Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/ab55ce-75ff-439b-bcb5-dda350b11f02/1/b3-op_caJ5OWEy3gUuApDNVIx1U.roa
File: b3-op_caJ5OWEy3gUuApDNVIx1U.roa (raw, json)
Hash identifier: B5cJKrJw75oxpztD/Da45mQD7s0hJe9RYXd0rtRbsxg=
Subject key identifier: 6F:7F:A8:A7:F7:1A:27:93:96:13:2D:E0:52:E0:29:0C:D5:48:C7:55
Certificate issuer: /CN=c53f4388aadf0ae4ff5ee7bd37263c9f1e8467c7
Certificate serial: 018CC64A853C374262BB90EC69198C478B35
Authority key identifier: C5:3F:43:88:AA:DF:0A:E4:FF:5E:E7:BD:37:26:3C:9F:1E:84:67:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xT9DiKrfCuT_Xue9NyY8nx6EZ8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/ab55ce-75ff-439b-bcb5-dda350b11f02/1/b3-op_caJ5OWEy3gUuApDNVIx1U.roa
Signing time: Mon 01 Jan 2024 18:30:21 +0000
ROA not before: Mon 01 Jan 2024 18:30:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213155
IP address blocks: 5.204.0.0/16 maxlen: 16
84.225.128.0/18 maxlen: 18
176.226.0.0/17 maxlen: 17
37.234.0.0/16 maxlen: 16
176.77.128.0/17 maxlen: 17
91.104.0.0/16 maxlen: 16
84.224.0.0/16 maxlen: 16
84.225.0.0/17 maxlen: 17
2a0a:f640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/ab55ce-75ff-439b-bcb5-dda350b11f02/1/xT9DiKrfCuT_Xue9NyY8nx6EZ8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/ab55ce-75ff-439b-bcb5-dda350b11f02/1/xT9DiKrfCuT_Xue9NyY8nx6EZ8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/xT9DiKrfCuT_Xue9NyY8nx6EZ8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:85:3c:37:42:62:bb:90:ec:69:19:8c:47:8b:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53f4388aadf0ae4ff5ee7bd37263c9f1e8467c7
Validity
Not Before: Jan 1 18:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f7fa8a7f71a279396132de052e0290cd548c755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:58:82:29:87:60:24:b6:4d:d4:6b:15:33:96:
3e:59:f0:23:5e:52:22:ed:e1:c0:40:50:72:e0:c7:
33:52:59:90:ee:31:45:9c:c3:26:6f:f6:73:01:ae:
0b:6a:3f:3e:27:a2:25:92:a8:30:17:28:85:53:1f:
c1:23:c4:25:19:8d:d8:bf:f6:d8:ea:3f:5c:a7:fe:
cb:59:8f:a4:00:85:cb:c4:d4:d6:81:cd:84:df:82:
8c:68:fa:27:ff:e3:84:9f:b6:28:cd:5e:87:09:bc:
75:2f:c6:1f:ca:65:68:40:b5:f9:01:c2:31:68:74:
4d:04:cf:da:e8:fd:65:61:f2:20:29:b8:26:e3:bc:
3c:00:01:77:3a:0e:dc:62:a8:f4:de:9c:d8:21:cc:
71:b5:b9:01:96:9b:84:cf:b6:1f:2e:2a:f0:bc:0a:
68:64:af:0e:ab:dd:17:db:0c:d3:48:29:91:0f:a0:
35:46:28:d3:74:6f:36:f2:89:51:7c:fc:f7:f0:10:
ee:ea:36:f2:5b:a3:f9:81:91:d4:7b:cd:7f:29:2a:
55:aa:57:37:5b:80:7b:b7:36:83:7f:22:30:df:03:
8e:90:a5:dd:d6:32:aa:7a:d3:aa:91:44:52:ec:83:
50:e6:1e:d1:8a:b5:ff:08:61:bc:b1:64:c9:fe:0f:
a5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:7F:A8:A7:F7:1A:27:93:96:13:2D:E0:52:E0:29:0C:D5:48:C7:55
X509v3 Authority Key Identifier:
keyid:C5:3F:43:88:AA:DF:0A:E4:FF:5E:E7:BD:37:26:3C:9F:1E:84:67:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xT9DiKrfCuT_Xue9NyY8nx6EZ8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/ab55ce-75ff-439b-bcb5-dda350b11f02/1/b3-op_caJ5OWEy3gUuApDNVIx1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/ab55ce-75ff-439b-bcb5-dda350b11f02/1/xT9DiKrfCuT_Xue9NyY8nx6EZ8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.204.0.0/16
