Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/vSRs4oAU0yyuuK1_ZDE5xvAR-DQ.roa
File: vSRs4oAU0yyuuK1_ZDE5xvAR-DQ.roa (raw, json)
Hash identifier: hEhxIJguHZQitx7ndLacEmPBknHTn9hbBp8xZcpOdj4=
Subject key identifier: BD:24:6C:E2:80:14:D3:2C:AE:B8:AD:7F:64:31:39:C6:F0:11:F8:34
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 0193488499CB9BA2D4BD129F19F4AB3A92E8
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/vSRs4oAU0yyuuK1_ZDE5xvAR-DQ.roa
Signing time: Wed 20 Nov 2024 07:41:09 +0000
ROA not before: Wed 20 Nov 2024 07:41:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 5.11.16.0/22 maxlen: 22
5.11.16.0/23 maxlen: 23
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.18.0/23 maxlen: 23
5.11.18.0/24 maxlen: 24
5.11.19.0/24 maxlen: 24
5.11.21.0/24 maxlen: 24
5.11.22.0/24 maxlen: 24
5.11.24.0/22 maxlen: 22
5.11.24.0/23 maxlen: 23
5.11.24.0/24 maxlen: 24
5.11.25.0/24 maxlen: 24
5.11.26.0/23 maxlen: 23
5.11.26.0/24 maxlen: 24
5.11.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft
rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:48:84:99:cb:9b:a2:d4:bd:12:9f:19:f4:ab:3a:92:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Nov 20 07:41:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd246ce28014d32caeb8ad7f643139c6f011f834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:93:a5:cb:68:4c:3e:e8:1f:3f:ae:3e:19:06:
1c:a9:c1:29:48:98:a3:4d:78:99:69:5c:c5:b1:86:
61:36:e7:f6:70:e9:73:df:e5:f4:a8:90:10:e7:6c:
7a:bb:08:24:bd:55:61:78:3f:ca:3e:4c:63:66:ac:
30:55:06:5c:1f:12:a2:44:f6:17:85:ca:4b:9f:d5:
dc:2f:77:90:6e:4c:48:30:26:8a:f3:50:7f:01:a0:
11:4b:f5:0d:dc:e3:f3:8c:58:b9:9c:16:ed:3d:63:
28:e0:c9:62:7b:c4:c0:18:52:7a:bd:be:94:7b:f3:
df:cf:a1:49:43:43:28:87:01:45:cc:f2:b7:96:92:
88:79:0e:50:6d:5a:01:d1:4b:c5:4c:73:17:b0:37:
90:35:b4:52:a8:67:bf:ec:e8:fa:f9:e5:6c:57:2f:
b3:be:39:1b:ea:36:c1:62:fe:b6:70:4b:fe:7f:74:
18:d0:0c:58:42:3a:41:b8:65:8d:c0:e3:bf:8f:07:
f2:dd:68:69:e2:ef:dc:3f:4d:59:77:1e:85:4f:0d:
39:57:5d:ac:7d:5d:11:02:8d:5d:01:bd:62:c1:38:
3b:ac:26:ce:fb:a2:67:d0:2e:ff:d1:ef:c5:d7:73:
60:99:72:e0:7d:d0:09:96:06:ce:cf:1d:0d:65:ca:
2f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:24:6C:E2:80:14:D3:2C:AE:B8:AD:7F:64:31:39:C6:F0:11:F8:34
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/vSRs4oAU0yyuuK1_ZDE5xvAR-DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.21.0-5.11.22.255
5.11.24.0/22
Signature Algorithm: sha256WithRSAEncryption
09:94:12:b8:44:93:c7:5d:01:89:d5:bf:60:24:ce:24:0d:3d:
a5:93:ea:8a:5e:91:72:49:97:84:66:5d:35:cf:b5:bb:6d:74:
2b:d8:4a:2a:2c:13:2b:0f:87:f4:2a:63:c7:08:a3:93:32:6f:
79:e2:b0:37:eb:a2:9e:49:91:1d:e5:a2:90:91:5a:51:ae:b6:
d6:3f:06:db:50:a9:80:47:db:7a:2d:1d:8c:da:56:47:5a:cf:
f0:48:f7:35:1d:75:03:bf:94:10:e1:37:47:f9:f9:98:21:86:
62:8e:ff:02:a9:14:fa:cc:92:88:3f:fc:04:7a:43:e5:29:fc:
a1:92:fb:57:02:c1:bc:b0:c0:51:63:b4:ca:d6:8c:f6:23:ac:
5a:35:76:73:a4:0f:6e:ea:ae:36:e0:43:8d:72:3f:e6:4d:32:
75:92:a7:bb:53:b6:dd:a6:53:b9:d8:05:af:6b:3e:cd:4a:af:
5f:54:2b:0c:be:b6:5d:fc:30:e1:00:49:2f:18:af:dd:d2:48:
2f:b4:10:51:10:df:fd:22:4d:da:da:2a:a3:3d:eb:32:a4:38:
5f:b0:85:68:69:d0:8e:f5:bc:59:f1:31:75:78:95:96:93:a6:
7e:b4:8f:1d:85:7b:7a:d6:6f:ab:53:27:1a:f7:63:13:e2:65:
39:72:5f:c5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZNIhJnLm6LUvRKfGfSrOpLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjQxMTIwMDc0MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDI0NmNlMjgwMTRkMzJjYWViOGFkN2Y2NDMxMzljNmYwMTFmODM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZOly2hMPugfP64+GQYcqcEpSJij
TXiZaVzFsYZhNuf2cOlz3+X0qJAQ52x6uwgkvVVheD/KPkxjZqwwVQZcHxKiRPYX
hcpLn9XcL3eQbkxIMCaK81B/AaARS/UN3OPzjFi5nBbtPWMo4Mlie8TAGFJ6vb6U
e/Pfz6FJQ0MohwFFzPK3lpKIeQ5QbVoB0UvFTHMXsDeQNbRSqGe/7Oj6+eVsVy+z
vjkb6jbBYv62cEv+f3QY0AxYQjpBuGWNwOO/jwfy3Whp4u/cP01Zdx6FTw05V12s
fV0RAo1dAb1iwTg7rCbO+6Jn0C7/0e/F13NgmXLgfdAJlgbOzx0NZcoviQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL0kbOKAFNMsrritf2QxOcbwEfg0MB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvdlNSczRvQVUweXl1dUsxX1pERTV4dkFSLURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCBQsQMAwD
BAAFCxUDBAAFCxYDBAIFCxgwDQYJKoZIhvcNAQELBQADggEBAAmUErhEk8ddAYnV
v2AkziQNPaWT6opekXJJl4RmXTXPtbttdCvYSiosEysPh/QqY8cIo5Myb3nisDfr
op5JkR3lopCRWlGuttY/BttQqYBH23otHYzaVkdaz/BI9zUddQO/lBDhN0f5+Zgh
hmKO/wKpFPrMkog//AR6Q+Up/KGS+1cCwbywwFFjtMrWjPYjrFo1dnOkD27qrjbg
Q41yP+ZNMnWSp7tTtt2mU7nYBa9rPs1Kr19UKwy+tl38MOEASS8Yr93SSC+0EFEQ
3/0iTdraKqM96zKkOF+whWhp0I71vFnxMXV4lZaTpn60jx2Fe3rWb6tTJxr3YxPi
ZTlyX8U=
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:41:39 2024 by rpki-client on console-fra.rpki-client.org