Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/R5BJD7c7szHGjy3bWxFw4BZtE-c.roa
File: R5BJD7c7szHGjy3bWxFw4BZtE-c.roa (raw, json)
Hash identifier: 9+WnNbxCJKqZQXu2QgcNee/vdFR89RYXz6EpaXMdK1w=
Subject key identifier: 47:90:49:0F:B7:3B:B3:31:C6:8F:2D:DB:5B:11:70:E0:16:6D:13:E7
Certificate issuer: /CN=7383fa438a6fae62b35f9091876c44dedb9c0da3
Certificate serial: 018CC8DCF95E7B5BA4E43E43BC5628A59CFE
Authority key identifier: 73:83:FA:43:8A:6F:AE:62:B3:5F:90:91:87:6C:44:DE:DB:9C:0D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c4P6Q4pvrmKzX5CRh2xE3tucDaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/R5BJD7c7szHGjy3bWxFw4BZtE-c.roa
Signing time: Tue 02 Jan 2024 06:29:34 +0000
ROA not before: Tue 02 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42085
IP address blocks: 195.64.138.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/c4P6Q4pvrmKzX5CRh2xE3tucDaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/c4P6Q4pvrmKzX5CRh2xE3tucDaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/c4P6Q4pvrmKzX5CRh2xE3tucDaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 12:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:f9:5e:7b:5b:a4:e4:3e:43:bc:56:28:a5:9c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7383fa438a6fae62b35f9091876c44dedb9c0da3
Validity
Not Before: Jan 2 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4790490fb73bb331c68f2ddb5b1170e0166d13e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3d:57:ff:ea:97:af:40:89:2c:95:b0:58:3f:
75:87:48:bc:82:b3:15:83:fa:fe:34:04:f0:d2:fa:
1b:78:11:ac:a1:df:c7:b1:fd:83:7c:52:39:13:58:
da:5f:12:dc:53:a4:39:be:e3:fa:92:c1:34:67:4e:
02:ed:80:c0:93:cb:07:ee:f8:26:7f:a9:77:fd:16:
be:24:2c:24:2b:08:81:30:92:5d:aa:8b:c5:e1:1f:
bb:75:00:26:a5:47:6f:a7:5b:18:6b:10:90:20:ac:
02:94:cc:fb:e5:ac:7f:53:12:7f:df:37:6f:9e:57:
96:b1:f2:48:51:d8:e1:f3:ec:42:eb:54:5a:80:83:
26:da:be:f4:32:cc:7f:36:12:90:39:46:48:8c:cc:
c1:f8:cb:f0:39:4a:e7:ef:c8:b6:d0:b8:d4:1f:af:
45:38:ae:28:9d:eb:d0:0e:06:8c:f5:f3:02:5f:2f:
80:41:88:f2:c6:3e:17:78:2a:4b:4a:9e:54:34:12:
2f:88:3d:8f:31:4e:df:45:b8:de:74:29:02:e9:7d:
31:7e:a2:51:b8:c5:7f:f9:82:5f:6a:1c:70:71:55:
0e:c6:61:9a:d4:79:e4:4e:9a:26:62:64:c2:62:26:
c3:7e:b3:28:04:31:a8:6d:b6:ac:37:26:53:e6:d9:
05:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:90:49:0F:B7:3B:B3:31:C6:8F:2D:DB:5B:11:70:E0:16:6D:13:E7
X509v3 Authority Key Identifier:
keyid:73:83:FA:43:8A:6F:AE:62:B3:5F:90:91:87:6C:44:DE:DB:9C:0D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4P6Q4pvrmKzX5CRh2xE3tucDaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/R5BJD7c7szHGjy3bWxFw4BZtE-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/6aeda8-b75c-4bbb-8e7d-8feaafac7e89/1/c4P6Q4pvrmKzX5CRh2xE3tucDaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.138.0/23
