Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/nKcQpxn7zhxqOoTayzhE5kPjYWg.roa
File: nKcQpxn7zhxqOoTayzhE5kPjYWg.roa (raw, json)
Hash identifier: AGzJgeV4vfJUzvcXgXicB0Z1c91G8tUy8JVQon+034A=
Subject key identifier: 9C:A7:10:A7:19:FB:CE:1C:6A:3A:84:DA:CB:38:44:E6:43:E3:61:68
Certificate issuer: /CN=cf58cbc4aae3f80c49b372911a8d44861cdfeecb
Certificate serial: 018FA42C5FAE3E4445199A8839601DE21CD6
Authority key identifier: CF:58:CB:C4:AA:E3:F8:0C:49:B3:72:91:1A:8D:44:86:1C:DF:EE:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/nKcQpxn7zhxqOoTayzhE5kPjYWg.roa
Signing time: Thu 23 May 2024 06:38:42 +0000
ROA not before: Thu 23 May 2024 06:38:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200924
IP address blocks: 5.83.176.0/20 maxlen: 20
31.22.24.0/21 maxlen: 21
46.167.24.0/21 maxlen: 21
185.6.120.0/22 maxlen: 22
185.27.212.0/22 maxlen: 22
185.37.248.0/22 maxlen: 22
185.44.132.0/22 maxlen: 22
185.75.164.0/22 maxlen: 22
194.56.213.0/24 maxlen: 24
2a01:7420::/32 maxlen: 32
2a05:5800::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.mft
rsync://rpki.ripe.net/repository/DEFAULT/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:2c:5f:ae:3e:44:45:19:9a:88:39:60:1d:e2:1c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf58cbc4aae3f80c49b372911a8d44861cdfeecb
Validity
Not Before: May 23 06:38:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ca710a719fbce1c6a3a84dacb3844e643e36168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4f:eb:a9:d0:47:91:98:80:9e:44:fe:5f:00:
8a:03:13:a2:88:ec:e1:28:9b:c0:44:8c:88:02:d9:
6a:6b:90:2f:2b:d4:20:81:6d:ef:33:a0:3c:54:64:
57:63:63:2a:53:ab:85:f6:cd:f9:2e:1e:83:86:90:
b8:fb:e8:45:99:56:06:bb:74:aa:b9:7f:02:ae:a6:
3a:7b:f6:8a:46:83:ff:1f:4a:18:91:d8:23:f7:20:
58:09:bc:ac:5b:bf:f0:7d:66:19:a9:a9:73:06:af:
d4:b4:a1:8e:7e:01:58:36:02:ea:2c:41:4d:9c:78:
ca:65:aa:9a:d0:3b:ce:ce:21:66:9b:45:6c:2e:28:
9a:da:a8:4d:70:1f:f7:ca:54:90:5b:64:9c:ef:d5:
f0:dd:6d:32:0a:ab:7f:d6:19:d9:f0:db:4b:35:d1:
4a:98:f6:ff:90:9a:37:02:5b:91:d7:14:bb:93:8e:
12:a9:e5:6c:15:b6:a3:24:8d:c6:31:f8:9c:74:bf:
23:e5:85:87:fa:5d:0b:2f:4a:3b:2b:d2:20:de:fa:
9d:db:08:42:22:c8:d3:eb:28:79:2b:a1:29:79:bf:
bd:44:19:3f:f6:e4:3b:e9:84:51:ab:df:23:ab:5b:
f0:09:39:b2:94:fc:b9:33:e1:f9:87:e1:fc:cb:90:
ed:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A7:10:A7:19:FB:CE:1C:6A:3A:84:DA:CB:38:44:E6:43:E3:61:68
X509v3 Authority Key Identifier:
keyid:CF:58:CB:C4:AA:E3:F8:0C:49:B3:72:91:1A:8D:44:86:1C:DF:EE:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/nKcQpxn7zhxqOoTayzhE5kPjYWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5ca328-f114-4b3f-b8ba-50d7d94e2b9f/1/z1jLxKrj-AxJs3KRGo1Ehhzf7ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.176.0/20
31.22.24.0/21
46.167.24.0/21
185.6.120.0/22
