Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/vXWXMBw0eofy6fmwnmFfG5KL7H4.roa
File: vXWXMBw0eofy6fmwnmFfG5KL7H4.roa (raw, json)
Hash identifier: hl+Rz90mwcy6N12K3XG+4T3GQS8xMwqvp/248qgKgJA=
Subject key identifier: BD:75:97:30:1C:34:7A:87:F2:E9:F9:B0:9E:61:5F:1B:92:8B:EC:7E
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 019352988F35BC361651EA3F7885C49CE201
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/vXWXMBw0eofy6fmwnmFfG5KL7H4.roa
Signing time: Fri 22 Nov 2024 06:39:09 +0000
ROA not before: Fri 22 Nov 2024 06:39:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42991
IP address blocks: 195.28.188.0/24 maxlen: 24
217.113.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:52:98:8f:35:bc:36:16:51:ea:3f:78:85:c4:9c:e2:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Nov 22 06:39:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd7597301c347a87f2e9f9b09e615f1b928bec7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b2:4f:e3:73:07:a3:9a:60:e7:eb:4e:e3:a9:
b8:ef:91:78:d7:d8:9b:2e:48:0d:53:ac:5e:b5:98:
51:cb:8f:ea:5e:e0:73:58:b5:09:80:25:d1:53:d7:
bb:17:2b:67:25:f6:26:6f:ab:b5:e9:90:8b:06:34:
0c:8f:4a:0e:50:aa:a1:65:f3:ed:02:38:86:fd:2f:
47:97:85:f6:27:6a:01:8c:83:ab:a7:c1:a9:94:f2:
65:5c:db:96:6d:e3:4c:b2:94:a2:15:2c:f6:ec:72:
1b:13:95:17:15:fa:d9:6c:c6:89:81:33:68:41:5c:
93:86:0a:34:ad:dc:a0:23:c4:70:95:6d:4f:c5:b2:
19:34:42:c5:60:9c:05:45:af:05:75:80:bd:67:6a:
1e:fc:19:be:b7:91:f5:95:86:b2:6e:ce:4d:d8:cc:
11:74:22:41:06:8b:a5:a8:3a:77:ff:c6:0e:b4:32:
32:0a:4d:cd:04:03:ad:85:9b:97:75:75:5b:b0:ba:
26:d7:c4:17:bb:40:44:b9:81:db:54:2b:60:a2:1a:
a9:66:e2:5e:b8:36:9b:b5:27:bb:4e:d2:12:89:b1:
ba:31:70:f9:6c:46:46:4e:56:83:88:0b:ba:6c:82:
ac:b3:6d:a4:e0:ef:cf:c3:1a:6c:0c:9b:fc:e2:5f:
ea:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:75:97:30:1C:34:7A:87:F2:E9:F9:B0:9E:61:5F:1B:92:8B:EC:7E
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/vXWXMBw0eofy6fmwnmFfG5KL7H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.188.0/24
217.113.30.0/24
Signature Algorithm: sha256WithRSAEncryption
74:68:07:49:dd:f5:94:68:8e:a9:d8:ec:92:01:dc:65:76:9e:
7f:33:51:fb:6e:1a:76:9c:86:9c:5f:7c:bf:4a:04:a7:3b:b3:
ec:0c:fa:d5:33:44:83:99:f3:1b:72:ea:df:7e:ab:4e:3b:a7:
36:bc:31:e0:2c:4b:f6:28:eb:c6:bc:1b:4c:b6:b8:de:51:e4:
e6:e3:3e:ef:ac:0f:de:3a:5a:42:6b:0b:b0:a6:8d:9c:5d:54:
63:e7:63:9b:26:e2:37:1a:53:87:8c:68:43:b4:de:5f:90:70:
f8:04:ac:3a:71:ae:c4:ad:9c:72:80:6b:3e:41:f5:6d:74:8b:
6f:d3:ad:5f:ad:53:dd:ff:18:b2:8f:e3:0c:21:9a:8f:b3:6e:
6c:44:30:4a:c5:e4:37:cd:3d:7d:20:30:ba:e1:07:da:62:81:
6b:07:fd:6c:dd:b6:78:73:41:d9:52:43:30:fb:74:7a:13:0d:
3e:1e:06:2d:1f:d9:bf:35:fb:b4:7e:de:d5:9d:31:d1:06:c9:
e2:ed:15:21:48:8b:23:d8:34:9e:05:7b:86:6f:d3:38:5b:22:
91:7b:e4:42:ef:0a:35:5f:d0:f3:eb:10:fb:65:77:53:19:b1:
84:8a:93:b6:db:bb:fc:dd:f2:4d:28:ad:39:a2:7a:a2:b7:77:
ee:64:94:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNSmI81vDYWUeo/eIXEnOIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjQxMTIyMDYzOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDc1OTczMDFjMzQ3YTg3ZjJlOWY5YjA5ZTYxNWYxYjkyOGJlYzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7JP43MHo5pg5+tO46m475F419ib
LkgNU6xetZhRy4/qXuBzWLUJgCXRU9e7FytnJfYmb6u16ZCLBjQMj0oOUKqhZfPt
AjiG/S9Hl4X2J2oBjIOrp8GplPJlXNuWbeNMspSiFSz27HIbE5UXFfrZbMaJgTNo
QVyThgo0rdygI8RwlW1PxbIZNELFYJwFRa8FdYC9Z2oe/Bm+t5H1lYaybs5N2MwR
dCJBBoulqDp3/8YOtDIyCk3NBAOthZuXdXVbsLom18QXu0BEuYHbVCtgohqpZuJe
uDabtSe7TtISibG6MXD5bEZGTlaDiAu6bIKss22k4O/PwxpsDJv84l/qZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL11lzAcNHqH8un5sJ5hXxuSi+x+MB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvdlhXWE1CdzBlb2Z5NmZtd25tRmZHNUtMN0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwxy8AwQA
2XEeMA0GCSqGSIb3DQEBCwUAA4IBAQB0aAdJ3fWUaI6p2OySAdxldp5/M1H7bhp2
nIacX3y/SgSnO7PsDPrVM0SDmfMbcurffqtOO6c2vDHgLEv2KOvGvBtMtrjeUeTm
4z7vrA/eOlpCawuwpo2cXVRj52ObJuI3GlOHjGhDtN5fkHD4BKw6ca7ErZxygGs+
QfVtdItv061frVPd/xiyj+MMIZqPs25sRDBKxeQ3zT19IDC64QfaYoFrB/1s3bZ4
c0HZUkMw+3R6Ew0+HgYtH9m/Nfu0ft7VnTHRBsni7RUhSIsj2DSeBXuGb9M4WyKR
e+RC7wo1X9Dz6xD7ZXdTGbGEipO227v83fJNKK05onqit3fuZJQv
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:35:40 2024 by rpki-client on console-ams.rpki-client.org