Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/SjwnSK46vCNi7OUZXpQIR2HzOhE.roa
File: SjwnSK46vCNi7OUZXpQIR2HzOhE.roa (raw, json)
Hash identifier: SLuA6D+AER4vxLTWKIHbpVGz+G7I6E/14CaA7Clp0k8=
Subject key identifier: 4A:3C:27:48:AE:3A:BC:23:62:EC:E5:19:5E:94:08:47:61:F3:3A:11
Certificate issuer: /CN=844582ca704717eb0c94be4d89413f4bc2d8b8e5
Certificate serial: 018CCA2A8A450F104B4106F5E2ED1AA47CF5
Authority key identifier: 84:45:82:CA:70:47:17:EB:0C:94:BE:4D:89:41:3F:4B:C2:D8:B8:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/SjwnSK46vCNi7OUZXpQIR2HzOhE.roa
Signing time: Tue 02 Jan 2024 12:33:54 +0000
ROA not before: Tue 02 Jan 2024 12:33:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56335
IP address blocks: 147.78.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/hEWCynBHF-sMlL5NiUE_S8LYuOU.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/hEWCynBHF-sMlL5NiUE_S8LYuOU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8a:45:0f:10:4b:41:06:f5:e2:ed:1a:a4:7c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844582ca704717eb0c94be4d89413f4bc2d8b8e5
Validity
Not Before: Jan 2 12:33:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a3c2748ae3abc2362ece5195e94084761f33a11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:19:e9:41:ee:c3:8e:07:79:bd:11:02:c7:6b:
e4:83:c6:00:c5:fd:98:71:98:03:4f:c4:00:32:47:
52:8f:a1:ef:d1:7e:64:0a:16:93:8c:ff:5e:7c:4e:
04:1d:f2:5d:9c:98:71:be:9d:c5:17:ff:5e:06:41:
9e:d7:09:40:cb:9e:86:08:03:b3:26:03:22:d3:15:
be:2a:17:ac:b8:e0:b3:ca:03:d5:b0:eb:a7:94:7d:
67:fe:5c:d5:2e:4b:6a:a3:e0:15:03:4f:51:91:43:
07:08:7b:c3:2f:ab:33:e3:6a:ab:70:e2:fb:45:e3:
7b:6d:d8:d3:19:27:43:f7:f3:61:05:23:2f:f9:da:
0b:e9:57:3b:8e:08:da:ed:91:71:50:73:e6:a2:59:
a8:30:00:c2:00:a7:b9:e6:21:72:79:ec:81:0c:70:
a7:51:9e:6d:ed:11:bb:84:ae:94:53:6d:17:26:ad:
ff:7f:db:08:08:c0:d3:0d:0d:61:2f:f5:32:b4:c9:
4e:db:15:5c:1d:c8:f0:0a:c0:03:1e:88:c7:93:49:
57:cb:49:2c:4c:e6:15:55:59:82:b4:41:6d:d2:f4:
bd:37:c9:9e:57:09:89:6c:43:a9:6b:48:c1:29:cb:
50:c0:11:34:1e:09:fd:78:e5:99:69:d2:cc:cf:7c:
08:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:3C:27:48:AE:3A:BC:23:62:EC:E5:19:5E:94:08:47:61:F3:3A:11
X509v3 Authority Key Identifier:
keyid:84:45:82:CA:70:47:17:EB:0C:94:BE:4D:89:41:3F:4B:C2:D8:B8:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEWCynBHF-sMlL5NiUE_S8LYuOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/SjwnSK46vCNi7OUZXpQIR2HzOhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/735e42-c608-46b6-8f70-f23f66f8d242/1/hEWCynBHF-sMlL5NiUE_S8LYuOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.7.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:dc:76:d2:41:ac:88:92:c9:8c:39:26:62:73:b4:46:c1:18:
