Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/PaAYviWn86U2PC8_z3f-1RlJyaA.roa
File: PaAYviWn86U2PC8_z3f-1RlJyaA.roa (raw, json)
Hash identifier: Kq5832Flz5EJ80MLI2myf3ZXRJSluipYSNivYWpVY6w=
Subject key identifier: 3D:A0:18:BE:25:A7:F3:A5:36:3C:2F:3F:CF:77:FE:D5:19:49:C9:A0
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 01914B3BDB43739D2E2565C4286B9B368CE4
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/PaAYviWn86U2PC8_z3f-1RlJyaA.roa
Signing time: Tue 13 Aug 2024 10:14:59 +0000
ROA not before: Tue 13 Aug 2024 10:14:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29137
IP address blocks: 195.234.248.0/23 maxlen: 23
195.234.250.0/23 maxlen: 23
213.180.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4b:3b:db:43:73:9d:2e:25:65:c4:28:6b:9b:36:8c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Aug 13 10:14:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3da018be25a7f3a5363c2f3fcf77fed51949c9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:96:04:17:48:95:bb:c8:c0:d5:ae:14:78:a7:
45:9d:3b:ca:0b:be:fa:e9:5e:fb:7a:2e:45:38:84:
20:22:1f:50:d0:7e:16:06:d1:bb:6d:22:d9:40:ee:
98:47:7c:e3:5c:c3:da:44:cd:25:7e:31:2b:08:96:
a0:bb:27:3a:41:e4:af:4f:eb:fd:04:5e:17:b1:f8:
e4:85:7f:a2:03:d6:fe:22:27:cf:ad:a2:4f:f3:f7:
0c:35:2f:23:b2:e8:dc:65:6c:06:48:8f:97:bc:ea:
61:73:96:90:97:2f:29:1e:c3:9d:3a:b1:55:ea:04:
6c:e7:f0:01:a7:39:a4:2f:8c:9f:02:e0:2c:cd:af:
ef:cb:8c:50:ef:03:e8:36:56:26:f4:c5:d9:90:7b:
36:c7:51:a8:49:ab:c7:64:99:9a:85:c9:be:ef:b0:
1a:f3:70:ed:eb:4e:48:a1:3a:cc:53:f6:78:df:96:
72:bd:d9:d7:3f:c0:c8:f2:69:dc:36:1d:3b:16:6f:
c6:a7:c2:28:11:bf:c1:f3:58:3b:7b:72:04:ac:24:
88:11:51:c4:09:f6:d0:ec:87:fe:ab:24:ee:95:52:
a4:6c:97:9f:1a:b7:65:57:bf:a6:d2:20:6b:e8:15:
7b:cb:26:55:9a:44:b2:6a:e5:78:ec:ca:f3:13:6a:
68:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A0:18:BE:25:A7:F3:A5:36:3C:2F:3F:CF:77:FE:D5:19:49:C9:A0
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/PaAYviWn86U2PC8_z3f-1RlJyaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.248.0/22
213.180.230.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:22:6a:c5:2f:75:1a:cf:2f:8a:ea:a7:c6:9d:d4:9a:d0:12:
c1:bc:9c:1a:d1:77:64:09:63:f2:ec:05:7d:1a:d5:65:09:d8:
78:15:59:29:6b:f3:41:7d:ac:37:75:61:b8:86:d1:47:c5:ac:
16:a2:4c:4c:d0:8d:0e:59:22:59:4c:17:01:8c:69:c0:e8:f2:
73:06:ef:9c:07:a7:2b:4f:6e:3d:c8:85:a8:60:bf:f8:a0:54:
bb:ac:40:5b:bd:66:de:7f:55:be:59:0d:13:64:7c:21:29:cb:
29:07:3e:ca:e7:ae:49:77:15:dc:6e:a3:45:a1:f6:b4:e1:59:
e2:9f:2a:f5:43:ef:ec:1a:67:18:6f:f6:5d:67:35:57:3d:e4:
ce:4e:0c:f1:53:20:00:65:bd:b7:42:5b:1d:6b:f4:3a:e8:65:
27:8b:ad:60:fc:8e:78:d3:72:64:dd:32:c0:f9:24:34:80:c6:
7a:eb:d4:d9:97:80:b3:5a:fe:9a:bd:c2:d8:0e:d9:5c:65:b3:
ee:6b:0c:b9:5d:4b:2f:94:b1:dd:a1:8d:19:ab:f9:51:56:18:
e0:6f:a5:fb:57:77:35:d7:66:0d:86:a5:85:04:4a:80:c4:9f:
2d:ee:c6:a9:a3:55:17:89:53:ed:c4:99:6c:85:57:e0:f4:37:
4e:cc:88:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFLO9tDc50uJWXEKGubNozkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjQwODEzMTAxNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGEwMThiZTI1YTdmM2E1MzYzYzJmM2ZjZjc3ZmVkNTE5NDljOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZYEF0iVu8jA1a4UeKdFnTvKC776
6V77ei5FOIQgIh9Q0H4WBtG7bSLZQO6YR3zjXMPaRM0lfjErCJaguyc6QeSvT+v9
BF4XsfjkhX+iA9b+IifPraJP8/cMNS8jsujcZWwGSI+XvOphc5aQly8pHsOdOrFV
6gRs5/ABpzmkL4yfAuAsza/vy4xQ7wPoNlYm9MXZkHs2x1GoSavHZJmahcm+77Aa
83Dt605IoTrMU/Z435ZyvdnXP8DI8mncNh07Fm/Gp8IoEb/B81g7e3IErCSIEVHE
CfbQ7If+qyTulVKkbJefGrdlV7+m0iBr6BV7yyZVmkSyauV47MrzE2poiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD2gGL4lp/OlNjwvP893/tUZScmgMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvUGFBWXZpV244NlUyUEM4X3ozZi0xUmxKeWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw+r4AwQA
1bTmMA0GCSqGSIb3DQEBCwUAA4IBAQAuImrFL3Uazy+K6qfGndSa0BLBvJwa0Xdk
CWPy7AV9GtVlCdh4FVkpa/NBfaw3dWG4htFHxawWokxM0I0OWSJZTBcBjGnA6PJz
Bu+cB6crT249yIWoYL/4oFS7rEBbvWbef1W+WQ0TZHwhKcspBz7K565JdxXcbqNF
ofa04Vninyr1Q+/sGmcYb/ZdZzVXPeTOTgzxUyAAZb23Qlsda/Q66GUni61g/I54
03Jk3TLA+SQ0gMZ669TZl4CzWv6avcLYDtlcZbPuawy5XUsvlLHdoY0Zq/lRVhjg
b6X7V3c112YNhqWFBEqAxJ8t7sapo1UXiVPtxJlshVfg9DdOzIi3
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:17:11 2024 by rpki-client on console-fra.rpki-client.org