Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/0uXKSYaKyjwK3hxt17XymjnigBQ.roa
File: 0uXKSYaKyjwK3hxt17XymjnigBQ.roa (raw, json)
Hash identifier: mdG6wpqa+XokuV0loPSBuz8PeRqUijhula742/CunAk=
Subject key identifier: D2:E5:CA:49:86:8A:CA:3C:0A:DE:1C:6D:D7:B5:F2:9A:39:E2:80:14
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018CC86F1162C51CDD85739F2082724CF9C4
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/0uXKSYaKyjwK3hxt17XymjnigBQ.roa
Signing time: Tue 02 Jan 2024 04:29:31 +0000
ROA not before: Tue 02 Jan 2024 04:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207701
IP address blocks: 5.11.31.0/24 maxlen: 24
2a01:7a8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft
rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:11:62:c5:1c:dd:85:73:9f:20:82:72:4c:f9:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jan 2 04:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2e5ca49868aca3c0ade1c6dd7b5f29a39e28014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9d:72:03:e8:de:d5:23:4a:7c:a1:33:a9:13:
05:dd:ba:0e:e5:db:ec:e5:f6:33:12:3a:df:26:b5:
6f:bb:20:0d:db:aa:72:c2:5c:9a:33:e4:56:ab:81:
63:80:e7:b5:8a:56:f7:62:60:cb:7e:25:1c:6a:30:
9d:66:17:a5:7f:11:c6:bf:e2:ac:65:ea:73:57:b2:
fc:b9:43:66:1e:e5:46:8c:ad:d3:38:9f:a6:8f:11:
98:84:eb:cc:34:f1:ac:6b:2d:1a:29:90:50:cf:1f:
1b:c0:e6:f6:15:09:ec:2d:40:c7:3e:2e:ac:24:c1:
2a:d7:4e:cb:8f:57:a8:04:8a:66:dd:b7:0b:22:28:
11:93:2f:fa:fd:b4:df:1e:02:f7:68:95:2a:af:34:
e7:4e:76:0b:02:9a:c9:e1:e0:70:f1:48:77:e5:70:
08:27:af:58:fa:9f:26:2c:f6:19:b0:80:7d:96:f2:
95:89:70:1e:ef:8f:34:df:03:66:c5:38:fa:ba:32:
da:38:98:5a:a4:7e:15:15:e4:11:22:b2:dc:6d:e5:
49:11:da:02:c8:21:9a:02:f5:12:2d:74:d5:61:0c:
51:e4:8f:5c:13:b3:a8:28:dd:f2:e0:32:87:be:d3:
85:99:ac:eb:b3:3f:79:93:93:ee:be:57:fc:69:2b:
2a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E5:CA:49:86:8A:CA:3C:0A:DE:1C:6D:D7:B5:F2:9A:39:E2:80:14
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/0uXKSYaKyjwK3hxt17XymjnigBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.31.0/24
IPv6:
2a01:7a8::/48
Signature Algorithm: sha256WithRSAEncryption
0a:04:a1:fd:0c:f5:61:d1:e8:db:5b:b2:52:4b:5f:69:9f:b0:
79:8c:64:a3:6a:55:7f:43:28:f7:95:ee:4a:b4:da:31:b2:6d:
31:ea:26:aa:d6:5f:3a:6f:09:38:db:d0:52:b5:94:54:a0:26:
59:ff:49:82:5b:bf:fd:c7:5a:8c:81:83:b3:ef:a7:d3:83:75:
18:6a:75:04:6a:6f:20:d9:ce:61:23:5b:0e:7b:64:99:fe:d9:
d4:39:52:ac:ae:8e:2f:46:67:6b:bf:46:ae:af:bb:4e:7c:00:
41:68:2b:3b:d3:59:01:ec:f1:13:34:87:58:d9:57:1b:07:25:
9a:c7:9e:42:cd:8e:d9:24:c9:25:87:a6:34:6f:7a:2f:70:1b:
a0:54:23:01:c5:62:a9:97:16:4d:af:3f:5f:18:29:3b:93:73:
45:23:a4:3e:33:d6:5b:59:20:c0:ef:78:cc:53:b5:eb:e5:d6:
9e:e1:8f:8a:a7:c9:1b:58:39:e8:7b:1f:cc:59:6f:8d:b0:9e:
21:23:b1:d2:ad:df:7c:cf:af:bd:9e:99:8a:0f:19:56:8c:f4:
35:07:24:a1:55:b2:1d:78:45:65:54:74:27:21:22:90:19:f4:
1c:23:de:b5:cf:f6:f2:0d:1a:27:bd:64:2a:a7:cc:20:8e:6a:
82:a4:bb:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIbxFixRzdhXOfIIJyTPnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjQwMTAyMDQyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmU1Y2E0OTg2OGFjYTNjMGFkZTFjNmRkN2I1ZjI5YTM5ZTI4MDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ1yA+je1SNKfKEzqRMF3boO5dvs
5fYzEjrfJrVvuyAN26pywlyaM+RWq4FjgOe1ilb3YmDLfiUcajCdZhelfxHGv+Ks
ZepzV7L8uUNmHuVGjK3TOJ+mjxGYhOvMNPGsay0aKZBQzx8bwOb2FQnsLUDHPi6s
JMEq107Lj1eoBIpm3bcLIigRky/6/bTfHgL3aJUqrzTnTnYLAprJ4eBw8Uh35XAI
J69Y+p8mLPYZsIB9lvKViXAe74803wNmxTj6ujLaOJhapH4VFeQRIrLcbeVJEdoC
yCGaAvUSLXTVYQxR5I9cE7OoKN3y4DKHvtOFmazrsz95k5Puvlf8aSsq3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNLlykmGiso8Ct4cbde18po54oAUMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvMHVYS1NZYUt5andLM2h4dDE3WHltam5pZ0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABQsfMA8E
AgACMAkDBwAqAQeoAAAwDQYJKoZIhvcNAQELBQADggEBAAoEof0M9WHR6NtbslJL
X2mfsHmMZKNqVX9DKPeV7kq02jGybTHqJqrWXzpvCTjb0FK1lFSgJln/SYJbv/3H
WoyBg7Pvp9ODdRhqdQRqbyDZzmEjWw57ZJn+2dQ5Uqyuji9GZ2u/Rq6vu058AEFo
KzvTWQHs8RM0h1jZVxsHJZrHnkLNjtkkySWHpjRvei9wG6BUIwHFYqmXFk2vP18Y
KTuTc0UjpD4z1ltZIMDveMxTtevl1p7hj4qnyRtYOeh7H8xZb42wniEjsdKt33zP
r72emYoPGVaM9DUHJKFVsh14RWVUdCchIpAZ9Bwj3rXP9vINGie9ZCqnzCCOaoKk
u2I=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:37 2024 by rpki-client on console-ams.rpki-client.org