Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/pf35tf8O6hv-wW-rXbXOrZpJKos.roa
File: pf35tf8O6hv-wW-rXbXOrZpJKos.roa (raw, json)
Hash identifier: azXNzWivByCMiVEBh3WvKSoD7dmTisfypuwKgy2Z7PY=
Subject key identifier: A5:FD:F9:B5:FF:0E:EA:1B:FE:C1:6F:AB:5D:B5:CE:AD:9A:49:2A:8B
Certificate issuer: /CN=a90d9ac2ef11d5469375d6de6c6bf721129e3b71
Certificate serial: 018CC42556560A55A72ADD9590BFCE0ABBB5
Authority key identifier: A9:0D:9A:C2:EF:11:D5:46:93:75:D6:DE:6C:6B:F7:21:12:9E:3B:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qQ2awu8R1UaTddbebGv3IRKeO3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/pf35tf8O6hv-wW-rXbXOrZpJKos.roa
Signing time: Mon 01 Jan 2024 08:30:30 +0000
ROA not before: Mon 01 Jan 2024 08:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198221
IP address blocks: 193.168.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/qQ2awu8R1UaTddbebGv3IRKeO3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/qQ2awu8R1UaTddbebGv3IRKeO3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/qQ2awu8R1UaTddbebGv3IRKeO3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:56:56:0a:55:a7:2a:dd:95:90:bf:ce:0a:bb:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a90d9ac2ef11d5469375d6de6c6bf721129e3b71
Validity
Not Before: Jan 1 08:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5fdf9b5ff0eea1bfec16fab5db5cead9a492a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e3:bc:f9:47:52:78:37:4f:5c:dc:fb:81:cc:
a5:45:d9:31:d5:32:d0:06:ce:26:e4:45:c9:a5:de:
cf:93:ec:5d:18:2c:5f:45:c3:db:f7:e9:1d:1e:e7:
f7:10:bc:69:8e:f1:b9:1c:82:12:bb:d0:8a:2d:f3:
17:ff:5c:fb:49:33:04:43:e4:15:ca:1f:93:02:b4:
5f:52:d1:36:4d:2a:aa:f2:cd:3f:0f:d3:3b:c3:70:
ee:2e:d2:7b:a7:c8:2a:07:a7:13:de:0c:53:78:46:
28:25:78:a1:53:af:f2:ee:04:af:cf:b9:97:63:10:
a1:2d:4d:51:72:64:2e:3b:75:42:e9:74:33:c0:68:
3a:17:1d:79:e5:65:a7:ee:71:c4:4b:f8:02:be:14:
46:2a:78:ff:5a:3a:e6:3c:0f:a3:17:ce:5c:7e:b8:
0e:44:54:9c:74:0b:50:aa:94:1f:49:03:d5:81:47:
13:27:76:2d:df:89:ec:04:d7:8d:66:31:5b:4d:83:
d7:e8:7a:fc:57:6c:34:41:18:6c:92:2e:8f:05:d3:
cf:6e:5a:4b:3b:4c:5c:61:a8:1d:71:38:e0:2a:be:
e7:5a:f1:79:36:03:c4:38:a5:eb:67:58:5d:24:c2:
92:ae:fb:61:51:4a:51:74:21:21:e1:c3:14:26:66:
38:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:FD:F9:B5:FF:0E:EA:1B:FE:C1:6F:AB:5D:B5:CE:AD:9A:49:2A:8B
X509v3 Authority Key Identifier:
keyid:A9:0D:9A:C2:EF:11:D5:46:93:75:D6:DE:6C:6B:F7:21:12:9E:3B:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQ2awu8R1UaTddbebGv3IRKeO3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/pf35tf8O6hv-wW-rXbXOrZpJKos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/59c24e-a21f-46b2-9ea1-b3a6707ead04/1/qQ2awu8R1UaTddbebGv3IRKeO3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.54.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:6d:2b:0a:7e:8e:60:68:6c:76:bc:fa:8f:a0:bf:f2:7c:ed:
