Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/0PljimlDDKSnENW-2Yn5kv1IszA.roa
File: 0PljimlDDKSnENW-2Yn5kv1IszA.roa (raw, json)
Hash identifier: qMPRMnrWhMgthwVfY6gXSUufXguCuhpO4dB+vCg6CMo=
Subject key identifier: D0:F9:63:8A:69:43:0C:A4:A7:10:D5:BE:D9:89:F9:92:FD:48:B3:30
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018CC2DB318F9AC09F6B68A4008B3F4CC538
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/0PljimlDDKSnENW-2Yn5kv1IszA.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 194.15.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 05:41:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:31:8f:9a:c0:9f:6b:68:a4:00:8b:3f:4c:c5:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0f9638a69430ca4a710d5bed989f992fd48b330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:96:34:1b:0c:b3:34:06:64:6b:6f:ab:78:7f:
a9:58:bc:1b:cc:e4:fe:5d:51:c6:5a:8f:26:b4:8d:
bd:b6:d5:e6:e6:aa:f7:95:83:cb:28:f4:8a:90:7b:
2e:fd:a5:1f:e5:67:d7:83:37:b2:55:9a:45:b8:58:
a3:ef:c5:63:25:8b:de:4d:0b:93:58:aa:77:bd:47:
d0:a4:e5:13:6b:f6:f3:f2:9f:72:4a:36:6d:5d:f7:
e3:f1:fa:33:fb:0c:f6:76:08:33:08:ee:62:17:99:
3d:60:1b:72:c1:d9:1d:12:9a:33:41:98:2c:4a:92:
ba:6b:2c:3f:0a:39:e0:0e:9f:b4:c3:74:69:02:cb:
52:6c:e5:db:d9:67:43:0d:10:f8:f8:9a:f6:cb:d0:
af:f4:4c:a1:d0:6d:d7:63:3a:4b:25:dc:53:12:ce:
ee:df:8a:58:27:0a:5d:80:e3:08:2f:20:a7:80:4c:
c3:9d:5f:f7:ab:c7:75:7f:cf:e2:15:41:96:c2:dd:
ff:ed:e3:1d:43:34:13:15:4a:b1:b8:45:84:85:5d:
a2:19:c1:3e:41:20:98:00:0c:be:bb:ab:80:2c:f2:
db:71:47:93:f0:fa:11:5f:ad:64:90:2a:24:28:38:
46:dc:ed:27:83:97:f9:5f:bd:9a:41:3d:12:3c:3b:
97:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F9:63:8A:69:43:0C:A4:A7:10:D5:BE:D9:89:F9:92:FD:48:B3:30
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/0PljimlDDKSnENW-2Yn5kv1IszA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.96.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:cf:de:15:68:be:4c:27:24:02:a1:9b:dc:a8:1b:d2:4a:25:
39:b1:e6:7c:31:83:64:58:dd:d7:d7:7e:d6:dd:ba:0a:86:41:
8e:c9:2c:61:40:b1:c4:21:de:06:1d:fa:b2:02:80:e5:bd:b1:
9c:86:25:58:77:1f:8a:b2:5b:cd:69:0a:14:94:81:d5:4b:15:
5d:bd:8f:86:bd:4a:f0:7d:02:8c:c1:c9:56:72:ba:d7:29:7b:
a2:79:ab:03:f9:08:1b:b7:93:8a:7a:1b:84:3f:f7:94:ce:11:
e8:2b:06:44:46:85:c0:b3:dd:0c:c0:ab:90:33:15:10:1b:83:
3d:41:f7:5a:0e:5b:c3:28:58:6c:ce:69:6a:a4:a1:c9:07:3e:
ce:6a:37:cb:d1:2f:64:db:c2:3a:db:87:37:63:cc:69:ba:04:
08:33:9e:f4:62:5e:13:71:29:f4:0d:24:35:82:12:b6:f7:67:
32:de:1b:20:a4:9b:1b:67:82:a3:c3:33:13:eb:d9:64:88:4f:
eb:0c:d0:8b:85:ea:03:ca:71:2a:e1:09:38:86:45:45:b2:81:
c1:00:51:17:ab:71:23:9d:60:6f:27:6a:5c:c1:a0:0a:3c:dd:
06:9b:d0:6e:05:f8:65:ce:28:2d:af:b3:35:0a:58:d4:f8:52:
3c:93:41:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zGPmsCfa2ikAIs/TMU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGY5NjM4YTY5NDMwY2E0YTcxMGQ1YmVkOTg5Zjk5MmZkNDhiMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJY0GwyzNAZka2+reH+pWLwbzOT+
XVHGWo8mtI29ttXm5qr3lYPLKPSKkHsu/aUf5WfXgzeyVZpFuFij78VjJYveTQuT
WKp3vUfQpOUTa/bz8p9ySjZtXffj8foz+wz2dggzCO5iF5k9YBtywdkdEpozQZgs
SpK6ayw/CjngDp+0w3RpAstSbOXb2WdDDRD4+Jr2y9Cv9Eyh0G3XYzpLJdxTEs7u
34pYJwpdgOMILyCngEzDnV/3q8d1f8/iFUGWwt3/7eMdQzQTFUqxuEWEhV2iGcE+
QSCYAAy+u6uALPLbcUeT8PoRX61kkCokKDhG3O0ng5f5X72aQT0SPDuX9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFND5Y4ppQwykpxDVvtmJ+ZL9SLMwMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvMFBsamltbERES1NuRU5XLTJZbjVrdjFJc3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg9gMA0G
CSqGSIb3DQEBCwUAA4IBAQBbz94VaL5MJyQCoZvcqBvSSiU5seZ8MYNkWN3X137W
3boKhkGOySxhQLHEId4GHfqyAoDlvbGchiVYdx+KslvNaQoUlIHVSxVdvY+GvUrw
fQKMwclWcrrXKXuieasD+Qgbt5OKehuEP/eUzhHoKwZERoXAs90MwKuQMxUQG4M9
QfdaDlvDKFhszmlqpKHJBz7OajfL0S9k28I624c3Y8xpugQIM570Yl4TcSn0DSQ1
ghK292cy3hsgpJsbZ4KjwzMT69lkiE/rDNCLheoDynEq4Qk4hkVFsoHBAFEXq3Ej
nWBvJ2pcwaAKPN0Gm9BuBfhlzigtr7M1CljU+FI8k0EZ
-----END CERTIFICATE-----
Generated at Sun May 5 09:49:09 2024 by rpki-client on console-ams.rpki-client.org