Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/tQSmva4AWuzkgeji16Xtg8m0nyk.roa
File: tQSmva4AWuzkgeji16Xtg8m0nyk.roa (raw, json)
Hash identifier: W7+1BkPhTW3JF7Lb7KqE1Jizz34hSy4iIIf9SZZ4F94=
Subject key identifier: B5:04:A6:BD:AE:00:5A:EC:E4:81:E8:E2:D7:A5:ED:83:C9:B4:9F:29
Certificate issuer: /CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Certificate serial: 018CC6B8899B1DFD57CFEB4CC309077C2EEC
Authority key identifier: 37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/tQSmva4AWuzkgeji16Xtg8m0nyk.roa
Signing time: Mon 01 Jan 2024 20:30:31 +0000
ROA not before: Mon 01 Jan 2024 20:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51278
IP address blocks: 195.226.217.0/24 maxlen: 24
2001:67c:278::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.mft
rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:89:9b:1d:fd:57:cf:eb:4c:c3:09:07:7c:2e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fb004e397ddf04e7d05f3643a036f21836ff10
Validity
Not Before: Jan 1 20:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b504a6bdae005aece481e8e2d7a5ed83c9b49f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bb:e5:29:97:66:5e:c6:b5:c6:26:0c:5c:16:
04:14:33:8b:83:fe:df:12:20:57:d4:4d:40:14:14:
49:1c:78:38:5b:99:8a:71:6d:7f:81:d5:a3:64:e0:
4f:a8:a8:3d:e7:63:b9:c0:75:ab:5b:26:8f:17:5b:
ff:dc:52:41:54:4e:99:79:5b:d7:57:23:64:cc:cf:
23:38:fb:9e:6b:3f:d1:eb:cf:35:67:50:01:fe:ad:
a5:5d:6e:6b:af:5e:2f:d8:e0:f9:63:25:46:35:fc:
80:96:45:13:da:04:06:9c:b8:e9:38:62:9a:50:a2:
4b:df:c7:cd:4f:78:c3:4a:e1:51:89:11:dc:21:cc:
22:ef:62:dc:33:c5:0d:23:f2:8d:9f:ee:fd:25:ef:
6f:20:cc:b6:d7:12:47:29:ac:ea:cb:1b:66:59:f4:
bf:97:26:48:8c:ec:06:80:07:8c:eb:ca:54:f2:4d:
03:de:18:9f:b1:24:74:db:79:0d:ad:ea:46:5a:58:
89:b0:93:f3:a9:ff:c9:59:52:7a:f3:63:5f:0d:df:
f8:de:e1:a5:9d:52:58:5b:26:c1:6c:66:63:49:84:
c3:27:e7:7d:e5:95:f2:a9:fe:6e:67:ca:47:67:09:
bc:78:09:d2:61:f3:da:d7:a6:a8:8c:2c:e3:bf:ed:
49:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:04:A6:BD:AE:00:5A:EC:E4:81:E8:E2:D7:A5:ED:83:C9:B4:9F:29
X509v3 Authority Key Identifier:
keyid:37:FB:00:4E:39:7D:DF:04:E7:D0:5F:36:43:A0:36:F2:18:36:FF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_sATjl93wTn0F82Q6A28hg2_xA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/tQSmva4AWuzkgeji16Xtg8m0nyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/742299-f343-4321-b351-b53b64cf0d95/1/N_sATjl93wTn0F82Q6A28hg2_xA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.217.0/24
IPv6:
