Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/cvKFmOzxCCS_45clReMsabmUaW4.roa
File: cvKFmOzxCCS_45clReMsabmUaW4.roa (raw, json)
Hash identifier: 3X/GoqVDJoIE2P39UpD/RluyRGSsuaQk1TyLUPq/XFU=
Subject key identifier: 72:F2:85:98:EC:F1:08:24:BF:E3:97:25:45:E3:2C:69:B9:94:69:6E
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0192D5F2E0A0F8FC40384CC8BEB674C4C4C1
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/cvKFmOzxCCS_45clReMsabmUaW4.roa
Signing time: Tue 29 Oct 2024 01:45:17 +0000
ROA not before: Tue 29 Oct 2024 01:45:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43793
IP address blocks: 5.175.96.0/19 maxlen: 19
5.175.96.0/20 maxlen: 20
5.175.112.0/20 maxlen: 20
31.47.144.0/20 maxlen: 20
46.183.80.0/21 maxlen: 21
78.111.240.0/20 maxlen: 20
78.111.240.0/23 maxlen: 23
109.205.144.0/21 maxlen: 21
185.43.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d5:f2:e0:a0:f8:fc:40:38:4c:c8:be:b6:74:c4:c4:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Oct 29 01:45:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72f28598ecf10824bfe3972545e32c69b994696e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:25:49:02:78:4b:1d:79:d7:9b:19:1b:0e:24:
51:16:64:58:53:a1:9f:c2:b8:58:c2:3c:3d:9e:9f:
bf:93:25:f0:2b:4f:e5:18:e2:9f:8b:21:03:dc:9d:
be:8f:4e:26:41:ff:07:c0:7d:89:b7:1d:bc:c5:35:
51:7f:15:4e:f6:36:09:d7:80:f9:59:ac:3a:b9:aa:
d7:96:92:fe:c3:f4:41:5c:2c:0b:72:5c:c2:f3:fa:
f5:8f:d5:2d:ad:8c:b6:4c:d6:76:ab:ee:47:7c:c3:
b0:c3:75:9e:90:50:b0:71:41:8c:4e:8b:97:dc:13:
b9:99:fd:79:f0:c7:eb:c2:9e:86:98:b5:fd:03:09:
02:31:20:82:e9:6c:ce:26:0d:41:16:f0:a6:2e:27:
3e:89:a4:8f:ba:cb:0f:3c:1a:02:d2:2e:72:93:97:
bf:b7:f0:3f:e3:2c:59:15:e3:be:b6:66:b0:80:b8:
ea:5a:d3:c1:11:9e:34:c5:96:81:a3:c4:28:dc:c1:
f8:5e:a9:bc:8a:63:3d:53:11:90:91:5f:7e:cd:72:
81:66:7c:19:b3:2d:15:2e:49:71:73:ee:bc:6e:90:
00:76:42:80:f3:c7:89:78:ca:cb:a2:6e:38:2b:4e:
ec:21:ad:cb:3e:53:44:ef:b3:d8:1e:f5:55:fc:0f:
cb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F2:85:98:EC:F1:08:24:BF:E3:97:25:45:E3:2C:69:B9:94:69:6E
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/cvKFmOzxCCS_45clReMsabmUaW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.96.0/19
31.47.144.0/20
46.183.80.0/21
78.111.240.0/20
109.205.144.0/21
185.43.100.0/22
Signature Algorithm: sha256WithRSAEncryption
78:77:8f:81:4d:c8:12:11:26:90:7f:1e:d2:7d:88:b1:c4:2a:
a1:5c:15:13:b8:3e:44:aa:b0:12:69:f3:0b:97:f3:11:ff:df:
6e:4f:31:a3:e3:37:b0:ea:94:a5:8d:ab:e9:d7:25:9d:e9:83:
05:cd:ce:e9:ce:36:82:73:75:b9:55:80:09:b3:33:e2:b7:40:
79:9b:07:d3:7f:36:bc:e0:16:48:f1:dd:32:c8:4e:4e:98:53:
2c:24:83:db:11:44:49:94:f5:0e:17:2d:df:cd:f3:d0:70:11:
5f:f3:bf:75:b0:e5:06:e2:ec:3e:63:f4:14:6d:9b:44:9b:b3:
2a:25:d7:da:ed:2f:02:f7:69:1d:3c:e5:0e:43:f4:91:ac:17:
74:9b:ec:10:38:6d:64:fd:e0:82:6c:c0:45:68:a5:82:88:b5:
90:a1:11:9e:81:b5:68:40:d4:0b:c6:00:18:1f:13:7a:b1:c7:
32:3e:ca:4f:16:54:43:ff:34:d9:c4:ca:21:a2:61:ac:8a:9d:
b8:98:db:dd:5d:12:86:d9:59:d5:bd:64:e2:ac:31:49:4a:24:
62:ec:09:09:32:38:78:4f:86:c7:d2:c7:6a:80:26:52:08:45:
4a:85:71:38:4d:16:af:77:d6:9b:56:df:c5:ad:fb:3d:21:8c:
ec:ec:4f:d9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZLV8uCg+PxAOEzIvrZ0xMTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQxMDI5MDE0NTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmYyODU5OGVjZjEwODI0YmZlMzk3MjU0NWUzMmM2OWI5OTQ2OTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySVJAnhLHXnXmxkbDiRRFmRYU6Gf
wrhYwjw9np+/kyXwK0/lGOKfiyED3J2+j04mQf8HwH2Jtx28xTVRfxVO9jYJ14D5
Waw6uarXlpL+w/RBXCwLclzC8/r1j9UtrYy2TNZ2q+5HfMOww3WekFCwcUGMTouX
3BO5mf158Mfrwp6GmLX9AwkCMSCC6WzOJg1BFvCmLic+iaSPussPPBoC0i5yk5e/
t/A/4yxZFeO+tmawgLjqWtPBEZ40xZaBo8Qo3MH4Xqm8imM9UxGQkV9+zXKBZnwZ
sy0VLklxc+68bpAAdkKA88eJeMrLom44K07sIa3LPlNE77PYHvVV/A/LiwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHLyhZjs8Qgkv+OXJUXjLGm5lGluMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvY3ZLRm1PenhDQ1NfNDVjbFJlTXNhYm1VYVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFBa9gAwQE
Hy+QAwQDLrdQAwQETm/wAwQDbc2QAwQCuStkMA0GCSqGSIb3DQEBCwUAA4IBAQB4
d4+BTcgSESaQfx7SfYixxCqhXBUTuD5EqrASafMLl/MR/99uTzGj4zew6pSljavp
1yWd6YMFzc7pzjaCc3W5VYAJszPit0B5mwfTfza84BZI8d0yyE5OmFMsJIPbEURJ
lPUOFy3fzfPQcBFf8791sOUG4uw+Y/QUbZtEm7MqJdfa7S8C92kdPOUOQ/SRrBd0
m+wQOG1k/eCCbMBFaKWCiLWQoRGegbVoQNQLxgAYHxN6sccyPspPFlRD/zTZxMoh
omGsip24mNvdXRKG2VnVvWTirDFJSiRi7AkJMjh4T4bH0sdqgCZSCEVKhXE4TRav
d9abVt/Frfs9IYzs7E/Z
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:36:26 2024 by rpki-client on console-fra.rpki-client.org