Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/pIDshd1xsYohOiIlt10CowJmsig.roa
File: pIDshd1xsYohOiIlt10CowJmsig.roa (raw, json)
Hash identifier: Y+KvzWuo1DMh7tbrui4oA7Lw0IEPLQ6tLCPFLYP9mZM=
Subject key identifier: A4:80:EC:85:DD:71:B1:8A:21:3A:22:25:B7:5D:02:A3:02:66:B2:28
Certificate issuer: /CN=ba6d46b76bfd6d42bbd575e2f26fce136b9b6a6d
Certificate serial: 0191F02E8ED8C03BC9C8B7F018D725A930B3
Authority key identifier: BA:6D:46:B7:6B:FD:6D:42:BB:D5:75:E2:F2:6F:CE:13:6B:9B:6A:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/pIDshd1xsYohOiIlt10CowJmsig.roa
Signing time: Sat 14 Sep 2024 10:57:48 +0000
ROA not before: Sat 14 Sep 2024 10:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 195.245.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.mft
rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f0:2e:8e:d8:c0:3b:c9:c8:b7:f0:18:d7:25:a9:30:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba6d46b76bfd6d42bbd575e2f26fce136b9b6a6d
Validity
Not Before: Sep 14 10:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a480ec85dd71b18a213a2225b75d02a30266b228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:43:6a:0f:7c:27:3a:82:6f:b2:b1:d7:e5:9d:
ae:ff:17:a6:e2:d5:1d:dd:56:93:3e:2f:8a:72:a1:
60:3d:3f:20:76:17:d8:7b:d6:9a:32:08:e9:77:bd:
0c:5c:c4:0b:1c:e0:a0:63:64:6a:1f:e9:2b:0d:36:
e9:ae:6c:e2:46:63:df:5b:12:4e:3a:dc:aa:cc:2e:
1d:b5:5a:62:67:1e:89:52:da:96:ae:e2:8e:88:7a:
e2:6c:0f:73:e6:1d:85:4f:29:bc:51:b2:b0:2d:1f:
2a:68:02:5f:e9:40:f3:03:de:06:03:82:7c:16:03:
33:57:22:44:65:99:3a:30:bd:4e:d7:80:82:e8:6c:
6e:a6:d9:fe:e1:c8:50:49:c8:d9:5e:1c:b0:21:ac:
e9:98:ff:4b:60:d1:0e:7f:ba:b6:05:73:22:25:8c:
80:9d:ee:6f:f2:df:14:c6:d9:09:4b:de:d4:08:24:
3d:c1:41:e1:f6:f1:73:fc:5e:19:86:0d:4f:2f:00:
3f:2c:b1:6c:8c:95:2c:e4:86:4a:e0:bb:77:d4:94:
ed:f9:63:60:2f:6d:ee:e7:2f:26:34:2a:9a:19:11:
2f:da:0f:7d:95:53:91:28:a0:d6:cc:69:0f:a0:93:
93:d0:c8:0e:88:95:f5:12:a2:44:2e:ca:1a:49:91:
e4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:80:EC:85:DD:71:B1:8A:21:3A:22:25:B7:5D:02:A3:02:66:B2:28
X509v3 Authority Key Identifier:
keyid:BA:6D:46:B7:6B:FD:6D:42:BB:D5:75:E2:F2:6F:CE:13:6B:9B:6A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um1Gt2v9bUK71XXi8m_OE2ubam0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/pIDshd1xsYohOiIlt10CowJmsig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e8be0e-a80d-4a4f-b52f-dff1cffb7b18/1/um1Gt2v9bUK71XXi8m_OE2ubam0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.247.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:46:43:65:58:f6:84:d6:a7:1b:b2:b9:30:83:34:64:99:d2:
