Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/Cy3sLa0Yo9l7uKmsBAvOCw6AzKo.roa
File: Cy3sLa0Yo9l7uKmsBAvOCw6AzKo.roa (raw, json)
Hash identifier: 9reprFwspGBYlq1impmbiVbhnw9J0JxKW6CkT1bm4Bk=
Subject key identifier: 0B:2D:EC:2D:AD:18:A3:D9:7B:B8:A9:AC:04:0B:CE:0B:0E:80:CC:AA
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018CC86F0FDD1BBC12F62BA38A8713F5EF72
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/Cy3sLa0Yo9l7uKmsBAvOCw6AzKo.roa
Signing time: Tue 02 Jan 2024 04:29:30 +0000
ROA not before: Tue 02 Jan 2024 04:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/24 maxlen: 24
5.11.18.0/24 maxlen: 24
5.11.19.0/24 maxlen: 24
5.11.21.0/24 maxlen: 24
5.11.25.0/24 maxlen: 24
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft
rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:0f:dd:1b:bc:12:f6:2b:a3:8a:87:13:f5:ef:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jan 2 04:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b2dec2dad18a3d97bb8a9ac040bce0b0e80ccaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b0:36:02:45:b4:94:e2:7d:50:56:6b:53:3e:
6f:f5:ea:05:b2:ec:22:20:f0:9e:36:a2:bb:e1:92:
d7:43:d0:94:e7:db:12:3a:d6:40:a9:62:84:e3:3a:
88:a2:b2:39:11:10:2b:16:eb:c5:ee:ff:71:06:0d:
70:b3:86:e4:6f:42:39:9d:6f:d7:6b:2a:a7:24:b1:
5a:52:a7:6b:24:03:e0:7e:ba:d7:01:21:8f:e0:1d:
ab:91:35:87:57:59:09:e2:65:00:4d:82:8e:a3:fa:
91:45:f0:be:ed:0b:bb:01:b3:35:1e:e5:c7:f7:85:
95:85:3d:94:be:df:2a:17:e8:3c:47:74:64:f8:a3:
22:0c:d1:86:26:b5:bf:f5:4c:31:79:89:00:63:04:
e7:e1:28:bf:10:d0:70:0d:b6:42:58:7b:fa:54:14:
94:97:29:70:bd:62:3e:8f:3e:34:56:23:cb:10:c4:
cf:10:53:37:c7:23:f7:22:41:20:83:65:95:df:66:
4c:33:e8:c4:05:85:39:40:b9:14:f7:16:c8:81:34:
49:dc:9e:a8:ae:a3:3d:43:f0:f2:04:91:55:9d:98:
17:15:94:6f:e8:6a:b3:8f:94:95:05:ab:60:1c:1e:
79:b1:2d:6e:1e:fe:80:45:49:13:02:92:b0:6d:81:
26:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:2D:EC:2D:AD:18:A3:D9:7B:B8:A9:AC:04:0B:CE:0B:0E:80:CC:AA
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/Cy3sLa0Yo9l7uKmsBAvOCw6AzKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/22
Signature Algorithm: sha256WithRSAEncryption
59:42:98:83:3d:d9:cd:e0:eb:e2:b4:0f:30:5a:0a:9a:bd:50:
2f:ab:87:4a:3c:c9:c2:7c:0d:5b:07:f8:15:88:7c:9c:22:7b:
5e:6f:c0:c5:f6:01:63:85:5c:59:ee:f9:18:ff:23:a0:d6:69:
ba:2c:f4:bb:38:a9:1f:45:f2:7d:3e:ee:a3:44:aa:ee:0e:cb:
a1:c4:d7:ad:7e:46:78:30:b8:d5:db:3a:3f:76:08:7c:55:2d:
aa:4a:f1:4b:9c:5a:75:25:ab:95:ef:1b:75:84:fa:17:4f:c5:
48:8e:0c:35:07:d6:62:dc:f9:8f:9b:33:85:fe:8a:c2:ff:93:
de:8b:33:10:f7:9d:1e:21:53:27:2b:37:ec:d8:53:5c:a2:13:
7b:c6:81:35:74:0c:83:1b:b6:85:08:6f:e1:0f:3b:73:e5:57:
35:49:5a:74:c3:f7:a7:42:40:f7:88:54:2d:56:95:eb:15:bd:
71:44:f0:7b:a3:59:d8:e3:2b:d8:58:3c:ce:a3:a4:34:9a:2f:
21:b6:83:06:f8:a8:3e:07:13:34:3d:9e:7c:c1:65:c3:9a:5f:
da:ce:1c:70:02:f1:ba:d8:82:a6:ca:bb:42:7f:54:51:8e:26:
ac:ec:91:ab:ad:cb:4e:48:74:93:31:d8:05:68:59:b1:fa:71:
ec:a6:9a:3a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzIbw/dG7wS9iujiocT9e9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjQwMTAyMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjJkZWMyZGFkMThhM2Q5N2JiOGE5YWMwNDBiY2UwYjBlODBjY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7A2AkW0lOJ9UFZrUz5v9eoFsuwi
IPCeNqK74ZLXQ9CU59sSOtZAqWKE4zqIorI5ERArFuvF7v9xBg1ws4bkb0I5nW/X
ayqnJLFaUqdrJAPgfrrXASGP4B2rkTWHV1kJ4mUATYKOo/qRRfC+7Qu7AbM1HuXH
94WVhT2Uvt8qF+g8R3Rk+KMiDNGGJrW/9UwxeYkAYwTn4Si/ENBwDbZCWHv6VBSU
lylwvWI+jz40ViPLEMTPEFM3xyP3IkEgg2WV32ZMM+jEBYU5QLkU9xbIgTRJ3J6o
rqM9Q/DyBJFVnZgXFZRv6Gqzj5SVBatgHB55sS1uHv6ARUkTApKwbYEm1QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAst7C2tGKPZe7iprAQLzgsOgMyqMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvQ3kzc0xhMFlvOWw3dUttc0JBdk9DdzZBektvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAIFCxgwDQYJKoZIhvcNAQELBQADggEBAFlCmIM92c3g6+K0
DzBaCpq9UC+rh0o8ycJ8DVsH+BWIfJwie15vwMX2AWOFXFnu+Rj/I6DWabos9Ls4
qR9F8n0+7qNEqu4Oy6HE161+RngwuNXbOj92CHxVLapK8UucWnUlq5XvG3WE+hdP
xUiODDUH1mLc+Y+bM4X+isL/k96LMxD3nR4hUycrN+zYU1yiE3vGgTV0DIMbtoUI
b+EPO3PlVzVJWnTD96dCQPeIVC1WlesVvXFE8HujWdjjK9hYPM6jpDSaLyG2gwb4
qD4HEzQ9nnzBZcOaX9rOHHAC8brYgqbKu0J/VFGOJqzskauty05IdJMx2AVoWbH6
ceymmjo=
-----END CERTIFICATE-----
Generated at Thu May 2 16:26:40 2024 by rpki-client on console-fra.rpki-client.org