77:5d:f8:02:8b:8d:5f:76:15:00:c5:a3:9b:12:1b:93:9f:1a:
07:63:8b:29:fb:17:71:37:c0:ec:51:e7:52:06:96:0a:9d:95:
ef:8b:16:33:3a:80:4b:79:3b:a6:89:2f:46:ee:9a:86:09:9d:
de:37:f3:9f:77:ce:c6:44:59:5f:51:c5:c9:34:fa:5c:b8:3b:
a8:1c:3e:e6:59:4b:8b:5b:e8:60:59:ed:cd:0d:04:8d:2d:8c:
69:be:01:5a:6e:c1:97:5f:a9:bb:c8:3b:e8:64:25:06:bc:09:
be:0c:d3:76:c9:e0:90:bf:0f:4f:53:ee:72:73:e7:3d:6f:08:
f3:a5:88:79:81:e1:aa:1a:7c:78:ca:31:ed:ce:96:8f:32:d4:
1a:97:3c:ad:d9:9e:6a:d6:30:db:ab:4f:6b:eb:89:e4:d4:5b:
34:fb:20:6e:30:32:98:67:61:c5:4f:e1:88:ca:b6:d7:3a:0f:
66:95:1c:6e:a1:8d:28:15:2c:36:10:08:af:e3:a0:6e:4d:e4:
b6:b8:30:3d:f1:48:08:ef:82:81:4f:73:27:d7:ca:05:76:d6:
28:5d:03:5a:52:c4:da:46:b9:d1:33:67:a7:ba:38:f7:49:3d:
51:0e:9d:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJVZWClWnKt2VkL/OCru1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MGQ5YWMyZWYxMWQ1NDY5Mzc1ZDZkZTZjNmJmNzIxMTI5
ZTNiNzEwHhcNMjQwMTAxMDgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWZkZjliNWZmMGVlYTFiZmVjMTZmYWI1ZGI1Y2VhZDlhNDkyYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuO8+UdSeDdPXNz7gcylRdkx1TLQ
Bs4m5EXJpd7Pk+xdGCxfRcPb9+kdHuf3ELxpjvG5HIISu9CKLfMX/1z7STMEQ+QV
yh+TArRfUtE2TSqq8s0/D9M7w3DuLtJ7p8gqB6cT3gxTeEYoJXihU6/y7gSvz7mX
YxChLU1RcmQuO3VC6XQzwGg6Fx155WWn7nHES/gCvhRGKnj/WjrmPA+jF85cfrgO
RFScdAtQqpQfSQPVgUcTJ3Yt34nsBNeNZjFbTYPX6Hr8V2w0QRhski6PBdPPblpL
O0xcYagdcTjgKr7nWvF5NgPEOKXrZ1hdJMKSrvthUUpRdCEh4cMUJmY4fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKX9+bX/Duob/sFvq121zq2aSSqLMB8GA1UdIwQY
MBaAFKkNmsLvEdVGk3XW3mxr9yESnjtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVEyYXd1OFIxVWFUZGRiZWJHdjNJUktlTzNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81OWMyNGUtYTIxZi00NmIyLTllYTEt
YjNhNjcwN2VhZDA0LzEvcGYzNXRmOE82aHYtd1ctclhiWE9yWnBKS29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81OWMyNGUtYTIxZi00NmIyLTllYTEtYjNhNjcwN2VhZDA0
LzEvcVEyYXd1OFIxVWFUZGRiZWJHdjNJUktlTzNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwag2MA0G
CSqGSIb3DQEBCwUAA4IBAQAabSsKfo5gaGx2vPqPoL/yfO13XfgCi41fdhUAxaOb
EhuTnxoHY4sp+xdxN8DsUedSBpYKnZXvixYzOoBLeTumiS9G7pqGCZ3eN/Ofd87G
RFlfUcXJNPpcuDuoHD7mWUuLW+hgWe3NDQSNLYxpvgFabsGXX6m7yDvoZCUGvAm+
DNN2yeCQvw9PU+5yc+c9bwjzpYh5geGqGnx4yjHtzpaPMtQalzyt2Z5q1jDbq09r
64nk1Fs0+yBuMDKYZ2HFT+GIyrbXOg9mlRxuoY0oFSw2EAiv46BuTeS2uDA98UgI
74KBT3Mn18oFdtYoXQNaUsTaRrnRM2enujj3ST1RDp2o
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:35:32 2024 by rpki-client on console-fra.rpki-client.org