Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/pVjLD6vcOU7VdUsmMvTJ8Ikk9m4.roa
File: pVjLD6vcOU7VdUsmMvTJ8Ikk9m4.roa (raw, json)
Hash identifier: ics9IzRzqIVZtfknsmWn0NoGp+bS83RcGdjixWAmVU8=
Subject key identifier: A5:58:CB:0F:AB:DC:39:4E:D5:75:4B:26:32:F4:C9:F0:89:24:F6:6E
Certificate issuer: /CN=52bf21eeb36414b3280e6c33b0b57296b8f6b675
Certificate serial: 018CC8DED5061CA2F0A327931260A16D5C18
Authority key identifier: 52:BF:21:EE:B3:64:14:B3:28:0E:6C:33:B0:B5:72:96:B8:F6:B6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ur8h7rNkFLMoDmwzsLVylrj2tnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/pVjLD6vcOU7VdUsmMvTJ8Ikk9m4.roa
Signing time: Tue 02 Jan 2024 06:31:35 +0000
ROA not before: Tue 02 Jan 2024 06:31:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57954
IP address blocks: 194.1.159.0/24 maxlen: 24
192.162.19.0/24 maxlen: 24
193.105.210.0/24 maxlen: 24
2001:67c:13a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/Ur8h7rNkFLMoDmwzsLVylrj2tnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/Ur8h7rNkFLMoDmwzsLVylrj2tnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ur8h7rNkFLMoDmwzsLVylrj2tnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:d5:06:1c:a2:f0:a3:27:93:12:60:a1:6d:5c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52bf21eeb36414b3280e6c33b0b57296b8f6b675
Validity
Not Before: Jan 2 06:31:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a558cb0fabdc394ed5754b2632f4c9f08924f66e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a7:17:34:9d:8c:a0:ee:5a:c1:5d:91:ff:9f:
7f:28:e9:21:96:35:b2:0f:ce:59:94:aa:95:c1:38:
3f:e3:64:9a:d0:71:fa:a3:82:ff:26:19:c0:fb:15:
a1:e1:a0:f3:c3:46:dd:30:6f:23:5c:54:aa:9e:a0:
50:38:6f:4b:6b:54:07:b7:3b:12:ac:35:d5:fa:e6:
09:7a:e5:aa:3a:0c:e0:f4:2c:fd:62:86:9c:8b:4e:
36:9e:25:32:55:04:e0:1c:c4:13:12:8f:5f:f7:0c:
60:31:f7:2e:10:30:a1:5f:2d:60:c8:64:c7:0b:24:
6e:89:2c:36:27:1a:41:82:a2:53:48:e7:3d:d3:cb:
a4:65:26:2f:eb:1a:a6:c9:5f:aa:9b:94:c7:83:3f:
7b:17:e4:6b:be:9b:b5:a2:51:49:29:77:8d:d9:cc:
da:9c:6d:6b:f9:33:d8:df:f2:6b:d6:67:0a:3f:59:
a9:20:4f:45:2a:22:73:25:a1:85:a0:e0:bf:5a:a8:
59:b8:79:06:a3:da:f9:97:51:51:a7:40:a3:58:fe:
a3:e7:59:a1:a7:23:95:c0:7e:90:00:8f:98:50:61:
e9:08:f3:99:da:d0:87:4a:6a:05:e7:02:56:91:ef:
b3:25:f9:5b:c1:0b:1c:00:3b:b9:64:67:00:2f:86:
42:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:58:CB:0F:AB:DC:39:4E:D5:75:4B:26:32:F4:C9:F0:89:24:F6:6E
X509v3 Authority Key Identifier:
keyid:52:BF:21:EE:B3:64:14:B3:28:0E:6C:33:B0:B5:72:96:B8:F6:B6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ur8h7rNkFLMoDmwzsLVylrj2tnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/pVjLD6vcOU7VdUsmMvTJ8Ikk9m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/059543-69e4-48f6-a175-ac96f6aab494/1/Ur8h7rNkFLMoDmwzsLVylrj2tnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.19.0/24
