Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a9f81e-79b2-4c2e-9f3e-7c24ef0259db/1/2joWpTYz2yglFJvvMDXAh8boHEI.roa
File: 2joWpTYz2yglFJvvMDXAh8boHEI.roa (raw, json)
Hash identifier: podyg7PSuwqULq01nYRz9Vx//UVoUyqMHR6KEs4MoEk=
Subject key identifier: DA:3A:16:A5:36:33:DB:28:25:14:9B:EF:30:35:C0:87:C6:E8:1C:42
Certificate issuer: /CN=128fde2bfc63efe3d132ddac7837e15c7f4b49f4
Certificate serial: 018CC8DE3AB5AD00C47F7D5B25B35972A755
Authority key identifier: 12:8F:DE:2B:FC:63:EF:E3:D1:32:DD:AC:78:37:E1:5C:7F:4B:49:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eo_eK_xj7-PRMt2seDfhXH9LSfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a9f81e-79b2-4c2e-9f3e-7c24ef0259db/1/2joWpTYz2yglFJvvMDXAh8boHEI.roa
Signing time: Tue 02 Jan 2024 06:30:56 +0000
ROA not before: Tue 02 Jan 2024 06:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136907
IP address blocks: 193.105.244.0/23 maxlen: 23
193.84.248.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a9f81e-79b2-4c2e-9f3e-7c24ef0259db/1/Eo_eK_xj7-PRMt2seDfhXH9LSfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a9f81e-79b2-4c2e-9f3e-7c24ef0259db/1/Eo_eK_xj7-PRMt2seDfhXH9LSfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eo_eK_xj7-PRMt2seDfhXH9LSfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:3a:b5:ad:00:c4:7f:7d:5b:25:b3:59:72:a7:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=128fde2bfc63efe3d132ddac7837e15c7f4b49f4
Validity
Not Before: Jan 2 06:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da3a16a53633db2825149bef3035c087c6e81c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8c:61:73:ff:9b:04:44:e3:fc:96:83:d3:c0:
29:23:81:52:66:5f:16:53:4c:b9:d3:db:1f:51:1b:
41:c8:fc:eb:51:6a:90:25:05:17:c3:50:01:57:5b:
4a:46:6c:b7:14:04:44:c9:04:65:08:87:05:6f:18:
27:02:dc:fb:8f:c4:a8:23:79:21:9f:9c:83:f0:ad:
54:a7:72:ca:07:d5:c2:b6:44:e5:4e:b1:06:af:19:
10:39:3e:f0:54:44:f4:00:9a:31:4e:73:7a:76:07:
9b:73:9f:54:3f:62:15:f5:60:16:62:0a:78:e2:53:
c2:9a:93:a0:0c:b5:72:5c:8b:bd:bb:12:44:a8:7b:
21:e6:ad:29:17:36:36:55:04:16:6d:7f:4b:38:27:
e0:e9:60:b8:c1:bd:d4:90:7a:25:93:f4:ef:81:08:
2c:a5:bf:4f:fa:f1:39:f0:24:ae:7a:f7:31:1e:b4:
6b:d3:57:94:ad:3a:29:e5:21:38:95:4d:98:7a:e2:
d8:4d:0d:67:d3:99:88:dd:a2:5f:56:6d:3e:9b:8e:
4d:d5:28:f0:4b:30:20:3b:d6:f1:b7:ba:47:5f:59:
98:66:65:4a:b7:6e:39:25:3a:55:de:0f:48:de:1e:
a4:ff:06:9f:7f:be:a3:dd:80:f1:2a:ca:cc:3c:e1:
d2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:3A:16:A5:36:33:DB:28:25:14:9B:EF:30:35:C0:87:C6:E8:1C:42
X509v3 Authority Key Identifier:
keyid:12:8F:DE:2B:FC:63:EF:E3:D1:32:DD:AC:78:37:E1:5C:7F:4B:49:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eo_eK_xj7-PRMt2seDfhXH9LSfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a9f81e-79b2-4c2e-9f3e-7c24ef0259db/1/2joWpTYz2yglFJvvMDXAh8boHEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a9f81e-79b2-4c2e-9f3e-7c24ef0259db/1/Eo_eK_xj7-PRMt2seDfhXH9LSfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.248.0/23
