Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/qAjfZNCoJ-vtgY1BdrteWBQJWcY.roa
File: qAjfZNCoJ-vtgY1BdrteWBQJWcY.roa (raw, json)
Hash identifier: vZNqVy6I29QNE9cWvI73cZETZ2uE/okVEg0T5UcnkMo=
Subject key identifier: A8:08:DF:64:D0:A8:27:EB:ED:81:8D:41:76:BB:5E:58:14:09:59:C6
Certificate issuer: /CN=90d3e5371b64ab942d6dcba04adff2ae7ab7c712
Certificate serial: 018CC801266A3F3590822EB4737F1F21CC5A
Authority key identifier: 90:D3:E5:37:1B:64:AB:94:2D:6D:CB:A0:4A:DF:F2:AE:7A:B7:C7:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/qAjfZNCoJ-vtgY1BdrteWBQJWcY.roa
Signing time: Tue 02 Jan 2024 02:29:27 +0000
ROA not before: Tue 02 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31431
IP address blocks: 195.128.228.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:26:6a:3f:35:90:82:2e:b4:73:7f:1f:21:cc:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d3e5371b64ab942d6dcba04adff2ae7ab7c712
Validity
Not Before: Jan 2 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a808df64d0a827ebed818d4176bb5e58140959c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:df:ee:1e:9b:2a:e1:3b:0b:c8:46:73:cb:d7:
6c:80:d2:18:85:38:a0:cb:b3:8e:67:41:50:e3:f0:
ca:39:93:ca:ae:5c:31:37:bc:48:6f:b5:85:22:04:
bd:23:3c:5e:60:85:ad:71:13:c7:5e:01:12:26:c9:
6c:d2:31:ad:a8:26:59:8c:b1:f3:61:f3:ee:4e:81:
07:1d:92:d1:ff:1c:76:0a:1c:8b:10:73:8e:70:4c:
87:56:8a:9c:a9:da:c0:fb:08:32:55:7a:82:34:28:
73:63:c4:42:92:e1:fc:99:16:34:e2:56:46:57:d4:
bc:37:08:9f:b0:94:e0:98:77:e7:0f:9f:ba:2a:f1:
85:bb:1d:b6:9a:14:cd:42:ec:90:2f:97:af:3b:09:
16:28:1c:64:9e:96:24:16:e8:f5:47:60:d3:73:26:
63:ab:6d:60:82:00:c7:e1:22:39:39:f7:0e:df:49:
e5:18:6d:d2:29:a0:90:05:c3:82:27:61:d6:3f:92:
62:8b:84:3f:85:07:fc:f9:53:7b:99:30:95:af:5e:
cd:77:94:0a:ab:9a:eb:1c:61:9d:18:97:41:75:57:
88:0c:1a:6d:5c:43:10:50:d5:21:c8:bc:61:2a:f1:
ad:58:b3:16:7c:7f:9f:8f:71:c5:87:45:e1:a5:ae:
2b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:08:DF:64:D0:A8:27:EB:ED:81:8D:41:76:BB:5E:58:14:09:59:C6
X509v3 Authority Key Identifier:
keyid:90:D3:E5:37:1B:64:AB:94:2D:6D:CB:A0:4A:DF:F2:AE:7A:B7:C7:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNPlNxtkq5QtbcugSt_yrnq3xxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/qAjfZNCoJ-vtgY1BdrteWBQJWcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c139a4-6da2-4329-aae2-a17882b926a0/1/kNPlNxtkq5QtbcugSt_yrnq3xxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.228.0/23
Signature Algorithm: sha256WithRSAEncryption