193.105.210.0/24
194.1.159.0/24
IPv6:
2001:67c:13a0::/48
Signature Algorithm: sha256WithRSAEncryption
12:1e:7c:40:e3:42:af:c1:80:8e:ca:35:2f:5d:52:f8:1c:9b:
7a:c6:d0:ca:6c:6e:46:c8:d8:a0:85:90:27:8c:2a:7d:ff:13:
3a:32:93:e1:66:e0:69:6e:bf:a5:ad:c1:2c:f9:43:05:71:72:
65:ca:8e:06:c2:c3:45:7d:01:62:d3:da:3e:a8:f8:16:a3:93:
b7:1a:88:bc:76:35:83:c0:2c:de:a2:78:e9:df:63:a4:25:b5:
dc:70:45:79:58:a2:39:4c:f4:1e:1c:2d:5c:32:db:e0:45:4c:
de:48:3e:3c:c1:da:45:5b:62:e0:f4:fe:b6:bd:0a:85:71:de:
42:9b:4d:68:1c:4f:e0:6a:f7:9d:79:b3:7f:d1:f4:54:e1:dc:
61:cc:07:54:5a:98:c8:c9:36:6b:5e:e7:32:9a:b6:ed:a4:68:
5b:20:64:e8:77:99:62:cd:1f:05:b9:20:f3:6a:a2:2b:51:f6:
85:a7:b8:82:d8:7f:4a:3f:df:1c:a5:8f:51:1a:1b:33:01:f5:
54:3f:ff:09:a6:21:85:a6:4c:10:3a:ca:76:df:20:33:3e:6b:
38:f1:23:c6:94:95:68:9f:a5:19:58:aa:dd:3b:ed:70:62:4d:
bc:8c:2e:21:5d:ec:1a:ed:37:e3:d4:a5:23:da:a4:29:1f:35:
52:f0:15:53
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzI3tUGHKLwoyeTEmChbVwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYmYyMWVlYjM2NDE0YjMyODBlNmMzM2IwYjU3Mjk2Yjhm
NmI2NzUwHhcNMjQwMTAyMDYzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTU4Y2IwZmFiZGMzOTRlZDU3NTRiMjYzMmY0YzlmMDg5MjRmNjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKcXNJ2MoO5awV2R/59/KOkhljWy
D85ZlKqVwTg/42Sa0HH6o4L/JhnA+xWh4aDzw0bdMG8jXFSqnqBQOG9La1QHtzsS
rDXV+uYJeuWqOgzg9Cz9Yoaci042niUyVQTgHMQTEo9f9wxgMfcuEDChXy1gyGTH
CyRuiSw2JxpBgqJTSOc908ukZSYv6xqmyV+qm5THgz97F+Rrvpu1olFJKXeN2cza
nG1r+TPY3/Jr1mcKP1mpIE9FKiJzJaGFoOC/WqhZuHkGo9r5l1FRp0CjWP6j51mh
pyOVwH6QAI+YUGHpCPOZ2tCHSmoF5wJWke+zJflbwQscADu5ZGcAL4ZCMQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKVYyw+r3DlO1XVLJjL0yfCJJPZuMB8GA1UdIwQY
MBaAFFK/Ie6zZBSzKA5sM7C1cpa49rZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXI4aDdyTmtGTE1vRG13enNMVnlscmoydG5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wNTk1NDMtNjllNC00OGY2LWExNzUt
YWM5NmY2YWFiNDk0LzEvcFZqTEQ2dmNPVTdWZFVzbU12VEo4SWtrOW00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wNTk1NDMtNjllNC00OGY2LWExNzUtYWM5NmY2YWFiNDk0
LzEvVXI4aDdyTmtGTE1vRG13enNMVnlscmoydG5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAwKITAwQA
wWnSAwQAwgGfMA8EAgACMAkDBwAgAQZ8E6AwDQYJKoZIhvcNAQELBQADggEBABIe
fEDjQq/BgI7KNS9dUvgcm3rG0MpsbkbI2KCFkCeMKn3/Ezoyk+Fm4Gluv6WtwSz5
QwVxcmXKjgbCw0V9AWLT2j6o+Bajk7caiLx2NYPALN6ieOnfY6QltdxwRXlYojlM
9B4cLVwy2+BFTN5IPjzB2kVbYuD0/ra9CoVx3kKbTWgcT+Bq9515s3/R9FTh3GHM
B1RamMjJNmte5zKatu2kaFsgZOh3mWLNHwW5IPNqoitR9oWnuILYf0o/3xylj1Ea
GzMB9VQ//wmmIYWmTBA6ynbfIDM+azjxI8aUlWifpRlYqt077XBiTbyMLiFd7Brt
N+PUpSPapCkfNVLwFVM=
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:55:44 2024 by rpki-client on console-ams.rpki-client.org