Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/PlVteOEV6Hr5iT13FS5nfGF9Gvs.roa
File: PlVteOEV6Hr5iT13FS5nfGF9Gvs.roa (raw, json)
Hash identifier: AiBMBWedGhyNf6oTx1H25pa3ww86xzCsdIqLhvx1a1Y=
Subject key identifier: 3E:55:6D:78:E1:15:E8:7A:F9:89:3D:77:15:2E:67:7C:61:7D:1A:FB
Certificate issuer: /CN=f031c2da6bb9a56c28efeec4e4df0758cc24eb26
Certificate serial: 018DD4D2E8383F7D6BDAED1E67AD1E060DBE
Authority key identifier: F0:31:C2:DA:6B:B9:A5:6C:28:EF:EE:C4:E4:DF:07:58:CC:24:EB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DHC2mu5pWwo7-7E5N8HWMwk6yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/PlVteOEV6Hr5iT13FS5nfGF9Gvs.roa
Signing time: Fri 23 Feb 2024 07:16:48 +0000
ROA not before: Fri 23 Feb 2024 07:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198320
IP address blocks: 130.255.117.0/24 maxlen: 24
130.255.118.0/24 maxlen: 24
130.255.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/8DHC2mu5pWwo7-7E5N8HWMwk6yY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/8DHC2mu5pWwo7-7E5N8HWMwk6yY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8DHC2mu5pWwo7-7E5N8HWMwk6yY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d4:d2:e8:38:3f:7d:6b:da:ed:1e:67:ad:1e:06:0d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f031c2da6bb9a56c28efeec4e4df0758cc24eb26
Validity
Not Before: Feb 23 07:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e556d78e115e87af9893d77152e677c617d1afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:cd:85:40:1f:4f:f4:3b:ef:64:56:fb:f1:58:
a8:5b:ce:43:08:15:a1:17:5b:d5:1d:4c:ae:fa:eb:
ed:1d:bb:7b:22:85:5c:8e:46:72:17:f6:5d:d0:5c:
3d:b4:a9:6c:32:23:e5:f5:49:d7:bd:13:53:5f:36:
c8:de:17:47:13:77:dd:d2:10:f7:75:60:4b:2e:31:
01:39:16:b5:e3:c8:fb:29:5f:4c:2f:21:5f:80:fb:
11:18:4c:b0:b9:bb:8c:7a:12:af:f2:4b:17:47:48:
6e:bd:ff:33:49:c6:48:e6:ab:65:02:d7:20:f4:72:
f5:97:d3:ba:74:3a:7c:64:79:f2:86:f3:73:97:f1:
fc:d5:2f:0a:bf:43:e2:be:75:40:df:57:57:6b:26:
f8:dd:8f:19:26:64:de:5d:a8:b5:bb:62:68:8a:20:
41:88:e3:5c:ea:81:f0:0c:71:5a:c0:d1:42:2d:73:
3c:53:9f:55:85:13:c2:25:2f:02:14:42:56:dc:81:
46:16:69:0b:2f:6c:75:9e:82:ee:47:50:8c:37:66:
5c:7f:ee:bd:2d:b7:c2:5a:4a:bf:2e:f2:18:26:24:
d7:a8:60:8e:2d:a8:aa:ea:59:03:5a:ff:75:1a:e6:
6a:0e:cc:3a:2a:52:62:07:d8:a7:1c:6d:2d:45:09:
b0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:55:6D:78:E1:15:E8:7A:F9:89:3D:77:15:2E:67:7C:61:7D:1A:FB
X509v3 Authority Key Identifier:
keyid:F0:31:C2:DA:6B:B9:A5:6C:28:EF:EE:C4:E4:DF:07:58:CC:24:EB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DHC2mu5pWwo7-7E5N8HWMwk6yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/PlVteOEV6Hr5iT13FS5nfGF9Gvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/dd704b-c735-44df-a796-f86243a9c2b3/1/8DHC2mu5pWwo7-7E5N8HWMwk6yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.117.0-130.255.119.255
