Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/c6f31a-7ca7-48c4-93ff-c480da0264ca/1/kOnMAZEujB42Tf5OdSWYFrhwuIo.roa
File: kOnMAZEujB42Tf5OdSWYFrhwuIo.roa (raw, json)
Hash identifier: V06tEiml0UyRzQ7zT4lXk7AxFvetFNh9iS9mSXiETzQ=
Subject key identifier: 90:E9:CC:01:91:2E:8C:1E:36:4D:FE:4E:75:25:98:16:B8:70:B8:8A
Certificate issuer: /CN=5a081a52ac9cb0856df6563ed87d38b0caca7ccc
Certificate serial: 0192E70908401E0F563FD80794D2505138FC
Authority key identifier: 5A:08:1A:52:AC:9C:B0:85:6D:F6:56:3E:D8:7D:38:B0:CA:CA:7C:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WggaUqycsIVt9lY-2H04sMrKfMw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/c6f31a-7ca7-48c4-93ff-c480da0264ca/1/kOnMAZEujB42Tf5OdSWYFrhwuIo.roa
Signing time: Fri 01 Nov 2024 09:23:01 +0000
ROA not before: Fri 01 Nov 2024 09:23:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214873
IP address blocks: 5.183.5.0/24 maxlen: 24
5.183.6.0/24 maxlen: 24
5.183.7.0/24 maxlen: 24
2a14:4fc0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/c6f31a-7ca7-48c4-93ff-c480da0264ca/1/WggaUqycsIVt9lY-2H04sMrKfMw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/c6f31a-7ca7-48c4-93ff-c480da0264ca/1/WggaUqycsIVt9lY-2H04sMrKfMw.mft
rsync://rpki.ripe.net/repository/DEFAULT/WggaUqycsIVt9lY-2H04sMrKfMw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e7:09:08:40:1e:0f:56:3f:d8:07:94:d2:50:51:38:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a081a52ac9cb0856df6563ed87d38b0caca7ccc
Validity
Not Before: Nov 1 09:23:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90e9cc01912e8c1e364dfe4e75259816b870b88a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a1:25:e4:3b:0a:16:5f:c2:5b:2a:d9:b6:89:
d7:76:4a:3d:1f:9e:e5:c7:8a:9d:c8:70:d4:30:f5:
5c:91:dc:17:79:c6:26:fd:66:f2:50:43:8a:3c:1e:
07:b8:6e:85:27:bf:c1:8f:c8:68:08:7c:df:2c:d2:
bd:cc:20:30:26:52:1e:27:db:b2:b6:39:ea:60:6f:
71:dd:0e:29:09:3a:45:40:d6:e9:e0:61:eb:51:d3:
da:7d:c3:8d:65:16:2d:dc:86:08:6c:b3:40:9c:b3:
ee:71:c7:a6:62:86:49:a1:71:41:93:73:0e:88:d0:
ab:66:dc:1c:4d:8e:2a:db:0e:1a:06:ad:84:0c:68:
02:c8:cd:1d:b1:3b:3d:5f:46:30:0c:58:e6:9e:5d:
a4:1f:46:5c:3a:c4:d0:06:69:2b:25:f9:c7:6d:1c:
ba:30:2a:a9:3c:29:ae:9c:9a:ba:c9:31:8d:14:4b:
68:3c:f7:10:65:cc:1e:c0:fa:60:62:45:39:a7:3f:
c2:0c:35:3f:4d:c2:a2:7b:87:e5:f1:d7:26:07:e0:
9a:97:55:93:bb:d0:39:99:16:bd:2f:f6:1a:67:65:
57:86:be:f9:b7:00:df:d8:e7:7c:88:26:13:17:fd:
1a:b0:92:e7:4f:87:d2:8d:4f:d1:a9:4c:d1:70:9d:
06:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E9:CC:01:91:2E:8C:1E:36:4D:FE:4E:75:25:98:16:B8:70:B8:8A
X509v3 Authority Key Identifier:
keyid:5A:08:1A:52:AC:9C:B0:85:6D:F6:56:3E:D8:7D:38:B0:CA:CA:7C:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WggaUqycsIVt9lY-2H04sMrKfMw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c6f31a-7ca7-48c4-93ff-c480da0264ca/1/kOnMAZEujB42Tf5OdSWYFrhwuIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/c6f31a-7ca7-48c4-93ff-c480da0264ca/1/WggaUqycsIVt9lY-2H04sMrKfMw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.5.0-5.183.7.255