193.105.244.0/23
Signature Algorithm: sha256WithRSAEncryption
97:76:de:1f:bc:f3:82:96:77:9d:e8:aa:7e:29:5d:0a:be:e2:
91:d3:18:f0:57:94:e9:7d:46:fb:19:a3:0a:65:b5:59:91:dd:
bc:6b:57:c7:25:a1:d5:95:f9:57:25:6b:0f:f6:bd:22:8c:01:
03:86:7c:39:df:eb:58:f0:d0:04:a6:eb:57:21:73:84:cd:76:
bc:b8:60:a3:88:ff:29:1c:4b:a9:69:a0:a3:08:ac:ae:96:b0:
d2:f8:60:88:b0:32:e2:14:e8:24:00:a4:c4:0d:bb:31:de:1a:
44:06:4f:cc:b8:b0:a4:05:e2:27:36:19:e4:3f:19:0f:61:1f:
c9:a8:f6:23:c4:cd:11:c3:3c:c4:2f:bf:39:fb:45:74:86:ea:
ad:4f:b7:44:96:99:52:8a:2d:b8:1e:22:55:b7:55:36:20:da:
d6:66:4c:ee:35:44:a0:c0:51:a6:1d:7f:b8:24:f4:12:26:1d:
a0:5c:c2:63:3f:6d:47:ab:e8:7b:20:3c:90:7b:33:85:1e:22:
22:95:48:ad:dc:2d:77:85:7b:58:c2:8a:69:be:68:a9:7c:1c:
e4:2c:89:c2:18:eb:99:99:bc:ad:ca:d2:7b:8f:bd:4c:97:65:
fb:ab:7d:ba:8c:5b:af:11:87:ca:29:61:64:e8:27:c6:35:c3:
d3:ae:fa:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3jq1rQDEf31bJbNZcqdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyOGZkZTJiZmM2M2VmZTNkMTMyZGRhYzc4MzdlMTVjN2Y0
YjQ5ZjQwHhcNMjQwMTAyMDYzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTNhMTZhNTM2MzNkYjI4MjUxNDliZWYzMDM1YzA4N2M2ZTgxYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYxhc/+bBETj/JaD08ApI4FSZl8W
U0y509sfURtByPzrUWqQJQUXw1ABV1tKRmy3FAREyQRlCIcFbxgnAtz7j8SoI3kh
n5yD8K1Up3LKB9XCtkTlTrEGrxkQOT7wVET0AJoxTnN6dgebc59UP2IV9WAWYgp4
4lPCmpOgDLVyXIu9uxJEqHsh5q0pFzY2VQQWbX9LOCfg6WC4wb3UkHolk/TvgQgs
pb9P+vE58CSuevcxHrRr01eUrTop5SE4lU2YeuLYTQ1n05mI3aJfVm0+m45N1Sjw
SzAgO9bxt7pHX1mYZmVKt245JTpV3g9I3h6k/waff76j3YDxKsrMPOHS3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNo6FqU2M9soJRSb7zA1wIfG6BxCMB8GA1UdIwQY
MBaAFBKP3iv8Y+/j0TLdrHg34Vx/S0n0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW9fZUtfeGo3LVBSTXQyc2VEZmhYSDlMU2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hOWY4MWUtNzliMi00YzJlLTlmM2Ut
N2MyNGVmMDI1OWRiLzEvMmpvV3BUWXoyeWdsRkp2dk1EWEFoOGJvSEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hOWY4MWUtNzliMi00YzJlLTlmM2UtN2MyNGVmMDI1OWRi
LzEvRW9fZUtfeGo3LVBSTXQyc2VEZmhYSDlMU2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwVT4AwQB
wWn0MA0GCSqGSIb3DQEBCwUAA4IBAQCXdt4fvPOClned6Kp+KV0KvuKR0xjwV5Tp
fUb7GaMKZbVZkd28a1fHJaHVlflXJWsP9r0ijAEDhnw53+tY8NAEputXIXOEzXa8
uGCjiP8pHEupaaCjCKyulrDS+GCIsDLiFOgkAKTEDbsx3hpEBk/MuLCkBeInNhnk
PxkPYR/JqPYjxM0RwzzEL785+0V0huqtT7dElplSii24HiJVt1U2INrWZkzuNUSg
wFGmHX+4JPQSJh2gXMJjP21Hq+h7IDyQezOFHiIilUit3C13hXtYwoppvmipfBzk
LInCGOuZmbytytJ7j71Ml2X7q326jFuvEYfKKWFk6CfGNcPTrvrw
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:12:29 2024 by rpki-client on console-ams.rpki-client.org