Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/1-1bz-0zniD5MHmsOh_hH4hrpuPA.roa
File: 1-1bz-0zniD5MHmsOh_hH4hrpuPA.roa (raw, json)
Hash identifier: WmvUIW7An2KldZNToPbqN7ClZofIxI/z/RwU4nZ1DHg=
Subject key identifier: FB:56:F3:FB:4C:E7:88:3E:4C:1E:6B:0E:87:F8:47:E2:1A:E9:B8:F0
Certificate issuer: /CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Certificate serial: 019053E43F67604B16818D2D5C597E696FEA
Authority key identifier: AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/1-1bz-0zniD5MHmsOh_hH4hrpuPA.roa
Signing time: Wed 26 Jun 2024 09:33:05 +0000
ROA not before: Wed 26 Jun 2024 09:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59674
IP address blocks: 5.250.240.0/24 maxlen: 24
5.250.241.0/24 maxlen: 24
5.250.242.0/24 maxlen: 24
5.250.243.0/24 maxlen: 24
5.250.244.0/24 maxlen: 24
5.250.245.0/24 maxlen: 24
5.250.246.0/24 maxlen: 24
5.250.247.0/24 maxlen: 24
5.250.248.0/24 maxlen: 24
5.250.249.0/24 maxlen: 24
5.250.250.0/24 maxlen: 24
5.250.251.0/24 maxlen: 24
5.250.252.0/24 maxlen: 24
185.67.122.0/24 maxlen: 24
185.67.123.0/24 maxlen: 24
2a05:e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:e4:3f:67:60:4b:16:81:8d:2d:5c:59:7e:69:6f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Validity
Not Before: Jun 26 09:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb56f3fb4ce7883e4c1e6b0e87f847e21ae9b8f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:17:70:eb:82:f4:9d:5b:bf:1d:ce:9c:ef:94:
6e:5c:07:c3:14:73:99:c0:7d:18:23:fb:c5:17:d9:
b8:ef:b7:87:88:46:fb:ef:3a:a0:40:2c:22:41:8e:
7c:06:0e:92:7f:11:74:c0:25:0b:87:11:01:74:64:
36:14:4f:03:04:ec:fe:a4:f5:34:d0:3a:6f:66:e5:
96:b9:2e:48:90:24:3e:2e:59:5f:13:d5:b1:08:82:
3b:43:68:35:e5:80:ca:25:2b:d9:c2:70:d6:ab:6a:
21:6a:6e:63:10:08:aa:db:2e:e8:de:b4:a4:30:ea:
c0:1e:eb:9d:46:a0:45:bd:0b:a0:a8:af:41:d9:81:
10:e8:39:dc:7b:38:1a:a3:b6:2e:92:cb:04:20:fd:
72:dc:b0:f0:09:bc:d0:ca:f5:13:21:0f:8f:83:71:
b0:5e:7e:c2:94:96:06:92:8d:12:24:31:36:4a:d3:
77:5a:f4:3e:ad:94:0e:23:94:bb:84:c3:d9:74:22:
26:7d:7d:b9:11:8d:0b:b0:bd:ae:3e:70:f8:e8:42:
f0:24:12:0b:ad:bc:43:2c:c5:72:4d:d3:27:40:1b:
36:b4:c3:c9:28:84:e0:94:fe:5f:07:d9:cc:7c:a0:
9b:57:de:86:bc:0b:8e:e5:59:e5:0d:c6:14:9b:96:
1a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:56:F3:FB:4C:E7:88:3E:4C:1E:6B:0E:87:F8:47:E2:1A:E9:B8:F0
X509v3 Authority Key Identifier:
keyid:AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/1-1bz-0zniD5MHmsOh_hH4hrpuPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.240.0-5.250.252.255
185.67.122.0/23
IPv6:
2a05:e80::/32
