Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/5cBzPIEs_tf2O8xuO7TjGarAIsw.roa
File: 5cBzPIEs_tf2O8xuO7TjGarAIsw.roa (raw, json)
Hash identifier: e1Hm5mKmiodsz4hDKk7tdHcvbyGBK3YdDGoLXb2UaAc=
Subject key identifier: E5:C0:73:3C:81:2C:FE:D7:F6:3B:CC:6E:3B:B4:E3:19:AA:C0:22:CC
Certificate issuer: /CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Certificate serial: 018CC49365340A47B23381AC7DE5627F7FFC
Authority key identifier: 38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/5cBzPIEs_tf2O8xuO7TjGarAIsw.roa
Signing time: Mon 01 Jan 2024 10:30:43 +0000
ROA not before: Mon 01 Jan 2024 10:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29247
IP address blocks: 149.210.0.0/18 maxlen: 18
109.178.0.0/16 maxlen: 16
5.144.224.0/20 maxlen: 20
5.203.0.0/16 maxlen: 16
62.103.103.0/24 maxlen: 24
5.144.192.0/20 maxlen: 20
5.144.192.0/18 maxlen: 18
5.144.208.0/20 maxlen: 20
31.152.0.0/16 maxlen: 16
94.143.177.0/24 maxlen: 24
94.143.176.0/24 maxlen: 24
94.143.178.0/24 maxlen: 24
195.167.65.0/24 maxlen: 24
94.143.180.0/24 maxlen: 24
94.143.183.0/24 maxlen: 24
149.210.64.0/18 maxlen: 18
2a02:1388::/29 maxlen: 29
2a02:1388::/36 maxlen: 36
2a02:1388:2000::/36 maxlen: 36
2a02:1388:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.mft
rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:65:34:0a:47:b2:33:81:ac:7d:e5:62:7f:7f:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38f9c54f19193e06548163f895c3a46b9f8bfbb5
Validity
Not Before: Jan 1 10:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e5c0733c812cfed7f63bcc6e3bb4e319aac022cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f9:f6:93:91:48:d2:d5:66:1c:86:36:1e:9e:
6a:4e:a2:63:69:49:99:f2:5b:11:81:d9:c9:67:e7:
29:69:3a:16:d2:3a:3f:3f:61:88:6d:67:9a:2e:e2:
8e:7f:ec:86:78:ea:7a:08:45:53:2a:1a:5c:db:ca:
0e:0c:0b:b4:e8:d3:11:78:a8:60:66:b4:a5:3e:9a:
13:dd:c2:47:ec:29:23:24:d7:c8:a4:9c:75:cd:d8:
1f:4d:0b:c2:80:ba:0d:06:4c:05:c0:cf:97:67:ec:
22:4b:92:ea:32:2d:c7:91:eb:32:43:04:4f:a8:46:
63:25:e9:85:2b:5c:0d:a2:df:70:7b:28:cf:0d:9b:
d7:5b:bd:e9:ba:07:66:30:99:bc:84:1f:88:30:4a:
a7:c5:99:be:60:13:cd:0c:cc:42:8f:44:d9:4d:30:
8d:43:41:f0:b0:88:72:ab:8a:b8:f0:e8:13:7d:42:
30:0f:77:dc:0c:6f:29:14:18:9c:88:a5:c0:ed:6f:
b8:40:a2:7d:89:78:71:0b:fc:6c:c9:ee:9c:23:5c:
c2:df:2a:c3:9d:bd:1c:fd:44:1b:a9:79:97:2e:e0:
0e:81:b4:95:16:26:e5:35:8b:84:39:d6:ac:cd:54:
5d:19:c2:3a:81:1b:8a:fd:17:09:14:86:18:a5:8d:
4c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C0:73:3C:81:2C:FE:D7:F6:3B:CC:6E:3B:B4:E3:19:AA:C0:22:CC
X509v3 Authority Key Identifier:
keyid:38:F9:C5:4F:19:19:3E:06:54:81:63:F8:95:C3:A4:6B:9F:8B:FB:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OPnFTxkZPgZUgWP4lcOka5-L-7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/5cBzPIEs_tf2O8xuO7TjGarAIsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f0b6ba-8675-491c-8593-724949b460e9/1/OPnFTxkZPgZUgWP4lcOka5-L-7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.192.0/18
