Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/2ebc79-7b94-4bf8-9133-4b05774de371/1/5jLAJAvy9Vo2lRqQUC0cS_89ZWY.roa
File: 5jLAJAvy9Vo2lRqQUC0cS_89ZWY.roa (raw, json)
Hash identifier: MkYfTlMzQI4f3RThTmEvj1SNWmM74RKhLaaOjThgrTo=
Subject key identifier: E6:32:C0:24:0B:F2:F5:5A:36:95:1A:90:50:2D:1C:4B:FF:3D:65:66
Certificate issuer: /CN=d1993f78cae4459a9b9e2689ad30f0bc44cc6724
Certificate serial: 0191E214A4C8167D35AFAD61234B30A4E7B6
Authority key identifier: D1:99:3F:78:CA:E4:45:9A:9B:9E:26:89:AD:30:F0:BC:44:CC:67:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Zk_eMrkRZqbniaJrTDwvETMZyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/2ebc79-7b94-4bf8-9133-4b05774de371/1/5jLAJAvy9Vo2lRqQUC0cS_89ZWY.roa
Signing time: Wed 11 Sep 2024 17:14:48 +0000
ROA not before: Wed 11 Sep 2024 17:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8387
IP address blocks: 207.244.212.0/24 maxlen: 24
216.120.174.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/2ebc79-7b94-4bf8-9133-4b05774de371/1/0Zk_eMrkRZqbniaJrTDwvETMZyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/2ebc79-7b94-4bf8-9133-4b05774de371/1/0Zk_eMrkRZqbniaJrTDwvETMZyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/0Zk_eMrkRZqbniaJrTDwvETMZyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e2:14:a4:c8:16:7d:35:af:ad:61:23:4b:30:a4:e7:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1993f78cae4459a9b9e2689ad30f0bc44cc6724
Validity
Not Before: Sep 11 17:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e632c0240bf2f55a36951a90502d1c4bff3d6566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f1:b6:a6:17:0d:77:e9:b0:b3:b4:4a:c3:61:
07:c1:5f:7b:0c:56:bd:b1:73:4c:ac:3d:b3:cd:d7:
09:7e:c4:ba:a5:f0:57:bf:60:69:61:2c:3f:db:4a:
f5:dd:a4:fb:c7:80:85:db:b6:23:8b:cd:1d:50:ea:
cc:17:a9:08:fa:70:37:30:cc:a4:59:0a:3f:66:25:
6a:6d:5c:e5:7c:a3:88:f4:b4:45:56:44:bd:f2:40:
cf:58:79:64:29:f0:31:5c:3d:a4:ac:47:11:0f:dd:
30:13:02:06:94:ee:d5:45:b4:75:26:16:da:80:1b:
d7:f2:53:f7:f9:30:b8:59:b6:eb:f8:97:9e:1d:6d:
2d:11:85:07:1b:2d:a1:2f:6c:dd:74:6c:1c:ad:5e:
14:d1:38:a1:df:0f:a0:a4:01:99:2e:36:bc:64:39:
03:4d:e3:36:2e:62:53:45:07:8e:10:e8:2b:7a:4c:
9e:87:ca:6a:6e:9f:ed:14:4c:2c:9b:b8:1e:7c:63:
86:87:eb:96:2e:7e:ed:56:cc:ed:f6:50:0e:7e:f6:
74:6f:a8:5e:a9:97:dc:51:a9:bf:ab:d7:85:21:14:
4b:b6:2e:bb:75:91:39:42:79:29:74:f0:3a:81:c8:
b2:31:ef:b8:33:76:d9:2f:d2:9c:ac:a7:9a:84:6a:
33:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:32:C0:24:0B:F2:F5:5A:36:95:1A:90:50:2D:1C:4B:FF:3D:65:66
X509v3 Authority Key Identifier:
keyid:D1:99:3F:78:CA:E4:45:9A:9B:9E:26:89:AD:30:F0:BC:44:CC:67:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Zk_eMrkRZqbniaJrTDwvETMZyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/2ebc79-7b94-4bf8-9133-4b05774de371/1/5jLAJAvy9Vo2lRqQUC0cS_89ZWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/2ebc79-7b94-4bf8-9133-4b05774de371/1/0Zk_eMrkRZqbniaJrTDwvETMZyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.244.212.0/24
