Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/uZ_2kGUqrYABc9UpzcUk5SUW-DA.roa
File: uZ_2kGUqrYABc9UpzcUk5SUW-DA.roa (raw, json)
Hash identifier: 3tkRKtQEoOboCbPUBaciYRb8PoiK3QI8nkTFwJzbNsY=
Subject key identifier: B9:9F:F6:90:65:2A:AD:80:01:73:D5:29:CD:C5:24:E5:25:16:F8:30
Certificate issuer: /CN=2c75f35d256cc4a5b88319bb7e4bbba329e49341
Certificate serial: 018CC86F1EB4207017C6B78EB628647A47E1
Authority key identifier: 2C:75:F3:5D:25:6C:C4:A5:B8:83:19:BB:7E:4B:BB:A3:29:E4:93:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHXzXSVsxKW4gxm7fku7oynkk0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/uZ_2kGUqrYABc9UpzcUk5SUW-DA.roa
Signing time: Tue 02 Jan 2024 04:29:34 +0000
ROA not before: Tue 02 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197808
IP address blocks: 195.22.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/LHXzXSVsxKW4gxm7fku7oynkk0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/LHXzXSVsxKW4gxm7fku7oynkk0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/LHXzXSVsxKW4gxm7fku7oynkk0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:1e:b4:20:70:17:c6:b7:8e:b6:28:64:7a:47:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c75f35d256cc4a5b88319bb7e4bbba329e49341
Validity
Not Before: Jan 2 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b99ff690652aad800173d529cdc524e52516f830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7f:39:ec:f5:5a:0d:1a:78:0a:9c:99:c9:dc:
11:4f:0c:13:ab:36:a9:2e:80:70:58:44:76:ca:d7:
d1:81:9b:2a:1b:87:f3:50:3c:70:c3:37:89:80:b7:
7b:ae:77:e2:c3:cf:73:be:e6:64:79:76:7c:b2:4d:
a6:bf:b0:75:af:84:cd:97:e2:b9:24:31:e6:b5:ac:
88:99:8f:5e:a5:fb:2f:19:80:f5:3e:c9:55:16:cb:
32:53:1e:0f:6b:c8:c7:77:a4:ef:0e:79:a0:4e:07:
07:ae:0a:f2:6f:fa:98:10:35:8d:ca:19:10:84:5e:
60:23:25:c6:0d:19:64:92:3e:2b:b0:a9:ac:5a:63:
5a:64:96:cb:95:af:85:79:11:fb:d0:66:e3:eb:39:
c6:4f:4a:32:8c:aa:1f:a9:2e:a8:8e:a6:8c:2d:34:
61:d9:57:2e:5e:9a:f7:bd:cc:65:6b:df:92:51:a4:
37:4c:3e:9c:ee:32:b5:ad:cf:5b:6c:af:b9:6a:9a:
a4:99:46:38:66:94:03:48:38:23:10:dc:71:9a:12:
59:23:63:ec:d4:3c:bc:38:b9:40:b5:91:14:60:e1:
7d:5c:aa:9c:d5:cd:7b:18:c7:f5:cf:08:a0:40:a0:
15:5c:4e:69:05:42:1d:94:3f:ee:d7:12:db:43:a6:
83:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:9F:F6:90:65:2A:AD:80:01:73:D5:29:CD:C5:24:E5:25:16:F8:30
X509v3 Authority Key Identifier:
keyid:2C:75:F3:5D:25:6C:C4:A5:B8:83:19:BB:7E:4B:BB:A3:29:E4:93:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHXzXSVsxKW4gxm7fku7oynkk0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/uZ_2kGUqrYABc9UpzcUk5SUW-DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/40a1e5-7d2a-48d6-a50e-f96fb4ea7e70/1/LHXzXSVsxKW4gxm7fku7oynkk0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.22.123.0/24
