Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/7tuh7fpuQe8gDL6zr46FEipr3gU.roa
File: 7tuh7fpuQe8gDL6zr46FEipr3gU.roa (raw, json)
Hash identifier: 54vLKtlFIxM7vzUn/OHcqmCUEv6yVd1xZD2nqOQSosc=
Subject key identifier: EE:DB:A1:ED:FA:6E:41:EF:20:0C:BE:B3:AF:8E:85:12:2A:6B:DE:05
Certificate issuer: /CN=35f1a573915153de82890eae1303067fa68b2877
Certificate serial: 018CC5007D3EEC43F45C94AE8526AF961B2E
Authority key identifier: 35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/7tuh7fpuQe8gDL6zr46FEipr3gU.roa
Signing time: Mon 01 Jan 2024 12:29:52 +0000
ROA not before: Mon 01 Jan 2024 12:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211434
IP address blocks: 193.163.184.0/24 maxlen: 24
2a10:e540::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:7d:3e:ec:43:f4:5c:94:ae:85:26:af:96:1b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35f1a573915153de82890eae1303067fa68b2877
Validity
Not Before: Jan 1 12:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eedba1edfa6e41ef200cbeb3af8e85122a6bde05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f2:1e:b6:21:5c:ae:7e:9c:39:25:e8:42:37:
3d:6f:0f:dd:5e:1c:d0:30:2c:9d:ca:bb:cf:b6:0a:
42:90:73:35:2c:85:31:92:bc:94:77:d0:07:27:aa:
7a:aa:98:d4:25:f2:2c:ed:a4:d3:f1:02:6b:4d:ad:
f8:93:fd:93:51:65:14:a0:8d:f4:85:0c:3a:41:74:
7e:16:d7:06:4d:f9:08:bc:3e:79:b7:9f:52:2a:70:
26:be:7c:eb:2e:b1:56:67:e8:49:01:a3:7e:05:4d:
2e:eb:dc:ed:55:39:dd:b9:71:a7:c8:23:a6:41:52:
87:f4:db:87:82:0c:f2:c3:62:5c:9c:60:05:3e:42:
9a:ba:c6:1c:5e:4a:02:41:c4:2c:e5:10:e6:db:c0:
26:c2:2c:77:c3:e3:dc:46:15:e3:ef:85:6a:08:24:
3c:40:56:17:80:1d:06:7c:6c:4a:76:fd:11:2b:7c:
7f:41:bd:10:33:f8:68:5f:e8:a0:96:c9:bd:07:26:
f9:ea:e6:fb:c0:77:bd:6a:07:f6:a5:83:67:5c:78:
16:28:fb:b4:80:47:dc:15:71:d1:7b:da:1e:da:ca:
b4:1a:4b:44:8f:82:9b:86:94:cb:04:e6:31:00:ba:
f3:0f:25:56:8c:c2:f5:a4:28:92:c1:a3:6d:e9:37:
3f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:DB:A1:ED:FA:6E:41:EF:20:0C:BE:B3:AF:8E:85:12:2A:6B:DE:05
X509v3 Authority Key Identifier:
keyid:35:F1:A5:73:91:51:53:DE:82:89:0E:AE:13:03:06:7F:A6:8B:28:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NfGlc5FRU96CiQ6uEwMGf6aLKHc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/7tuh7fpuQe8gDL6zr46FEipr3gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/da8b6b-19fa-4976-baa0-329211029a1a/1/NfGlc5FRU96CiQ6uEwMGf6aLKHc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.184.0/24
IPv6:
2a10:e540::/29
