Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/S5dYTF5Nmq4xSyUCjdVjDofstD4.roa
File: S5dYTF5Nmq4xSyUCjdVjDofstD4.roa (raw, json)
Hash identifier: azl+FMSvQPoVvsyJH/kZKgyyvOrgtiVIs6qf1gqhXng=
Subject key identifier: 4B:97:58:4C:5E:4D:9A:AE:31:4B:25:02:8D:D5:63:0E:87:EC:B4:3E
Certificate issuer: /CN=1bdba013655b9bb0caa285d75c142c1ee30f8854
Certificate serial: 018CC94E1860D77744C73AFDF73BE9E02BE7
Authority key identifier: 1B:DB:A0:13:65:5B:9B:B0:CA:A2:85:D7:5C:14:2C:1E:E3:0F:88:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9ugE2Vbm7DKooXXXBQsHuMPiFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/S5dYTF5Nmq4xSyUCjdVjDofstD4.roa
Signing time: Tue 02 Jan 2024 08:33:07 +0000
ROA not before: Tue 02 Jan 2024 08:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51580
IP address blocks: 193.176.238.0/24 maxlen: 24
193.176.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/G9ugE2Vbm7DKooXXXBQsHuMPiFQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/G9ugE2Vbm7DKooXXXBQsHuMPiFQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/G9ugE2Vbm7DKooXXXBQsHuMPiFQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:18:60:d7:77:44:c7:3a:fd:f7:3b:e9:e0:2b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bdba013655b9bb0caa285d75c142c1ee30f8854
Validity
Not Before: Jan 2 08:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b97584c5e4d9aae314b25028dd5630e87ecb43e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:91:22:29:16:27:7b:b1:bd:d8:68:ca:a2:18:
71:6f:0c:bf:9a:df:cd:4a:62:39:7c:ba:15:2f:e9:
ff:01:c2:53:f7:aa:83:20:35:9b:5e:0b:fe:33:c9:
52:51:c7:b0:58:82:c9:1a:12:5f:65:ab:6e:b1:82:
e6:04:bf:aa:cb:57:03:1e:27:04:93:46:4a:40:00:
6b:83:ed:ce:78:79:a0:13:8b:c7:d5:3c:0a:40:37:
6c:d1:e5:8d:fc:26:42:fb:c4:1f:46:d7:83:3e:74:
39:89:ae:c6:20:c5:05:b5:7b:92:a5:65:af:4e:a2:
c2:d8:c0:e0:d0:12:32:3d:ef:6c:99:fb:66:ea:cc:
a5:0a:02:13:87:0b:86:22:bd:3a:1a:a5:71:7b:79:
20:e6:0b:2e:fb:6f:bd:72:41:cf:96:f0:53:c8:57:
93:07:91:4b:90:5f:d2:4b:e5:df:b0:d7:b0:0a:de:
cf:40:eb:71:f9:92:55:ba:e0:a5:51:6c:ee:69:01:
4e:07:a8:7d:6b:75:b6:a7:aa:9a:c4:94:33:c9:70:
b6:bc:be:4d:64:44:c2:6b:45:1b:2a:83:7c:c8:8e:
73:c0:71:38:80:c4:0e:9d:83:72:30:46:22:c1:9f:
eb:2c:a3:ec:98:7a:0a:ee:59:12:5b:00:66:b1:ce:
8d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:97:58:4C:5E:4D:9A:AE:31:4B:25:02:8D:D5:63:0E:87:EC:B4:3E
X509v3 Authority Key Identifier:
keyid:1B:DB:A0:13:65:5B:9B:B0:CA:A2:85:D7:5C:14:2C:1E:E3:0F:88:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9ugE2Vbm7DKooXXXBQsHuMPiFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/S5dYTF5Nmq4xSyUCjdVjDofstD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/6a2946-f0a4-4e85-930e-d4edf16e0978/1/G9ugE2Vbm7DKooXXXBQsHuMPiFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.238.0/24