Signature Algorithm: sha256WithRSAEncryption
39:67:de:f2:24:22:17:09:47:3b:2d:6f:9c:3b:11:13:eb:43:
7a:18:49:35:28:95:1e:7f:34:d9:15:40:bf:91:00:51:cd:b6:
7c:71:5e:28:34:3d:8c:e7:f1:5f:d4:6c:e1:d6:a0:e7:e6:3c:
20:9c:da:89:eb:50:37:84:9c:5f:b5:cc:11:99:eb:88:65:2f:
fd:de:16:ed:20:65:c9:c9:9f:bc:33:42:54:11:1d:0a:07:86:
1a:31:81:85:4b:cc:64:25:af:13:6c:3d:34:34:df:a9:8a:e4:
99:b9:6f:04:0b:f1:cc:c8:19:88:46:23:87:17:b1:65:d6:e6:
80:eb:41:71:f0:a6:16:72:be:7f:c8:dd:80:4c:94:7f:d7:70:
7a:85:01:67:06:5c:3e:a0:68:d7:4c:62:47:ca:53:a6:87:9a:
7e:f9:68:d2:28:62:55:42:73:46:99:ac:0e:c5:21:cd:5c:af:
b7:c9:29:1a:92:da:8c:68:6d:00:ca:9a:95:9a:64:a0:dc:97:
6a:eb:44:e1:d3:72:d7:1e:29:07:9a:e0:1a:3c:74:ae:fb:ea:
2f:a3:27:fa:4c:5b:13:7a:f5:4b:21:3f:38:c0:6d:79:3e:cf:
c9:da:b4:3b:72:69:74:64:47:40:a7:23:31:ac:5c:c5:a8:6c:
dc:61:6f:97
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3U0ug4P31r2u0eZ60eBg2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzFjMmRhNmJiOWE1NmMyOGVmZWVjNGU0ZGYwNzU4Y2My
NGViMjYwHhcNMjQwMjIzMDcxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTU1NmQ3OGUxMTVlODdhZjk4OTNkNzcxNTJlNjc3YzYxN2QxYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAis2FQB9P9DvvZFb78VioW85DCBWh
F1vVHUyu+uvtHbt7IoVcjkZyF/Zd0Fw9tKlsMiPl9UnXvRNTXzbI3hdHE3fd0hD3
dWBLLjEBORa148j7KV9MLyFfgPsRGEywubuMehKv8ksXR0huvf8zScZI5qtlAtcg
9HL1l9O6dDp8ZHnyhvNzl/H81S8Kv0PivnVA31dXayb43Y8ZJmTeXai1u2JoiiBB
iONc6oHwDHFawNFCLXM8U59VhRPCJS8CFEJW3IFGFmkLL2x1noLuR1CMN2Zcf+69
LbfCWkq/LvIYJiTXqGCOLaiq6lkDWv91GuZqDsw6KlJiB9inHG0tRQmwAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFD5VbXjhFeh6+Yk9dxUuZ3xhfRr7MB8GA1UdIwQY
MBaAFPAxwtpruaVsKO/uxOTfB1jMJOsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERIQzJtdTVwV3dvNy03RTVOOEhXTXdrNnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9kZDcwNGItYzczNS00NGRmLWE3OTYt
Zjg2MjQzYTljMmIzLzEvUGxWdGVPRVY2SHI1aVQxM0ZTNW5mR0Y5R3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9kZDcwNGItYzczNS00NGRmLWE3OTYtZjg2MjQzYTljMmIz
LzEvOERIQzJtdTVwV3dvNy03RTVOOEhXTXdrNnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACC/3UD
BAOC/3AwDQYJKoZIhvcNAQELBQADggEBADln3vIkIhcJRzstb5w7ERPrQ3oYSTUo
lR5/NNkVQL+RAFHNtnxxXig0PYzn8V/UbOHWoOfmPCCc2onrUDeEnF+1zBGZ64hl
L/3eFu0gZcnJn7wzQlQRHQoHhhoxgYVLzGQlrxNsPTQ036mK5Jm5bwQL8czIGYhG
I4cXsWXW5oDrQXHwphZyvn/I3YBMlH/XcHqFAWcGXD6gaNdMYkfKU6aHmn75aNIo
YlVCc0aZrA7FIc1cr7fJKRqS2oxobQDKmpWaZKDcl2rrROHTctceKQea4Bo8dK77
6i+jJ/pMWxN69UshPzjAbXk+z8natDtyaXRkR0CnIzGsXMWobNxhb5c=
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:11:17 2024 by rpki-client on console-fra.rpki-client.org