Signature Algorithm: sha256WithRSAEncryption
67:52:1b:7d:d0:51:15:37:1d:bf:64:1f:33:c9:ae:fc:f4:d1:
3a:6d:9c:ff:9d:7e:f8:f8:fc:a2:99:86:da:ab:ae:05:0e:4f:
a4:ea:c0:28:aa:d4:9a:22:3a:3f:2d:7a:e7:2a:34:b1:32:15:
a4:dc:b3:ab:b8:94:e3:6e:82:59:23:c4:80:00:78:1d:96:12:
63:9f:3a:05:26:70:a2:63:66:22:59:af:d4:7b:88:83:c3:da:
a0:6e:5d:e5:79:b4:f9:91:6e:da:1a:07:e6:48:11:72:c8:f6:
90:ce:7e:57:16:8c:04:b9:ea:27:e4:81:83:93:85:1d:ff:8a:
d1:93:6f:bc:cf:1e:2d:8a:4b:ca:75:bd:e2:b0:3a:85:cc:b2:
64:6a:50:cb:fd:5e:c4:4d:18:c3:60:4a:c7:b3:55:eb:3b:6d:
ca:94:78:cd:61:ef:e0:ba:ce:37:e6:72:96:2a:b1:e3:2a:3a:
77:25:6f:66:84:13:7f:f3:80:fd:cc:0e:25:15:61:bb:9c:de:
46:f4:18:c3:a6:dd:91:dd:84:cb:93:d4:33:dd:68:f2:ec:d9:
cc:1c:34:74:5a:d7:ea:08:a1:57:5e:11:0f:fc:a6:3a:94:47:
58:6f:4f:8b:ae:a8:9a:fb:eb:31:d5:17:e2:04:6b:94:53:03:
ca:44:df:dd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAH0+7EP0XJSuhSavlhsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1ZjFhNTczOTE1MTUzZGU4Mjg5MGVhZTEzMDMwNjdmYTY4
YjI4NzcwHhcNMjQwMTAxMTIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWRiYTFlZGZhNmU0MWVmMjAwY2JlYjNhZjhlODUxMjJhNmJkZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPIetiFcrn6cOSXoQjc9bw/dXhzQ
MCydyrvPtgpCkHM1LIUxkryUd9AHJ6p6qpjUJfIs7aTT8QJrTa34k/2TUWUUoI30
hQw6QXR+FtcGTfkIvD55t59SKnAmvnzrLrFWZ+hJAaN+BU0u69ztVTnduXGnyCOm
QVKH9NuHggzyw2JcnGAFPkKausYcXkoCQcQs5RDm28Amwix3w+PcRhXj74VqCCQ8
QFYXgB0GfGxKdv0RK3x/Qb0QM/hoX+iglsm9Byb56ub7wHe9agf2pYNnXHgWKPu0
gEfcFXHRe9oe2sq0GktEj4KbhpTLBOYxALrzDyVWjML1pCiSwaNt6Tc/WQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO7boe36bkHvIAy+s6+OhRIqa94FMB8GA1UdIwQY
MBaAFDXxpXORUVPegokOrhMDBn+miyh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAt
MzI5MjExMDI5YTFhLzEvN3R1aDdmcHVRZThnREw2enI0NkZFaXByM2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9kYThiNmItMTlmYS00OTc2LWJhYTAtMzI5MjExMDI5YTFh
LzEvTmZHbGM1RlJVOTZDaVE2dUV3TUdmNmFMS0hjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaO4MA0E
AgACMAcDBQMqEOVAMA0GCSqGSIb3DQEBCwUAA4IBAQBnUht90FEVNx2/ZB8zya78
9NE6bZz/nX74+PyimYbaq64FDk+k6sAoqtSaIjo/LXrnKjSxMhWk3LOruJTjboJZ
I8SAAHgdlhJjnzoFJnCiY2YiWa/Ue4iDw9qgbl3lebT5kW7aGgfmSBFyyPaQzn5X
FowEueon5IGDk4Ud/4rRk2+8zx4tikvKdb3isDqFzLJkalDL/V7ETRjDYErHs1Xr
O23KlHjNYe/gus435nKWKrHjKjp3JW9mhBN/84D9zA4lFWG7nN5G9BjDpt2R3YTL
k9Qz3Wjy7NnMHDR0WtfqCKFXXhEP/KY6lEdYb0+Lrqia++sx1RfiBGuUUwPKRN/d
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:51:48 2024 by rpki-client on console-fra.rpki-client.org