2001:67c:278::/48
Signature Algorithm: sha256WithRSAEncryption
87:33:7a:54:e5:92:be:53:23:e5:4e:b7:94:5b:91:19:b9:65:
2f:58:93:c7:8c:c1:13:7d:b1:12:ec:73:23:c6:94:ef:9c:b2:
05:fc:c4:d3:2f:19:15:74:fc:59:31:c3:22:9c:fb:2f:86:ac:
f4:3b:58:61:0f:ee:83:9d:6f:96:b3:9a:b1:90:cc:f6:dd:b2:
9a:7e:77:5a:8f:54:c4:92:b3:a3:c2:3a:4d:6b:cf:fe:d8:5f:
51:bd:37:45:ca:37:20:91:48:f4:33:02:c4:ba:0d:37:9c:43:
81:08:d4:8b:4a:eb:83:b0:81:3c:49:37:ed:83:21:e6:39:68:
54:bd:8d:25:c6:ee:07:c8:89:6e:84:95:70:54:ff:b5:fc:c5:
fa:9b:7a:3c:2e:93:4d:39:eb:97:43:f6:89:3b:c1:52:5b:f6:
a7:bd:da:07:46:00:3d:7d:37:05:6a:e6:62:a4:73:b0:d4:fb:
a7:ba:39:04:62:b8:ae:fd:e1:c7:80:1a:ae:50:3c:d0:e7:c6:
64:d5:f3:68:f7:a4:77:15:8a:0c:d5:73:a0:0c:fa:87:5f:85:
f4:ca:6c:fa:09:83:ee:05:e0:2b:0c:e7:d5:f6:9a:a6:9e:0e:
cb:4b:a8:80:6e:79:4f:27:1b:5e:b7:22:ec:b3:ff:67:c8:86:
66:83:b2:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGuImbHf1Xz+tMwwkHfC7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZmIwMDRlMzk3ZGRmMDRlN2QwNWYzNjQzYTAzNmYyMTgz
NmZmMTAwHhcNMjQwMTAxMjAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTA0YTZiZGFlMDA1YWVjZTQ4MWU4ZTJkN2E1ZWQ4M2M5YjQ5ZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurvlKZdmXsa1xiYMXBYEFDOLg/7f
EiBX1E1AFBRJHHg4W5mKcW1/gdWjZOBPqKg952O5wHWrWyaPF1v/3FJBVE6ZeVvX
VyNkzM8jOPueaz/R6881Z1AB/q2lXW5rr14v2OD5YyVGNfyAlkUT2gQGnLjpOGKa
UKJL38fNT3jDSuFRiRHcIcwi72LcM8UNI/KNn+79Je9vIMy21xJHKazqyxtmWfS/
lyZIjOwGgAeM68pU8k0D3hifsSR023kNrepGWliJsJPzqf/JWVJ682NfDd/43uGl
nVJYWybBbGZjSYTDJ+d95ZXyqf5uZ8pHZwm8eAnSYfPa16aojCzjv+1J5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLUEpr2uAFrs5IHo4tel7YPJtJ8pMB8GA1UdIwQY
MBaAFDf7AE45fd8E59BfNkOgNvIYNv8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEt
YjUzYjY0Y2YwZDk1LzEvdFFTbXZhNEFXdXprZ2VqaTE2WHRnOG0wbnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS83NDIyOTktZjM0My00MzIxLWIzNTEtYjUzYjY0Y2YwZDk1
LzEvTl9zQVRqbDkzd1RuMEY4MlE2QTI4aGcyX3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw+LZMA8E
AgACMAkDBwAgAQZ8AngwDQYJKoZIhvcNAQELBQADggEBAIczelTlkr5TI+VOt5Rb
kRm5ZS9Yk8eMwRN9sRLscyPGlO+csgX8xNMvGRV0/FkxwyKc+y+GrPQ7WGEP7oOd
b5azmrGQzPbdspp+d1qPVMSSs6PCOk1rz/7YX1G9N0XKNyCRSPQzAsS6DTecQ4EI
1ItK64OwgTxJN+2DIeY5aFS9jSXG7gfIiW6ElXBU/7X8xfqbejwuk00565dD9ok7
wVJb9qe92gdGAD19NwVq5mKkc7DU+6e6OQRiuK794ceAGq5QPNDnxmTV82j3pHcV
igzVc6AM+odfhfTKbPoJg+4F4CsM59X2mqaeDstLqIBueU8nG163Iuyz/2fIhmaD
smY=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:39:16 2024 by rpki-client on console-ams.rpki-client.org