Signature Algorithm: sha256WithRSAEncryption
6b:88:d5:51:87:63:fc:d2:b1:7f:7b:c0:7f:3e:ea:76:90:c3:
b9:6a:b2:51:62:f4:6b:0d:fc:dc:3d:4d:54:11:bf:55:4e:da:
b4:08:3f:3f:7d:93:eb:38:a3:71:f8:63:36:ee:45:9c:73:89:
eb:3b:f1:28:b7:4a:58:60:5f:e7:2f:00:23:c3:9b:7e:0f:b4:
eb:8d:0b:c8:1a:24:3a:70:39:05:bf:16:c7:ba:62:c9:8c:40:
6f:75:f9:75:68:1a:27:25:6e:0c:d5:31:56:df:05:0e:fd:d5:
99:63:43:35:51:55:9d:9f:a2:7a:7b:7a:2d:77:f2:3c:74:07:
0b:ed:59:35:a4:f1:2c:fb:74:10:2f:9e:0a:33:47:1c:84:09:
99:f2:26:53:6c:84:34:12:d6:21:33:e0:6e:d4:ef:8d:3c:ce:
bd:8c:3b:e1:15:0d:35:52:b9:da:37:95:68:70:40:1f:f3:99:
f1:28:73:10:63:c9:86:52:4c:67:4f:ae:66:f8:d4:34:41:4d:
38:86:06:55:b9:bd:ab:02:76:5a:0d:f1:6e:cd:cd:bb:e5:0c:
2a:79:2d:b7:dc:7b:61:f5:b8:ee:e4:84:18:fd:47:9b:7c:26:
80:c0:1e:8b:d9:b8:97:cf:5a:7a:51:c6:52:50:a9:98:4e:47:
b2:a0:13:9c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZBT5D9nYEsWgY0tXFl+aW/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWQwZTdlODE4YmFmOWE3YWZiOTg2NjEyNDI5MmE2MWFh
ZmI4Y2EwHhcNMjQwNjI2MDkzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjU2ZjNmYjRjZTc4ODNlNGMxZTZiMGU4N2Y4NDdlMjFhZTliOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRdw64L0nVu/Hc6c75RuXAfDFHOZ
wH0YI/vFF9m477eHiEb77zqgQCwiQY58Bg6SfxF0wCULhxEBdGQ2FE8DBOz+pPU0
0DpvZuWWuS5IkCQ+LllfE9WxCII7Q2g15YDKJSvZwnDWq2oham5jEAiq2y7o3rSk
MOrAHuudRqBFvQugqK9B2YEQ6Dncezgao7YukssEIP1y3LDwCbzQyvUTIQ+Pg3Gw
Xn7ClJYGko0SJDE2StN3WvQ+rZQOI5S7hMPZdCImfX25EY0LsL2uPnD46ELwJBIL
rbxDLMVyTdMnQBs2tMPJKITglP5fB9nMfKCbV96GvAuO5VnlDcYUm5YacQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPtW8/tM54g+TB5rDof4R+Ia6bjwMB8GA1UdIwQY
MBaAFKsdDn6Bi6+aevuYZhJCkqYar7jKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWIt
ZWE1OTI2NGY5MDgzLzEvMS0xYnotMHpuaUQ1TUhtc09oX2hINGhycHVQQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjgvMTI0YzM1LTk1MjMtNDNiNy1iN2ViLWVhNTkyNjRmOTA4
My8xL3F4ME9mb0dMcjVwNi01aG1Fa0tTcGhxdnVNby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA8BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFDAMAwQEBfrw
AwQABfr8AwQBuUN6MA0EAgACMAcDBQAqBQ6AMA0GCSqGSIb3DQEBCwUAA4IBAQBr
iNVRh2P80rF/e8B/Pup2kMO5arJRYvRrDfzcPU1UEb9VTtq0CD8/fZPrOKNx+GM2
7kWcc4nrO/Eot0pYYF/nLwAjw5t+D7TrjQvIGiQ6cDkFvxbHumLJjEBvdfl1aBon
JW4M1TFW3wUO/dWZY0M1UVWdn6J6e3otd/I8dAcL7Vk1pPEs+3QQL54KM0cchAmZ
8iZTbIQ0EtYhM+Bu1O+NPM69jDvhFQ01UrnaN5VocEAf85nxKHMQY8mGUkxnT65m
+NQ0QU04hgZVub2rAnZaDfFuzc275QwqeS233Hth9bju5IQY/UebfCaAwB6L2biX
z1p6UcZSUKmYTkeyoBOc
-----END CERTIFICATE-----
Generated at Fri Nov 15 22:17:27 2024 by rpki-client on console-ams.rpki-client.org