Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/03bb2e-4341-4435-ade7-8ceaf11e2728/1/tW0I74HU_ddQRJpkFtAizsBTrsk.roa
File: tW0I74HU_ddQRJpkFtAizsBTrsk.roa (raw, json)
Hash identifier: cyARmpptjPLtTTLnmxz3paGZ38Kfn70sUEeiL3DkbpI=
Subject key identifier: B5:6D:08:EF:81:D4:FD:D7:50:44:9A:64:16:D0:22:CE:C0:53:AE:C9
Certificate issuer: /CN=d1981d330a9eba24f1b9f7c99ac6bfdd6139aad8
Certificate serial: 018CC9BCEF5912FEA3A5C08E87A23FC85818
Authority key identifier: D1:98:1D:33:0A:9E:BA:24:F1:B9:F7:C9:9A:C6:BF:DD:61:39:AA:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ZgdMwqeuiTxuffJmsa_3WE5qtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/03bb2e-4341-4435-ade7-8ceaf11e2728/1/tW0I74HU_ddQRJpkFtAizsBTrsk.roa
Signing time: Tue 02 Jan 2024 10:34:11 +0000
ROA not before: Tue 02 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209054
IP address blocks: 5.183.161.0/24 maxlen: 24
5.183.163.0/24 maxlen: 24
5.183.160.0/24 maxlen: 24
5.183.162.0/24 maxlen: 24
2a0e:e00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/03bb2e-4341-4435-ade7-8ceaf11e2728/1/0ZgdMwqeuiTxuffJmsa_3WE5qtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/03bb2e-4341-4435-ade7-8ceaf11e2728/1/0ZgdMwqeuiTxuffJmsa_3WE5qtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/0ZgdMwqeuiTxuffJmsa_3WE5qtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 23:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ef:59:12:fe:a3:a5:c0:8e:87:a2:3f:c8:58:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1981d330a9eba24f1b9f7c99ac6bfdd6139aad8
Validity
Not Before: Jan 2 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b56d08ef81d4fdd750449a6416d022cec053aec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c1:f1:c6:82:a4:46:09:c6:34:c4:30:1d:be:
94:05:0d:e0:e1:b0:3d:3a:7c:db:45:67:1a:f6:2e:
08:60:69:27:00:84:fd:4e:a8:60:f7:41:3b:92:63:
f8:9b:39:97:1b:1f:60:4d:b3:24:59:7e:66:47:02:
40:44:a5:62:97:64:a0:55:cf:05:29:6a:10:ff:43:
02:ab:83:24:19:be:fe:20:2a:23:2a:3b:ee:75:4c:
a5:35:10:e5:80:27:52:81:0a:75:cb:06:ef:63:1a:
c6:11:c4:68:cb:95:b8:10:68:2e:f4:ce:19:fa:3d:
40:4b:fe:03:fe:bf:7a:20:de:bf:0e:1a:46:20:ed:
72:29:59:0a:24:73:86:cc:f2:11:04:4c:16:94:ea:
95:eb:b1:59:66:c3:ec:63:22:0c:2f:7d:85:6d:a5:
a6:a7:92:2a:cd:e2:36:7e:ad:82:70:b2:bb:79:43:
4f:f5:1b:60:e3:da:2b:12:47:78:42:d9:5c:a5:14:
31:6f:58:4f:67:80:49:62:dd:85:bf:a5:15:17:e4:
15:3b:f5:d3:78:8f:d2:f9:8b:55:8c:9b:c8:e7:1d:
a5:cd:69:9a:f1:20:0f:c3:51:78:96:ee:d9:0c:bd:
9d:3d:ec:fa:05:85:b0:e1:36:2b:7e:02:6a:1f:2d:
2f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:6D:08:EF:81:D4:FD:D7:50:44:9A:64:16:D0:22:CE:C0:53:AE:C9
X509v3 Authority Key Identifier:
