDIJi8tY6ddIGuTDg1r+p
kFnfh9Z09oWXk2pT+b58We+Goy0EvgR8Mvob55c37g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:47 2024 by rpki-client on console-fra.rpki-client.org