Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tZb0XsjnEOJxJkH_M4_aPSXUEYM.roa
File: tZb0XsjnEOJxJkH_M4_aPSXUEYM.roa (raw, json)
Hash identifier: 0yljrE5ISaLiNi2CF9otuYJyuHIgrGuSfpEaKePPcKs=
Subject key identifier: B5:96:F4:5E:C8:E7:10:E2:71:26:41:FF:33:8F:DA:3D:25:D4:11:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01931BAAFBF91B3E5DB30FA6D1BAF767E4DD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tZb0XsjnEOJxJkH_M4_aPSXUEYM.roa
Signing time: Mon 11 Nov 2024 14:40:10 +0000
ROA not before: Mon 11 Nov 2024 14:40:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 45.12.255.0/24 maxlen: 24
93.123.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:aa:fb:f9:1b:3e:5d:b3:0f:a6:d1:ba:f7:67:e4:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 11 14:40:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b596f45ec8e710e2712641ff338fda3d25d41183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:62:14:a9:09:23:20:bd:0b:77:34:60:96:5a:
67:ec:bd:c8:c3:1d:66:8c:80:61:79:8a:53:3b:8a:
6e:11:a9:27:fd:73:d9:66:bb:fc:f3:57:a3:0b:eb:
47:70:ca:33:88:06:70:f6:7c:70:e7:89:02:39:1f:
d2:7d:8e:92:bc:fd:5d:2e:51:cb:f7:8d:56:3a:4e:
41:23:35:8c:9c:21:ba:d3:94:1e:03:8b:e8:a4:b4:
ec:47:81:94:a0:46:23:18:67:28:65:69:b8:1b:ae:
11:17:91:9d:93:2b:3c:15:96:75:20:2c:09:60:ed:
be:92:57:df:fb:83:db:ca:14:72:92:84:58:3f:dc:
37:7d:72:19:f2:73:46:37:14:cf:24:e9:0a:c9:64:
ed:8c:9d:9f:6e:5f:7e:e8:e6:f2:51:14:34:f0:cc:
2b:14:4e:5d:c8:77:a1:a1:e0:3a:0f:9c:b1:1f:86:
10:bf:bf:93:1a:c4:a4:9a:6f:df:3c:48:77:7a:ce:
d1:e8:dd:e8:d6:62:eb:9e:26:04:7b:02:bf:e7:26:
cb:0c:f1:4a:e8:af:bf:ba:44:ec:77:ab:6b:97:85:
2c:15:a9:36:3f:a5:bd:ce:45:82:ca:49:b6:a4:f2:
37:cb:02:ce:04:1f:a6:20:79:49:66:ef:c2:10:31:
5e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:96:F4:5E:C8:E7:10:E2:71:26:41:FF:33:8F:DA:3D:25:D4:11:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tZb0XsjnEOJxJkH_M4_aPSXUEYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.255.0/24
93.123.13.0/24
Signature Algorithm: sha256WithRSAEncryption
16:e1:ee:6e:e3:89:1a:90:4b:75:78:7c:c5:13:a3:22:b6:04:
a3:ea:fc:02:be:03:6a:68:27:db:56:a9:8e:20:c7:06:83:d7:
9d:42:f4:72:48:a6:d2:7e:be:87:f2:e0:ed:9e:65:01:49:cd:
13:85:08:a1:65:bb:98:42:67:a7:9d:ac:a8:08:e6:33:34:d0:
f1:e0:82:79:87:f0:34:41:f7:6f:3d:2a:47:5e:4e:de:84:c3:
77:9a:3f:35:80:be:48:9d:80:25:08:5f:12:37:2b:d2:68:99:
a9:d0:46:96:ec:3e:80:85:1f:9c:af:76:c8:ef:2a:90:1a:3e:
02:e1:32:79:a8:5f:86:de:8d:fa:2f:e0:79:a3:be:42:7b:ac:
23:4d:84:45:f3:45:03:7f:a5:e6:c5:5b:28:1b:21:91:ee:df:
09:cf:8f:17:e9:b4:93:da:e2:9c:15:03:31:e3:06:27:46:33:
3d:45:47:b8:0b:b1:bf:b8:cf:d3:c2:a0:70:fd:04:f8:8d:2d:
d9:4f:3d:91:2a:29:0a:a9:bb:9a:a9:c2:0c:61:00:b0:66:ba:
3c:dd:87:d5:e9:35:c3:bb:c2:48:45:58:bb:ac:d7:34:f6:18:
85:4a:4c:ff:c0:e6:19:b5:1a:52:ca:13:66:a1:cd:63:86:f2:
a6:a4:35:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMbqvv5Gz5dsw+m0br3Z+TdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTExMTQ0MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTk2ZjQ1ZWM4ZTcxMGUyNzEyNjQxZmYzMzhmZGEzZDI1ZDQxMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmIUqQkjIL0LdzRgllpn7L3Iwx1m
jIBheYpTO4puEakn/XPZZrv881ejC+tHcMoziAZw9nxw54kCOR/SfY6SvP1dLlHL
941WOk5BIzWMnCG605QeA4vopLTsR4GUoEYjGGcoZWm4G64RF5Gdkys8FZZ1ICwJ
YO2+klff+4PbyhRykoRYP9w3fXIZ8nNGNxTPJOkKyWTtjJ2fbl9+6ObyURQ08Mwr
FE5dyHehoeA6D5yxH4YQv7+TGsSkmm/fPEh3es7R6N3o1mLrniYEewK/5ybLDPFK
6K+/ukTsd6trl4UsFak2P6W9zkWCykm2pPI3ywLOBB+mIHlJZu/CEDFeeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLWW9F7I5xDicSZB/zOP2j0l1BGDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdFpiMFhzam5FT0p4SmtIX000X2FQU1hVRVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQz/AwQA
XXsNMA0GCSqGSIb3DQEBCwUAA4IBAQAW4e5u44kakEt1eHzFE6MitgSj6vwCvgNq
aCfbVqmOIMcGg9edQvRySKbSfr6H8uDtnmUBSc0ThQihZbuYQmennayoCOYzNNDx
4IJ5h/A0QfdvPSpHXk7ehMN3mj81gL5InYAlCF8SNyvSaJmp0EaW7D6AhR+cr3bI
7yqQGj4C4TJ5qF+G3o36L+B5o75Ce6wjTYRF80UDf6XmxVsoGyGR7t8Jz48X6bST
2uKcFQMx4wYnRjM9RUe4C7G/uM/TwqBw/QT4jS3ZTz2RKikKqbuaqcIMYQCwZro8
3YfV6TXDu8JIRVi7rNc09hiFSkz/wOYZtRpSyhNmoc1jhvKmpDVA
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:38:25 2024 by rpki-client on console-fra.rpki-client.org