Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/W6MCXEMmSlcHQgYP-PdKDmfvjx4.roa
File: W6MCXEMmSlcHQgYP-PdKDmfvjx4.roa (raw, json)
Hash identifier: 1rMNai6M6pWZ/4Pg1TTvQQKn4YtFxyeHWjdCmZYR3Zs=
Subject key identifier: 5B:A3:02:5C:43:26:4A:57:07:42:06:0F:F8:F7:4A:0E:67:EF:8F:1E
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 018D21490B42F8982CFC36B5C181E8BEEADA
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/W6MCXEMmSlcHQgYP-PdKDmfvjx4.roa
Signing time: Fri 19 Jan 2024 10:34:11 +0000
ROA not before: Fri 19 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12574
IP address blocks: 213.160.64.0/19 maxlen: 24
2a00:17d8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:21:49:0b:42:f8:98:2c:fc:36:b5:c1:81:e8:be:ea:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 19 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ba3025c43264a570742060ff8f74a0e67ef8f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:74:33:db:e3:1c:84:6b:da:eb:cd:77:78:4f:
1b:e3:16:03:e0:d5:4d:aa:d3:ee:a4:9a:4b:f7:b6:
ae:17:fb:68:74:df:df:88:08:58:31:7f:38:d2:1d:
b6:37:a5:4a:a7:81:4d:94:6d:f7:3a:5a:c8:51:97:
a4:1f:68:6b:8e:67:2d:33:28:50:52:87:45:6e:62:
e7:93:3c:79:86:c6:58:8b:38:b7:c0:67:4a:e8:1f:
80:e2:9e:52:d7:4d:49:03:a9:c4:d7:4b:7d:cc:a1:
99:19:d1:4f:5f:7e:62:e3:b9:14:bb:59:26:cc:3a:
b5:4b:a1:7f:06:8f:d2:7a:96:06:3d:89:89:6b:3a:
ac:14:0a:41:a4:58:61:c4:90:6d:6f:94:3d:8e:a7:
d4:f5:21:9c:f9:70:82:30:ee:dd:42:22:11:51:d0:
96:cd:3c:70:91:aa:cb:e4:68:0c:12:91:94:0f:90:
3b:90:a6:44:fb:57:00:a0:c2:12:c8:10:df:ed:5e:
3a:09:ff:2a:e1:89:70:ca:2d:34:0e:3d:25:4e:31:
7c:e3:8a:b4:ae:66:a6:cd:80:7c:44:67:30:17:37:
2c:92:d0:72:06:33:08:4e:f8:8f:e8:b9:c3:cc:87:
b3:5b:40:03:e7:69:ec:57:16:6e:5f:de:d3:a4:1c:
39:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:A3:02:5C:43:26:4A:57:07:42:06:0F:F8:F7:4A:0E:67:EF:8F:1E
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/W6MCXEMmSlcHQgYP-PdKDmfvjx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.160.64.0/19
IPv6:
2a00:17d8::/32
Signature Algorithm: sha256WithRSAEncryption
63:9c:93:39:3a:e7:01:32:f4:95:ba:fa:8b:76:d5:a3:c4:11:
c7:d4:e2:04:58:af:91:b9:ee:9e:02:fd:93:8f:98:04:6c:3b:
43:83:25:82:e7:29:35:7e:66:f2:72:5a:d7:99:00:2e:63:7f:
07:98:30:26:b5:1a:a7:13:7f:da:72:9b:3b:19:3a:11:a1:a7:
7d:15:b0:0d:d9:1a:fa:4e:e1:3f:12:00:40:44:01:90:fa:83:
8d:55:eb:9c:c7:b0:bc:5b:d6:6a:fb:fc:0a:fd:41:dc:74:b6:
2d:5a:52:2a:87:ab:ef:dc:9c:a3:60:0c:f1:d4:fe:3f:81:29:
b0:c6:d6:85:5d:be:e3:e1:0c:5e:c1:96:37:8d:dc:96:2a:7c:
66:f4:46:2d:7b:0b:60:9c:f1:ac:42:f6:5a:22:99:89:ce:4c:
75:22:bd:44:d3:08:84:c1:d4:98:c4:a5:ec:ea:5e:ba:cd:f0:
d9:b9:0b:b8:ad:96:d2:c6:e7:53:f0:fd:b9:e2:3f:5b:b2:2f:
52:73:2a:ab:d2:a4:ba:f0:99:c6:d2:a3:92:10:82:bb:dc:b1:
94:22:3b:e9:9c:ad:55:12:60:2e:a5:b6:63:86:2e:98:b4:dc:
e3:9f:1e:68:d1:85:37:1a:46:ad:6e:99:44:92:60:57:24:51:
d3:8a:dd:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY0hSQtC+Jgs/Da1wYHovuraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjQwMTE5MTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmEzMDI1YzQzMjY0YTU3MDc0MjA2MGZmOGY3NGEwZTY3ZWY4ZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3Qz2+MchGva6813eE8b4xYD4NVN
qtPupJpL97auF/todN/fiAhYMX840h22N6VKp4FNlG33OlrIUZekH2hrjmctMyhQ
UodFbmLnkzx5hsZYizi3wGdK6B+A4p5S101JA6nE10t9zKGZGdFPX35i47kUu1km
zDq1S6F/Bo/SepYGPYmJazqsFApBpFhhxJBtb5Q9jqfU9SGc+XCCMO7dQiIRUdCW
zTxwkarL5GgMEpGUD5A7kKZE+1cAoMISyBDf7V46Cf8q4Ylwyi00Dj0lTjF844q0
rmamzYB8RGcwFzcsktByBjMITviP6LnDzIezW0AD52nsVxZuX97TpBw5KwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFujAlxDJkpXB0IGD/j3Sg5n748eMB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvVzZNQ1hFTW1TbGNIUWdZUC1QZEtEbWZ2ang0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1aBAMA0E
AgACMAcDBQAqABfYMA0GCSqGSIb3DQEBCwUAA4IBAQBjnJM5OucBMvSVuvqLdtWj
xBHH1OIEWK+Rue6eAv2Tj5gEbDtDgyWC5yk1fmbyclrXmQAuY38HmDAmtRqnE3/a
cps7GToRoad9FbAN2Rr6TuE/EgBARAGQ+oONVeucx7C8W9Zq+/wK/UHcdLYtWlIq
h6vv3JyjYAzx1P4/gSmwxtaFXb7j4QxewZY3jdyWKnxm9EYtewtgnPGsQvZaIpmJ
zkx1Ir1E0wiEwdSYxKXs6l66zfDZuQu4rZbSxudT8P254j9bsi9Scyqr0qS68JnG
0qOSEIK73LGUIjvpnK1VEmAupbZjhi6YtNzjnx5o0YU3GkatbplEkmBXJFHTit0H
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:42:56 2024 by rpki-client on console-fra.rpki-client.org