Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/y5SuKmcUemt9OJc8wj1yplgBTMg.roa
File: y5SuKmcUemt9OJc8wj1yplgBTMg.roa (raw, json)
Hash identifier: 87ru/b996XrJAfTEL9AG3yc21G1405lwgbLevUSPwbE=
Subject key identifier: CB:94:AE:2A:67:14:7A:6B:7D:38:97:3C:C2:3D:72:A6:58:01:4C:C8
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018CC348C31ABE8C9A024A8C7EB6D7E5F49A
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/y5SuKmcUemt9OJc8wj1yplgBTMg.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41689
IP address blocks: 5.202.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft
rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c3:1a:be:8c:9a:02:4a:8c:7e:b6:d7:e5:f4:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb94ae2a67147a6b7d38973cc23d72a658014cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b5:99:3b:a7:e5:8b:e6:b7:f3:b6:1d:e6:fb:
ab:10:ae:bb:8b:49:72:13:92:14:ce:b0:50:2e:c4:
93:f4:4b:60:00:93:92:08:62:da:3b:f0:2c:af:d3:
91:63:31:60:11:91:75:67:61:f0:8f:f6:17:ce:0b:
b7:cc:f2:07:aa:3e:56:b8:6b:70:be:3c:3f:42:a4:
9e:a6:9a:5e:79:81:51:18:29:6d:61:54:b4:3c:f3:
d3:b0:a3:24:84:59:e0:da:76:a3:fd:fe:84:fb:4e:
3b:3c:e8:8e:db:e9:38:db:63:4d:6f:a3:e6:d2:d0:
69:b0:e1:30:1d:6c:97:1c:59:21:18:1d:e8:1e:8c:
23:d6:05:25:8f:33:e3:67:71:e8:a0:6e:c6:c9:6c:
5d:37:3c:39:ec:ab:33:76:ad:70:27:63:b2:7b:0b:
f2:a5:9b:59:0d:c0:e6:04:0d:85:c8:1e:e1:75:c5:
fa:f0:2c:53:91:44:69:cd:f7:79:cf:e3:be:63:fd:
18:59:e8:64:53:80:ca:70:9d:86:fe:cf:65:62:3b:
b9:3f:b1:18:9d:31:b1:14:16:49:15:57:a0:52:f0:
b9:33:3c:25:0d:b4:ba:30:8d:3c:2f:97:62:64:34:
6f:ea:14:5c:11:44:66:47:60:88:c3:c3:b6:86:b8:
71:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:94:AE:2A:67:14:7A:6B:7D:38:97:3C:C2:3D:72:A6:58:01:4C:C8
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/y5SuKmcUemt9OJc8wj1yplgBTMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.135.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:21:ae:10:68:20:6b:ad:84:96:25:3f:ea:92:ee:d6:c4:7a:
09:9c:a1:ce:eb:80:d0:ca:9e:f4:d4:6d:a9:71:59:06:27:06:
d3:aa:39:cd:72:61:e3:fd:f1:84:e9:01:d5:5d:9f:67:2a:e9:
5b:b2:30:7f:5f:33:9e:51:36:b1:8d:e7:36:67:81:b4:1d:d7:
b8:05:fa:6f:09:58:b4:34:af:a5:b8:86:00:5c:d5:63:2b:74:
f8:6e:35:67:80:64:95:2c:bc:af:0d:3d:dc:bf:35:0f:ce:04:
46:a6:b0:ea:34:bc:00:bf:60:48:a5:73:3b:08:cc:78:4a:39:
cb:c4:31:e0:bb:47:81:5b:16:5b:e2:4d:83:8b:8d:65:2a:58:
f1:53:6d:ea:78:80:b4:b0:3a:eb:1b:c0:c4:69:2c:e3:b9:14:
43:4f:5d:18:3a:35:57:f8:e8:8d:dc:09:b5:25:5b:1e:f0:75:
4d:2f:54:3e:d9:86:c5:0e:70:09:92:fd:c6:a9:1a:d7:f2:be:
4f:13:9b:86:ef:5d:4a:e5:f7:7f:e5:ab:69:e1:54:a2:04:23:
cc:9f:39:88:67:aa:2f:34:44:94:5a:b2:50:ef:2e:d2:24:5b:
19:1a:4d:bf:e7:52:84:3d:d5:f1:59:ff:8a:de:4b:7d:24:66:
8e:38:89:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSMMavoyaAkqMfrbX5fSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjk0YWUyYTY3MTQ3YTZiN2QzODk3M2NjMjNkNzJhNjU4MDE0Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLWZO6fli+a387Yd5vurEK67i0ly
E5IUzrBQLsST9EtgAJOSCGLaO/Asr9ORYzFgEZF1Z2Hwj/YXzgu3zPIHqj5WuGtw
vjw/QqSepppeeYFRGCltYVS0PPPTsKMkhFng2naj/f6E+047POiO2+k422NNb6Pm
0tBpsOEwHWyXHFkhGB3oHowj1gUljzPjZ3HooG7GyWxdNzw57Kszdq1wJ2Oyewvy
pZtZDcDmBA2FyB7hdcX68CxTkURpzfd5z+O+Y/0YWehkU4DKcJ2G/s9lYju5P7EY
nTGxFBZJFVegUvC5MzwlDbS6MI08L5diZDRv6hRcEURmR2CIw8O2hrhxYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMuUripnFHprfTiXPMI9cqZYAUzIMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEveTVTdUttY1VlbXQ5T0pjOHdqMXlwbGdCVE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABcqHMA0G
CSqGSIb3DQEBCwUAA4IBAQB+Ia4QaCBrrYSWJT/qku7WxHoJnKHO64DQyp701G2p
cVkGJwbTqjnNcmHj/fGE6QHVXZ9nKulbsjB/XzOeUTaxjec2Z4G0Hde4BfpvCVi0
NK+luIYAXNVjK3T4bjVngGSVLLyvDT3cvzUPzgRGprDqNLwAv2BIpXM7CMx4SjnL
xDHgu0eBWxZb4k2Di41lKljxU23qeIC0sDrrG8DEaSzjuRRDT10YOjVX+OiN3Am1
JVse8HVNL1Q+2YbFDnAJkv3GqRrX8r5PE5uG711K5fd/5atp4VSiBCPMnzmIZ6ov
NESUWrJQ7y7SJFsZGk2/51KEPdXxWf+K3kt9JGaOOIn4
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:26:08 2024 by rpki-client on console-fra.rpki-client.org