Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/f89AYQ4311tA8O1QnwV1JGRiGKE.roa
File: f89AYQ4311tA8O1QnwV1JGRiGKE.roa (raw, json)
Hash identifier: OxCGoEoSqaATysV/kEnsi2gEBIpn/MNYNjglXTr6viQ=
Subject key identifier: 7F:CF:40:61:0E:37:D7:5B:40:F0:ED:50:9F:05:75:24:64:62:18:A1
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018CC802092D26AD0D6D048624B58973DAE8
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/f89AYQ4311tA8O1QnwV1JGRiGKE.roa
Signing time: Tue 02 Jan 2024 02:30:25 +0000
ROA not before: Tue 02 Jan 2024 02:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60716
IP address blocks: 5.140.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:09:2d:26:ad:0d:6d:04:86:24:b5:89:73:da:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 02:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fcf40610e37d75b40f0ed509f057524646218a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2f:ee:31:96:78:ef:40:da:a7:5c:8b:36:0a:
0c:64:3a:aa:98:6d:45:72:3c:a1:21:e9:c2:7c:4d:
41:55:5d:f1:ca:89:a8:c9:2a:4a:7b:f0:19:e6:34:
7b:9b:dd:30:b6:dd:2b:c0:32:0b:6c:58:35:dc:37:
44:72:0f:cf:28:39:c9:61:90:8c:a9:28:8b:a0:4e:
3a:d5:13:96:e2:69:a4:72:74:26:3d:f5:cf:cd:22:
8a:2d:bd:96:ce:06:08:0b:f0:2c:ae:d6:4e:18:c9:
ed:41:51:bc:2e:98:c9:28:a1:c0:3b:bd:f3:05:a9:
af:cd:4a:52:bf:a4:6c:84:4a:0e:ed:b1:5d:cb:37:
f3:d0:ed:aa:9b:00:1c:2e:9b:14:4b:30:c6:f9:0d:
b2:8a:81:f3:ec:ba:ff:0d:30:b6:d6:b8:75:c4:00:
b2:b8:67:07:3e:fd:a3:ce:cc:48:1f:fa:1f:55:7f:
70:ae:b0:af:ab:31:34:86:d3:0d:49:b9:85:fe:7e:
3d:d6:8c:78:3b:97:97:a5:23:38:bc:4e:62:af:65:
86:21:50:df:0a:e9:93:7e:ff:dc:0f:85:77:09:71:
94:9e:c1:a7:ce:e7:87:ee:4f:c9:1e:e4:c2:11:09:
d3:0a:da:a2:9d:00:8e:8c:c4:8c:63:86:97:7a:58:
82:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:CF:40:61:0E:37:D7:5B:40:F0:ED:50:9F:05:75:24:64:62:18:A1
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/f89AYQ4311tA8O1QnwV1JGRiGKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.140.161.0/24
Signature Algorithm: sha256WithRSAEncryption
58:94:70:e6:05:33:cb:ae:84:6a:81:cf:58:26:e8:d0:fe:c5:
58:97:9b:01:47:fd:b2:39:6e:00:f3:10:ff:aa:6c:b1:74:c9:
7e:ec:27:4b:cb:18:a0:a0:28:a1:6f:46:37:ce:04:c7:1f:c3:
f1:63:21:e2:c0:03:51:fa:59:89:e9:ec:26:43:85:d2:10:d5:
30:26:2d:dc:6c:f7:21:fa:c0:77:c9:18:9f:6c:63:b9:bb:f4:
f7:74:dc:19:bf:2f:b9:5e:90:42:7a:e9:a9:86:e9:03:05:f0:
4f:dc:48:1e:7d:2c:8a:5b:42:39:42:9d:9e:f7:16:56:46:fe:
dd:23:83:9b:0d:19:22:44:2e:9f:a7:0d:1d:4d:c2:31:d7:d8:
50:b2:6f:13:89:c2:e8:ca:dd:b9:a6:12:76:0e:ef:39:6e:d8:
b3:8e:9c:e7:a8:3e:78:c6:29:08:f5:c6:c5:bd:2a:54:99:a6:
e4:dd:23:39:ac:48:c4:7b:bb:b7:6e:78:80:c0:52:06:11:09:
2f:fd:fb:de:d7:14:64:e9:17:64:0b:47:43:67:9e:ad:fe:ca:
d9:5c:4c:3a:4e:e9:b7:37:08:24:2b:fc:87:72:c2:c0:66:42:
2a:16:21:1f:cb:6c:6c:e9:17:26:66:79:34:96:ac:56:3e:7c:
e1:ec:6c:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAgktJq0NbQSGJLWJc9roMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMTAyMDIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmNmNDA2MTBlMzdkNzViNDBmMGVkNTA5ZjA1NzUyNDY0NjIxOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzS/uMZZ470Dap1yLNgoMZDqqmG1F
cjyhIenCfE1BVV3xyomoySpKe/AZ5jR7m90wtt0rwDILbFg13DdEcg/PKDnJYZCM
qSiLoE461ROW4mmkcnQmPfXPzSKKLb2WzgYIC/AsrtZOGMntQVG8LpjJKKHAO73z
BamvzUpSv6RshEoO7bFdyzfz0O2qmwAcLpsUSzDG+Q2yioHz7Lr/DTC21rh1xACy
uGcHPv2jzsxIH/ofVX9wrrCvqzE0htMNSbmF/n491ox4O5eXpSM4vE5ir2WGIVDf
CumTfv/cD4V3CXGUnsGnzueH7k/JHuTCEQnTCtqinQCOjMSMY4aXeliC2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/PQGEON9dbQPDtUJ8FdSRkYhihMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZjg5QVlRNDMxMXRBOE8xUW53VjFKR1JpR0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABYyhMA0G
CSqGSIb3DQEBCwUAA4IBAQBYlHDmBTPLroRqgc9YJujQ/sVYl5sBR/2yOW4A8xD/
qmyxdMl+7CdLyxigoCihb0Y3zgTHH8PxYyHiwANR+lmJ6ewmQ4XSENUwJi3cbPch
+sB3yRifbGO5u/T3dNwZvy+5XpBCeumphukDBfBP3EgefSyKW0I5Qp2e9xZWRv7d
I4ObDRkiRC6fpw0dTcIx19hQsm8TicLoyt25phJ2Du85btizjpznqD54xikI9cbF
vSpUmabk3SM5rEjEe7u3bniAwFIGEQkv/fve1xRk6RdkC0dDZ56t/srZXEw6Tum3
NwgkK/yHcsLAZkIqFiEfy2xs6RcmZnk0lqxWPnzh7Gxb
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:57 2024 by rpki-client on console-ams.rpki-client.org