Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/sNEffc8I1ny1DsYAmAiXKx8sKnk.roa
File: sNEffc8I1ny1DsYAmAiXKx8sKnk.roa (raw, json)
Hash identifier: 3Fvclw2C7MI6rzjhWWjEHnOz/OwLpj/5VzDW1MfVor0=
Subject key identifier: B0:D1:1F:7D:CF:08:D6:7C:B5:0E:C6:00:98:08:97:2B:1F:2C:2A:79
Certificate issuer: /CN=c128165f8eee185faaf9aa33875f4ee412b10f8c
Certificate serial: 018CC9BBF2392D48BCF0000E1E2F6E454639
Authority key identifier: C1:28:16:5F:8E:EE:18:5F:AA:F9:AA:33:87:5F:4E:E4:12:B1:0F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSgWX47uGF-q-aozh19O5BKxD4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/sNEffc8I1ny1DsYAmAiXKx8sKnk.roa
Signing time: Tue 02 Jan 2024 10:33:06 +0000
ROA not before: Tue 02 Jan 2024 10:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25541
IP address blocks: 195.245.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/wSgWX47uGF-q-aozh19O5BKxD4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/wSgWX47uGF-q-aozh19O5BKxD4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/wSgWX47uGF-q-aozh19O5BKxD4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:f2:39:2d:48:bc:f0:00:0e:1e:2f:6e:45:46:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c128165f8eee185faaf9aa33875f4ee412b10f8c
Validity
Not Before: Jan 2 10:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0d11f7dcf08d67cb50ec6009808972b1f2c2a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1a:f9:88:8f:0a:ab:b0:b2:86:a9:9c:ae:76:
f3:b3:be:ae:14:f6:fb:58:61:bf:e8:de:da:d6:0f:
fc:9e:a1:80:20:3f:4b:72:39:c4:d2:68:ea:08:84:
5c:87:77:4a:a7:fb:3f:7c:2e:8a:e9:94:e8:a6:4f:
eb:59:94:4a:bc:60:f8:da:86:2d:ce:b0:cd:7e:84:
8c:b6:ae:bf:0d:c6:93:9d:83:ab:18:b5:46:72:0c:
cb:10:48:b4:64:fc:7c:db:f1:bc:52:91:9f:3c:7e:
36:45:ab:08:a4:8c:18:5a:05:ed:b0:d9:2a:43:3a:
f0:2f:b5:33:44:9f:7f:f2:28:75:3e:a5:d7:17:2a:
3d:bb:27:fb:ab:8b:53:e6:ef:45:22:10:2d:36:2f:
e9:9c:06:12:ac:34:56:c7:09:55:c6:26:e5:0f:7d:
1d:f4:af:65:96:b0:16:5a:4e:75:19:fb:a2:18:ff:
b1:ac:4c:93:4d:b5:19:c4:a8:e2:f7:4c:56:55:b5:
a0:92:f5:b3:b5:66:61:67:86:db:fb:8f:d7:c9:ff:
36:1e:c1:d3:f0:2e:1c:2f:77:40:cc:f6:cb:a7:e7:
dd:16:5e:da:0e:5e:61:da:d9:ea:48:b3:d5:69:49:
6f:fd:fb:b4:96:7f:40:49:f5:49:70:a6:86:6f:86:
07:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:D1:1F:7D:CF:08:D6:7C:B5:0E:C6:00:98:08:97:2B:1F:2C:2A:79
X509v3 Authority Key Identifier:
keyid:C1:28:16:5F:8E:EE:18:5F:AA:F9:AA:33:87:5F:4E:E4:12:B1:0F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSgWX47uGF-q-aozh19O5BKxD4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/sNEffc8I1ny1DsYAmAiXKx8sKnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a3b8cd-56fa-43a1-8dc1-2e5af5b68781/1/wSgWX47uGF-q-aozh19O5BKxD4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.216.0/24