IPv6:
2a14:4fc0::/32
Signature Algorithm: sha256WithRSAEncryption
80:e8:a4:5a:6d:2b:96:3e:af:89:41:35:a7:4a:4e:8b:04:12:
2c:08:e1:94:d0:80:78:4b:9c:26:8b:7d:c5:d8:b1:0e:6b:06:
a0:e7:ef:6b:92:47:e7:14:0a:65:84:8c:b8:47:7b:61:8b:e8:
06:b2:04:50:32:56:59:36:9a:6a:7e:76:ed:98:3c:d7:79:6d:
d3:e4:9e:4a:38:be:59:ca:13:ff:31:b3:fc:07:71:2f:aa:bb:
8d:81:9e:9d:36:fe:83:7a:25:70:dc:80:e9:d5:52:5c:a6:bd:
c8:16:c3:28:b2:78:3d:ff:bd:1f:b5:6e:c5:74:5d:24:a3:d4:
05:2f:74:b8:af:b9:24:8d:82:af:94:6f:5b:c1:2a:15:57:8c:
64:9b:10:c8:4e:13:b8:e6:a9:a2:64:42:89:0b:ae:d6:34:42:
c3:2f:6f:fa:69:6c:4d:e1:12:dd:8b:fd:2a:77:16:d8:3c:7f:
b4:76:a3:fb:b8:38:a4:65:a0:6f:86:16:ce:ee:82:bb:59:43:
ef:ca:be:26:96:5c:a6:cb:86:38:72:2b:e0:8f:b7:28:8d:33:
a4:48:d2:b2:b9:2f:dc:11:07:f1:bb:bd:97:c8:b9:69:fa:7d:
44:8e:75:a9:38:3f:0d:55:51:5a:6d:73:67:4e:c7:89:83:d8:
13:3e:f2:86
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZLnCQhAHg9WP9gHlNJQUTj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMDgxYTUyYWM5Y2IwODU2ZGY2NTYzZWQ4N2QzOGIwY2Fj
YTdjY2MwHhcNMjQxMTAxMDkyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGU5Y2MwMTkxMmU4YzFlMzY0ZGZlNGU3NTI1OTgxNmI4NzBiODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6El5DsKFl/CWyrZtonXdko9H57l
x4qdyHDUMPVckdwXecYm/WbyUEOKPB4HuG6FJ7/Bj8hoCHzfLNK9zCAwJlIeJ9uy
tjnqYG9x3Q4pCTpFQNbp4GHrUdPafcONZRYt3IYIbLNAnLPuccemYoZJoXFBk3MO
iNCrZtwcTY4q2w4aBq2EDGgCyM0dsTs9X0YwDFjmnl2kH0ZcOsTQBmkrJfnHbRy6
MCqpPCmunJq6yTGNFEtoPPcQZcwewPpgYkU5pz/CDDU/TcKie4fl8dcmB+Cal1WT
u9A5mRa9L/YaZ2VXhr75twDf2Od8iCYTF/0asJLnT4fSjU/RqUzRcJ0GbwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJDpzAGRLoweNk3+TnUlmBa4cLiKMB8GA1UdIwQY
MBaAFFoIGlKsnLCFbfZWPth9OLDKynzMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2dnYVVxeWNzSVZ0OWxZLTJIMDRzTXJLZk13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9jNmYzMWEtN2NhNy00OGM0LTkzZmYt
YzQ4MGRhMDI2NGNhLzEva09uTUFaRXVqQjQyVGY1T2RTV1lGcmh3dUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9jNmYzMWEtN2NhNy00OGM0LTkzZmYtYzQ4MGRhMDI2NGNh
LzEvV2dnYVVxeWNzSVZ0OWxZLTJIMDRzTXJLZk13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAAFtwUD
BAMFtwAwDQQCAAIwBwMFACoUT8AwDQYJKoZIhvcNAQELBQADggEBAIDopFptK5Y+
r4lBNadKTosEEiwI4ZTQgHhLnCaLfcXYsQ5rBqDn72uSR+cUCmWEjLhHe2GL6Aay
BFAyVlk2mmp+du2YPNd5bdPknko4vlnKE/8xs/wHcS+qu42Bnp02/oN6JXDcgOnV
UlymvcgWwyiyeD3/vR+1bsV0XSSj1AUvdLivuSSNgq+Ub1vBKhVXjGSbEMhOE7jm
qaJkQokLrtY0QsMvb/ppbE3hEt2L/Sp3Ftg8f7R2o/u4OKRloG+GFs7ugrtZQ+/K
viaWXKbLhjhyK+CPtyiNM6RI0rK5L9wRB/G7vZfIuWn6fUSOdak4Pw1VUVptc2dO
x4mD2BM+8oY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:09 2024 by rpki-client on console-fra.rpki-client.org