Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/SY5Y2lQ1T2FCRGGey2Xa4GtLoS0.roa
File: SY5Y2lQ1T2FCRGGey2Xa4GtLoS0.roa (raw, json)
Hash identifier: am+xVMtB118s/TWj/mv5b3rSWln4JfM+f2Dt7TeEEGY=
Subject key identifier: 49:8E:58:DA:54:35:4F:61:42:44:61:9E:CB:65:DA:E0:6B:4B:A1:2D
Certificate issuer: /CN=49bd4d28c52c2f12e46a1efbe113241be00ca58f
Certificate serial: 018CC2DAE0B8E0CA7738C8985FE8D6E996B2
Authority key identifier: 49:BD:4D:28:C5:2C:2F:12:E4:6A:1E:FB:E1:13:24:1B:E0:0C:A5:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sb1NKMUsLxLkah774RMkG-AMpY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/SY5Y2lQ1T2FCRGGey2Xa4GtLoS0.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20676
IP address blocks: 193.56.174.0/23 maxlen: 24
193.56.194.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/Sb1NKMUsLxLkah774RMkG-AMpY8.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/Sb1NKMUsLxLkah774RMkG-AMpY8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sb1NKMUsLxLkah774RMkG-AMpY8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e0:b8:e0:ca:77:38:c8:98:5f:e8:d6:e9:96:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49bd4d28c52c2f12e46a1efbe113241be00ca58f
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=498e58da54354f614244619ecb65dae06b4ba12d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:84:7b:84:d4:2d:1d:22:e1:99:b1:d1:e9:22:
b3:33:26:65:99:b1:42:13:cd:8f:cb:9e:f7:4a:4b:
86:f3:b8:72:57:af:24:ff:65:36:f3:d3:04:0f:f5:
2b:cb:38:57:5b:f3:4e:c2:72:79:5e:6d:19:82:51:
eb:fd:d6:ed:f7:97:b8:32:85:d7:f4:93:06:df:d8:
18:cc:b7:f4:5e:ee:ca:aa:48:58:d9:66:0b:a2:7a:
69:37:1a:de:e4:68:75:02:dc:5f:8c:df:d4:8c:b3:
89:c3:9d:cf:d9:ab:41:7a:1a:b1:13:34:5d:cf:78:
ac:04:f6:af:1a:54:e4:d3:16:70:59:fb:46:64:3f:
31:a8:ff:9e:2c:f7:a6:59:41:4b:19:e0:75:47:2a:
bb:5f:2c:f4:57:18:b6:0c:02:da:a1:9a:07:52:e6:
5c:8d:f9:7b:55:38:40:2b:91:50:fd:8c:fd:37:17:
28:40:c5:f8:d0:38:9c:2e:05:db:63:8f:17:6d:d0:
ba:44:dd:c7:10:37:61:01:de:39:ea:31:cb:d3:bc:
80:e5:97:2c:3a:31:af:f4:f5:11:16:d0:cf:08:ed:
6c:e3:84:25:04:b1:42:0e:33:5a:0b:8a:93:b3:65:
2b:9c:1d:c6:fb:c8:e3:4c:08:1e:f3:43:39:1c:54:
76:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:8E:58:DA:54:35:4F:61:42:44:61:9E:CB:65:DA:E0:6B:4B:A1:2D
X509v3 Authority Key Identifier:
keyid:49:BD:4D:28:C5:2C:2F:12:E4:6A:1E:FB:E1:13:24:1B:E0:0C:A5:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sb1NKMUsLxLkah774RMkG-AMpY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/SY5Y2lQ1T2FCRGGey2Xa4GtLoS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b5af47-9452-4c55-bc2f-5746007cb2a3/1/Sb1NKMUsLxLkah774RMkG-AMpY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.174.0/23
