Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/swH_tlqawhDs9c_E4rvyA1X1QrU.roa
File: swH_tlqawhDs9c_E4rvyA1X1QrU.roa (raw, json)
Hash identifier: P9K2PAkx3bmuOwQ+G+KpHzMHODJjHKlbD9LMApyi7Hk=
Subject key identifier: B3:01:FF:B6:5A:9A:C2:10:EC:F5:CF:C4:E2:BB:F2:03:55:F5:42:B5
Certificate issuer: /CN=b6d7f368fa1cf5b1aaaa76b0f1f23c06750a8426
Certificate serial: 018EF6C8D6A10559428257A3B22A37902E5F
Authority key identifier: B6:D7:F3:68:FA:1C:F5:B1:AA:AA:76:B0:F1:F2:3C:06:75:0A:84:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttfzaPoc9bGqqnaw8fI8BnUKhCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/swH_tlqawhDs9c_E4rvyA1X1QrU.roa
Signing time: Fri 19 Apr 2024 14:35:41 +0000
ROA not before: Fri 19 Apr 2024 14:35:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41872
IP address blocks: 193.247.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/ttfzaPoc9bGqqnaw8fI8BnUKhCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/ttfzaPoc9bGqqnaw8fI8BnUKhCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ttfzaPoc9bGqqnaw8fI8BnUKhCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:c8:d6:a1:05:59:42:82:57:a3:b2:2a:37:90:2e:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d7f368fa1cf5b1aaaa76b0f1f23c06750a8426
Validity
Not Before: Apr 19 14:35:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b301ffb65a9ac210ecf5cfc4e2bbf20355f542b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f0:82:f8:67:35:59:9c:2b:4d:80:cb:43:4c:
19:2a:af:02:fc:01:4a:7b:48:0e:25:15:a2:4d:23:
35:30:bc:32:17:f7:b3:38:7a:e9:28:c7:f1:c0:46:
c7:42:5a:36:5e:b9:01:61:d3:54:3e:a9:6a:40:97:
8a:fe:4b:ff:54:25:52:3f:4f:40:bd:1b:16:57:a5:
07:77:b6:a1:d6:d6:38:b3:a1:3d:26:e0:09:fd:b0:
95:c5:0c:9a:c3:4a:57:59:60:59:21:e4:aa:80:40:
f9:3b:1e:9d:84:17:14:8d:8b:60:f9:62:f2:27:11:
85:e5:fd:d7:92:b5:4a:0b:48:0c:37:e0:e5:28:8d:
50:d0:84:4d:2e:b0:af:5a:b3:e7:f9:60:a5:ab:60:
df:d9:30:e1:d8:55:f0:c9:45:e6:59:29:5e:70:6c:
ba:e7:d2:5c:18:cd:c9:b9:b7:e2:eb:38:f1:b2:15:
f7:d1:f4:49:f8:f8:0c:b2:0f:cc:8e:a4:6c:04:05:
ee:6d:9a:01:ea:6c:e5:9f:39:e1:d2:30:c3:24:30:
dd:48:da:9c:e7:8e:77:7c:7f:ef:6e:a5:94:0e:6d:
b9:33:d5:9c:66:ff:ea:78:ca:3c:8c:e8:72:e7:27:
6c:37:b9:c1:4c:17:7f:67:4f:66:51:13:df:84:44:
83:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:01:FF:B6:5A:9A:C2:10:EC:F5:CF:C4:E2:BB:F2:03:55:F5:42:B5
X509v3 Authority Key Identifier:
keyid:B6:D7:F3:68:FA:1C:F5:B1:AA:AA:76:B0:F1:F2:3C:06:75:0A:84:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttfzaPoc9bGqqnaw8fI8BnUKhCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/swH_tlqawhDs9c_E4rvyA1X1QrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6d15f4-86a2-46d9-b3ed-08aedc2f2639/1/ttfzaPoc9bGqqnaw8fI8BnUKhCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.109.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:db:70:e7:cd:a1:38:b2:86:82:77:1b:77:a0:5d:6b:8c:8c:
