Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/popZUpjJ0KsF_KiL_RqOYCe0G3M.roa
File: popZUpjJ0KsF_KiL_RqOYCe0G3M.roa (raw, json)
Hash identifier: mxIH7rnDHPTNeHGQFCy0gK0/MqNncLj7xWyrxDdgQ1M=
Subject key identifier: A6:8A:59:52:98:C9:D0:AB:05:FC:A8:8B:FD:1A:8E:60:27:B4:1B:73
Certificate issuer: /CN=1c04848bfef724e26abed3c65e4e8f9508fb1796
Certificate serial: 0192725B314344D3A07778881E3E35955A45
Authority key identifier: 1C:04:84:8B:FE:F7:24:E2:6A:BE:D3:C6:5E:4E:8F:95:08:FB:17:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HASEi_73JOJqvtPGXk6PlQj7F5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/popZUpjJ0KsF_KiL_RqOYCe0G3M.roa
Signing time: Wed 09 Oct 2024 17:37:11 +0000
ROA not before: Wed 09 Oct 2024 17:37:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32693
IP address blocks: 193.135.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/HASEi_73JOJqvtPGXk6PlQj7F5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/HASEi_73JOJqvtPGXk6PlQj7F5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/HASEi_73JOJqvtPGXk6PlQj7F5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:72:5b:31:43:44:d3:a0:77:78:88:1e:3e:35:95:5a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c04848bfef724e26abed3c65e4e8f9508fb1796
Validity
Not Before: Oct 9 17:37:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a68a595298c9d0ab05fca88bfd1a8e6027b41b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:77:ec:31:bc:df:5a:31:db:99:66:83:f7:d2:
e1:6b:ab:09:f1:42:79:46:b8:a0:83:17:53:ef:99:
47:4f:8e:b2:73:14:25:fa:36:ad:48:3a:c5:ba:48:
24:f4:66:20:ff:63:a1:e5:69:44:f4:94:07:c7:b5:
24:5c:55:01:d0:73:8c:9d:a6:7f:44:df:ca:3a:3c:
97:fe:44:49:2f:8b:60:13:e5:2e:a3:01:35:89:93:
7a:a4:2a:bb:d2:76:d4:bc:ed:fa:29:18:43:69:05:
1e:1f:12:67:f0:fe:f7:6a:75:82:b0:01:bd:f7:f8:
bc:14:10:46:19:b8:7b:aa:52:82:03:40:0c:bc:11:
9b:bb:8c:42:82:3e:55:36:f4:0d:1e:10:c5:1f:bf:
52:45:f6:88:4a:4b:c9:84:86:17:17:17:51:05:de:
a0:ee:92:8c:76:0c:ec:85:c8:8e:42:db:7e:43:fa:
52:ea:cb:7f:18:46:c6:07:93:f7:79:d8:7d:2c:b2:
22:05:1c:52:c5:db:d0:d1:c8:08:d5:86:7e:3d:eb:
e8:23:23:b3:ff:ba:b5:6e:f0:10:62:e5:4c:af:5b:
65:6c:3e:95:2b:f5:8c:59:78:68:2e:cc:b9:10:60:
a9:89:cd:4f:89:a5:c1:be:67:f9:e0:3b:db:19:c5:
f0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:8A:59:52:98:C9:D0:AB:05:FC:A8:8B:FD:1A:8E:60:27:B4:1B:73
X509v3 Authority Key Identifier:
keyid:1C:04:84:8B:FE:F7:24:E2:6A:BE:D3:C6:5E:4E:8F:95:08:FB:17:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HASEi_73JOJqvtPGXk6PlQj7F5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/popZUpjJ0KsF_KiL_RqOYCe0G3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/672629-a0e2-476f-aead-ee380b82cfca/1/HASEi_73JOJqvtPGXk6PlQj7F5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.118.0/24