185.27.212.0/22
185.37.248.0/22
185.44.132.0/22
185.75.164.0/22
194.56.213.0/24
IPv6:
2a01:7420::/32
2a05:5800::/29
Signature Algorithm: sha256WithRSAEncryption
51:e9:9b:25:24:69:21:37:5c:4b:ba:9a:f1:b7:8a:f8:16:86:
79:b1:0d:ff:46:f4:de:f4:4d:36:73:1a:88:05:99:eb:13:e7:
fa:38:c5:e7:27:a4:7b:ea:10:06:ed:5a:0f:83:a0:f8:59:b0:
7c:8c:85:71:61:1a:ef:95:e0:e5:fa:a6:0e:31:02:8e:8a:4e:
18:36:2c:be:1a:21:a5:d8:49:f2:ce:89:7e:2e:92:41:6d:03:
9c:f9:3b:66:90:e5:70:9b:16:54:ce:24:87:6b:bd:b0:1f:93:
9d:34:12:12:b1:60:76:bb:d0:fd:2e:6b:d3:25:48:97:af:46:
ac:02:b7:2e:45:35:15:7f:34:dd:44:3a:a0:ad:a7:09:b9:56:
6b:d1:b3:75:ff:31:1f:18:9f:d2:c7:02:c4:09:bf:47:33:ac:
db:da:fb:8a:4f:c6:94:39:ce:be:e0:5e:cf:d2:23:3c:8b:e1:
8d:04:c9:91:fd:fd:00:37:bd:94:8a:65:ff:73:11:8c:dc:75:
9e:fa:f4:0a:fb:c6:a2:52:ce:f0:c7:b1:a3:c4:e1:67:0c:45:
ad:ed:a8:c7:13:9d:ce:cc:93:38:84:98:79:a5:fb:1a:3d:3b:
e6:4a:b5:07:93:38:24:90:ed:9a:87:d7:7f:f0:1c:8e:61:99:
0c:24:df:75
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY+kLF+uPkRFGZqIOWAd4hzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNThjYmM0YWFlM2Y4MGM0OWIzNzI5MTFhOGQ0NDg2MWNk
ZmVlY2IwHhcNMjQwNTIzMDYzODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E3MTBhNzE5ZmJjZTFjNmEzYTg0ZGFjYjM4NDRlNjQzZTM2MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0/rqdBHkZiAnkT+XwCKAxOiiOzh
KJvARIyIAtlqa5AvK9QggW3vM6A8VGRXY2MqU6uF9s35Lh6DhpC4++hFmVYGu3Sq
uX8CrqY6e/aKRoP/H0oYkdgj9yBYCbysW7/wfWYZqalzBq/UtKGOfgFYNgLqLEFN
nHjKZaqa0DvOziFmm0VsLiia2qhNcB/3ylSQW2Sc79Xw3W0yCqt/1hnZ8NtLNdFK
mPb/kJo3AluR1xS7k44SqeVsFbajJI3GMficdL8j5YWH+l0LL0o7K9Ig3vqd2whC
IsjT6yh5K6Epeb+9RBk/9uQ76YRRq98jq1vwCTmylPy5M+H5h+H8y5DtlQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFJynEKcZ+84cajqE2ss4ROZD42FoMB8GA1UdIwQY
MBaAFM9Yy8Sq4/gMSbNykRqNRIYc3+7LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejFqTHhLcmotQXhKczNLUkdvMUVoaHpmN3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81Y2EzMjgtZjExNC00YjNmLWI4YmEt
NTBkN2Q5NGUyYjlmLzEvbktjUXB4bjd6aHhxT29UYXl6aEU1a1BqWVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81Y2EzMjgtZjExNC00YjNmLWI4YmEtNTBkN2Q5NGUyYjlm
LzEvejFqTHhLcmotQXhKczNLUkdvMUVoaHpmN3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQEBVOwAwQD
HxYYAwQDLqcYAwQCuQZ4AwQCuRvUAwQCuSX4AwQCuSyEAwQCuUukAwQAwjjVMBQE
AgACMA4DBQAqAXQgAwUDKgVYADANBgkqhkiG9w0BAQsFAAOCAQEAUembJSRpITdc
S7qa8beK+BaGebEN/0b03vRNNnMaiAWZ6xPn+jjF5yeke+oQBu1aD4Og+FmwfIyF
cWEa75Xg5fqmDjECjopOGDYsvhohpdhJ8s6Jfi6SQW0DnPk7ZpDlcJsWVM4kh2u9
sB+TnTQSErFgdrvQ/S5r0yVIl69GrAK3LkU1FX803UQ6oK2nCblWa9Gzdf8xHxif
0scCxAm/RzOs29r7ik/GlDnOvuBez9IjPIvhjQTJkf39ADe9lIpl/3MRjNx1nvr0
CvvGolLO8Mexo8ThZwxFre2oxxOdzsyTOISYeaX7Gj075kq1B5M4JJDtmofXf/Ac
jmGZDCTfdQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:28 2024 by rpki-client on console-ams.rpki-client.org