Signature Algorithm: sha256WithRSAEncryption
56:8a:05:a3:b9:10:18:72:a4:14:ae:02:22:2e:93:e6:bd:73:
57:3e:c0:bc:27:c3:2d:fc:17:cf:5c:b9:81:d7:42:9f:06:d5:
41:fd:85:40:67:d7:d1:c5:39:08:b4:42:7d:18:f5:c7:39:ec:
ff:72:0f:e1:e3:32:33:e4:d9:2b:82:6f:98:20:b6:b9:04:e1:
b0:e5:64:6c:a0:d0:03:5a:77:d3:e9:37:8a:a1:71:28:d5:14:
ef:04:b2:30:64:4e:e7:1c:5e:64:42:09:6e:7e:cb:e8:0a:e5:
bb:c4:bf:eb:e4:90:e4:4b:da:52:64:1f:73:ee:d9:dc:64:d0:
e7:14:b3:44:ca:cd:cb:0b:36:ff:a2:43:0e:c4:0f:5b:32:7c:
ff:83:8a:61:d9:5d:4b:00:79:3b:6a:a1:dc:15:39:3a:9e:d9:
f9:d0:f9:35:3c:07:e8:62:1e:cf:2e:4b:89:c4:37:09:d2:0e:
8e:1e:b6:76:15:0e:96:48:4f:d9:71:69:99:a8:8b:bc:44:c1:
9e:21:8d:4c:e7:e5:59:59:27:07:d7:5a:08:ef:91:10:1e:0a:
dd:7e:46:23:31:5c:88:62:20:d3:1d:03:9b:ff:4f:94:b5:a1:
e4:b2:44:47:93:59:56:98:16:52:df:6f:29:81:52:8a:80:c5:
68:c4:93:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3Plee1uk5D5DvFYopZz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczODNmYTQzOGE2ZmFlNjJiMzVmOTA5MTg3NmM0NGRlZGI5
YzBkYTMwHhcNMjQwMTAyMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzkwNDkwZmI3M2JiMzMxYzY4ZjJkZGI1YjExNzBlMDE2NmQxM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj1X/+qXr0CJLJWwWD91h0i8grMV
g/r+NATw0vobeBGsod/Hsf2DfFI5E1jaXxLcU6Q5vuP6ksE0Z04C7YDAk8sH7vgm
f6l3/Ra+JCwkKwiBMJJdqovF4R+7dQAmpUdvp1sYaxCQIKwClMz75ax/UxJ/3zdv
nleWsfJIUdjh8+xC61RagIMm2r70Msx/NhKQOUZIjMzB+MvwOUrn78i20LjUH69F
OK4onevQDgaM9fMCXy+AQYjyxj4XeCpLSp5UNBIviD2PMU7fRbjedCkC6X0xfqJR
uMV/+YJfahxwcVUOxmGa1HnkTpomYmTCYibDfrMoBDGobbasNyZT5tkFUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEeQSQ+3O7Mxxo8t21sRcOAWbRPnMB8GA1UdIwQY
MBaAFHOD+kOKb65is1+QkYdsRN7bnA2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzRQNlE0cHZybUt6WDVDUmgyeEUzdHVjRGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82YWVkYTgtYjc1Yy00YmJiLThlN2Qt
OGZlYWFmYWM3ZTg5LzEvUjVCSkQ3YzdzekhHankzYld4Rnc0Qlp0RS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC82YWVkYTgtYjc1Yy00YmJiLThlN2QtOGZlYWFmYWM3ZTg5
LzEvYzRQNlE0cHZybUt6WDVDUmgyeEUzdHVjRGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0CKMA0G
CSqGSIb3DQEBCwUAA4IBAQBWigWjuRAYcqQUrgIiLpPmvXNXPsC8J8Mt/BfPXLmB
10KfBtVB/YVAZ9fRxTkItEJ9GPXHOez/cg/h4zIz5Nkrgm+YILa5BOGw5WRsoNAD
WnfT6TeKoXEo1RTvBLIwZE7nHF5kQglufsvoCuW7xL/r5JDkS9pSZB9z7tncZNDn
FLNEys3LCzb/okMOxA9bMnz/g4ph2V1LAHk7aqHcFTk6ntn50Pk1PAfoYh7PLkuJ
xDcJ0g6OHrZ2FQ6WSE/ZcWmZqIu8RMGeIY1M5+VZWScH11oI75EQHgrdfkYjMVyI
YiDTHQOb/0+UtaHkskRHk1lWmBZS328pgVKKgMVoxJNh
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:49:12 2024 by rpki-client on console-ams.rpki-client.org