Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/XyzfcuI4tvlTDErxq6_QlJ3OjdQ.roa
File: XyzfcuI4tvlTDErxq6_QlJ3OjdQ.roa (raw, json)
Hash identifier: psAlXG7MxRfbqafLier/RUF90WJ+mwaS5fKTYe0mlMY=
Subject key identifier: 5F:2C:DF:72:E2:38:B6:F9:53:0C:4A:F1:AB:AF:D0:94:9D:CE:8D:D4
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01917622EA8689B8BD979F9E10AA79186009
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/XyzfcuI4tvlTDErxq6_QlJ3OjdQ.roa
Signing time: Wed 21 Aug 2024 18:11:25 +0000
ROA not before: Wed 21 Aug 2024 18:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215346
IP address blocks: 193.42.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:76:22:ea:86:89:b8:bd:97:9f:9e:10:aa:79:18:60:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 21 18:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f2cdf72e238b6f9530c4af1abafd0949dce8dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f6:0c:3b:f9:c8:fd:ba:f3:1d:e3:8e:da:e2:
02:f6:08:0a:31:bb:1d:e5:5e:37:80:2e:80:dc:78:
c7:4c:64:d3:15:74:c3:77:ac:0b:c7:a5:c3:1f:ff:
77:f4:cf:68:46:2a:58:01:7d:72:e4:d9:51:27:9a:
a4:65:a8:07:34:c0:ad:fa:df:88:0c:5b:7d:40:e0:
a3:c8:b4:3d:cc:8d:0d:0f:ac:41:1f:5f:e0:a7:00:
ae:31:7c:95:61:4a:32:f9:93:6b:e1:8a:9f:31:41:
5a:32:9c:ca:0a:fc:75:dc:08:83:ca:1c:36:2c:99:
40:ef:3c:35:90:af:88:a5:0f:ce:ed:fd:1e:b8:d2:
3d:c2:ca:0f:96:86:b8:b2:de:2a:05:4c:f2:26:06:
f9:5f:7f:94:1d:27:60:2c:06:db:6a:ec:4a:10:4f:
23:39:92:2b:7d:26:d3:1c:da:67:ba:ea:7d:13:37:
63:60:43:d8:94:5f:61:71:85:12:a2:5b:cb:6d:76:
67:4f:b7:df:44:fc:e4:d2:85:27:92:59:17:2d:93:
d8:68:29:43:cd:15:d6:78:e4:11:29:ad:0c:71:94:
af:bd:f9:95:eb:e4:7a:f7:6a:86:6c:90:09:e9:fd:
90:f5:94:27:94:90:f8:98:bf:7a:28:30:3a:6f:d8:
d8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2C:DF:72:E2:38:B6:F9:53:0C:4A:F1:AB:AF:D0:94:9D:CE:8D:D4
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/XyzfcuI4tvlTDErxq6_QlJ3OjdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.118.0/24
Signature Algorithm: sha256WithRSAEncryption
43:df:3e:a6:37:8f:29:b1:52:8c:c1:97:d8:b0:5e:19:f3:f5:
60:16:bc:1d:94:07:49:f9:21:ac:af:7d:b1:e1:2b:f7:1c:9c:
2e:4e:d2:59:1a:6b:2b:83:57:a2:01:35:e9:ed:87:52:a2:9f:
a2:63:c9:a1:fb:55:83:4d:f0:de:fb:11:ea:7c:e5:9c:ec:57:
e1:01:e7:c6:3e:fa:88:59:51:bd:22:26:62:93:b9:a7:7a:dc:
8b:be:40:cb:1a:79:73:f0:53:41:6d:7d:ba:cd:92:1d:54:7b:
ed:65:c3:ad:fc:20:c2:0c:6d:c5:12:4f:78:5b:28:b8:cc:6e:
47:dc:3c:f4:55:7a:f9:0f:be:8f:cc:87:fe:16:98:9b:15:c4:
cf:bb:2d:96:33:96:5c:53:ab:be:60:37:24:fa:07:3c:f1:32:
2b:63:5a:9a:8d:c7:9a:6b:8d:e1:9a:47:ae:70:16:8e:23:db:
3b:8c:6a:ae:9a:ff:a4:3c:7c:05:8e:b0:85:dc:03:0f:08:48:
d5:ca:10:c1:ab:55:58:87:a0:e4:e3:8d:bc:d5:21:30:bd:75:
5a:b5:d3:02:bc:d9:36:0c:cf:62:fe:f7:60:b0:f5:d4:4d:b2:
35:c8:df:8a:06:6e:46:9a:17:db:da:63:f9:12:85:b4:ac:b2:
d3:e6:19:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZF2IuqGibi9l5+eEKp5GGAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODIxMTgxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjJjZGY3MmUyMzhiNmY5NTMwYzRhZjFhYmFmZDA5NDlkY2U4ZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPYMO/nI/brzHeOO2uIC9ggKMbsd
5V43gC6A3HjHTGTTFXTDd6wLx6XDH/939M9oRipYAX1y5NlRJ5qkZagHNMCt+t+I
DFt9QOCjyLQ9zI0ND6xBH1/gpwCuMXyVYUoy+ZNr4YqfMUFaMpzKCvx13AiDyhw2
LJlA7zw1kK+IpQ/O7f0euNI9wsoPloa4st4qBUzyJgb5X3+UHSdgLAbbauxKEE8j
OZIrfSbTHNpnuup9EzdjYEPYlF9hcYUSolvLbXZnT7ffRPzk0oUnklkXLZPYaClD
zRXWeOQRKa0McZSvvfmV6+R692qGbJAJ6f2Q9ZQnlJD4mL96KDA6b9jYsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8s33LiOLb5UwxK8auv0JSdzo3UMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvWHl6ZmN1STR0dmxUREVyeHE2X1FsSjNPamRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSp2MA0G
CSqGSIb3DQEBCwUAA4IBAQBD3z6mN48psVKMwZfYsF4Z8/VgFrwdlAdJ+SGsr32x
4Sv3HJwuTtJZGmsrg1eiATXp7YdSop+iY8mh+1WDTfDe+xHqfOWc7FfhAefGPvqI
WVG9IiZik7mnetyLvkDLGnlz8FNBbX26zZIdVHvtZcOt/CDCDG3FEk94Wyi4zG5H
3Dz0VXr5D76PzIf+FpibFcTPuy2WM5ZcU6u+YDck+gc88TIrY1qajceaa43hmkeu
cBaOI9s7jGqumv+kPHwFjrCF3AMPCEjVyhDBq1VYh6Dk44281SEwvXVatdMCvNk2
DM9i/vdgsPXUTbI1yN+KBm5Gmhfb2mP5EoW0rLLT5hli
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:13:43 2024 by rpki-client on console-fra.rpki-client.org