Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D54GzVyOrBJq0C2U7fQkUzQnU6w.roa
File: D54GzVyOrBJq0C2U7fQkUzQnU6w.roa (raw, json)
Hash identifier: d6NVGI97q4j/gYrJrRQ+OlsiTII8i/A7XVtKkFinl+4=
Subject key identifier: 0F:9E:06:CD:5C:8E:AC:12:6A:D0:2D:94:ED:F4:24:53:34:27:53:AC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01914C7327722C5DBD08628475D7269B6907
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D54GzVyOrBJq0C2U7fQkUzQnU6w.roa
Signing time: Tue 13 Aug 2024 15:55:00 +0000
ROA not before: Tue 13 Aug 2024 15:55:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26383
IP address blocks: 2.58.95.0/24 maxlen: 24
31.13.248.0/24 maxlen: 24
94.156.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:73:27:72:2c:5d:bd:08:62:84:75:d7:26:9b:69:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 13 15:55:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f9e06cd5c8eac126ad02d94edf42453342753ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:ff:e2:29:d4:81:f4:47:9d:d0:a2:0c:31:
9d:59:c7:34:40:b6:24:c9:1b:64:7b:b7:fe:10:d9:
5e:34:f6:2f:3e:68:bd:1c:b4:bb:ca:25:ff:4a:98:
82:06:c3:86:9f:df:ba:82:e9:77:15:97:95:cf:3e:
f6:de:74:4d:68:05:be:9c:05:b5:37:f5:b4:ca:ad:
8e:86:85:85:c2:b4:bd:cc:71:8e:0a:d2:24:e8:2c:
bd:1b:27:28:ed:a0:6f:a9:ed:fe:fa:5c:d1:57:d8:
c3:ab:5e:69:5b:30:fc:61:82:89:b1:59:c6:86:69:
2b:26:30:7d:28:45:ed:6c:35:19:20:46:81:2c:73:
c7:d9:28:e3:79:28:80:fc:45:23:6c:b5:cf:b0:cb:
31:6b:41:c3:fb:07:ef:b4:78:9b:10:55:8a:80:bc:
ef:11:05:df:72:73:ab:90:7e:60:a0:ab:4e:db:c7:
34:e9:69:a2:61:d2:2b:45:4b:73:7f:86:d5:31:6d:
a5:82:43:a7:57:56:70:44:f1:5e:0f:b6:5c:81:1d:
78:43:4f:98:df:c3:04:81:d9:e0:65:36:02:65:34:
03:90:4b:03:86:c6:40:ce:24:eb:ac:70:47:b8:39:
4a:8e:18:04:e6:a3:31:03:e6:fd:93:d8:94:10:57:
13:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9E:06:CD:5C:8E:AC:12:6A:D0:2D:94:ED:F4:24:53:34:27:53:AC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/D54GzVyOrBJq0C2U7fQkUzQnU6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.248.0/24
94.156.116.0/24
Signature Algorithm: sha256WithRSAEncryption
82:9c:37:37:8a:66:30:32:80:66:aa:86:74:2c:37:2c:9b:e2:
4a:22:50:5a:b3:30:85:b0:db:8d:54:a2:b4:3e:ff:37:e6:4b:
bd:52:d8:6a:99:5c:e6:3d:5d:a5:26:12:90:b2:95:09:65:2a:
7b:b4:b5:1a:fb:0d:f5:d8:a5:f1:16:11:9a:5e:70:86:66:b5:
23:c5:d0:ba:ac:97:5e:e9:cb:7f:8a:ba:ef:10:06:8e:40:1e:
5e:0b:9d:fa:f2:7c:0d:dc:22:59:be:58:b8:3e:7d:e8:bb:aa:
02:0b:ea:27:c4:83:eb:c5:3c:70:e7:16:1d:0f:e3:b8:88:e6:
c3:45:70:17:bf:50:8e:b8:d7:c3:99:c3:9f:56:37:cf:61:43:
0b:41:ab:e2:eb:57:0d:64:18:e3:83:ee:f6:e2:e2:47:07:2a:
b6:37:1d:ca:b2:3e:b5:ac:83:8b:34:12:cc:c6:df:5a:a8:eb:
14:e6:2e:d5:98:7b:0f:29:e9:9a:f2:ca:72:19:ae:a5:99:5c:
f2:1d:39:ff:f1:9c:0a:02:b3:c3:77:69:8b:32:cf:52:4d:ac:
fb:07:23:cc:c4:6a:63:72:9f:8b:0a:9f:68:ae:a7:49:97:0d:
82:3f:9b:b6:85:8d:29:16:6e:ed:fb:a6:d5:f3:94:ee:9b:fe:
e1:6a:5a:08
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZFMcydyLF29CGKEddcmm2kHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODEzMTU1NTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjllMDZjZDVjOGVhYzEyNmFkMDJkOTRlZGY0MjQ1MzM0Mjc1M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub3/4inUgfRHndCiDDGdWcc0QLYk
yRtke7f+ENleNPYvPmi9HLS7yiX/SpiCBsOGn9+6gul3FZeVzz723nRNaAW+nAW1
N/W0yq2OhoWFwrS9zHGOCtIk6Cy9Gyco7aBvqe3++lzRV9jDq15pWzD8YYKJsVnG
hmkrJjB9KEXtbDUZIEaBLHPH2SjjeSiA/EUjbLXPsMsxa0HD+wfvtHibEFWKgLzv
EQXfcnOrkH5goKtO28c06WmiYdIrRUtzf4bVMW2lgkOnV1ZwRPFeD7ZcgR14Q0+Y
38MEgdngZTYCZTQDkEsDhsZAziTrrHBHuDlKjhgE5qMxA+b9k9iUEFcToQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA+eBs1cjqwSatAtlO30JFM0J1OsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRDU0R3pWeU9yQkpxMEMyVTdmUWtVelFuVTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjpfAwQA
Hw34AwQAXpx0MA0GCSqGSIb3DQEBCwUAA4IBAQCCnDc3imYwMoBmqoZ0LDcsm+JK
IlBaszCFsNuNVKK0Pv835ku9UthqmVzmPV2lJhKQspUJZSp7tLUa+w312KXxFhGa
XnCGZrUjxdC6rJde6ct/irrvEAaOQB5eC5368nwN3CJZvli4Pn3ou6oCC+onxIPr
xTxw5xYdD+O4iObDRXAXv1COuNfDmcOfVjfPYUMLQavi61cNZBjjg+724uJHByq2
Nx3Ksj61rIOLNBLMxt9aqOsU5i7VmHsPKema8spyGa6lmVzyHTn/8ZwKArPDd2mL
Ms9STaz7ByPMxGpjcp+LCp9orqdJlw2CP5u2hY0pFm7t+6bV85Tum/7haloI
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:05:55 2024 by rpki-client on console-fra.rpki-client.org