Signature Algorithm: sha256WithRSAEncryption
80:69:ad:52:d7:e7:da:e8:d0:c5:fd:f5:c5:3b:80:f0:43:1d:
f3:5d:f3:0a:1d:24:91:30:64:87:ec:e5:a7:bb:66:88:85:be:
a3:00:dc:2a:14:8a:e5:26:3d:a5:69:14:c1:6e:e0:cc:b5:b7:
a0:a5:49:4f:9a:9b:15:a6:1b:7b:5b:17:71:e1:8f:15:5c:24:
a5:ae:d3:7b:be:d8:b2:3a:29:31:94:79:6f:38:83:7d:83:86:
bd:1f:46:f8:72:49:59:bc:d7:ea:f6:47:5d:da:f9:29:5f:1f:
39:4d:78:1f:d0:bd:05:d5:d7:7d:0f:e5:28:60:69:33:6d:1e:
92:c5:2f:99:ce:a9:d9:33:55:2f:9d:bf:a8:c4:3e:11:1c:4a:
0c:28:69:1e:1d:2c:18:25:66:78:f6:ba:c9:7a:50:9f:05:23:
e8:bb:db:f1:7c:41:8f:e9:73:1e:dc:50:8a:2a:1d:0b:62:35:
77:f9:27:21:0e:dc:36:87:a1:38:91:da:e3:4e:06:ef:22:1c:
50:de:46:78:70:ef:11:0d:35:cb:b7:88:16:cd:5c:bb:45:9f:
c3:94:00:1a:97:7f:d0:fd:73:08:c5:72:7e:00:93:0a:4b:9b:
01:b7:ad:82:2f:1d:e2:3f:66:3e:c6:9f:f1:b6:0e:16:de:1c:
70:27:49:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu/I5LUi88AAOHi9uRUY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMjgxNjVmOGVlZTE4NWZhYWY5YWEzMzg3NWY0ZWU0MTJi
MTBmOGMwHhcNMjQwMTAyMTAzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGQxMWY3ZGNmMDhkNjdjYjUwZWM2MDA5ODA4OTcyYjFmMmMyYTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphr5iI8Kq7Cyhqmcrnbzs76uFPb7
WGG/6N7a1g/8nqGAID9LcjnE0mjqCIRch3dKp/s/fC6K6ZTopk/rWZRKvGD42oYt
zrDNfoSMtq6/DcaTnYOrGLVGcgzLEEi0ZPx82/G8UpGfPH42RasIpIwYWgXtsNkq
QzrwL7UzRJ9/8ih1PqXXFyo9uyf7q4tT5u9FIhAtNi/pnAYSrDRWxwlVxiblD30d
9K9llrAWWk51GfuiGP+xrEyTTbUZxKji90xWVbWgkvWztWZhZ4bb+4/Xyf82HsHT
8C4cL3dAzPbLp+fdFl7aDl5h2tnqSLPVaUlv/fu0ln9ASfVJcKaGb4YH4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLDRH33PCNZ8tQ7GAJgIlysfLCp5MB8GA1UdIwQY
MBaAFMEoFl+O7hhfqvmqM4dfTuQSsQ+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NnV1g0N3VHRi1xLWFvemgxOU81Qkt4RDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9hM2I4Y2QtNTZmYS00M2ExLThkYzEt
MmU1YWY1YjY4NzgxLzEvc05FZmZjOEkxbnkxRHNZQW1BaVhLeDhzS25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9hM2I4Y2QtNTZmYS00M2ExLThkYzEtMmU1YWY1YjY4Nzgx
LzEvd1NnV1g0N3VHRi1xLWFvemgxOU81Qkt4RDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/XYMA0G
CSqGSIb3DQEBCwUAA4IBAQCAaa1S1+fa6NDF/fXFO4DwQx3zXfMKHSSRMGSH7OWn
u2aIhb6jANwqFIrlJj2laRTBbuDMtbegpUlPmpsVpht7Wxdx4Y8VXCSlrtN7vtiy
OikxlHlvOIN9g4a9H0b4cklZvNfq9kdd2vkpXx85TXgf0L0F1dd9D+UoYGkzbR6S
xS+ZzqnZM1Uvnb+oxD4RHEoMKGkeHSwYJWZ49rrJelCfBSPou9vxfEGP6XMe3FCK
Kh0LYjV3+SchDtw2h6E4kdrjTgbvIhxQ3kZ4cO8RDTXLt4gWzVy7RZ/DlAAal3/Q
/XMIxXJ+AJMKS5sBt62CLx3iP2Y+xp/xtg4W3hxwJ0lf
-----END CERTIFICATE-----
Generated at Sat Jun 8 08:53:38 2024 by rpki-client on console-ams.rpki-client.org