Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X0yh9gJgbrZRK3mMuVUWxAFXuqQ.roa
File: X0yh9gJgbrZRK3mMuVUWxAFXuqQ.roa (raw, json)
Hash identifier: VPvKNF+MN/LPEUcrCHUSMEINo/xjU9RFhRYJGu7mtos=
Subject key identifier: 5F:4C:A1:F6:02:60:6E:B6:51:2B:79:8C:B9:55:16:C4:01:57:BA:A4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A80D8719DA41DDEE839EEA37D354E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X0yh9gJgbrZRK3mMuVUWxAFXuqQ.roa
Signing time: Tue 02 Jan 2024 12:33:52 +0000
ROA not before: Tue 02 Jan 2024 12:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199654
IP address blocks: 195.58.58.0/24 maxlen: 24
194.87.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:80:d8:71:9d:a4:1d:de:e8:39:ee:a3:7d:35:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f4ca1f602606eb6512b798cb95516c40157baa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:df:c5:ba:3e:84:df:3e:f8:14:e6:f4:c5:09:
d2:1a:aa:e3:40:6d:0c:b1:4a:a4:e7:62:53:a4:3e:
bd:12:bf:20:9d:db:7c:8b:a0:9b:ff:12:f0:e7:52:
c4:b9:c8:9f:5a:86:8f:54:a8:6f:e7:1a:78:0c:a4:
db:07:bd:8f:3f:b5:98:e8:64:20:a8:01:78:4b:88:
3e:70:58:9f:a3:49:fd:8b:d2:06:5a:be:d6:0c:16:
ce:84:3f:bb:a4:a5:65:5c:b8:2e:e2:1c:e5:73:22:
eb:bc:3d:54:e9:01:ea:f1:7b:31:4d:cb:69:4d:4b:
6f:dd:da:82:fb:c8:3b:e2:6f:df:10:5b:90:03:32:
d9:2d:93:a8:63:d5:6e:39:dd:49:3c:31:42:b6:19:
4b:2e:9f:73:6c:a5:5f:66:6d:d4:d6:49:a0:82:f6:
1e:e0:f5:45:d2:ec:ee:2b:c0:cc:f1:26:a6:61:b0:
e6:54:4c:5f:61:75:81:91:2a:17:4a:93:82:14:ac:
02:a1:7d:5a:69:98:6e:11:82:bd:e9:34:b0:2d:de:
b4:35:1e:59:35:20:61:96:c5:1f:ab:0f:ca:e1:91:
cc:be:ee:60:6f:07:fc:fc:55:13:12:83:b4:3e:87:
54:55:a1:fc:e7:38:a0:03:7c:b6:9f:30:72:f8:b8:
d6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:4C:A1:F6:02:60:6E:B6:51:2B:79:8C:B9:55:16:C4:01:57:BA:A4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/X0yh9gJgbrZRK3mMuVUWxAFXuqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.87.0/24
195.58.58.0/24
Signature Algorithm: sha256WithRSAEncryption
48:10:4b:46:5d:41:ab:73:a8:f8:6f:ef:82:d3:62:fb:42:0b:
44:c1:8e:91:d7:73:40:a6:06:51:de:a0:3b:d1:7d:82:ee:bf:
d4:1f:64:e5:a7:34:f4:e2:d7:a8:9f:7f:67:04:fe:3d:37:73:
ef:65:4b:96:a7:44:03:60:f2:ed:05:71:bf:a9:93:a8:40:26:
ea:ae:e7:7a:7d:67:fa:f2:51:22:e0:18:29:83:34:25:31:16:
58:0a:76:79:4d:12:65:83:e3:d5:13:fb:c3:d5:7b:19:db:13:
b1:d0:1f:26:c4:c5:47:20:63:b7:3e:f7:35:5d:8b:00:ff:89:
d5:b8:5d:7d:3b:07:ef:bc:87:31:2e:8e:ef:4d:9e:0c:81:e3:
5e:32:a8:fe:bb:79:3c:14:7d:64:04:c2:9c:50:01:2a:c6:f9:
70:1c:62:01:88:af:31:fc:8b:63:8c:0b:5f:9b:77:89:15:be:
ad:d7:df:c2:41:e6:ac:fd:d5:17:02:b2:57:15:49:72:a9:da:
56:00:85:23:5e:6f:bb:04:52:8d:55:d5:aa:7b:27:02:63:c0:
65:53:a4:51:a1:3a:03:87:23:e7:37:10:2d:52:48:a2:97:db:
b3:71:ac:dc:5b:d9:85:3d:1b:47:23:f6:df:0a:15:e4:f3:3f:
35:2a:b3:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKoDYcZ2kHd7oOe6jfTVOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjRjYTFmNjAyNjA2ZWI2NTEyYjc5OGNiOTU1MTZjNDAxNTdiYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgN/Fuj6E3z74FOb0xQnSGqrjQG0M
sUqk52JTpD69Er8gndt8i6Cb/xLw51LEucifWoaPVKhv5xp4DKTbB72PP7WY6GQg
qAF4S4g+cFifo0n9i9IGWr7WDBbOhD+7pKVlXLgu4hzlcyLrvD1U6QHq8XsxTctp
TUtv3dqC+8g74m/fEFuQAzLZLZOoY9VuOd1JPDFCthlLLp9zbKVfZm3U1kmggvYe
4PVF0uzuK8DM8SamYbDmVExfYXWBkSoXSpOCFKwCoX1aaZhuEYK96TSwLd60NR5Z
NSBhlsUfqw/K4ZHMvu5gbwf8/FUTEoO0PodUVaH85zigA3y2nzBy+LjWswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF9MofYCYG62USt5jLlVFsQBV7qkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWDB5aDlnSmdiclpSSzNtTXVWVVd4QUZYdXFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwldXAwQA
wzo6MA0GCSqGSIb3DQEBCwUAA4IBAQBIEEtGXUGrc6j4b++C02L7QgtEwY6R13NA
pgZR3qA70X2C7r/UH2TlpzT04teon39nBP49N3PvZUuWp0QDYPLtBXG/qZOoQCbq
rud6fWf68lEi4BgpgzQlMRZYCnZ5TRJlg+PVE/vD1XsZ2xOx0B8mxMVHIGO3Pvc1
XYsA/4nVuF19OwfvvIcxLo7vTZ4MgeNeMqj+u3k8FH1kBMKcUAEqxvlwHGIBiK8x
/ItjjAtfm3eJFb6t19/CQeas/dUXArJXFUlyqdpWAIUjXm+7BFKNVdWqeycCY8Bl
U6RRoToDhyPnNxAtUkiil9uzcazcW9mFPRtHI/bfChXk8z81KrOz
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:35:43 2024 by rpki-client on console-ams.rpki-client.org