32:c6:5d:51:8f:5b:d6:ab:c6:fd:d9:48:e7:a5:13:48:8a:6b:
45:c0:1f:db:17:b6:e5:39:dd:6e:79:36:51:f3:c9:7a:b7:9a:
b9:84:4d:4a:83:3a:d5:91:1a:b9:a5:ba:7d:1a:2d:f4:0a:ea:
7d:d9:67:ee:8c:72:b4:58:f3:86:2b:d1:2f:06:82:0c:9f:fe:
19:11:14:a9:50:9e:6f:58:da:88:43:ec:74:7a:23:d2:e5:39:
b5:43:99:51:7c:87:82:53:83:42:5e:0a:0a:52:23:ca:13:78:
a6:fc:77:f2:a9:a1:48:c9:5c:21:8d:6b:3c:68:66:68:e5:d1:
e6:53:3b:f1:06:2e:e1:73:dd:d4:99:d9:4c:12:d6:d0:18:dc:
a5:6e:75:df:b1:cd:32:2b:f5:76:86:30:97:4d:f0:cc:d2:48:
db:02:3c:58:8f:2f:a3:e1:3b:a5:3f:1e:27:6a:26:1c:24:9a:
74:e4:5f:51:da:09:bc:00:f1:b5:3f:6e:d3:97:77:79:55:48:
4a:04:4a:42:27:dd:54:5d:87:a7:98:54:c2:8c:41:1f:15:f4:
2a:fb:8d:01:7e:6c:95:be:95:ac:37:86:29:7b:98:84:1b:b2:
0e:72:ef:7f:93:c0:68:e0:35:0f:6d:2d:2b:57:bc:7f:78:a6:
37:9e:48:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIASZqPzWQgi60c38fIcxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDNlNTM3MWI2NGFiOTQyZDZkY2JhMDRhZGZmMmFlN2Fi
N2M3MTIwHhcNMjQwMTAyMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA4ZGY2NGQwYTgyN2ViZWQ4MThkNDE3NmJiNWU1ODE0MDk1OWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9/uHpsq4TsLyEZzy9dsgNIYhTig
y7OOZ0FQ4/DKOZPKrlwxN7xIb7WFIgS9IzxeYIWtcRPHXgESJsls0jGtqCZZjLHz
YfPuToEHHZLR/xx2ChyLEHOOcEyHVoqcqdrA+wgyVXqCNChzY8RCkuH8mRY04lZG
V9S8NwifsJTgmHfnD5+6KvGFux22mhTNQuyQL5evOwkWKBxknpYkFuj1R2DTcyZj
q21gggDH4SI5OfcO30nlGG3SKaCQBcOCJ2HWP5Jii4Q/hQf8+VN7mTCVr17Nd5QK
q5rrHGGdGJdBdVeIDBptXEMQUNUhyLxhKvGtWLMWfH+fj3HFh0Xhpa4r3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgI32TQqCfr7YGNQXa7XlgUCVnGMB8GA1UdIwQY
MBaAFJDT5TcbZKuULW3LoErf8q56t8cSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05QbE54dGtxNVF0YmN1Z1N0X3lybnEzeHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMTM5YTQtNmRhMi00MzI5LWFhZTIt
YTE3ODgyYjkyNmEwLzEvcUFqZlpOQ29KLXZ0Z1kxQmRydGVXQlFKV2NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMTM5YTQtNmRhMi00MzI5LWFhZTItYTE3ODgyYjkyNmEw
LzEva05QbE54dGtxNVF0YmN1Z1N0X3lybnEzeHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4DkMA0G
CSqGSIb3DQEBCwUAA4IBAQAyxl1Rj1vWq8b92UjnpRNIimtFwB/bF7blOd1ueTZR
88l6t5q5hE1KgzrVkRq5pbp9Gi30Cup92WfujHK0WPOGK9EvBoIMn/4ZERSpUJ5v
WNqIQ+x0eiPS5Tm1Q5lRfIeCU4NCXgoKUiPKE3im/HfyqaFIyVwhjWs8aGZo5dHm
UzvxBi7hc93UmdlMEtbQGNylbnXfsc0yK/V2hjCXTfDM0kjbAjxYjy+j4TulPx4n
aiYcJJp05F9R2gm8APG1P27Tl3d5VUhKBEpCJ91UXYenmFTCjEEfFfQq+40BfmyV
vpWsN4Ype5iEG7IOcu9/k8Bo4DUPbS0rV7x/eKY3nkhk
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:42:15 2024 by rpki-client on console-fra.rpki-client.org