Signature Algorithm: sha256WithRSAEncryption
82:ca:5b:40:94:85:03:8d:c4:96:64:f6:5b:c0:e4:50:02:54:
99:4d:3b:75:79:24:2b:7e:00:c2:3c:34:a6:d2:02:12:13:32:
c6:2f:0e:54:89:79:bb:a0:99:8b:28:6c:0f:bd:71:31:f4:c6:
4f:b5:ed:9a:9c:f0:e9:23:88:1f:7f:6e:e6:8f:79:7c:54:f6:
3d:8d:97:7b:06:47:8a:29:6a:47:7b:9e:6b:fa:9e:9c:31:c1:
b2:e8:80:89:ca:2e:c9:59:d9:ec:b8:14:d5:1c:61:88:97:39:
02:66:82:5c:68:e8:8f:e6:60:d3:5a:6e:f5:56:da:0e:db:81:
f7:55:a7:23:f7:a5:4e:17:c4:d5:0f:ed:6f:fc:62:78:bb:0e:
34:48:8a:8d:01:08:05:d4:d4:62:ba:a0:0d:65:61:58:7c:d7:
c3:9e:9f:00:f9:ed:14:ca:39:18:e1:0c:d1:4f:6d:01:9f:f9:
7a:f3:19:f5:d8:96:97:dc:f5:ac:67:58:c9:ea:0f:3b:5a:0a:
46:57:b7:7c:ae:2f:9c:20:8a:0d:2b:bb:d6:af:07:41:af:4c:
32:82:a4:c0:bf:8b:32:79:3f:b4:e4:8b:98:e2:c6:8b:b2:4a:
62:71:1e:48:f0:f4:62:aa:85:78:0c:90:99:29:9d:1e:c2:fe:
e5:0c:8c:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJyWzFDRNOgd3iIHj41lVpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDQ4NDhiZmVmNzI0ZTI2YWJlZDNjNjVlNGU4Zjk1MDhm
YjE3OTYwHhcNMjQxMDA5MTczNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjhhNTk1Mjk4YzlkMGFiMDVmY2E4OGJmZDFhOGU2MDI3YjQxYjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynfsMbzfWjHbmWaD99Lha6sJ8UJ5
RriggxdT75lHT46ycxQl+jatSDrFukgk9GYg/2Oh5WlE9JQHx7UkXFUB0HOMnaZ/
RN/KOjyX/kRJL4tgE+UuowE1iZN6pCq70nbUvO36KRhDaQUeHxJn8P73anWCsAG9
9/i8FBBGGbh7qlKCA0AMvBGbu4xCgj5VNvQNHhDFH79SRfaISkvJhIYXFxdRBd6g
7pKMdgzshciOQtt+Q/pS6st/GEbGB5P3edh9LLIiBRxSxdvQ0cgI1YZ+PevoIyOz
/7q1bvAQYuVMr1tlbD6VK/WMWXhoLsy5EGCpic1PiaXBvmf54DvbGcXwjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaKWVKYydCrBfyoi/0ajmAntBtzMB8GA1UdIwQY
MBaAFBwEhIv+9yTiar7Txl5Oj5UI+xeWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFTRWlfNzNKT0pxdnRQR1hrNlBsUWo3RjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny82NzI2MjktYTBlMi00NzZmLWFlYWQt
ZWUzODBiODJjZmNhLzEvcG9wWlVwakowS3NGX0tpTF9ScU9ZQ2UwRzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny82NzI2MjktYTBlMi00NzZmLWFlYWQtZWUzODBiODJjZmNh
LzEvSEFTRWlfNzNKT0pxdnRQR1hrNlBsUWo3RjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYd2MA0G
CSqGSIb3DQEBCwUAA4IBAQCCyltAlIUDjcSWZPZbwORQAlSZTTt1eSQrfgDCPDSm
0gISEzLGLw5UiXm7oJmLKGwPvXEx9MZPte2anPDpI4gff27mj3l8VPY9jZd7BkeK
KWpHe55r+p6cMcGy6ICJyi7JWdnsuBTVHGGIlzkCZoJcaOiP5mDTWm71VtoO24H3
Vacj96VOF8TVD+1v/GJ4uw40SIqNAQgF1NRiuqANZWFYfNfDnp8A+e0UyjkY4QzR
T20Bn/l68xn12JaX3PWsZ1jJ6g87WgpGV7d8ri+cIIoNK7vWrwdBr0wygqTAv4sy
eT+05IuY4saLskpicR5I8PRiqoV4DJCZKZ0ewv7lDIyI
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:44:30 2024 by rpki-client on console-ams.rpki-client.org