5.203.0.0/16
31.152.0.0/16
62.103.103.0/24
94.143.176.0-94.143.178.255
94.143.180.0/24
94.143.183.0/24
109.178.0.0/16
149.210.0.0/17
195.167.65.0/24
IPv6:
2a02:1388::/29
Signature Algorithm: sha256WithRSAEncryption
64:47:de:e3:15:e2:d3:45:89:ac:a4:16:36:ce:54:81:27:f8:
d5:37:56:cb:56:e2:bd:b5:82:1f:4b:7e:3e:ff:87:16:2d:37:
d5:92:37:8e:c2:31:a5:09:8f:0d:9b:0b:57:84:15:b4:6c:31:
df:c2:3b:c5:88:87:a5:ed:ba:88:7b:65:69:2a:22:22:97:45:
3c:c4:bf:9e:82:95:ee:4c:06:6d:23:17:46:4b:91:55:35:ef:
e2:25:16:96:32:a2:0b:6c:df:1e:f4:88:0d:8b:ac:85:ba:ac:
39:2d:ea:5a:a5:11:42:d9:2c:04:e2:37:f6:50:a3:cc:9d:97:
07:ba:bc:6b:01:7e:0d:e3:9c:24:9b:98:27:27:60:55:46:46:
7e:9f:0b:8c:c1:36:4b:7a:de:2a:46:1c:ea:81:ee:e8:93:e0:
84:51:3a:f6:bb:15:11:d6:e9:58:0e:3f:3b:ef:ef:c2:8c:3a:
3d:f4:f7:26:d0:c2:59:b8:09:4c:45:39:81:10:e8:21:e4:14:
90:29:ff:f9:79:6b:e9:4b:df:dc:da:12:4b:a0:98:19:34:c3:
f8:5f:02:9b:fd:d0:fb:2d:ec:61:2e:dc:cd:b0:b8:8b:81:46:
0d:47:90:74:64:91:64:fd:ce:63:12:22:94:a5:43:07:b8:22:
f5:84:17:5f
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYzEk2U0CkeyM4GsfeVif3/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4ZjljNTRmMTkxOTNlMDY1NDgxNjNmODk1YzNhNDZiOWY4
YmZiYjUwHhcNMjQwMTAxMTAzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWMwNzMzYzgxMmNmZWQ3ZjYzYmNjNmUzYmI0ZTMxOWFhYzAyMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvn2k5FI0tVmHIY2Hp5qTqJjaUmZ
8lsRgdnJZ+cpaToW0jo/P2GIbWeaLuKOf+yGeOp6CEVTKhpc28oODAu06NMReKhg
ZrSlPpoT3cJH7CkjJNfIpJx1zdgfTQvCgLoNBkwFwM+XZ+wiS5LqMi3HkesyQwRP
qEZjJemFK1wNot9weyjPDZvXW73pugdmMJm8hB+IMEqnxZm+YBPNDMxCj0TZTTCN
Q0HwsIhyq4q48OgTfUIwD3fcDG8pFBiciKXA7W+4QKJ9iXhxC/xsye6cI1zC3yrD
nb0c/UQbqXmXLuAOgbSVFiblNYuEOdaszVRdGcI6gRuK/RcJFIYYpY1MOQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFOXAczyBLP7X9jvMbju04xmqwCLMMB8GA1UdIwQY
MBaAFDj5xU8ZGT4GVIFj+JXDpGufi/u1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMt
NzI0OTQ5YjQ2MGU5LzEvNWNCelBJRXNfdGYyTzh4dU83VGpHYXJBSXN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9mMGI2YmEtODY3NS00OTFjLTg1OTMtNzI0OTQ5YjQ2MGU5
LzEvT1BuRlR4a1pQZ1pVZ1dQNGxjT2thNS1MLTdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBHBAIAATBBAwQGBZDAAwMA
BcsDAwAfmAMEAD5nZzAMAwQEXo+wAwQAXo+yAwQAXo+0AwQAXo+3AwMAbbIDBAeV
0gADBADDp0EwDQQCAAIwBwMFAyoCE4gwDQYJKoZIhvcNAQELBQADggEBAGRH3uMV
4tNFiaykFjbOVIEn+NU3VstW4r21gh9Lfj7/hxYtN9WSN47CMaUJjw2bC1eEFbRs
Md/CO8WIh6Xtuoh7ZWkqIiKXRTzEv56Cle5MBm0jF0ZLkVU17+IlFpYyogts3x70
iA2LrIW6rDkt6lqlEULZLATiN/ZQo8ydlwe6vGsBfg3jnCSbmCcnYFVGRn6fC4zB
Nkt63ipGHOqB7uiT4IRROva7FRHW6VgOPzvv78KMOj309ybQwlm4CUxFOYEQ6CHk
FJAp//l5a+lL39zaEkugmBk0w/hfApv90Pst7GEu3M2wuIuBRg1HkHRkkWT9zmMS
IpSlQwe4IvWEF18=
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:53:53 2024 by rpki-client on console-ams.rpki-client.org