Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/S0R01yCj1M6d5bMzW5txVU3Fjug.roa
File: S0R01yCj1M6d5bMzW5txVU3Fjug.roa (raw, json)
Hash identifier: XY4kHYIiviAmVBfCt1iM+Lg38uM8ZLK13DMIgdDemi8=
Subject key identifier: 4B:44:74:D7:20:A3:D4:CE:9D:E5:B3:33:5B:9B:71:55:4D:C5:8E:E8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190DFD46D2B0B77C351D7ABDCE724F77B8B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/S0R01yCj1M6d5bMzW5txVU3Fjug.roa
Signing time: Tue 23 Jul 2024 13:42:39 +0000
ROA not before: Tue 23 Jul 2024 13:42:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18186
IP address blocks: 213.218.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:df:d4:6d:2b:0b:77:c3:51:d7:ab:dc:e7:24:f7:7b:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 23 13:42:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b4474d720a3d4ce9de5b3335b9b71554dc58ee8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:55:b3:50:ec:84:27:f0:a2:a8:fd:c8:e2:73:
de:7d:ca:77:2a:1d:b2:80:c9:2a:22:5f:c5:58:08:
47:22:01:6b:bd:1c:fc:75:e3:6c:54:18:af:ce:25:
4a:1f:22:80:b1:2f:8b:bf:d2:94:82:04:b2:a0:45:
6f:ef:27:d3:b0:30:35:8a:47:4c:13:92:45:ea:c3:
d1:9e:44:89:77:4d:51:68:94:47:2d:f2:76:f9:3f:
12:fd:72:df:20:81:5c:15:5e:cb:bd:1f:e8:2f:dc:
eb:b1:6f:32:1c:1d:f4:3c:84:99:75:91:cf:38:9a:
60:b8:75:9a:c1:29:1a:f5:01:dc:6d:b8:b2:95:ed:
c1:d4:dd:d0:ce:f2:56:1c:20:76:4b:35:88:75:ee:
63:b6:43:5f:72:a7:b5:a8:0d:0e:95:00:af:79:f5:
5f:16:05:35:9c:c7:fd:18:f1:8c:03:e5:f1:c0:eb:
6e:53:11:09:b7:e4:3d:d5:6f:31:3a:9b:57:29:14:
bc:55:58:66:94:91:58:34:cd:c4:1c:25:a5:1c:c4:
82:34:64:ba:65:4a:3e:11:b9:f6:de:b3:f9:a5:5d:
dd:70:02:f2:bd:75:85:25:93:ab:b8:6f:5b:6f:ae:
5b:3d:eb:d8:44:b5:52:b1:74:87:5c:d0:b6:49:d3:
ac:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:44:74:D7:20:A3:D4:CE:9D:E5:B3:33:5B:9B:71:55:4D:C5:8E:E8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/S0R01yCj1M6d5bMzW5txVU3Fjug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.218.216.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:f6:a6:f0:5e:f3:dc:38:e4:ec:b2:ca:20:8f:41:3e:82:5e:
79:c0:0d:8d:c4:70:57:26:50:a0:59:56:af:fc:be:2e:b5:7c:
45:24:bf:16:e7:da:76:4c:05:5c:8a:16:ff:53:31:40:93:73:
b2:b9:3e:95:ea:69:89:8c:14:c9:da:2f:76:a4:f7:f4:b1:93:
4d:fa:0b:d8:ec:1d:08:95:11:3b:78:87:4d:d4:71:e1:bc:46:
d9:a0:a8:92:6f:fc:a8:4d:f8:fc:98:ec:3a:e6:d0:db:8c:f6:
af:45:71:d0:66:37:5d:31:da:e7:49:75:22:9c:1e:50:21:d1:
92:08:25:95:5b:f8:4d:ac:68:06:2f:af:0b:56:1a:31:74:3c:
7f:99:3e:58:ac:45:26:51:a2:51:7b:e3:0d:08:62:89:0c:57:
51:e8:11:55:0e:4d:c1:3b:d9:78:ab:a4:61:d5:69:12:cd:6c:
0f:92:52:77:8d:e0:ad:1d:5f:db:85:3e:64:b0:14:4f:3e:d3:
87:97:a6:15:39:36:1f:1e:64:4e:c5:7d:61:c9:e9:71:c4:72:
e2:76:2a:9b:36:f0:ae:83:b5:b4:3a:78:7b:0a:cd:51:46:f5:
34:14:fa:d2:3b:f3:37:33:b1:4d:98:98:19:2d:a7:fd:12:dd:
c2:55:8a:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDf1G0rC3fDUder3Ock93uLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzIzMTM0MjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjQ0NzRkNzIwYTNkNGNlOWRlNWIzMzM1YjliNzE1NTRkYzU4ZWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVWzUOyEJ/CiqP3I4nPefcp3Kh2y
gMkqIl/FWAhHIgFrvRz8deNsVBivziVKHyKAsS+Lv9KUggSyoEVv7yfTsDA1ikdM
E5JF6sPRnkSJd01RaJRHLfJ2+T8S/XLfIIFcFV7LvR/oL9zrsW8yHB30PISZdZHP
OJpguHWawSka9QHcbbiyle3B1N3QzvJWHCB2SzWIde5jtkNfcqe1qA0OlQCvefVf
FgU1nMf9GPGMA+XxwOtuUxEJt+Q91W8xOptXKRS8VVhmlJFYNM3EHCWlHMSCNGS6
ZUo+Ebn23rP5pV3dcALyvXWFJZOruG9bb65bPevYRLVSsXSHXNC2SdOsyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtEdNcgo9TOneWzM1ubcVVNxY7oMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUzBSMDF5Q2oxTTZkNWJNelc1dHhWVTNGanVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1drYMA0G
CSqGSIb3DQEBCwUAA4IBAQCf9qbwXvPcOOTsssogj0E+gl55wA2NxHBXJlCgWVav
/L4utXxFJL8W59p2TAVcihb/UzFAk3OyuT6V6mmJjBTJ2i92pPf0sZNN+gvY7B0I
lRE7eIdN1HHhvEbZoKiSb/yoTfj8mOw65tDbjPavRXHQZjddMdrnSXUinB5QIdGS
CCWVW/hNrGgGL68LVhoxdDx/mT5YrEUmUaJRe+MNCGKJDFdR6BFVDk3BO9l4q6Rh
1WkSzWwPklJ3jeCtHV/bhT5ksBRPPtOHl6YVOTYfHmROxX1hyelxxHLidiqbNvCu
g7W0Onh7Cs1RRvU0FPrSO/M3M7FNmJgZLaf9Et3CVYrc
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:02:39 2024 by rpki-client on console-ams.rpki-client.org