Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/5hhXfwDoyhNwubKlN-S_5SiN1wA.roa
File: 5hhXfwDoyhNwubKlN-S_5SiN1wA.roa (raw, json)
Hash identifier: B2qahgtASolDcQWQmzP7gHy/KJZ9IEaf5GJAqgTsalI=
Subject key identifier: E6:18:57:7F:00:E8:CA:13:70:B9:B2:A5:37:E4:BF:E5:28:8D:D7:00
Certificate issuer: /CN=df61a292223ad9aebc8ad82c2a56475fbd97a834
Certificate serial: 018EDB711C5C45599154E40257DB45DC5408
Authority key identifier: DF:61:A2:92:22:3A:D9:AE:BC:8A:D8:2C:2A:56:47:5F:BD:97:A8:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/32GikiI62a68itgsKlZHX72XqDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/5hhXfwDoyhNwubKlN-S_5SiN1wA.roa
Signing time: Sun 14 Apr 2024 07:10:06 +0000
ROA not before: Sun 14 Apr 2024 07:10:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206485
IP address blocks: 45.129.136.0/22 maxlen: 22
45.129.136.0/24 maxlen: 24
45.129.137.0/24 maxlen: 24
45.129.138.0/24 maxlen: 24
45.129.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/32GikiI62a68itgsKlZHX72XqDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/32GikiI62a68itgsKlZHX72XqDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/32GikiI62a68itgsKlZHX72XqDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 01:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:71:1c:5c:45:59:91:54:e4:02:57:db:45:dc:54:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df61a292223ad9aebc8ad82c2a56475fbd97a834
Validity
Not Before: Apr 14 07:10:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e618577f00e8ca1370b9b2a537e4bfe5288dd700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:52:07:d5:d1:cb:7a:02:d6:76:e5:e3:68:c3:
76:cf:bb:94:6f:82:bb:34:8a:79:8e:22:44:0d:be:
ef:3f:93:28:cf:23:65:69:d6:1f:41:36:b7:7b:90:
5f:44:29:66:7e:5a:c1:30:f5:60:ea:48:41:64:91:
5c:e7:9e:d9:96:ca:ef:e2:64:0b:25:a3:d2:37:e3:
98:89:c2:d9:23:b0:55:bf:1a:a3:42:33:4b:b1:43:
ab:2b:87:a0:a8:8c:3f:a4:3f:df:dc:15:e6:38:a5:
b4:13:c5:7e:24:af:48:6c:e9:70:6d:dc:68:dd:0d:
be:bf:38:9c:fd:1a:73:02:1e:34:bb:3c:60:44:26:
9a:de:e6:a3:2d:ce:46:5c:77:ed:76:ed:06:42:ad:
59:58:69:2e:12:a8:7b:ba:84:07:22:03:39:f8:f6:
42:b3:5b:0c:87:f5:03:7d:29:8e:7e:70:7d:27:38:
03:b6:e0:d1:63:90:4a:43:d2:36:8f:d5:77:17:88:
e3:92:ba:21:2e:47:42:22:11:d2:8e:22:b8:16:e2:
e3:38:f6:5e:5f:ed:8c:44:b3:8d:52:02:49:5c:ce:
b5:ae:27:57:9d:db:30:0a:43:1b:7f:09:02:b2:a0:
91:b4:e5:e6:d7:fe:cb:79:0d:76:a3:91:26:b9:d9:
11:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:18:57:7F:00:E8:CA:13:70:B9:B2:A5:37:E4:BF:E5:28:8D:D7:00
X509v3 Authority Key Identifier:
keyid:DF:61:A2:92:22:3A:D9:AE:BC:8A:D8:2C:2A:56:47:5F:BD:97:A8:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/32GikiI62a68itgsKlZHX72XqDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/5hhXfwDoyhNwubKlN-S_5SiN1wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/b7d875-b12c-4ed8-b80f-41487f4d4171/1/32GikiI62a68itgsKlZHX72XqDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.136.0/22
