Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/2Ra0QsgX-BZUBPORZ5_8qY_nyKw.roa
File: 2Ra0QsgX-BZUBPORZ5_8qY_nyKw.roa (raw, json)
Hash identifier: yW8Ftd8vTBeAQeO7gc0c1QYW0hjbZOXSmOYui7a8MKI=
Subject key identifier: D9:16:B4:42:C8:17:F8:16:54:04:F3:91:67:9F:FC:A9:8F:E7:C8:AC
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE69327B717A39D041E0BCB97BA843C34
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/2Ra0QsgX-BZUBPORZ5_8qY_nyKw.roa
Signing time: Tue 16 Apr 2024 11:03:07 +0000
ROA not before: Tue 16 Apr 2024 11:03:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43793
IP address blocks: 5.175.96.0/20 maxlen: 20
5.175.112.0/20 maxlen: 20
31.47.144.0/20 maxlen: 20
46.183.80.0/21 maxlen: 21
78.111.240.0/20 maxlen: 20
78.111.240.0/23 maxlen: 23
109.205.144.0/21 maxlen: 21
185.43.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:93:27:b7:17:a3:9d:04:1e:0b:cb:97:ba:84:3c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 16 11:03:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d916b442c817f8165404f391679ffca98fe7c8ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:05:fd:bb:8d:99:70:d7:ea:fc:9f:0b:fe:50:
87:fc:e8:97:3b:98:5b:71:c5:af:8d:79:ea:21:a5:
ed:f9:a5:fd:27:f4:1c:de:54:7d:18:b8:09:68:07:
95:27:0d:13:6a:76:0f:0d:46:52:7e:5c:fe:21:c2:
ec:5c:38:23:ac:eb:ff:5f:0a:cb:34:73:60:1f:8c:
3e:27:96:60:63:c5:9a:c0:7b:b8:69:d0:7d:a5:e1:
e4:00:11:d7:07:ed:63:f0:fc:90:12:dc:e7:72:52:
e6:86:b1:29:be:55:fe:d6:5c:2e:c7:e5:34:5c:2f:
3a:16:f5:7b:8c:53:15:8a:e3:7d:b4:a3:73:7c:b1:
80:53:b7:6c:ab:ce:df:a5:5b:67:ff:92:88:e4:f1:
f6:de:0b:75:6b:40:c5:c3:77:31:b8:71:d4:43:bc:
05:df:64:50:43:38:7b:30:bd:02:7b:f7:ac:f6:ab:
47:c5:1c:7b:e2:83:58:0c:10:9b:1f:52:79:1d:b9:
38:0b:cf:a4:24:d6:ab:dc:ce:8b:dc:c3:a1:3f:5d:
c1:3c:ac:8d:f6:04:5d:c4:19:3e:9a:06:b7:7c:de:
84:6f:d7:f6:e6:cf:d5:93:d1:04:f6:89:2d:2f:f0:
84:31:78:2c:3b:1c:e8:2b:3c:99:e6:a7:2c:95:c9:
39:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:16:B4:42:C8:17:F8:16:54:04:F3:91:67:9F:FC:A9:8F:E7:C8:AC
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/2Ra0QsgX-BZUBPORZ5_8qY_nyKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.96.0/19
31.47.144.0/20
46.183.80.0/21
78.111.240.0/20
109.205.144.0/21
185.43.100.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:ad:3b:e3:27:3e:b9:d7:df:80:f7:e5:9d:2b:85:2a:b5:fb:
0e:e5:b9:ea:e0:09:93:d8:0f:91:70:4a:0b:ed:b6:01:da:63:
d7:a5:23:d5:44:80:79:85:7b:4c:14:84:26:f5:90:e9:a5:86:
7e:43:de:09:01:85:12:a2:cd:b9:f1:f3:3f:3e:94:6c:92:13:
df:99:a3:64:7e:32:a6:1f:bb:77:27:ea:60:f9:a6:69:ed:c1:
99:8d:ab:d7:a2:ce:19:8b:87:8f:d5:83:48:f3:08:51:fa:7a:
77:c3:9a:b8:3e:1d:29:97:36:47:b2:45:80:17:1b:42:00:cd:
13:b4:a5:79:0b:2a:10:77:f4:eb:b1:8c:f7:f2:da:20:d2:94:
a6:ab:73:7c:d6:32:8f:64:a2:70:0d:0e:70:d0:1d:87:94:77:
b4:66:5a:c8:82:fd:c0:c5:28:4c:d2:dc:6b:ab:44:94:c6:0d:
00:b2:b6:40:fe:70:11:24:48:a0:47:d7:62:8d:8f:9b:37:d3:
5f:2c:c7:50:ff:38:41:3a:02:75:09:2e:a9:ba:2f:54:a6:15:
59:f2:22:b1:41:5d:54:3b:71:8c:70:c0:6c:ba:3b:6d:b1:c6:
0c:6e:ab:b4:37:94:ce:75:cf:b9:de:05:63:2f:f2:fe:6a:49:
24:16:c3:0b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY7mkye3F6OdBB4Ly5e6hDw0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE2MTEwMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE2YjQ0MmM4MTdmODE2NTQwNGYzOTE2NzlmZmNhOThmZTdjOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggX9u42ZcNfq/J8L/lCH/OiXO5hb
ccWvjXnqIaXt+aX9J/Qc3lR9GLgJaAeVJw0TanYPDUZSflz+IcLsXDgjrOv/XwrL
NHNgH4w+J5ZgY8WawHu4adB9peHkABHXB+1j8PyQEtznclLmhrEpvlX+1lwux+U0
XC86FvV7jFMViuN9tKNzfLGAU7dsq87fpVtn/5KI5PH23gt1a0DFw3cxuHHUQ7wF
32RQQzh7ML0Ce/es9qtHxRx74oNYDBCbH1J5Hbk4C8+kJNar3M6L3MOhP13BPKyN
9gRdxBk+mga3fN6Eb9f25s/Vk9EE9oktL/CEMXgsOxzoKzyZ5qcslck5EQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNkWtELIF/gWVATzkWef/KmP58isMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvMlJhMFFzZ1gtQlpVQlBPUlo1XzhxWV9ueUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFBa9gAwQE
Hy+QAwQDLrdQAwQETm/wAwQDbc2QAwQCuStkMA0GCSqGSIb3DQEBCwUAA4IBAQCO
rTvjJz6519+A9+WdK4UqtfsO5bnq4AmT2A+RcEoL7bYB2mPXpSPVRIB5hXtMFIQm
9ZDppYZ+Q94JAYUSos258fM/PpRskhPfmaNkfjKmH7t3J+pg+aZp7cGZjavXos4Z
i4eP1YNI8whR+np3w5q4Ph0plzZHskWAFxtCAM0TtKV5CyoQd/TrsYz38tog0pSm
q3N81jKPZKJwDQ5w0B2HlHe0ZlrIgv3AxShM0txrq0SUxg0AsrZA/nARJEigR9di
jY+bN9NfLMdQ/zhBOgJ1CS6pui9UphVZ8iKxQV1UO3GMcMBsujttscYMbqu0N5TO
dc+53gVjL/L+akkkFsML
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:08:53 2024 by rpki-client on console-ams.rpki-client.org