Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/p5yYJq700BobK9jLhXTNrsv5bL0.roa
File: p5yYJq700BobK9jLhXTNrsv5bL0.roa (raw, json)
Hash identifier: e81TR5f32uyYUqv5tcNLrlL7sZIm/pLpm5hLIvWVeIo=
Subject key identifier: A7:9C:98:26:AE:F4:D0:1A:1B:2B:D8:CB:85:74:CD:AE:CB:F9:6C:BD
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 018CC8DEE07C305CB742EB5203CF77560A05
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/p5yYJq700BobK9jLhXTNrsv5bL0.roa
Signing time: Tue 02 Jan 2024 06:31:38 +0000
ROA not before: Tue 02 Jan 2024 06:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207875
IP address blocks: 195.211.160.0/22 maxlen: 22
195.211.161.0/24 maxlen: 24
192.109.248.0/24 maxlen: 24
192.109.253.0/24 maxlen: 24
192.109.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:e0:7c:30:5c:b7:42:eb:52:03:cf:77:56:0a:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 06:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a79c9826aef4d01a1b2bd8cb8574cdaecbf96cbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:78:22:f2:f0:09:5c:9e:a6:f9:ee:52:07:46:
91:7a:14:39:c4:47:23:5d:a2:15:73:96:ac:7a:0a:
83:fc:fe:c4:12:8b:e2:14:2c:0b:9b:33:ae:b7:c3:
6d:f6:09:dc:c8:7c:63:3a:4d:d1:38:8b:8f:7d:e1:
20:97:ce:79:65:cd:fc:01:28:23:70:63:5c:15:7a:
8c:40:77:10:62:17:bf:ac:38:38:f1:ac:95:0b:0e:
1e:18:b6:c5:4a:69:21:3d:58:ba:70:61:dd:70:bd:
2b:38:8b:08:8f:6f:02:e7:8d:d1:ba:bf:0e:37:74:
0c:8f:19:e0:46:4a:8c:55:a7:1c:50:6a:e1:e1:f1:
79:25:2e:35:6a:85:71:6a:3c:f7:5a:58:5b:d5:1b:
c3:54:19:88:30:b4:5a:b9:9c:14:fd:f0:e0:d6:9c:
f8:fe:aa:85:53:6c:7a:16:b9:ef:8c:a1:0b:e3:47:
6f:41:6e:3f:9e:f2:80:36:26:ff:dc:5f:26:00:12:
c8:30:e6:76:6d:ca:19:62:30:c7:74:d5:2c:e6:fb:
1b:7f:3e:69:d8:9b:ad:9a:15:8d:5c:91:22:b4:c9:
06:a4:34:b7:60:40:ca:51:3d:89:5c:97:1e:39:57:
db:79:c6:7a:71:da:5a:6a:28:5f:04:9e:16:a6:63:
be:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9C:98:26:AE:F4:D0:1A:1B:2B:D8:CB:85:74:CD:AE:CB:F9:6C:BD
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/p5yYJq700BobK9jLhXTNrsv5bL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.248.0/24
192.109.250.0/24
192.109.253.0/24
195.211.160.0/22
Signature Algorithm: sha256WithRSAEncryption
05:ac:0d:2b:9b:05:33:0c:73:62:c6:fe:20:25:95:91:43:cc:
b2:97:2b:36:57:c1:6d:16:22:58:e9:08:a5:27:fa:82:29:b7:
1a:16:45:e4:7d:cb:0c:1d:65:73:21:9f:5a:29:a1:62:40:aa:
ff:cd:8b:9f:cb:86:54:7f:48:ae:67:48:20:bc:29:e4:99:70:
b5:d3:d9:2f:2e:fd:5e:5a:64:a4:06:4b:d1:5f:be:ba:f4:c9:
63:ec:03:90:ab:d4:9b:98:bf:ce:bc:99:5c:0b:78:9f:c6:d3:
c9:ad:fe:c0:c9:8a:77:ca:86:2a:25:e5:6d:a7:43:dc:cc:b5:
f5:2a:74:f3:fb:a4:2d:6f:ac:b4:e9:0e:ce:0f:af:eb:01:31:
c2:10:c8:c8:0c:8a:92:22:c7:f0:c1:96:43:cc:6a:3f:36:5d:
75:99:a4:12:f6:81:70:71:bd:85:05:7f:c5:80:3f:e2:22:c2:
2e:b2:72:0f:05:4d:61:2c:fe:16:a0:cb:7b:87:ed:a3:a3:1a:
b5:9b:9f:08:52:a7:52:07:d6:99:0c:22:22:57:2b:12:36:99:
76:7c:cf:f2:bb:82:a5:09:76:2f:e7:74:46:f5:fd:8e:bb:b9:
1b:5e:43:58:37:79:dc:aa:61:5d:13:1b:85:4b:ec:3a:2e:df:
ce:01:d6:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3uB8MFy3QutSA893VgoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjQwMTAyMDYzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzljOTgyNmFlZjRkMDFhMWIyYmQ4Y2I4NTc0Y2RhZWNiZjk2Y2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHgi8vAJXJ6m+e5SB0aRehQ5xEcj
XaIVc5asegqD/P7EEoviFCwLmzOut8Nt9gncyHxjOk3ROIuPfeEgl855Zc38ASgj
cGNcFXqMQHcQYhe/rDg48ayVCw4eGLbFSmkhPVi6cGHdcL0rOIsIj28C543Rur8O
N3QMjxngRkqMVaccUGrh4fF5JS41aoVxajz3Wlhb1RvDVBmIMLRauZwU/fDg1pz4
/qqFU2x6FrnvjKEL40dvQW4/nvKANib/3F8mABLIMOZ2bcoZYjDHdNUs5vsbfz5p
2JutmhWNXJEitMkGpDS3YEDKUT2JXJceOVfbecZ6cdpaaihfBJ4WpmO+NQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKecmCau9NAaGyvYy4V0za7L+Wy9MB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvcDV5WUpxNzAwQm9iSzlqTGhYVE5yc3Y1YkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwG34AwQA
wG36AwQAwG39AwQCw9OgMA0GCSqGSIb3DQEBCwUAA4IBAQAFrA0rmwUzDHNixv4g
JZWRQ8yylys2V8FtFiJY6QilJ/qCKbcaFkXkfcsMHWVzIZ9aKaFiQKr/zYufy4ZU
f0iuZ0ggvCnkmXC109kvLv1eWmSkBkvRX7669Mlj7AOQq9SbmL/OvJlcC3ifxtPJ
rf7AyYp3yoYqJeVtp0PczLX1KnTz+6Qtb6y06Q7OD6/rATHCEMjIDIqSIsfwwZZD
zGo/Nl11maQS9oFwcb2FBX/FgD/iIsIusnIPBU1hLP4WoMt7h+2joxq1m58IUqdS
B9aZDCIiVysSNpl2fM/yu4KlCXYv53RG9f2Ou7kbXkNYN3ncqmFdExuFS+w6Lt/O
AdYq
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:40:28 2024 by rpki-client on console-ams.rpki-client.org