Signature Algorithm: sha256WithRSAEncryption
06:0c:ed:ad:1f:f3:ec:0c:f3:dc:d2:17:7d:73:8a:90:59:91:
6e:97:f1:33:88:d3:94:64:69:ff:75:44:de:9a:95:c4:5a:4c:
53:96:1c:ab:4b:1c:bb:6a:a8:6e:fb:ce:81:c4:d9:fb:b1:de:
34:91:05:e9:19:52:16:a8:87:4c:ed:25:75:93:00:2a:e7:30:
66:22:bf:41:11:f2:c5:6f:35:1f:60:d1:9c:c7:4e:ad:0d:b4:
7c:a9:f9:6e:e8:0f:59:49:28:f1:6b:eb:35:58:b8:75:45:fa:
59:a0:f8:21:7c:1f:e8:84:cb:83:18:7a:e0:30:20:db:10:69:
fe:d3:8d:7b:a1:af:a5:99:05:58:4a:02:33:d0:75:fb:a2:87:
fc:02:a8:c2:45:32:e5:09:09:bc:12:e0:67:5e:f0:ab:72:c4:
a2:35:41:37:89:70:7e:c6:0e:af:e3:34:b0:67:ad:c5:ab:f1:
05:07:cb:17:8a:99:29:f9:bb:48:ae:fa:6e:81:ae:c3:ab:90:
70:72:16:b8:16:20:dd:1b:c9:02:a3:52:d9:94:b3:b7:f7:92:
51:e6:a0:3f:10:12:ed:bb:92:51:f3:27:55:2f:27:f8:a5:38:
45:a1:52:48:ea:4e:54:d4:25:92:31:5f:fc:c2:32:f9:2d:bd:
00:8e:7e:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7bcRxcRVmRVOQCV9tF3FQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNjFhMjkyMjIzYWQ5YWViYzhhZDgyYzJhNTY0NzVmYmQ5
N2E4MzQwHhcNMjQwNDE0MDcxMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjE4NTc3ZjAwZThjYTEzNzBiOWIyYTUzN2U0YmZlNTI4OGRkNzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1IH1dHLegLWduXjaMN2z7uUb4K7
NIp5jiJEDb7vP5MozyNladYfQTa3e5BfRClmflrBMPVg6khBZJFc557Zlsrv4mQL
JaPSN+OYicLZI7BVvxqjQjNLsUOrK4egqIw/pD/f3BXmOKW0E8V+JK9IbOlwbdxo
3Q2+vzic/RpzAh40uzxgRCaa3uajLc5GXHftdu0GQq1ZWGkuEqh7uoQHIgM5+PZC
s1sMh/UDfSmOfnB9JzgDtuDRY5BKQ9I2j9V3F4jjkrohLkdCIhHSjiK4FuLjOPZe
X+2MRLONUgJJXM61ridXndswCkMbfwkCsqCRtOXm1/7LeQ12o5EmudkRvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOYYV38A6MoTcLmypTfkv+UojdcAMB8GA1UdIwQY
MBaAFN9hopIiOtmuvIrYLCpWR1+9l6g0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzJHaWtpSTYyYTY4aXRnc0tsWkhYNzJYcURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iN2Q4NzUtYjEyYy00ZWQ4LWI4MGYt
NDE0ODdmNGQ0MTcxLzEvNWhoWGZ3RG95aE53dWJLbE4tU181U2lOMXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iN2Q4NzUtYjEyYy00ZWQ4LWI4MGYtNDE0ODdmNGQ0MTcx
LzEvMzJHaWtpSTYyYTY4aXRnc0tsWkhYNzJYcURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYGIMA0G
CSqGSIb3DQEBCwUAA4IBAQAGDO2tH/PsDPPc0hd9c4qQWZFul/EziNOUZGn/dUTe
mpXEWkxTlhyrSxy7aqhu+86BxNn7sd40kQXpGVIWqIdM7SV1kwAq5zBmIr9BEfLF
bzUfYNGcx06tDbR8qflu6A9ZSSjxa+s1WLh1RfpZoPghfB/ohMuDGHrgMCDbEGn+
0417oa+lmQVYSgIz0HX7oof8AqjCRTLlCQm8EuBnXvCrcsSiNUE3iXB+xg6v4zSw
Z63Fq/EFB8sXipkp+btIrvpuga7Dq5Bwcha4FiDdG8kCo1LZlLO395JR5qA/EBLt
u5JR8ydVLyf4pThFoVJI6k5U1CWSMV/8wjL5Lb0Ajn4e
-----END CERTIFICATE-----
Generated at Sat May 18 06:18:02 2024 by rpki-client on console-fra.rpki-client.org