Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/yQN4Pjub2GKO8AfMrVl8K5Rtlj0.roa
File: yQN4Pjub2GKO8AfMrVl8K5Rtlj0.roa (raw, json)
Hash identifier: N4GwwLWb8omNDnEibKSul80jCcFcXpWkA3Cq30IErYk=
Subject key identifier: C9:03:78:3E:3B:9B:D8:62:8E:F0:07:CC:AD:59:7C:2B:94:6D:96:3D
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348D8D5FBF802307A7BD8CCC4787A6D
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/yQN4Pjub2GKO8AfMrVl8K5Rtlj0.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47299
IP address blocks: 195.65.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:d8:d5:fb:f8:02:30:7a:7b:d8:cc:c4:78:7a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c903783e3b9bd8628ef007ccad597c2b946d963d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f4:1a:50:a0:d7:4e:b2:14:63:a1:68:74:4a:
5b:a2:11:3a:a1:ef:15:02:ff:7b:3d:7d:15:da:56:
b2:8d:5a:a1:c9:df:51:01:e2:62:56:6d:fe:a7:6a:
dd:e1:41:09:14:b8:5e:f6:16:f6:f8:4f:f8:92:ab:
ab:c7:8f:ff:43:5c:a4:21:20:d5:55:cf:5b:ae:e9:
63:8d:57:c0:d6:81:9a:25:f3:3f:2e:a9:d7:14:01:
5a:e1:4d:78:22:4b:4c:7d:c0:13:3a:84:06:ef:ed:
ff:2b:3d:67:68:dc:df:db:27:e6:65:87:60:90:3e:
53:d9:7e:96:93:28:ef:65:6c:d9:27:c5:10:fe:cd:
31:09:b5:cb:73:93:0d:1a:34:d3:89:0b:ff:b9:85:
82:49:4d:d6:a6:96:ea:6b:5a:97:cf:16:e7:0d:e0:
17:70:9c:98:1a:eb:09:40:95:01:b4:22:9a:d6:51:
26:5d:45:24:97:83:30:bb:f4:6e:a8:0c:92:8f:69:
a0:2f:7c:85:5b:a0:a5:87:ea:00:e5:d3:a6:39:fc:
17:b9:b5:d6:07:fb:0c:9e:4a:55:43:0d:52:c5:05:
b3:df:30:4c:a2:a0:21:bb:e5:df:fe:5f:7a:f5:59:
30:b4:70:93:42:3a:ed:f0:c2:46:e8:29:a7:13:e9:
93:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:03:78:3E:3B:9B:D8:62:8E:F0:07:CC:AD:59:7C:2B:94:6D:96:3D
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/yQN4Pjub2GKO8AfMrVl8K5Rtlj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.37.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:53:29:e0:3d:d4:4e:cf:ee:ee:58:28:57:13:dd:8f:ab:43:
e4:fb:ec:09:4b:cd:5a:cc:22:b5:90:39:27:d3:88:2f:52:19:
4c:0e:79:08:fe:b0:15:c8:c9:ce:ac:57:d0:a5:95:c1:52:0d:
0d:0f:84:36:35:30:18:73:f1:a7:3b:5f:69:79:66:62:ee:c7:
bc:c1:89:a9:a2:0c:e2:5f:ba:15:1c:3b:57:b0:b7:b7:0f:84:
ab:ab:3b:25:3e:28:b0:8e:98:54:93:b8:e7:73:f2:16:89:b6:
45:06:96:50:d2:38:12:ef:a7:c3:2f:26:2c:7a:15:48:e1:32:
87:1e:25:07:cf:2d:34:81:a0:cd:a5:a1:c8:a0:ec:81:dc:7d:
22:5b:7b:ac:b8:35:c6:95:dc:b8:6a:3f:ad:e9:56:ae:00:8f:
6f:27:a7:eb:89:f8:1c:71:e2:a6:5a:d4:c4:05:9f:26:7b:36:
50:46:62:c5:07:ab:0c:a4:fb:fe:f0:4c:39:b7:57:e4:05:77:
82:9c:f7:a8:44:53:c6:e3:c7:9d:2b:16:80:9b:c3:8b:c5:a7:
c3:2c:a2:a5:20:36:09:99:77:b2:2c:fb:0e:c5:ba:ed:56:6d:
96:bc:8b:0d:4c:5f:d9:12:b3:88:91:76:21:04:cb:73:75:a9:
87:bc:11:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSNjV+/gCMHp72MzEeHptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTAzNzgzZTNiOWJkODYyOGVmMDA3Y2NhZDU5N2MyYjk0NmQ5NjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PQaUKDXTrIUY6FodEpbohE6oe8V
Av97PX0V2layjVqhyd9RAeJiVm3+p2rd4UEJFLhe9hb2+E/4kqurx4//Q1ykISDV
Vc9bruljjVfA1oGaJfM/LqnXFAFa4U14IktMfcATOoQG7+3/Kz1naNzf2yfmZYdg
kD5T2X6WkyjvZWzZJ8UQ/s0xCbXLc5MNGjTTiQv/uYWCSU3Wppbqa1qXzxbnDeAX
cJyYGusJQJUBtCKa1lEmXUUkl4Mwu/RuqAySj2mgL3yFW6Clh+oA5dOmOfwXubXW
B/sMnkpVQw1SxQWz3zBMoqAhu+Xf/l969VkwtHCTQjrt8MJG6CmnE+mTQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMkDeD47m9hijvAHzK1ZfCuUbZY9MB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEveVFONFBqdWIyR0tPOEFmTXJWbDhLNVJ0bGowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0ElMA0G
CSqGSIb3DQEBCwUAA4IBAQB+UyngPdROz+7uWChXE92Pq0Pk++wJS81azCK1kDkn
04gvUhlMDnkI/rAVyMnOrFfQpZXBUg0ND4Q2NTAYc/GnO19peWZi7se8wYmpogzi
X7oVHDtXsLe3D4SrqzslPiiwjphUk7jnc/IWibZFBpZQ0jgS76fDLyYsehVI4TKH
HiUHzy00gaDNpaHIoOyB3H0iW3usuDXGldy4aj+t6VauAI9vJ6frifgcceKmWtTE
BZ8mezZQRmLFB6sMpPv+8Ew5t1fkBXeCnPeoRFPG48edKxaAm8OLxafDLKKlIDYJ
mXeyLPsOxbrtVm2WvIsNTF/ZErOIkXYhBMtzdamHvBFz
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:10:54 2024 by rpki-client on console-fra.rpki-client.org