3a:f0:b5:1f:7a:06:0b:7e:26:a6:dc:b2:e3:f5:4e:f4:75:d1:
ff:76:1f:15:0b:c2:c5:69:c7:5a:95:c0:ae:42:ad:78:0d:07:
c3:27:ab:35:91:d0:d6:09:f8:93:52:1e:ef:f6:a9:45:78:4a:
bb:c2:46:fd:23:3d:50:4e:44:e0:47:b2:93:34:88:c7:12:e9:
82:ad:df:76:45:a3:f9:c9:a5:e5:96:f0:fc:e8:b6:50:cb:54:
8b:d4:a7:ca:92:25:c6:65:96:a9:1f:c0:33:80:20:8d:17:9d:
c1:41:e0:67:b3:db:af:4b:ba:51:29:fe:e0:dc:dc:2a:33:65:
3b:65:65:15:78:d5:ea:ad:f7:e3:95:3c:7a:be:b6:9f:9a:ea:
c8:7d:48:7d:06:40:d8:9b:ec:7a:58:69:a0:75:79:3f:75:4d:
fa:7d:c0:9d:ec:1c:95:31:40:cb:56:29:9d:ea:4d:77:ea:e2:
b9:a0:2b:74:92:88:e0:7d:14:47:b4:51:4b:bc:9d:f6:9d:26:
53:a7:0f:89:76:d1:5e:f2:22:eb:6f:35:93:c1:04:46:33:a3:
3f:9b:1e:ca:10:2d:8d:ae:2d:c6:aa:db:85:b5:90:a3:50:94:
bb:2f:9e:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY72yNahBVlCglejsio3kC5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDdmMzY4ZmExY2Y1YjFhYWFhNzZiMGYxZjIzYzA2NzUw
YTg0MjYwHhcNMjQwNDE5MTQzNTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzAxZmZiNjVhOWFjMjEwZWNmNWNmYzRlMmJiZjIwMzU1ZjU0MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/CC+Gc1WZwrTYDLQ0wZKq8C/AFK
e0gOJRWiTSM1MLwyF/ezOHrpKMfxwEbHQlo2XrkBYdNUPqlqQJeK/kv/VCVSP09A
vRsWV6UHd7ah1tY4s6E9JuAJ/bCVxQyaw0pXWWBZIeSqgED5Ox6dhBcUjYtg+WLy
JxGF5f3XkrVKC0gMN+DlKI1Q0IRNLrCvWrPn+WClq2Df2TDh2FXwyUXmWSlecGy6
59JcGM3Jubfi6zjxshX30fRJ+PgMsg/MjqRsBAXubZoB6mzlnznh0jDDJDDdSNqc
5453fH/vbqWUDm25M9WcZv/qeMo8jOhy5ydsN7nBTBd/Z09mURPfhESDWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMB/7ZamsIQ7PXPxOK78gNV9UK1MB8GA1UdIwQY
MBaAFLbX82j6HPWxqqp2sPHyPAZ1CoQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRmemFQb2M5YkdxcW5hdzhmSThCblVLaENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS82ZDE1ZjQtODZhMi00NmQ5LWIzZWQt
MDhhZWRjMmYyNjM5LzEvc3dIX3RscWF3aERzOWNfRTRydnlBMVgxUXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS82ZDE1ZjQtODZhMi00NmQ5LWIzZWQtMDhhZWRjMmYyNjM5
LzEvdHRmemFQb2M5YkdxcW5hdzhmSThCblVLaENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfdtMA0G
CSqGSIb3DQEBCwUAA4IBAQDC23DnzaE4soaCdxt3oF1rjIw68LUfegYLfiam3LLj
9U70ddH/dh8VC8LFacdalcCuQq14DQfDJ6s1kdDWCfiTUh7v9qlFeEq7wkb9Iz1Q
TkTgR7KTNIjHEumCrd92RaP5yaXllvD86LZQy1SL1KfKkiXGZZapH8AzgCCNF53B
QeBns9uvS7pRKf7g3NwqM2U7ZWUVeNXqrffjlTx6vrafmurIfUh9BkDYm+x6WGmg
dXk/dU36fcCd7ByVMUDLVimd6k136uK5oCt0kojgfRRHtFFLvJ32nSZTpw+JdtFe
8iLrbzWTwQRGM6M/mx7KEC2Nri3GqtuFtZCjUJS7L54e
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:05:07 2024 by rpki-client on console-ams.rpki-client.org