216.120.174.0/23
Signature Algorithm: sha256WithRSAEncryption
93:99:e0:f8:ea:b7:14:b3:03:f9:9e:78:c3:5c:4d:d5:8c:0b:
80:9b:f3:cf:df:7f:6e:84:b9:e0:80:ef:cf:f5:c4:a8:85:ca:
f5:12:7d:ad:33:9d:bb:7e:da:85:f6:e2:d9:3e:26:a1:cd:f3:
78:dc:ef:6c:80:d8:05:5c:d1:e6:d1:31:5a:af:f6:97:57:60:
83:80:fe:48:e0:e1:12:04:45:0e:c5:ad:d3:59:cd:7a:44:3d:
96:73:30:27:4f:99:bd:f5:37:03:e5:2b:d9:2c:db:f7:70:a9:
a5:d2:40:28:f7:58:9f:94:4d:b1:00:70:71:10:9e:99:1b:fa:
ba:f0:12:2f:cf:51:26:27:3d:ab:6a:be:3b:79:51:e1:2f:6b:
22:08:e3:56:de:f7:39:35:24:b8:3e:ea:3c:64:31:a8:b6:f4:
e1:12:f6:bb:33:26:b5:60:60:12:d9:cb:df:c0:df:e4:a7:2c:
ad:21:58:bd:13:af:d0:22:3c:70:65:d4:bb:0e:6d:8f:10:db:
3b:f9:bf:5f:00:f1:ef:70:64:9a:84:b8:f4:84:65:b8:14:c1:
a3:86:51:d3:86:17:3c:bf:28:03:63:93:68:bc:92:6a:4d:28:
af:d6:e0:5c:93:3e:34:24:0e:2e:36:b6:c7:fd:73:12:01:d2:
a8:9f:1f:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHiFKTIFn01r61hI0swpOe2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOTkzZjc4Y2FlNDQ1OWE5YjllMjY4OWFkMzBmMGJjNDRj
YzY3MjQwHhcNMjQwOTExMTcxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjMyYzAyNDBiZjJmNTVhMzY5NTFhOTA1MDJkMWM0YmZmM2Q2NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPG2phcNd+mws7RKw2EHwV97DFa9
sXNMrD2zzdcJfsS6pfBXv2BpYSw/20r13aT7x4CF27Yji80dUOrMF6kI+nA3MMyk
WQo/ZiVqbVzlfKOI9LRFVkS98kDPWHlkKfAxXD2krEcRD90wEwIGlO7VRbR1Jhba
gBvX8lP3+TC4Wbbr+JeeHW0tEYUHGy2hL2zddGwcrV4U0Tih3w+gpAGZLja8ZDkD
TeM2LmJTRQeOEOgrekyeh8pqbp/tFEwsm7gefGOGh+uWLn7tVszt9lAOfvZ0b6he
qZfcUam/q9eFIRRLti67dZE5QnkpdPA6gciyMe+4M3bZL9KcrKeahGozxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOYywCQL8vVaNpUakFAtHEv/PWVmMB8GA1UdIwQY
MBaAFNGZP3jK5EWam54mia0w8LxEzGckMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFprX2VNcmtSWnFibmlhSnJURHd2RVRNWnlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8yZWJjNzktN2I5NC00YmY4LTkxMzMt
NGIwNTc3NGRlMzcxLzEvNWpMQUpBdnk5Vm8ybFJxUVVDMGNTXzg5WldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8yZWJjNzktN2I5NC00YmY4LTkxMzMtNGIwNTc3NGRlMzcx
LzEvMFprX2VNcmtSWnFibmlhSnJURHd2RVRNWnlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAz/TUAwQB
2HiuMA0GCSqGSIb3DQEBCwUAA4IBAQCTmeD46rcUswP5nnjDXE3VjAuAm/PP339u
hLnggO/P9cSohcr1En2tM527ftqF9uLZPiahzfN43O9sgNgFXNHm0TFar/aXV2CD
gP5I4OESBEUOxa3TWc16RD2WczAnT5m99TcD5SvZLNv3cKml0kAo91iflE2xAHBx
EJ6ZG/q68BIvz1EmJz2rar47eVHhL2siCONW3vc5NSS4Puo8ZDGotvThEva7Mya1
YGAS2cvfwN/kpyytIVi9E6/QIjxwZdS7Dm2PENs7+b9fAPHvcGSahLj0hGW4FMGj
hlHThhc8vygDY5NovJJqTSiv1uBckz40JA4uNrbH/XMSAdKonx8j
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:14:34 2024 by rpki-client on console-ams.rpki-client.org