193.56.194.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:91:a7:75:46:9f:6d:23:1f:00:42:78:8b:d6:15:c2:64:d9:
22:f4:8d:36:83:7c:62:f2:be:5f:69:af:f8:23:4d:ae:d4:4b:
99:55:23:c4:9b:61:6d:0a:55:ad:6d:0f:58:bf:55:08:de:77:
54:6d:10:65:4d:4e:c3:a4:b6:8a:cb:ae:db:30:6c:7f:44:ae:
ef:83:0f:41:9d:2e:95:b0:9a:c8:d2:33:9e:d3:99:6c:0d:3e:
4a:98:9d:6b:0b:57:c9:f7:d7:d0:22:ac:e3:d7:e7:1e:f5:1d:
b6:06:9e:33:b4:b1:39:47:45:f8:c8:d8:6e:b1:cc:ef:1e:d3:
d0:32:2f:82:e6:ce:c3:af:ee:17:ea:05:6d:1d:12:2f:de:91:
d5:97:2e:e4:a3:50:73:43:a7:d8:88:33:ba:82:39:6d:5c:c7:
0a:11:f2:bc:c0:7d:22:43:59:9c:54:11:59:8b:df:e1:c5:bf:
dc:e2:06:2f:b2:51:d9:35:a0:69:bd:0e:5c:33:d5:c0:86:a8:
70:d3:a3:d5:e7:e1:38:1e:5a:8a:9c:f3:7a:84:67:cf:74:49:
45:fc:5f:e5:46:52:ed:5a:52:f0:04:df:c9:ba:2b:9a:ef:b4:
58:e0:d1:a1:01:a5:f3:0c:b0:a5:1e:d3:aa:2f:f9:b6:c8:ed:
50:91:7c:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2uC44Mp3OMiYX+jW6ZayMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YmQ0ZDI4YzUyYzJmMTJlNDZhMWVmYmUxMTMyNDFiZTAw
Y2E1OGYwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OThlNThkYTU0MzU0ZjYxNDI0NDYxOWVjYjY1ZGFlMDZiNGJhMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYR7hNQtHSLhmbHR6SKzMyZlmbFC
E82Py573SkuG87hyV68k/2U289MED/UryzhXW/NOwnJ5Xm0ZglHr/dbt95e4MoXX
9JMG39gYzLf0Xu7KqkhY2WYLonppNxre5Gh1AtxfjN/UjLOJw53P2atBehqxEzRd
z3isBPavGlTk0xZwWftGZD8xqP+eLPemWUFLGeB1Ryq7Xyz0Vxi2DALaoZoHUuZc
jfl7VThAK5FQ/Yz9NxcoQMX40DicLgXbY48XbdC6RN3HEDdhAd456jHL07yA5Zcs
OjGv9PURFtDPCO1s44QlBLFCDjNaC4qTs2UrnB3G+8jjTAge80M5HFR2FwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEmOWNpUNU9hQkRhnstl2uBrS6EtMB8GA1UdIwQY
MBaAFEm9TSjFLC8S5Goe++ETJBvgDKWPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2IxTktNVXNMeExrYWg3NzRSTWtHLUFNcFk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iNWFmNDctOTQ1Mi00YzU1LWJjMmYt
NTc0NjAwN2NiMmEzLzEvU1k1WTJsUTFUMkZDUkdHZXkyWGE0R3RMb1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iNWFmNDctOTQ1Mi00YzU1LWJjMmYtNTc0NjAwN2NiMmEz
LzEvU2IxTktNVXNMeExrYWg3NzRSTWtHLUFNcFk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwTiuAwQB
wTjCMA0GCSqGSIb3DQEBCwUAA4IBAQBLkad1Rp9tIx8AQniL1hXCZNki9I02g3xi
8r5faa/4I02u1EuZVSPEm2FtClWtbQ9Yv1UI3ndUbRBlTU7DpLaKy67bMGx/RK7v
gw9BnS6VsJrI0jOe05lsDT5KmJ1rC1fJ99fQIqzj1+ce9R22Bp4ztLE5R0X4yNhu
sczvHtPQMi+C5s7Dr+4X6gVtHRIv3pHVly7ko1BzQ6fYiDO6gjltXMcKEfK8wH0i
Q1mcVBFZi9/hxb/c4gYvslHZNaBpvQ5cM9XAhqhw06PV5+E4HlqKnPN6hGfPdElF
/F/lRlLtWlLwBN/Juiua77RY4NGhAaXzDLClHtOqL/m2yO1QkXwi
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:18 2024 by rpki-client on console-fra.rpki-client.org