Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/YsIKKcQIXmIoXyl8vOWaDE_xxeA.roa
File: YsIKKcQIXmIoXyl8vOWaDE_xxeA.roa (raw, json)
Hash identifier: qgkYMj2sFvQRggdNnQgLEzFYS5pHjRkaL+n31ULvnWY=
Subject key identifier: 62:C2:0A:29:C4:08:5E:62:28:5F:29:7C:BC:E5:9A:0C:4F:F1:C5:E0
Certificate issuer: /CN=ba6d46b76bfd6d42bbd575e2f26fce136b9b6a6d
Certificate serial: 0191F02E8F44D5AFA83A3E871748F1266FD5
Authority key identifier: BA:6D:46:B7:6B:FD:6D:42:BB:D5:75:E2:F2:6F:CE:13:6B:9B:6A:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/YsIKKcQIXmIoXyl8vOWaDE_xxeA.roa
Signing time: Sat 14 Sep 2024 10:57:48 +0000
ROA not before: Sat 14 Sep 2024 10:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47393
IP address blocks: 195.43.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.mft
rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f0:2e:8f:44:d5:af:a8:3a:3e:87:17:48:f1:26:6f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6d46b76bfd6d42bbd575e2f26fce136b9b6a6d
Validity
Not Before: Sep 14 10:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62c20a29c4085e62285f297cbce59a0c4ff1c5e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:47:f9:f8:15:9c:4d:c6:90:3e:a5:e0:a4:55:
aa:99:26:05:c5:ad:6e:6d:85:40:89:62:df:22:4a:
19:1c:3c:55:c4:ab:23:2f:42:15:80:ca:01:7f:30:
cd:f8:fc:fc:58:8f:bc:28:f0:d5:f0:61:12:28:5d:
f8:89:31:cc:a0:4e:9a:a2:62:08:95:9e:79:e4:4e:
69:7c:0a:bd:79:4e:3c:55:c9:89:73:5d:38:2f:86:
46:8e:8a:00:be:fc:21:0d:b7:15:17:01:c0:33:01:
6f:25:f0:2a:e6:fc:8f:04:da:b8:b2:0f:95:f1:a6:
91:21:84:65:22:94:c9:d1:8e:b8:76:21:d9:9a:70:
e8:65:27:b4:29:1a:fe:9b:61:c1:d8:33:c9:55:51:
50:c3:d1:90:90:b1:6a:c3:41:86:8f:27:69:e7:13:
93:b1:18:33:86:9d:d2:4e:d1:9e:06:8b:df:9f:40:
e1:fc:02:0b:c0:f5:fb:db:81:fd:bc:1d:8b:ce:78:
32:67:0f:a8:de:48:e4:e5:9b:85:c0:23:65:66:7b:
e1:58:f4:f4:84:27:1d:88:25:f8:79:a2:14:ac:d1:
5b:5f:e7:98:c4:1b:f2:d5:69:e9:d9:18:6a:19:70:
78:ee:4f:2c:05:bc:19:7e:d9:f4:ae:b2:70:18:07:
70:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C2:0A:29:C4:08:5E:62:28:5F:29:7C:BC:E5:9A:0C:4F:F1:C5:E0
X509v3 Authority Key Identifier:
keyid:BA:6D:46:B7:6B:FD:6D:42:BB:D5:75:E2:F2:6F:CE:13:6B:9B:6A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/YsIKKcQIXmIoXyl8vOWaDE_xxeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.130.0/24
Signature Algorithm: sha256WithRSAEncryption
82:21:5c:43:b5:15:5f:c7:28:48:25:4d:31:39:1d:62:58:18:
