Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/PtJ6K5Qnr16X75GCo4oFKORqsc4.roa
File: PtJ6K5Qnr16X75GCo4oFKORqsc4.roa (raw, json)
Hash identifier: e1Nd6iOS6u3nuRd89q5DPXTVzx6X0yH6vgUt11jCI1k=
Subject key identifier: 3E:D2:7A:2B:94:27:AF:5E:97:EF:91:82:A3:8A:05:28:E4:6A:B1:CE
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 018CC5DC86C5CD09E03E51ACCA4C007007FE
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/PtJ6K5Qnr16X75GCo4oFKORqsc4.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60353
IP address blocks: 193.19.72.0/24 maxlen: 24
193.19.96.0/24 maxlen: 24
193.19.97.0/24 maxlen: 24
2a00:cee6::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:86:c5:cd:09:e0:3e:51:ac:ca:4c:00:70:07:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ed27a2b9427af5e97ef9182a38a0528e46ab1ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3e:b2:78:13:e7:51:2e:89:53:3c:bb:f8:d5:
16:37:ad:b0:a8:34:ef:51:9c:80:d9:de:e5:ad:73:
01:9f:a3:4a:a7:2d:ef:02:e1:71:4d:d0:80:dc:dd:
8b:7d:c6:5d:6a:20:11:04:67:1c:94:30:ef:7c:3c:
bb:6a:06:45:1a:77:53:14:f0:34:45:1a:bd:1a:28:
20:9f:77:b8:90:f3:41:69:5e:31:7f:b8:49:2f:d7:
e1:84:60:f5:e9:d3:cd:e6:38:54:1c:34:d8:c5:4e:
76:9b:6a:b7:f1:14:39:5b:d2:3b:0f:8f:24:80:17:
21:ab:42:d2:c8:df:61:25:fd:09:f0:79:19:97:43:
04:b5:38:fa:d1:ee:dd:15:ad:18:90:86:e6:a0:d1:
42:cb:dc:1a:20:86:78:6b:3c:20:75:60:1e:e0:62:
b2:37:81:ef:6a:ea:fd:39:c0:cc:77:09:9a:af:a9:
fa:29:17:36:bf:b7:04:16:16:95:9f:29:51:6e:56:
83:25:56:4f:a8:dc:2f:cc:61:09:bc:de:cf:2a:85:
2a:f4:73:f9:70:d9:f3:df:ca:c7:62:c2:cf:eb:6b:
24:52:73:85:ef:8f:55:6e:a3:77:45:04:af:86:05:
25:02:19:ca:8d:15:ff:3b:78:f1:33:51:97:a5:c6:
50:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:D2:7A:2B:94:27:AF:5E:97:EF:91:82:A3:8A:05:28:E4:6A:B1:CE
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/PtJ6K5Qnr16X75GCo4oFKORqsc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.72.0/24
193.19.96.0/23
IPv6:
2a00:cee6::/32
Signature Algorithm: sha256WithRSAEncryption
5a:8e:99:52:b6:66:08:c6:a5:c1:73:fc:cb:d4:dc:1c:3f:d5:
95:2b:2a:86:bd:ea:c0:1f:f1:eb:a5:3f:64:48:c9:9a:ec:dc:
a6:8a:8e:0d:8b:c6:c4:fe:28:15:fa:cf:d7:6b:1b:46:8c:2d:
64:81:8a:89:98:1c:db:bb:f8:c9:6f:b1:30:5e:13:2b:e6:b7:
c3:06:83:92:f1:42:53:9b:c1:6b:03:0c:17:52:67:e7:3e:1a:
0d:98:71:c9:21:7c:7c:38:9f:a1:17:44:4a:6a:f6:eb:88:40:
fe:1c:d8:17:65:0f:ef:f7:b7:b1:cd:f7:0d:5c:11:0a:d0:36:
3d:ab:dd:6d:63:7e:5a:c9:69:7e:49:6f:35:a1:33:5f:ef:6c:
bd:60:28:13:f1:72:39:57:87:f4:5d:65:db:9f:f6:6e:19:5f:
e7:6e:1b:e6:43:47:b8:3e:62:62:35:02:2b:7d:d8:ec:4d:78:
3a:53:71:af:6d:16:cd:9e:8d:4c:98:99:d9:fd:24:33:15:07:
4c:7f:75:d2:90:bf:85:c0:e5:a2:33:22:48:08:52:34:52:21:
c5:73:63:4a:e2:98:d7:74:04:a6:7c:2a:0e:b3:4d:0c:40:02:
ac:27:37:2e:81:2c:98:2f:61:c1:d3:29:96:fc:66:98:de:4b:
0d:e0:d2:73
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3IbFzQngPlGsykwAcAf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWQyN2EyYjk0MjdhZjVlOTdlZjkxODJhMzhhMDUyOGU0NmFiMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj6yeBPnUS6JUzy7+NUWN62wqDTv
UZyA2d7lrXMBn6NKpy3vAuFxTdCA3N2LfcZdaiARBGcclDDvfDy7agZFGndTFPA0
RRq9Giggn3e4kPNBaV4xf7hJL9fhhGD16dPN5jhUHDTYxU52m2q38RQ5W9I7D48k
gBchq0LSyN9hJf0J8HkZl0MEtTj60e7dFa0YkIbmoNFCy9waIIZ4azwgdWAe4GKy
N4Hvaur9OcDMdwmar6n6KRc2v7cEFhaVnylRblaDJVZPqNwvzGEJvN7PKoUq9HP5
cNnz38rHYsLP62skUnOF749VbqN3RQSvhgUlAhnKjRX/O3jxM1GXpcZQTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFD7SeiuUJ69el++RgqOKBSjkarHOMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvUHRKNks1UW5yMTZYNzVHQ280b0ZLT1Jxc2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwRNIAwQB
wRNgMA0EAgACMAcDBQAqAM7mMA0GCSqGSIb3DQEBCwUAA4IBAQBajplStmYIxqXB
c/zL1NwcP9WVKyqGverAH/HrpT9kSMma7Nymio4Ni8bE/igV+s/XaxtGjC1kgYqJ
mBzbu/jJb7EwXhMr5rfDBoOS8UJTm8FrAwwXUmfnPhoNmHHJIXx8OJ+hF0RKavbr
iED+HNgXZQ/v97exzfcNXBEK0DY9q91tY35ayWl+SW81oTNf72y9YCgT8XI5V4f0
XWXbn/ZuGV/nbhvmQ0e4PmJiNQIrfdjsTXg6U3GvbRbNno1MmJnZ/SQzFQdMf3XS
kL+FwOWiMyJICFI0UiHFc2NK4pjXdASmfCoOs00MQAKsJzcugSyYL2HB0ymW/GaY
3ksN4NJz
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:47:42 2024 by rpki-client on console-ams.rpki-client.org