Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/cab588-32fd-4a6d-a0e2-f4d30a7943f6/1/59NvOnTm33eHbwPBAV-NtPXiUNY.roa
File: 59NvOnTm33eHbwPBAV-NtPXiUNY.roa (raw, json)
Hash identifier: QP+peogKUJZZbn+em1p1DOFM4S1t1ocpAfjTBN1KQbw=
Subject key identifier: E7:D3:6F:3A:74:E6:DF:77:87:6F:03:C1:01:5F:8D:B4:F5:E2:50:D6
Certificate issuer: /CN=2669dd2f4da888c27d130f99e88a2e0c590aad2f
Certificate serial: 018F14AE5DB2FB93FA0A98107DF408A35033
Authority key identifier: 26:69:DD:2F:4D:A8:88:C2:7D:13:0F:99:E8:8A:2E:0C:59:0A:AD:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmndL02oiMJ9Ew-Z6IouDFkKrS8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/cab588-32fd-4a6d-a0e2-f4d30a7943f6/1/59NvOnTm33eHbwPBAV-NtPXiUNY.roa
Signing time: Thu 25 Apr 2024 09:55:22 +0000
ROA not before: Thu 25 Apr 2024 09:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51849
IP address blocks: 194.42.122.0/23 maxlen: 23
195.72.122.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/cab588-32fd-4a6d-a0e2-f4d30a7943f6/1/JmndL02oiMJ9Ew-Z6IouDFkKrS8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/cab588-32fd-4a6d-a0e2-f4d30a7943f6/1/JmndL02oiMJ9Ew-Z6IouDFkKrS8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmndL02oiMJ9Ew-Z6IouDFkKrS8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:ae:5d:b2:fb:93:fa:0a:98:10:7d:f4:08:a3:50:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2669dd2f4da888c27d130f99e88a2e0c590aad2f
Validity
Not Before: Apr 25 09:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7d36f3a74e6df77876f03c1015f8db4f5e250d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:61:1c:5b:f2:b9:10:4a:e6:a9:d6:dc:91:99:
75:8c:a6:7f:ea:c4:ad:55:c2:70:a0:eb:46:9a:2a:
7a:53:e0:85:0a:2f:a0:35:37:09:29:f8:4e:40:43:
10:37:17:7a:37:54:72:17:bd:e7:9a:35:a3:6b:b2:
54:66:d2:4a:24:19:e3:da:df:63:82:8b:6d:08:83:
9c:15:0e:34:64:de:76:c9:b5:6f:c0:b5:90:f7:00:
3f:cc:4d:64:93:5d:b5:97:aa:bc:81:4d:4b:e9:60:
bd:59:e8:1f:cd:e0:9a:42:8c:13:5c:7d:9d:bd:96:
57:c0:98:4e:d6:9c:6f:df:21:91:fb:61:b0:b5:49:
26:26:a4:8e:59:c1:14:fb:1e:87:2c:9e:eb:8e:ab:
20:bc:62:cc:5f:8e:d0:91:5e:7f:48:bb:02:f1:ff:
6c:fa:8c:b9:b2:b9:b9:e7:f7:e3:d6:5c:49:95:61:
86:2e:60:24:dc:de:13:66:e7:e5:87:40:70:1e:d6:
b3:cf:f8:15:da:77:cd:d7:7a:d0:70:c8:9e:fa:f0:
b7:1f:c6:46:26:b1:98:2b:47:4f:d6:99:87:68:ed:
a3:da:3e:b4:fc:51:f3:c4:96:d5:b5:31:38:34:5b:
e8:c2:f0:7d:7a:53:86:e6:9a:2f:fb:25:b6:b2:60:
c7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D3:6F:3A:74:E6:DF:77:87:6F:03:C1:01:5F:8D:B4:F5:E2:50:D6
X509v3 Authority Key Identifier:
keyid:26:69:DD:2F:4D:A8:88:C2:7D:13:0F:99:E8:8A:2E:0C:59:0A:AD:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmndL02oiMJ9Ew-Z6IouDFkKrS8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/cab588-32fd-4a6d-a0e2-f4d30a7943f6/1/59NvOnTm33eHbwPBAV-NtPXiUNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/cab588-32fd-4a6d-a0e2-f4d30a7943f6/1/JmndL02oiMJ9Ew-Z6IouDFkKrS8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.42.122.0/23
