Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/S9W59O5vFGtLr22z984JcUprRVw.roa
File: S9W59O5vFGtLr22z984JcUprRVw.roa (raw, json)
Hash identifier: 0B6H3spMSATc1SmNzf0vcV2AAIvAzYS7hS2hMgMj8aA=
Subject key identifier: 4B:D5:B9:F4:EE:6F:14:6B:4B:AF:6D:B3:F7:CE:09:71:4A:6B:45:5C
Certificate issuer: /CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Certificate serial: 018CC794CD7E8833C3C1648E34A81CECEC82
Authority key identifier: D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/S9W59O5vFGtLr22z984JcUprRVw.roa
Signing time: Tue 02 Jan 2024 00:31:07 +0000
ROA not before: Tue 02 Jan 2024 00:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23352
IP address blocks: 81.199.24.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:cd:7e:88:33:c3:c1:64:8e:34:a8:1c:ec:ec:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1de124e0f8adb4e7d9576ceae325f668dd224b1
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bd5b9f4ee6f146b4baf6db3f7ce09714a6b455c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e0:3b:28:42:73:c0:e3:b8:ed:c5:e4:78:31:
a9:a4:82:66:d9:72:5e:48:99:87:20:0d:98:7c:a6:
80:8b:76:ee:b5:08:55:d9:d7:fa:dc:3b:03:d6:73:
7a:bd:6e:b1:76:5d:84:51:e8:bb:f9:78:5c:ca:bd:
6b:39:f0:04:6d:f2:0a:ab:91:8f:6b:7b:1d:49:56:
d0:c9:ea:6c:e6:78:44:24:44:d2:6f:21:8c:f1:81:
51:89:9b:31:4a:f0:47:fa:39:db:cf:c8:48:f8:59:
fe:f6:af:e8:b2:04:95:41:59:cc:79:af:d6:b1:51:
62:95:39:e6:0f:c9:58:d9:50:1e:52:92:d8:da:c4:
67:f6:04:15:32:38:25:5a:ce:a1:a1:9c:fe:f7:0d:
fe:d6:04:ae:4c:de:de:d2:90:5e:9e:77:95:46:47:
96:33:9e:f0:65:02:86:bd:3b:41:2d:70:ac:76:77:
44:0b:db:55:70:32:59:07:04:f6:1d:22:37:2f:4d:
8f:13:f4:89:29:1e:15:be:9f:b0:83:ba:6e:0e:66:
28:69:75:df:dd:b4:c5:57:fd:78:e0:18:2f:7c:2e:
db:eb:c3:0d:36:e7:fd:f6:37:37:ca:90:02:bb:ec:
e7:21:19:ee:cc:cf:9b:dc:e0:1d:f7:d7:c0:19:49:
22:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:D5:B9:F4:EE:6F:14:6B:4B:AF:6D:B3:F7:CE:09:71:4A:6B:45:5C
X509v3 Authority Key Identifier:
keyid:D1:DE:12:4E:0F:8A:DB:4E:7D:95:76:CE:AE:32:5F:66:8D:D2:24:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d4STg-K2059lXbOrjJfZo3SJLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/S9W59O5vFGtLr22z984JcUprRVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/abe134-0093-4652-9057-4f4c9b343e90/1/0d4STg-K2059lXbOrjJfZo3SJLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.199.24.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:9c:fd:f5:f2:f4:a2:67:5a:34:d0:5a:8c:56:4d:b7:6a:1f:
02:08:df:74:60:fc:50:e8:81:66:0a:99:6e:6b:69:09:e2:1d:
d5:6c:8f:75:03:b4:ac:bc:7b:7d:b4:d3:d7:63:af:aa:47:77:
ab:b4:cc:1e:d8:5e:47:91:56:79:72:22:d1:79:8d:68:96:a9:
32:7f:dd:ca:c1:78:b4:87:bc:58:11:a9:ea:2b:bd:48:cc:0d:
be:35:5e:1f:49:5c:5f:0d:83:c9:85:25:a4:14:e7:ee:03:b7:
3a:dc:a5:96:34:5d:e0:f7:aa:4e:06:87:03:8c:84:cb:8b:91:
95:c0:c8:37:e7:fc:cf:7a:0f:db:8e:e6:60:11:68:dc:2d:ef:
e5:ad:85:15:25:b1:5b:6d:8e:ff:71:27:1c:41:7a:52:31:a7:
43:8f:43:11:f9:b9:84:0c:6d:e7:b4:83:4d:03:5b:de:9d:3b:
c8:08:24:97:b5:b7:98:ee:ba:03:c1:21:3f:f0:79:81:9b:62:
8d:10:c5:23:b3:de:3c:d9:40:09:16:29:c6:4f:5d:44:73:50:
df:5b:d0:c2:42:b5:78:fc:a8:ec:86:4d:a1:a9:de:b6:30:ba:
24:eb:5a:0f:34:1c:8c:94:38:d6:e5:21:85:14:c2:f5:ba:5e:
1e:4e:71:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlM1+iDPDwWSONKgc7OyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGUxMjRlMGY4YWRiNGU3ZDk1NzZjZWFlMzI1ZjY2OGRk
MjI0YjEwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmQ1YjlmNGVlNmYxNDZiNGJhZjZkYjNmN2NlMDk3MTRhNmI0NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOA7KEJzwOO47cXkeDGppIJm2XJe
SJmHIA2YfKaAi3butQhV2df63DsD1nN6vW6xdl2EUei7+Xhcyr1rOfAEbfIKq5GP
a3sdSVbQyeps5nhEJETSbyGM8YFRiZsxSvBH+jnbz8hI+Fn+9q/osgSVQVnMea/W
sVFilTnmD8lY2VAeUpLY2sRn9gQVMjglWs6hoZz+9w3+1gSuTN7e0pBenneVRkeW
M57wZQKGvTtBLXCsdndEC9tVcDJZBwT2HSI3L02PE/SJKR4Vvp+wg7puDmYoaXXf
3bTFV/144BgvfC7b68MNNuf99jc3ypACu+znIRnuzM+b3OAd99fAGUkihQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEvVufTubxRrS69ts/fOCXFKa0VcMB8GA1UdIwQY
MBaAFNHeEk4PittOfZV2zq4yX2aN0iSxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTct
NGY0YzliMzQzZTkwLzEvUzlXNTlPNXZGR3RMcjIyejk4NEpjVXByUlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9hYmUxMzQtMDA5My00NjUyLTkwNTctNGY0YzliMzQzZTkw
LzEvMGQ0U1RnLUsyMDU5bFhiT3JqSmZabzNTSkxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUccYMA0G
CSqGSIb3DQEBCwUAA4IBAQB/nP318vSiZ1o00FqMVk23ah8CCN90YPxQ6IFmCplu
a2kJ4h3VbI91A7SsvHt9tNPXY6+qR3ertMwe2F5HkVZ5ciLReY1olqkyf93KwXi0
h7xYEanqK71IzA2+NV4fSVxfDYPJhSWkFOfuA7c63KWWNF3g96pOBocDjITLi5GV
wMg35/zPeg/bjuZgEWjcLe/lrYUVJbFbbY7/cSccQXpSMadDj0MR+bmEDG3ntINN
A1venTvICCSXtbeY7roDwSE/8HmBm2KNEMUjs9482UAJFinGT11Ec1DfW9DCQrV4
/Kjshk2hqd62MLok61oPNByMlDjW5SGFFML1ul4eTnEi
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:27:44 2024 by rpki-client on console-fra.rpki-client.org