Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/O47XjMkjXyAF3KWTZ0DsI53tlhs.roa
File: O47XjMkjXyAF3KWTZ0DsI53tlhs.roa (raw, json)
Hash identifier: bGULG5WAAlmkXFb5KTNCk0wrHH3qgTXR91s/yF2ztEo=
Subject key identifier: 3B:8E:D7:8C:C9:23:5F:20:05:DC:A5:93:67:40:EC:23:9D:ED:96:1B
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 0191320A0D09564BBD5E5576B9C8A6BC5B58
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/O47XjMkjXyAF3KWTZ0DsI53tlhs.roa
Signing time: Thu 08 Aug 2024 12:50:04 +0000
ROA not before: Thu 08 Aug 2024 12:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138156
IP address blocks: 188.209.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:32:0a:0d:09:56:4b:bd:5e:55:76:b9:c8:a6:bc:5b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Aug 8 12:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b8ed78cc9235f2005dca5936740ec239ded961b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2f:a8:e8:9b:6b:ab:5b:69:af:3b:68:86:10:
f1:fa:16:09:05:b8:1c:ea:0e:ca:b6:02:85:81:a5:
b1:b3:73:5e:b5:4b:67:2a:82:0c:41:98:ba:58:f2:
58:67:be:50:7a:ba:66:6b:89:e2:d9:ce:bf:04:cc:
00:a0:68:8a:56:35:e6:ba:a3:2c:77:59:fd:fb:86:
eb:99:2e:fb:5e:f6:e2:9c:60:a5:84:26:f1:f5:8a:
5b:6d:3e:44:22:74:26:ef:e9:75:a6:d3:4f:44:70:
ea:d7:01:ad:94:a8:5d:6d:43:b7:b3:81:a8:30:df:
c4:05:61:c8:51:86:23:2b:c1:f5:0f:2e:71:34:40:
e5:0d:1d:e6:c0:e5:85:27:fd:44:85:48:79:f7:e0:
22:e9:77:f9:8a:d7:54:2c:44:bc:0f:7b:e8:d0:1e:
b7:9b:e0:e6:2c:c2:30:3b:32:47:65:db:fd:05:a9:
a6:75:03:d7:e1:26:b0:65:aa:d6:bb:e5:a4:6f:a6:
4c:bb:b7:b7:d8:a4:86:04:59:07:0b:a6:f8:f8:ff:
71:56:d8:b9:e7:89:0c:b3:e8:4f:0d:1d:5a:4a:bc:
07:10:8c:5b:d4:b8:74:d8:29:09:04:33:5c:9e:95:
fd:8c:9f:6d:b8:8c:e4:74:e9:0b:72:7f:d0:50:09:
cb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8E:D7:8C:C9:23:5F:20:05:DC:A5:93:67:40:EC:23:9D:ED:96:1B
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/O47XjMkjXyAF3KWTZ0DsI53tlhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.130.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:57:f5:3b:20:23:72:40:d9:6e:17:49:b6:61:75:64:f2:ef:
18:b9:52:5a:d4:46:36:97:e1:33:39:b3:4a:1f:25:15:b1:b2:
0b:5b:3d:a8:26:8d:4d:d0:3e:7b:1f:f2:01:f9:bf:7a:21:c9:
cc:11:f9:6e:ea:b4:25:5d:74:ed:22:9f:09:d8:2e:9d:f7:b1:
ff:7b:49:33:73:08:f7:3d:4e:00:64:2f:50:ed:0d:0d:3a:a3:
9f:ec:e1:cf:83:0a:66:08:81:ee:76:6c:3d:2c:a0:2c:bb:9e:
0d:aa:ff:79:a6:a8:92:4a:91:f6:36:aa:e9:3c:eb:dd:a1:d7:
ca:ac:4d:5f:fb:52:81:9b:db:70:b8:e7:5b:c5:e3:b2:82:9f:
47:aa:1c:50:ce:d2:df:06:d7:f3:54:d9:bb:96:df:de:bd:95:
d0:59:92:9e:53:b7:52:af:93:78:f2:0d:1d:bf:0c:43:f0:b4:
fd:4e:b0:38:99:3d:b8:44:9f:ec:08:91:eb:24:b2:79:75:f3:
13:71:b7:97:be:c5:fd:1c:3c:b8:9a:99:e4:63:e7:55:7d:c3:
81:5d:73:2f:37:90:68:f6:0e:21:9f:6d:e0:96:cf:4e:89:24:
1e:01:a6:2a:1d:3d:d2:14:b7:96:b8:93:2a:0d:12:38:d7:49:
ab:e8:1b:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEyCg0JVku9XlV2ucimvFtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwODA4MTI1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjhlZDc4Y2M5MjM1ZjIwMDVkY2E1OTM2NzQwZWMyMzlkZWQ5NjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi+o6Jtrq1tprztohhDx+hYJBbgc
6g7KtgKFgaWxs3NetUtnKoIMQZi6WPJYZ75Qerpma4ni2c6/BMwAoGiKVjXmuqMs
d1n9+4brmS77XvbinGClhCbx9YpbbT5EInQm7+l1ptNPRHDq1wGtlKhdbUO3s4Go
MN/EBWHIUYYjK8H1Dy5xNEDlDR3mwOWFJ/1EhUh59+Ai6Xf5itdULES8D3vo0B63
m+DmLMIwOzJHZdv9BammdQPX4SawZarWu+Wkb6ZMu7e32KSGBFkHC6b4+P9xVti5
54kMs+hPDR1aSrwHEIxb1Lh02CkJBDNcnpX9jJ9tuIzkdOkLcn/QUAnLfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuO14zJI18gBdylk2dA7COd7ZYbMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTzQ3WGpNa2pYeUFGM0tXVFowRHNJNTN0bGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGCMA0G
CSqGSIb3DQEBCwUAA4IBAQCdV/U7ICNyQNluF0m2YXVk8u8YuVJa1EY2l+EzObNK
HyUVsbILWz2oJo1N0D57H/IB+b96IcnMEflu6rQlXXTtIp8J2C6d97H/e0kzcwj3
PU4AZC9Q7Q0NOqOf7OHPgwpmCIHudmw9LKAsu54Nqv95pqiSSpH2NqrpPOvdodfK
rE1f+1KBm9twuOdbxeOygp9HqhxQztLfBtfzVNm7lt/evZXQWZKeU7dSr5N48g0d
vwxD8LT9TrA4mT24RJ/sCJHrJLJ5dfMTcbeXvsX9HDy4mpnkY+dVfcOBXXMvN5Bo
9g4hn23gls9OiSQeAaYqHT3SFLeWuJMqDRI410mr6Bsq
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:09:30 2024 by rpki-client on console-ams.rpki-client.org