Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/p5HeCIOr5hEJVzUQ9epz6ENzoUA.roa
File: p5HeCIOr5hEJVzUQ9epz6ENzoUA.roa (raw, json)
Hash identifier: l/AKzMagv0EyRArhqAb3J9ITIRgNZAvmq+Q4qvOFme4=
Subject key identifier: A7:91:DE:08:83:AB:E6:11:09:57:35:10:F5:EA:73:E8:43:73:A1:40
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 018CC6B93C716B070AE5E9546DF10671B076
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/p5HeCIOr5hEJVzUQ9epz6ENzoUA.roa
Signing time: Mon 01 Jan 2024 20:31:17 +0000
ROA not before: Mon 01 Jan 2024 20:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21209
IP address blocks: 213.253.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.mft
rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3c:71:6b:07:0a:e5:e9:54:6d:f1:06:71:b0:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 20:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a791de0883abe61109573510f5ea73e84373a140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:96:2b:0a:47:4c:fc:82:e7:0f:cd:f6:cd:b5:
d8:fa:f7:7b:d3:e2:df:6a:1c:51:b2:10:97:00:4d:
d4:ed:27:9a:de:2f:c4:d3:87:e5:22:67:b7:8d:eb:
d2:2a:0a:5d:32:04:c6:62:1e:73:24:23:91:87:39:
e3:a5:df:2d:2e:f0:73:c7:0e:43:51:82:7e:6a:49:
ef:3c:ef:25:48:2b:e9:9c:58:4d:63:84:ed:2a:e0:
78:67:da:71:96:98:cf:08:f5:35:c4:de:e4:3f:6f:
62:fc:cb:58:03:a2:9f:9d:6c:0a:b4:b5:49:f3:c8:
4c:55:59:88:32:f3:5a:bd:02:5a:a6:cc:6b:bc:fd:
d5:20:97:00:53:da:38:e0:ba:4b:26:4d:89:93:94:
2c:71:ca:b6:bc:d7:2c:cc:cf:12:49:1c:ea:aa:39:
05:66:52:8f:05:9a:76:da:eb:01:85:39:fe:8a:7b:
73:14:cd:0a:2b:8b:32:0a:02:69:e0:6c:40:68:d6:
43:73:e7:df:b9:b8:fd:bc:4a:de:35:29:a2:b2:75:
95:a1:8b:85:39:67:1c:c9:a3:30:e5:12:ce:b9:6b:
3e:1c:47:ee:ef:ed:65:e2:59:a4:62:f4:96:94:1d:
e4:c4:e8:01:df:a0:4d:5c:54:c3:00:76:1f:b6:a7:
e5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:91:DE:08:83:AB:E6:11:09:57:35:10:F5:EA:73:E8:43:73:A1:40
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/p5HeCIOr5hEJVzUQ9epz6ENzoUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.253.215.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:8c:a8:1e:4b:eb:71:30:b9:4a:53:54:06:67:fd:9e:31:9b:
02:6d:f4:b0:3c:2e:ad:aa:0f:50:e7:6c:de:89:f7:44:7b:27:
cf:77:ba:07:f7:05:9f:99:5e:78:ea:22:e2:17:e9:c0:73:9e:
a1:65:f4:e8:02:61:fb:98:84:b5:fa:ef:15:5b:7f:dd:58:2c:
49:55:ef:f2:6c:71:32:fc:1c:fc:e2:e8:0a:62:c0:48:a9:af:
90:88:0a:eb:ce:35:6d:29:f2:d2:8c:46:d6:3e:2d:7a:33:cd:
0f:30:70:15:8c:96:cd:78:13:28:fb:46:17:94:f4:6c:8e:92:
ab:71:42:bc:71:42:f2:d7:3b:a5:d6:b0:4d:61:36:8e:d9:78:
a5:35:c2:19:87:7a:b0:05:a4:f3:5d:05:93:c1:18:b5:da:72:
92:f8:4c:d5:25:08:c6:ae:c7:a2:7d:62:9c:f8:1f:79:fb:80:
05:ea:bc:2d:b1:33:06:21:f0:08:ea:a1:5d:d8:ff:65:c6:c5:
f6:d6:d5:b6:a5:ec:39:ac:d7:a0:0f:c8:3f:39:4e:a4:03:4d:
e6:a3:13:5b:2e:83:1d:52:b4:d8:d0:78:f7:96:0f:97:1f:4e:
5e:fd:e1:7a:05:24:dd:db:bd:a2:fa:12:0a:a0:0d:4d:4e:ab:
73:9d:fa:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuTxxawcK5elUbfEGcbB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjQwMTAxMjAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzkxZGUwODgzYWJlNjExMDk1NzM1MTBmNWVhNzNlODQzNzNhMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpYrCkdM/ILnD832zbXY+vd70+Lf
ahxRshCXAE3U7Sea3i/E04flIme3jevSKgpdMgTGYh5zJCORhznjpd8tLvBzxw5D
UYJ+aknvPO8lSCvpnFhNY4TtKuB4Z9pxlpjPCPU1xN7kP29i/MtYA6KfnWwKtLVJ
88hMVVmIMvNavQJapsxrvP3VIJcAU9o44LpLJk2Jk5Qsccq2vNcszM8SSRzqqjkF
ZlKPBZp22usBhTn+intzFM0KK4syCgJp4GxAaNZDc+ffubj9vEreNSmisnWVoYuF
OWccyaMw5RLOuWs+HEfu7+1l4lmkYvSWlB3kxOgB36BNXFTDAHYftqflIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeR3giDq+YRCVc1EPXqc+hDc6FAMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvcDVIZUNJT3I1aEVKVnpVUTllcHo2RU56b1VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1f3XMA0G
CSqGSIb3DQEBCwUAA4IBAQCPjKgeS+txMLlKU1QGZ/2eMZsCbfSwPC6tqg9Q52ze
ifdEeyfPd7oH9wWfmV546iLiF+nAc56hZfToAmH7mIS1+u8VW3/dWCxJVe/ybHEy
/Bz84ugKYsBIqa+QiArrzjVtKfLSjEbWPi16M80PMHAVjJbNeBMo+0YXlPRsjpKr
cUK8cULy1zul1rBNYTaO2XilNcIZh3qwBaTzXQWTwRi12nKS+EzVJQjGrseifWKc
+B95+4AF6rwtsTMGIfAI6qFd2P9lxsX21tW2pew5rNegD8g/OU6kA03moxNbLoMd
UrTY0Hj3lg+XH05e/eF6BSTd272i+hIKoA1NTqtznfrE
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:39 2024 by rpki-client on console-fra.rpki-client.org