193.176.246.0/24
Signature Algorithm: sha256WithRSAEncryption
03:5f:f4:6c:80:bc:d1:80:c1:51:aa:3a:a1:ed:a9:01:67:fc:
88:bd:a8:40:d7:61:fe:93:1a:4d:c2:f6:2e:b0:7e:0e:7d:97:
55:f8:d4:c0:eb:50:8a:2d:65:ac:c3:e5:1e:3d:af:56:93:ed:
4f:fd:77:fc:24:b4:c2:d9:0d:ba:95:8c:5f:9e:7c:58:a1:a9:
c0:44:56:86:ac:2f:71:8c:60:1a:bd:93:1a:a5:d6:55:26:63:
e2:04:19:78:1a:03:be:8c:43:44:c7:9f:2e:9e:a1:e4:bf:bc:
34:0c:95:e5:a3:06:9e:1c:84:6c:a5:81:d2:7c:f2:32:5f:76:
88:34:e4:6d:bd:2e:ca:92:5c:2f:49:3a:a3:ba:f6:97:cf:e2:
78:6d:18:c2:67:2b:d4:09:51:d8:84:da:f6:f3:20:3c:58:2d:
09:d6:09:33:2d:3b:ba:94:7f:93:cd:26:9d:5b:de:64:1b:78:
d2:d4:83:ac:80:e1:90:55:ea:2f:c8:dd:c5:eb:86:a5:91:b6:
cc:31:8e:55:42:8f:0a:e8:43:d2:2a:8e:88:4f:b6:1f:5b:29:
d3:84:36:4f:1c:cf:97:21:44:b2:26:65:8a:c7:1a:55:e4:5e:
0c:4c:33:fb:16:98:b1:64:68:57:8e:69:77:c3:cd:6d:fb:96:
85:bf:97:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJThhg13dExzr99zvp4CvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZGJhMDEzNjU1YjliYjBjYWEyODVkNzVjMTQyYzFlZTMw
Zjg4NTQwHhcNMjQwMTAyMDgzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjk3NTg0YzVlNGQ5YWFlMzE0YjI1MDI4ZGQ1NjMwZTg3ZWNiNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZEiKRYne7G92GjKohhxbwy/mt/N
SmI5fLoVL+n/AcJT96qDIDWbXgv+M8lSUcewWILJGhJfZatusYLmBL+qy1cDHicE
k0ZKQABrg+3OeHmgE4vH1TwKQDds0eWN/CZC+8QfRteDPnQ5ia7GIMUFtXuSpWWv
TqLC2MDg0BIyPe9smftm6sylCgIThwuGIr06GqVxe3kg5gsu+2+9ckHPlvBTyFeT
B5FLkF/SS+XfsNewCt7PQOtx+ZJVuuClUWzuaQFOB6h9a3W2p6qaxJQzyXC2vL5N
ZETCa0UbKoN8yI5zwHE4gMQOnYNyMEYiwZ/rLKPsmHoK7lkSWwBmsc6NUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEuXWExeTZquMUslAo3VYw6H7LQ+MB8GA1UdIwQY
MBaAFBvboBNlW5uwyqKF11wULB7jD4hUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzl1Z0UyVmJtN0RLb29YWFhCUXNIdU1QaUZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82YTI5NDYtZjBhNC00ZTg1LTkzMGUt
ZDRlZGYxNmUwOTc4LzEvUzVkWVRGNU5tcTR4U3lVQ2pkVmpEb2ZzdEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82YTI5NDYtZjBhNC00ZTg1LTkzMGUtZDRlZGYxNmUwOTc4
LzEvRzl1Z0UyVmJtN0RLb29YWFhCUXNIdU1QaUZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwbDuAwQA
wbD2MA0GCSqGSIb3DQEBCwUAA4IBAQADX/RsgLzRgMFRqjqh7akBZ/yIvahA12H+
kxpNwvYusH4OfZdV+NTA61CKLWWsw+UePa9Wk+1P/Xf8JLTC2Q26lYxfnnxYoanA
RFaGrC9xjGAavZMapdZVJmPiBBl4GgO+jENEx58unqHkv7w0DJXlowaeHIRspYHS
fPIyX3aINORtvS7KklwvSTqjuvaXz+J4bRjCZyvUCVHYhNr28yA8WC0J1gkzLTu6
lH+TzSadW95kG3jS1IOsgOGQVeovyN3F64alkbbMMY5VQo8K6EPSKo6IT7YfWynT
hDZPHM+XIUSyJmWKxxpV5F4MTDP7FpixZGhXjml3w81t+5aFv5c5
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:15 2024 by rpki-client on console-ams.rpki-client.org