keyid:D1:98:1D:33:0A:9E:BA:24:F1:B9:F7:C9:9A:C6:BF:DD:61:39:AA:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ZgdMwqeuiTxuffJmsa_3WE5qtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/03bb2e-4341-4435-ade7-8ceaf11e2728/1/tW0I74HU_ddQRJpkFtAizsBTrsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/03bb2e-4341-4435-ade7-8ceaf11e2728/1/0ZgdMwqeuiTxuffJmsa_3WE5qtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.160.0/22
IPv6:
2a0e:e00::/32
Signature Algorithm: sha256WithRSAEncryption
43:47:a0:f9:4a:79:3b:b3:9f:57:42:8c:cd:09:75:7c:31:93:
72:2a:d2:81:08:b0:99:a0:42:b6:cd:f2:22:94:59:2d:bb:ec:
33:26:fd:fc:2b:65:f9:30:ec:22:b1:99:da:38:1e:da:e4:bf:
0e:83:e9:54:05:57:9d:87:04:1c:87:06:6f:e0:88:bd:bd:62:
d9:93:03:2e:cb:ac:47:55:95:ac:ea:19:28:a8:90:bc:9e:0f:
bf:5b:86:e8:11:f6:fe:45:c5:eb:86:f7:e4:5c:df:6b:ee:f1:
ba:a9:dc:e5:02:c4:ef:e7:b1:57:b1:3f:87:27:98:54:d7:5d:
29:96:4d:c6:c2:54:2d:24:50:41:73:af:4a:e4:19:81:64:35:
c6:d9:9c:15:0d:52:8e:9a:89:5a:cd:7f:e8:b4:3c:10:7d:52:
d7:bd:85:f0:37:a7:3c:22:49:37:a3:cb:ae:b9:8c:1e:6e:35:
54:31:aa:3b:31:3f:cc:82:f2:46:62:4e:4e:4b:b8:e2:91:d7:
ad:b2:33:e6:08:a1:14:4c:3b:b1:27:86:7a:20:bd:d0:77:ef:
2a:ab:8f:f0:6a:98:4d:c1:a7:b6:00:e3:5a:96:22:05:1c:38:
7d:c6:c6:0b:e3:32:af:e1:9f:94:7f:94:64:c8:f7:e5:de:53:
75:dd:0f:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvO9ZEv6jpcCOh6I/yFgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxOTgxZDMzMGE5ZWJhMjRmMWI5ZjdjOTlhYzZiZmRkNjEz
OWFhZDgwHhcNMjQwMTAyMTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTZkMDhlZjgxZDRmZGQ3NTA0NDlhNjQxNmQwMjJjZWMwNTNhZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8HxxoKkRgnGNMQwHb6UBQ3g4bA9
OnzbRWca9i4IYGknAIT9Tqhg90E7kmP4mzmXGx9gTbMkWX5mRwJARKVil2SgVc8F
KWoQ/0MCq4MkGb7+ICojKjvudUylNRDlgCdSgQp1ywbvYxrGEcRoy5W4EGgu9M4Z
+j1AS/4D/r96IN6/DhpGIO1yKVkKJHOGzPIRBEwWlOqV67FZZsPsYyIML32FbaWm
p5IqzeI2fq2CcLK7eUNP9Rtg49orEkd4QtlcpRQxb1hPZ4BJYt2Fv6UVF+QVO/XT
eI/S+YtVjJvI5x2lzWma8SAPw1F4lu7ZDL2dPez6BYWw4TYrfgJqHy0v8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLVtCO+B1P3XUESaZBbQIs7AU67JMB8GA1UdIwQY
MBaAFNGYHTMKnrok8bn3yZrGv91hOarYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFpnZE13cWV1aVR4dWZmSm1zYV8zV0U1cXRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wM2JiMmUtNDM0MS00NDM1LWFkZTct
OGNlYWYxMWUyNzI4LzEvdFcwSTc0SFVfZGRRUkpwa0Z0QWl6c0JUcnNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wM2JiMmUtNDM0MS00NDM1LWFkZTctOGNlYWYxMWUyNzI4
LzEvMFpnZE13cWV1aVR4dWZmSm1zYV8zV0U1cXRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBbegMA0E
AgACMAcDBQAqDg4AMA0GCSqGSIb3DQEBCwUAA4IBAQBDR6D5Snk7s59XQozNCXV8
MZNyKtKBCLCZoEK2zfIilFktu+wzJv38K2X5MOwisZnaOB7a5L8Og+lUBVedhwQc
hwZv4Ii9vWLZkwMuy6xHVZWs6hkoqJC8ng+/W4boEfb+RcXrhvfkXN9r7vG6qdzl
AsTv57FXsT+HJ5hU110plk3GwlQtJFBBc69K5BmBZDXG2ZwVDVKOmolazX/otDwQ
fVLXvYXwN6c8Ikk3o8uuuYwebjVUMao7MT/MgvJGYk5OS7jikdetsjPmCKEUTDux
J4Z6IL3Qd+8qq4/waphNwae2AONaliIFHDh9xsYL4zKv4Z+Uf5RkyPfl3lN13Q+v
-----END CERTIFICATE-----
Generated at Mon Jul 1 07:57:54 2024 by rpki-client on console.sobornost.net