Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/pbXAdnoaWma29o_vL9yg6hjz-Mk.roa
File: pbXAdnoaWma29o_vL9yg6hjz-Mk.roa (raw, json)
Hash identifier: KzAqLp2/vsDcWtlpNtahCuZjXdQplfM0dN/pFZ1tZhs=
Subject key identifier: A5:B5:C0:76:7A:1A:5A:66:B6:F6:8F:EF:2F:DC:A0:EA:18:F3:F8:C9
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649EFCDE1CC601355AA7AB8A6049C5D
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/pbXAdnoaWma29o_vL9yg6hjz-Mk.roa
Signing time: Mon 01 Jan 2024 18:29:43 +0000
ROA not before: Mon 01 Jan 2024 18:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206511
IP address blocks: 213.169.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:ef:cd:e1:cc:60:13:55:aa:7a:b8:a6:04:9c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5b5c0767a1a5a66b6f68fef2fdca0ea18f3f8c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8c:df:86:d7:9b:07:3a:fa:95:c6:6a:97:03:
97:d9:8a:37:ee:01:ca:9e:38:23:32:f3:44:1c:07:
1b:56:ad:8c:4c:b9:28:ad:94:f2:c1:99:a5:ef:dd:
6d:35:e5:c4:79:2e:9b:82:d1:76:0f:ef:83:ac:f2:
4e:4c:fe:cb:71:fd:2a:99:78:eb:51:2c:88:0a:0f:
f2:c8:79:4c:31:91:53:7f:00:63:7a:61:0c:4b:40:
be:75:bc:2a:69:20:3e:8e:6f:ae:ee:98:6f:7e:8c:
13:d7:94:28:93:8d:af:5b:de:9b:90:23:69:c8:25:
03:51:39:09:01:6e:17:fd:07:6e:14:ad:ad:cd:89:
e9:dd:47:ba:10:9c:9c:5a:b6:69:96:77:04:ef:1f:
a7:7b:5c:d0:e9:4a:19:27:7a:d8:5d:b7:ea:cf:c1:
58:2b:19:11:bd:b7:92:3b:42:22:1c:c2:40:26:be:
aa:3d:67:1d:fd:f8:85:6a:65:76:d3:1a:ec:c7:b1:
bd:a8:64:f2:6a:18:31:e7:02:a3:6c:5e:76:4d:1f:
9e:84:41:0c:87:58:2d:01:53:62:dc:d6:c9:63:d9:
52:2d:57:c7:22:ca:cd:6d:6b:c2:12:46:13:c1:c8:
12:11:3f:21:de:48:87:00:6d:5c:1f:9c:60:2f:ac:
12:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B5:C0:76:7A:1A:5A:66:B6:F6:8F:EF:2F:DC:A0:EA:18:F3:F8:C9
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/pbXAdnoaWma29o_vL9yg6hjz-Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.169.36.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:8c:81:58:6d:18:07:d6:27:49:ba:94:4b:9b:14:79:a1:d5:
95:b2:8a:72:4f:5c:80:d1:bb:bd:a6:ad:d7:93:c9:d8:c8:0a:
77:d7:ed:59:41:0c:a5:53:2c:b2:81:a3:77:1d:44:aa:3c:9c:
92:e8:8b:c1:29:2c:2c:75:80:8b:70:62:02:5c:d9:3a:0c:ce:
8f:46:0b:3b:ac:e6:c1:b6:72:c8:39:0d:d2:1a:b5:5c:d8:a2:
3c:42:83:a5:00:e1:da:72:54:07:97:2f:9f:4a:ad:6d:cf:af:
6d:2b:2c:a8:58:5f:d6:c3:b0:52:19:54:fa:5d:3e:8b:46:ba:
51:e3:4e:b4:16:0b:56:80:e5:8a:8e:d1:71:fe:0f:57:f5:fc:
8a:28:dd:7b:a6:86:26:03:4f:b6:f1:1f:3a:97:7b:da:c2:4d:
44:d5:7e:b7:1c:70:92:34:e8:5c:fe:cf:c9:4b:de:f8:3e:9a:
c0:8d:40:c2:f6:28:2a:d2:09:dd:34:bf:a2:5f:0c:fa:d8:a5:
19:32:6e:87:28:e6:b4:fb:14:d8:50:c1:32:72:4e:50:e1:fe:
3a:aa:ab:0b:71:ce:3c:2f:c9:61:fc:3a:82:d5:32:24:0f:81:
12:b8:51:34:11:f3:44:5c:9f:88:ec:74:e3:d7:77:02:7c:7f:
c2:69:50:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSe/N4cxgE1WqerimBJxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI1YzA3NjdhMWE1YTY2YjZmNjhmZWYyZmRjYTBlYTE4ZjNmOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnozfhtebBzr6lcZqlwOX2Yo37gHK
njgjMvNEHAcbVq2MTLkorZTywZml791tNeXEeS6bgtF2D++DrPJOTP7Lcf0qmXjr
USyICg/yyHlMMZFTfwBjemEMS0C+dbwqaSA+jm+u7phvfowT15Qok42vW96bkCNp
yCUDUTkJAW4X/QduFK2tzYnp3Ue6EJycWrZplncE7x+ne1zQ6UoZJ3rYXbfqz8FY
KxkRvbeSO0IiHMJAJr6qPWcd/fiFamV20xrsx7G9qGTyahgx5wKjbF52TR+ehEEM
h1gtAVNi3NbJY9lSLVfHIsrNbWvCEkYTwcgSET8h3kiHAG1cH5xgL6wSHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKW1wHZ6GlpmtvaP7y/coOoY8/jJMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvcGJYQWRub2FXbWEyOW9fdkw5eWc2aGp6LU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1akkMA0G
CSqGSIb3DQEBCwUAA4IBAQAvjIFYbRgH1idJupRLmxR5odWVsopyT1yA0bu9pq3X
k8nYyAp31+1ZQQylUyyygaN3HUSqPJyS6IvBKSwsdYCLcGICXNk6DM6PRgs7rObB
tnLIOQ3SGrVc2KI8QoOlAOHaclQHly+fSq1tz69tKyyoWF/Ww7BSGVT6XT6LRrpR
4060FgtWgOWKjtFx/g9X9fyKKN17poYmA0+28R86l3vawk1E1X63HHCSNOhc/s/J
S974PprAjUDC9igq0gndNL+iXwz62KUZMm6HKOa0+xTYUMEyck5Q4f46qqsLcc48
L8lh/DqC1TIkD4ESuFE0EfNEXJ+I7HTj13cCfH/CaVCo
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:49 2024 by rpki-client on console-ams.rpki-client.org