61:2e:f6:c8:60:23:a0:24:e9:54:79:4f:75:ff:4b:2f:b8:d7:
c8:55:bd:17:43:6a:1b:a4:ef:e9:31:8f:14:04:3c:9e:eb:d9:
0f:83:f6:7d:41:ed:41:fd:17:7c:f9:f4:e2:31:47:ba:e7:3c:
ea:0f:4f:99:18:6c:89:6a:70:56:ba:fa:46:89:8a:e7:56:df:
f2:d7:14:95:86:1c:f6:7a:97:20:6c:39:60:bf:50:9e:d2:f4:
8b:5f:c4:39:85:20:07:2a:6e:7f:0b:b0:ed:60:fb:5f:bd:37:
35:3b:5a:2c:62:82:f0:5f:ba:8b:4d:7a:95:6e:21:18:a8:40:
25:53:ef:6a:3a:22:44:f6:10:f8:9b:5f:eb:fe:22:ca:f4:35:
e6:eb:e0:15:b2:59:05:83:14:43:2e:ef:be:af:1a:5b:6b:e5:
f9:7f:25:a8:a8:67:09:3d:f4:dc:56:6a:5d:6f:52:4f:cf:52:
6a:b8:9d:e7:28:b2:45:f1:9e:7d:2b:e3:bb:b4:57:67:4e:49:
ad:76:dc:f1:98:69:20:9d:b3:8c:46:da:e1:3d:e7:4a:b2:33:
69:89:16:5b:63:75:56:85:20:6f:24:14:11:46:01:78:75:f9:
6d:23:6e:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHwLo9E1a+oOj6HF0jxJm/VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmQ0NmI3NmJmZDZkNDJiYmQ1NzVlMmYyNmZjZTEzNmI5
YjZhNmQwHhcNMjQwOTE0MTA1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmMyMGEyOWM0MDg1ZTYyMjg1ZjI5N2NiY2U1OWEwYzRmZjFjNWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokf5+BWcTcaQPqXgpFWqmSYFxa1u
bYVAiWLfIkoZHDxVxKsjL0IVgMoBfzDN+Pz8WI+8KPDV8GESKF34iTHMoE6aomII
lZ555E5pfAq9eU48VcmJc104L4ZGjooAvvwhDbcVFwHAMwFvJfAq5vyPBNq4sg+V
8aaRIYRlIpTJ0Y64diHZmnDoZSe0KRr+m2HB2DPJVVFQw9GQkLFqw0GGjydp5xOT
sRgzhp3STtGeBovfn0Dh/AILwPX724H9vB2LzngyZw+o3kjk5ZuFwCNlZnvhWPT0
hCcdiCX4eaIUrNFbX+eYxBvy1Wnp2RhqGXB47k8sBbwZftn0rrJwGAdwTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGLCCinECF5iKF8pfLzlmgxP8cXgMB8GA1UdIwQY
MBaAFLptRrdr/W1Cu9V14vJvzhNrm2ptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW0xR3QydjliVUs3MVhYaThtX09FMnViYW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lOGJlMGUtYTgwZC00YTRmLWI1MmYt
ZGZmMWNmZmI3YjE4LzEvWXNJS0tjUUlYbUlvWHlsOHZPV2FERV94eGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lOGJlMGUtYTgwZC00YTRmLWI1MmYtZGZmMWNmZmI3YjE4
LzEvdW0xR3QydjliVUs3MVhYaThtX09FMnViYW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyuCMA0G
CSqGSIb3DQEBCwUAA4IBAQCCIVxDtRVfxyhIJU0xOR1iWBhhLvbIYCOgJOlUeU91
/0svuNfIVb0XQ2obpO/pMY8UBDye69kPg/Z9Qe1B/Rd8+fTiMUe65zzqD0+ZGGyJ
anBWuvpGiYrnVt/y1xSVhhz2epcgbDlgv1Ce0vSLX8Q5hSAHKm5/C7DtYPtfvTc1
O1osYoLwX7qLTXqVbiEYqEAlU+9qOiJE9hD4m1/r/iLK9DXm6+AVslkFgxRDLu++
rxpba+X5fyWoqGcJPfTcVmpdb1JPz1JquJ3nKLJF8Z59K+O7tFdnTkmtdtzxmGkg
nbOMRtrhPedKsjNpiRZbY3VWhSBvJBQRRgF4dfltI27G
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:32 2024 by rpki-client on console-fra.rpki-client.org