37.234.0.0/16
84.224.0.0-84.225.191.255
91.104.0.0/16
176.77.128.0/17
176.226.0.0/17
IPv6:
2a0a:f640::/32
Signature Algorithm: sha256WithRSAEncryption
95:37:a9:de:ae:13:43:62:9a:e5:78:8a:13:c8:04:36:b9:e0:
d4:7d:38:62:6e:73:4c:09:8d:64:5a:34:73:b0:c8:00:97:6b:
66:28:8d:d1:09:b2:f2:bf:7a:4c:58:9b:8e:2a:4d:2c:0e:c8:
58:2b:95:fb:e8:83:b6:54:bc:ec:15:71:ac:cc:c3:bd:b2:1c:
95:a4:d6:e5:96:07:c8:fe:63:0c:c6:ca:49:8e:68:60:ca:12:
58:1e:b4:44:f7:ad:61:7a:a8:39:df:9f:2b:b5:f8:b5:c1:40:
b7:39:d4:f9:dd:22:8c:01:b9:a8:13:e9:78:75:96:ba:a1:97:
34:6d:43:4d:14:1c:e5:07:20:a4:b3:4a:c6:2b:19:a2:51:0e:
54:63:41:0e:dd:e0:c7:bf:e7:1f:dc:f2:36:1f:65:66:c1:05:
03:67:ee:63:ae:b3:15:60:04:26:58:28:f1:76:7f:83:4e:09:
a6:0d:57:0a:0c:2d:aa:4f:03:f1:64:82:f3:64:de:1b:94:76:
23:e1:f0:11:14:23:40:06:07:64:e5:2b:34:8f:83:6b:04:70:
6e:84:3c:00:03:e3:c7:81:dd:be:61:9a:87:f7:85:77:bf:71:
cd:ca:95:d9:ef:de:84:08:05:1a:98:cc:79:a6:2b:bd:30:42:
9a:db:93:bc
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzGSoU8N0Jiu5DsaRmMR4s1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2Y0Mzg4YWFkZjBhZTRmZjVlZTdiZDM3MjYzYzlmMWU4
NDY3YzcwHhcNMjQwMTAxMTgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjdmYThhN2Y3MWEyNzkzOTYxMzJkZTA1MmUwMjkwY2Q1NDhjNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlViCKYdgJLZN1GsVM5Y+WfAjXlIi
7eHAQFBy4MczUlmQ7jFFnMMmb/ZzAa4Laj8+J6IlkqgwFyiFUx/BI8QlGY3Yv/bY
6j9cp/7LWY+kAIXLxNTWgc2E34KMaPon/+OEn7YozV6HCbx1L8YfymVoQLX5AcIx
aHRNBM/a6P1lYfIgKbgm47w8AAF3Og7cYqj03pzYIcxxtbkBlpuEz7YfLirwvApo
ZK8Oq90X2wzTSCmRD6A1RijTdG828olRfPz38BDu6jbyW6P5gZHUe81/KSpVqlc3
W4B7tzaDfyIw3wOOkKXd1jKqetOqkURS7INQ5h7RirX/CGG8sWTJ/g+lcQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFG9/qKf3GieTlhMt4FLgKQzVSMdVMB8GA1UdIwQY
MBaAFMU/Q4iq3wrk/17nvTcmPJ8ehGfHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFQ5RGlLcmZDdVRfWHVlOU55WThueDZFWjhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hYjU1Y2UtNzVmZi00MzliLWJjYjUt
ZGRhMzUwYjExZjAyLzEvYjMtb3BfY2FKNU9XRXkzZ1V1QXBETlZJeDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hYjU1Y2UtNzVmZi00MzliLWJjYjUtZGRhMzUwYjExZjAy
LzEveFQ5RGlLcmZDdVRfWHVlOU55WThueDZFWjhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoAwMABcwDAwAl
6jALAwMFVOADBAZU4YADAwBbaAMEB7BNgAMEB7DiADANBAIAAjAHAwUAKgr2QDAN
BgkqhkiG9w0BAQsFAAOCAQEAlTep3q4TQ2Ka5XiKE8gENrng1H04Ym5zTAmNZFo0
c7DIAJdrZiiN0Qmy8r96TFibjipNLA7IWCuV++iDtlS87BVxrMzDvbIclaTW5ZYH
yP5jDMbKSY5oYMoSWB60RPetYXqoOd+fK7X4tcFAtznU+d0ijAG5qBPpeHWWuqGX
NG1DTRQc5QcgpLNKxisZolEOVGNBDt3gx7/nH9zyNh9lZsEFA2fuY66zFWAEJlgo
8XZ/g04Jpg1XCgwtqk8D8WSC82TeG5R2I+HwERQjQAYHZOUrNI+DawRwboQ8AAPj
x4HdvmGah/eFd79xzcqV2e/ehAgFGpjMeaYrvTBCmtuTvA==
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:02:36 2024 by rpki-client on console-fra.rpki-client.org