195.72.122.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:71:e8:ad:48:cd:1c:f1:6a:3f:ec:59:59:fe:18:30:9f:83:
23:65:51:10:e8:2c:0a:e5:8a:cd:a5:09:b6:b0:23:7b:82:ec:
98:0e:bd:12:c9:46:d0:b9:a4:a2:99:25:76:3b:58:de:15:67:
b7:1a:39:4b:3d:07:9d:10:06:4e:cf:30:a7:6a:5e:41:ba:c7:
9e:f1:57:1e:49:88:2a:7a:20:1e:8c:51:b9:83:b2:0c:df:5f:
03:b8:ad:d9:2e:1e:15:23:b6:78:e2:91:65:d5:a2:2d:a1:b0:
15:ed:96:6c:38:44:f2:b3:78:2f:88:8f:c7:67:73:25:0c:3b:
d3:11:1c:d8:59:07:e0:3a:e3:12:da:68:13:00:eb:15:e8:b1:
ae:c1:18:81:a2:ac:db:03:3c:73:27:00:70:e1:8c:ed:75:18:
2c:e2:36:50:0f:48:84:b9:d7:16:3c:a2:81:54:8b:0e:d2:e0:
ae:c3:43:87:fa:51:1d:a3:b2:4d:fa:09:e7:c6:0e:23:86:f1:
86:ae:c0:5a:1d:86:de:ae:f0:32:04:2c:94:3f:5d:09:89:ed:
15:f8:12:fb:e6:5d:9b:88:70:48:49:6c:7b:bc:04:56:61:42:
e1:6c:0b:37:52:d7:5a:27:0c:f0:4e:3c:e6:32:13:7e:82:25:
b7:57:ee:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8Url2y+5P6CpgQffQIo1AzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjlkZDJmNGRhODg4YzI3ZDEzMGY5OWU4OGEyZTBjNTkw
YWFkMmYwHhcNMjQwNDI1MDk1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2QzNmYzYTc0ZTZkZjc3ODc2ZjAzYzEwMTVmOGRiNGY1ZTI1MGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWEcW/K5EErmqdbckZl1jKZ/6sSt
VcJwoOtGmip6U+CFCi+gNTcJKfhOQEMQNxd6N1RyF73nmjWja7JUZtJKJBnj2t9j
gottCIOcFQ40ZN52ybVvwLWQ9wA/zE1kk121l6q8gU1L6WC9WegfzeCaQowTXH2d
vZZXwJhO1pxv3yGR+2GwtUkmJqSOWcEU+x6HLJ7rjqsgvGLMX47QkV5/SLsC8f9s
+oy5srm55/fj1lxJlWGGLmAk3N4TZuflh0BwHtazz/gV2nfN13rQcMie+vC3H8ZG
JrGYK0dP1pmHaO2j2j60/FHzxJbVtTE4NFvowvB9elOG5pov+yW2smDHUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOfTbzp05t93h28DwQFfjbT14lDWMB8GA1UdIwQY
MBaAFCZp3S9NqIjCfRMPmeiKLgxZCq0vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1uZEwwMm9pTUo5RXctWjZJb3VERmtLclM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jYWI1ODgtMzJmZC00YTZkLWEwZTIt
ZjRkMzBhNzk0M2Y2LzEvNTlOdk9uVG0zM2VIYndQQkFWLU50UFhpVU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jYWI1ODgtMzJmZC00YTZkLWEwZTItZjRkMzBhNzk0M2Y2
LzEvSm1uZEwwMm9pTUo5RXctWjZJb3VERmtLclM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwip6AwQB
w0h6MA0GCSqGSIb3DQEBCwUAA4IBAQAdceitSM0c8Wo/7FlZ/hgwn4MjZVEQ6CwK
5YrNpQm2sCN7guyYDr0SyUbQuaSimSV2O1jeFWe3GjlLPQedEAZOzzCnal5Busee
8VceSYgqeiAejFG5g7IM318DuK3ZLh4VI7Z44pFl1aItobAV7ZZsOETys3gviI/H
Z3MlDDvTERzYWQfgOuMS2mgTAOsV6LGuwRiBoqzbAzxzJwBw4YztdRgs4jZQD0iE
udcWPKKBVIsO0uCuw0OH+lEdo7JN+gnnxg4jhvGGrsBaHYbervAyBCyUP10Jie0V
+BL75l2biHBISWx7vARWYULhbAs3UtdaJwzwTjzmMhN+giW3V+79
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:48:59 2024 by rpki-client on console-fra.rpki-client.org