55:dd:22:59:72:da:80:7d:6d:63:d4:33:6e:7b:8a:b2:60:a5:
37:1e:14:3b:90:f1:52:65:ec:23:ef:54:ed:b5:1b:f7:56:08:
ea:c1:13:84:68:c6:e3:d3:3c:2e:26:68:66:22:dc:9c:61:e9:
16:56:43:98:a3:b8:ff:dd:e8:e8:51:64:99:03:f1:eb:f9:aa:
3f:92:ca:bb:ac:19:06:f1:7e:bc:2f:41:fa:f1:cc:ca:80:87:
09:52:3e:fa:e8:3b:58:38:c0:ce:8e:16:b9:e7:5d:2a:98:9d:
96:2f:2d:48:90:1c:df:b4:b9:b9:a0:0e:18:47:8e:28:37:c1:
ae:9c:a1:f7:55:d2:3d:eb:0c:ac:98:81:da:9e:2b:1b:f8:54:
45:6f:e2:8f:f2:c5:d1:88:74:be:69:06:e2:a7:a8:01:28:9e:
fb:a5:2c:a2:cc:69:46:26:09:b2:1e:bd:cc:52:96:11:85:13:
36:43:73:c0:0d:c4:2f:a2:ce:af:ce:fc:a7:ab:a7:cb:b3:03:
67:e7:74:b9:89:2c:4d:a8:3b:6c:36:77:82:c6:53:b3:97:02:
ce:0d:bd:4a:1e:6d:df:55:c5:9d:b5:42:71:2e:46:07:7f:23:
39:6d:77:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKopFDxBLQQb14u0apHz1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDU4MmNhNzA0NzE3ZWIwYzk0YmU0ZDg5NDEzZjRiYzJk
OGI4ZTUwHhcNMjQwMTAyMTIzMzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTNjMjc0OGFlM2FiYzIzNjJlY2U1MTk1ZTk0MDg0NzYxZjMzYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hnpQe7Djgd5vRECx2vkg8YAxf2Y
cZgDT8QAMkdSj6Hv0X5kChaTjP9efE4EHfJdnJhxvp3FF/9eBkGe1wlAy56GCAOz
JgMi0xW+KhesuOCzygPVsOunlH1n/lzVLktqo+AVA09RkUMHCHvDL6sz42qrcOL7
ReN7bdjTGSdD9/NhBSMv+doL6Vc7jgja7ZFxUHPmolmoMADCAKe55iFyeeyBDHCn
UZ5t7RG7hK6UU20XJq3/f9sICMDTDQ1hL/UytMlO2xVcHcjwCsADHojHk0lXy0ks
TOYVVVmCtEFt0vS9N8meVwmJbEOpa0jBKctQwBE0Hgn9eOWZadLMz3wIpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEo8J0iuOrwjYuzlGV6UCEdh8zoRMB8GA1UdIwQY
MBaAFIRFgspwRxfrDJS+TYlBP0vC2LjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVXQ3luQkhGLXNNbEw1TmlVRV9TOExZdU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83MzVlNDItYzYwOC00NmI2LThmNzAt
ZjIzZjY2ZjhkMjQyLzEvU2p3blNLNDZ2Q05pN09VWlhwUUlSMkh6T2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83MzVlNDItYzYwOC00NmI2LThmNzAtZjIzZjY2ZjhkMjQy
LzEvaEVXQ3luQkhGLXNNbEw1TmlVRV9TOExZdU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk04HMA0G
CSqGSIb3DQEBCwUAA4IBAQCo3HbSQayIksmMOSZic7RGwRhV3SJZctqAfW1j1DNu
e4qyYKU3HhQ7kPFSZewj71TttRv3VgjqwROEaMbj0zwuJmhmItycYekWVkOYo7j/
3ejoUWSZA/Hr+ao/ksq7rBkG8X68L0H68czKgIcJUj766DtYOMDOjha5510qmJ2W
Ly1IkBzftLm5oA4YR44oN8GunKH3VdI96wysmIHanisb+FRFb+KP8sXRiHS+aQbi
p6gBKJ77pSyizGlGJgmyHr3MUpYRhRM2Q3PADcQvos6vzvynq6fLswNn53S5iSxN
qDtsNneCxlOzlwLODb1KHm3fVcWdtUJxLkYHfyM5bXfB
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:59:19 2024 by rpki-client on console-fra.rpki-client.org