19:5f:33:8c:a7:23:89:5d:cb:99:85:ca:c9:be:9c:c8:ae:0b:
7a:97:ee:81:fa:13:e8:d5:a2:1b:fd:a1:b2:50:53:04:d5:29:
d6:ca:f2:f6:85:c1:b2:7a:9b:d9:f3:da:ab:ef:2d:70:3b:82:
b0:63:20:99:c8:70:fb:f3:0f:2a:b2:0e:52:93:e0:d5:18:c8:
02:4d:50:2f:a0:65:52:42:10:d0:f8:f1:15:24:53:d4:ec:60:
4e:33:8c:0b:d0:2e:07:95:60:e4:86:8c:3b:34:6b:1e:b5:c4:
c4:11:fe:1a:23:a1:6e:36:5c:1c:b3:c2:f0:d3:9a:35:ab:a3:
cf:5c:da:7e:91:6e:ff:c7:10:41:9d:de:4f:1f:2c:35:b4:ef:
06:76:d5:9a:57:d7:8d:6f:0b:4b:8b:aa:9a:8c:4b:6b:fd:30:
bc:1e:17:37:55:5d:2b:a1:af:be:a3:25:f4:08:f4:8b:12:4b:
04:76:c1:13:5b:56:8d:a6:16:54:c3:c2:e9:29:85:38:86:a1:
78:0c:24:78:50:89:ea:45:f9:8f:c7:cc:3d:17:44:eb:05:a7:
18:6d:1c:45:d5:fd:0e:e1:3f:0f:45:30:a9:83:0d:50:b7:e7:
5f:f1:32:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHwLo7YwDvJyLfwGNclqTCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNmQ0NmI3NmJmZDZkNDJiYmQ1NzVlMmYyNmZjZTEzNmI5
YjZhNmQwHhcNMjQwOTE0MTA1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDgwZWM4NWRkNzFiMThhMjEzYTIyMjViNzVkMDJhMzAyNjZiMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUNqD3wnOoJvsrHX5Z2u/xem4tUd
3VaTPi+KcqFgPT8gdhfYe9aaMgjpd70MXMQLHOCgY2RqH+krDTbprmziRmPfWxJO
OtyqzC4dtVpiZx6JUtqWruKOiHribA9z5h2FTym8UbKwLR8qaAJf6UDzA94GA4J8
FgMzVyJEZZk6ML1O14CC6Gxuptn+4chQScjZXhywIazpmP9LYNEOf7q2BXMiJYyA
ne5v8t8UxtkJS97UCCQ9wUHh9vFz/F4Zhg1PLwA/LLFsjJUs5IZK4Lt31JTt+WNg
L23u5y8mNCqaGREv2g99lVORKKDWzGkPoJOT0MgOiJX1EqJELsoaSZHkiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSA7IXdcbGKIToiJbddAqMCZrIoMB8GA1UdIwQY
MBaAFLptRrdr/W1Cu9V14vJvzhNrm2ptMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW0xR3QydjliVUs3MVhYaThtX09FMnViYW0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lOGJlMGUtYTgwZC00YTRmLWI1MmYt
ZGZmMWNmZmI3YjE4LzEvcElEc2hkMXhzWW9oT2lJbHQxMENvd0ptc2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lOGJlMGUtYTgwZC00YTRmLWI1MmYtZGZmMWNmZmI3YjE4
LzEvdW0xR3QydjliVUs3MVhYaThtX09FMnViYW0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/X3MA0G
CSqGSIb3DQEBCwUAA4IBAQAORkNlWPaE1qcbsrkwgzRkmdIZXzOMpyOJXcuZhcrJ
vpzIrgt6l+6B+hPo1aIb/aGyUFME1SnWyvL2hcGyepvZ89qr7y1wO4KwYyCZyHD7
8w8qsg5Sk+DVGMgCTVAvoGVSQhDQ+PEVJFPU7GBOM4wL0C4HlWDkhow7NGsetcTE
Ef4aI6FuNlwcs8Lw05o1q6PPXNp+kW7/xxBBnd5PHyw1tO8GdtWaV9eNbwtLi6qa
jEtr/TC8Hhc3VV0roa++oyX0CPSLEksEdsETW1aNphZUw8LpKYU4hqF4DCR4UInq
RfmPx8w9F0TrBacYbRxF1f0O4T8PRTCpgw1Qt+df8TJ3
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:11:30 2024 by rpki-client on console-fra.rpki-client.org