Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/N7I6jERELvP39feK1qT4QHy21Uc.roa
File: N7I6jERELvP39feK1qT4QHy21Uc.roa (raw, json)
Hash identifier: j+ATirEgAa4Fyiu3lQE01izQ3qVrcPX6BoVjqofABts=
Subject key identifier: 37:B2:3A:8C:44:44:2E:F3:F7:F5:F7:8A:D6:A4:F8:40:7C:B6:D5:47
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01922908B3D903E1D077D23E86C8E0246728
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/N7I6jERELvP39feK1qT4QHy21Uc.roa
Signing time: Wed 25 Sep 2024 11:54:49 +0000
ROA not before: Wed 25 Sep 2024 11:54:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201150
IP address blocks: 5.202.0.0/19 maxlen: 19
5.202.16.0/20 maxlen: 20
5.202.18.0/23 maxlen: 23
5.202.20.0/23 maxlen: 23
5.202.28.0/24 maxlen: 24
5.202.29.0/24 maxlen: 24
5.202.58.0/23 maxlen: 23
5.202.60.0/22 maxlen: 22
5.202.64.0/23 maxlen: 23
5.202.96.0/22 maxlen: 22
5.202.132.0/22 maxlen: 22
185.103.128.0/22 maxlen: 22
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft
rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:29:08:b3:d9:03:e1:d0:77:d2:3e:86:c8:e0:24:67:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Sep 25 11:54:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37b23a8c44442ef3f7f5f78ad6a4f8407cb6d547
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e5:10:0f:7a:9c:96:5d:2f:b7:64:3e:95:14:
a4:74:df:3a:5d:7f:e2:56:bc:80:b3:85:08:47:07:
b0:1a:ad:63:fd:3a:3f:15:ba:58:6d:75:81:90:30:
ea:25:a1:59:82:e7:21:d9:41:8c:74:05:0a:3e:1a:
77:6d:eb:8e:a7:cd:cc:d1:78:47:96:cc:f7:c9:7b:
1b:46:aa:01:98:67:52:44:f4:e7:97:f8:2b:17:d8:
2e:41:2c:ab:f1:e9:c0:be:92:de:3c:30:8a:df:12:
13:c6:60:e1:65:7b:75:cf:2a:d3:53:44:15:87:11:
d4:63:a7:a2:92:5c:e1:41:69:b9:e3:bb:56:ed:eb:
09:c2:08:de:1b:25:3a:0c:5a:63:f8:0e:be:3c:fc:
a8:64:0f:76:2d:9c:38:03:09:6f:9b:89:9c:9c:56:
58:86:c3:bd:cb:32:25:82:e9:98:43:d1:ac:8c:aa:
92:46:96:f3:fc:06:e5:27:c7:36:80:d5:6f:a3:32:
f2:fb:7b:25:c9:22:ee:7f:4f:25:c7:b3:5b:9f:6d:
50:85:27:a3:03:cd:41:ab:55:a0:67:88:4f:39:05:
7a:a8:97:a0:24:5a:af:1c:af:54:65:09:b6:6b:17:
35:a0:1f:de:f1:42:fc:e3:e8:cf:e5:50:b3:ec:60:
5f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B2:3A:8C:44:44:2E:F3:F7:F5:F7:8A:D6:A4:F8:40:7C:B6:D5:47
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/N7I6jERELvP39feK1qT4QHy21Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/19
5.202.58.0-5.202.65.255
5.202.96.0/22
5.202.132.0/22
185.103.128.0/22
185.169.20.0/22
185.169.36.0/22
185.180.52.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:b0:82:06:e2:0f:55:b2:49:d4:c9:ba:4e:c4:36:11:a2:33:
80:da:57:6f:ee:aa:90:90:c6:45:5c:11:93:9b:86:bb:53:a5:
5f:44:47:bf:f9:33:c1:1a:c9:53:64:3f:e1:71:e0:08:e6:2b:
4a:87:91:d2:a1:98:95:73:3a:7b:d3:0d:8d:59:0a:87:5b:65:
b2:1d:d9:e1:1b:df:4d:ab:5c:b7:77:87:29:bb:a1:7e:65:bc:
9b:b1:c5:b3:c5:dc:d3:7c:de:85:5a:d4:48:9d:1f:c1:83:ad:
7a:43:15:56:77:b7:b8:7e:26:15:d4:cf:14:51:be:52:21:74:
82:0f:65:08:20:2a:57:88:cb:bf:21:4d:47:b3:37:e7:88:a0:
ff:cb:6b:4f:22:64:6d:35:7b:70:bc:66:41:61:1f:e0:7b:7e:
57:e4:2f:26:63:38:f8:c9:19:fc:4a:95:de:d9:8e:e2:07:93:
22:9e:70:37:f4:a4:4b:e9:c8:d5:05:a5:8e:40:a7:cb:4f:08:
cd:52:15:f2:d9:3c:44:d4:21:a2:2d:c3:6c:17:38:26:93:4d:
d9:0d:c0:7e:49:5f:ae:81:45:cd:55:a7:73:f1:2b:23:42:db:
b3:c0:35:9e:96:a1:14:d0:42:2d:b2:87:8e:38:01:9f:99:f4:
00:9e:58:f8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZIpCLPZA+HQd9I+hsjgJGcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwOTI1MTE1NDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2IyM2E4YzQ0NDQyZWYzZjdmNWY3OGFkNmE0Zjg0MDdjYjZkNTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOUQD3qcll0vt2Q+lRSkdN86XX/i
VryAs4UIRwewGq1j/To/FbpYbXWBkDDqJaFZguch2UGMdAUKPhp3beuOp83M0XhH
lsz3yXsbRqoBmGdSRPTnl/grF9guQSyr8enAvpLePDCK3xITxmDhZXt1zyrTU0QV
hxHUY6eiklzhQWm547tW7esJwgjeGyU6DFpj+A6+PPyoZA92LZw4Awlvm4mcnFZY
hsO9yzIlgumYQ9GsjKqSRpbz/AblJ8c2gNVvozLy+3slySLuf08lx7Nbn21QhSej
A81Bq1WgZ4hPOQV6qJegJFqvHK9UZQm2axc1oB/e8UL84+jP5VCz7GBf9QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDeyOoxERC7z9/X3itak+EB8ttVHMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvTjdJNmpFUkVMdlAzOWZlSzFxVDRRSHkyMVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQFBcoAMAwD
BAEFyjoDBAEFykADBAIFymADBAIFyoQDBAK5Z4ADBAK5qRQDBAK5qSQDBAK5tDQw
DQYJKoZIhvcNAQELBQADggEBAG6wggbiD1WySdTJuk7ENhGiM4DaV2/uqpCQxkVc
EZObhrtTpV9ER7/5M8EayVNkP+Fx4AjmK0qHkdKhmJVzOnvTDY1ZCodbZbId2eEb
302rXLd3hym7oX5lvJuxxbPF3NN83oVa1EidH8GDrXpDFVZ3t7h+JhXUzxRRvlIh
dIIPZQggKleIy78hTUezN+eIoP/La08iZG01e3C8ZkFhH+B7flfkLyZjOPjJGfxK
ld7ZjuIHkyKecDf0pEvpyNUFpY5Ap8tPCM1SFfLZPETUIaItw2wXOCaTTdkNwH5J
X66BRc1Vp3PxKyNC27PANZ6WoRTQQi2yh444AZ+Z9ACeWPg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:26:08 2024 by rpki-client on console-fra.rpki-client.org