Signature Algorithm: sha256WithRSAEncryption
74:65:b4:e1:f4:c3:12:9e:ee:15:94:ed:53:54:66:4a:db:c1:
09:e3:d7:00:1a:2e:8a:2a:ea:85:48:cf:25:72:ef:6c:32:d1:
9b:6c:f8:3e:83:2e:07:29:e0:8c:54:be:c3:bb:d1:58:21:ec:
ca:3a:96:31:0f:63:d7:45:15:8d:be:21:bb:b9:ab:11:15:9a:
e0:f8:8e:3e:71:0c:f1:aa:8a:ca:92:62:4b:6c:2b:cb:d3:63:
09:f3:cb:f2:82:a6:a5:cf:b1:92:98:1d:50:31:51:bc:bc:e4:
2c:d2:54:53:6a:71:29:b1:f1:6d:51:e5:ae:8a:6f:40:a0:d1:
04:13:3a:3a:11:1e:61:66:b0:77:7e:68:06:26:3c:83:6d:15:
07:e1:57:8a:44:7d:3c:b0:bf:57:3e:7d:3c:c2:a9:f6:f6:5a:
97:17:a6:d7:15:95:94:0d:2b:ce:26:e1:1e:e2:af:6a:21:db:
d2:0d:69:25:6d:30:32:9c:9b:95:71:95:fe:d5:2b:dd:4b:f8:
b8:d5:74:3d:0e:ac:a5:56:05:3e:c7:c7:10:c8:c5:c5:59:a9:
4d:46:4f:ef:d7:59:7d:c3:16:1c:e3:7c:87:b9:e5:69:88:0f:
3c:29:04:f3:ca:72:5b:86:aa:6d:6c:24:20:b5:e6:df:a6:9e:
fb:d3:65:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbx60IHAXxreOtihkekfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzVmMzVkMjU2Y2M0YTViODgzMTliYjdlNGJiYmEzMjll
NDkzNDEwHhcNMjQwMTAyMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTlmZjY5MDY1MmFhZDgwMDE3M2Q1MjljZGM1MjRlNTI1MTZmODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3857PVaDRp4CpyZydwRTwwTqzap
LoBwWER2ytfRgZsqG4fzUDxwwzeJgLd7rnfiw89zvuZkeXZ8sk2mv7B1r4TNl+K5
JDHmtayImY9epfsvGYD1PslVFssyUx4Pa8jHd6TvDnmgTgcHrgryb/qYEDWNyhkQ
hF5gIyXGDRlkkj4rsKmsWmNaZJbLla+FeRH70Gbj6znGT0oyjKofqS6ojqaMLTRh
2VcuXpr3vcxla9+SUaQ3TD6c7jK1rc9bbK+5apqkmUY4ZpQDSDgjENxxmhJZI2Ps
1Dy8OLlAtZEUYOF9XKqc1c17GMf1zwigQKAVXE5pBUIdlD/u1xLbQ6aDOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLmf9pBlKq2AAXPVKc3FJOUlFvgwMB8GA1UdIwQY
MBaAFCx1810lbMSluIMZu35Lu6Mp5JNBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhYelhTVnN4S1c0Z3htN2ZrdTdveW5razBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80MGExZTUtN2QyYS00OGQ2LWE1MGUt
Zjk2ZmI0ZWE3ZTcwLzEvdVpfMmtHVXFyWUFCYzlVcHpjVWs1U1VXLURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80MGExZTUtN2QyYS00OGQ2LWE1MGUtZjk2ZmI0ZWE3ZTcw
LzEvTEhYelhTVnN4S1c0Z3htN2ZrdTdveW5razBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxZ7MA0G
CSqGSIb3DQEBCwUAA4IBAQB0ZbTh9MMSnu4VlO1TVGZK28EJ49cAGi6KKuqFSM8l
cu9sMtGbbPg+gy4HKeCMVL7Du9FYIezKOpYxD2PXRRWNviG7uasRFZrg+I4+cQzx
qorKkmJLbCvL02MJ88vygqalz7GSmB1QMVG8vOQs0lRTanEpsfFtUeWuim9AoNEE
Ezo6ER5hZrB3fmgGJjyDbRUH4VeKRH08sL9XPn08wqn29lqXF6bXFZWUDSvOJuEe
4q9qIdvSDWklbTAynJuVcZX+1SvdS/i41XQ9DqylVgU+x8cQyMXFWalNRk/v11l9
wxYc43yHueVpiA88KQTzynJbhqptbCQgtebfpp7702VJ
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:38:43 2024 by rpki-client on console-fra.rpki-client.org