Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7eb7c3-e34a-4fbc-9272-4c1c57a81ffd/1/CnSP3Ja7HA15evGdjozyK8G5Z40.roa
File: CnSP3Ja7HA15evGdjozyK8G5Z40.roa (raw, json)
Hash identifier: Ot2NsoX5tqU/Qq3S95HKQwPnRtmg8cW1xF+Vl7mc2Dk=
Subject key identifier: 0A:74:8F:DC:96:BB:1C:0D:79:7A:F1:9D:8E:8C:F2:2B:C1:B9:67:8D
Certificate issuer: /CN=b859db7f2c2e3b3abd8bf415f0ce1fff334329ec
Certificate serial: 018CC4928548CDD67769EF02AFBCE5E85B66
Authority key identifier: B8:59:DB:7F:2C:2E:3B:3A:BD:8B:F4:15:F0:CE:1F:FF:33:43:29:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uFnbfywuOzq9i_QV8M4f_zNDKew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7eb7c3-e34a-4fbc-9272-4c1c57a81ffd/1/CnSP3Ja7HA15evGdjozyK8G5Z40.roa
Signing time: Mon 01 Jan 2024 10:29:45 +0000
ROA not before: Mon 01 Jan 2024 10:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43366
IP address blocks: 195.28.22.0/23 maxlen: 24
185.159.136.0/22 maxlen: 24
2a07:b440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7eb7c3-e34a-4fbc-9272-4c1c57a81ffd/1/uFnbfywuOzq9i_QV8M4f_zNDKew.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7eb7c3-e34a-4fbc-9272-4c1c57a81ffd/1/uFnbfywuOzq9i_QV8M4f_zNDKew.mft
rsync://rpki.ripe.net/repository/DEFAULT/uFnbfywuOzq9i_QV8M4f_zNDKew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:85:48:cd:d6:77:69:ef:02:af:bc:e5:e8:5b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b859db7f2c2e3b3abd8bf415f0ce1fff334329ec
Validity
Not Before: Jan 1 10:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a748fdc96bb1c0d797af19d8e8cf22bc1b9678d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:66:b4:28:16:18:e2:e7:15:3f:3a:c4:96:f0:
b9:54:60:d8:e7:5e:e0:34:1e:76:6d:e0:cc:1e:ae:
73:80:4b:f4:26:ca:65:00:02:40:90:71:f4:bd:32:
0f:c0:64:72:3e:66:a3:c3:8e:2c:cc:4e:0e:bb:fd:
61:da:24:3a:9c:04:18:6d:1f:70:96:3d:6c:b2:41:
b4:c1:b3:87:bc:cc:da:3f:3b:82:25:63:29:5e:53:
5f:b3:80:08:e0:85:95:5e:36:b7:16:87:e1:6a:cb:
dc:79:83:54:73:db:17:e5:b7:9c:71:53:15:ae:54:
05:cf:86:ff:39:f5:89:ee:0b:07:ab:34:c8:79:7d:
01:37:87:25:61:a5:69:f7:f8:45:b7:07:8f:e8:31:
07:6d:73:c1:aa:d0:da:34:45:d5:f5:ba:51:32:6c:
fd:30:91:d4:a7:2e:33:8e:14:46:3d:ef:ca:15:0f:
89:85:f6:8b:33:5c:cd:9f:39:8b:29:31:4c:d1:e0:
bd:fe:9c:d5:d0:8d:89:c5:2e:c4:20:c0:1c:d2:d3:
77:a8:ff:57:f3:02:0f:8b:e1:38:b3:6a:47:12:17:
67:d3:86:14:aa:87:26:46:7a:dc:44:7a:d0:f5:58:
03:46:44:d9:7c:c3:a9:27:fa:31:c0:f7:96:7d:f2:
62:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:74:8F:DC:96:BB:1C:0D:79:7A:F1:9D:8E:8C:F2:2B:C1:B9:67:8D
X509v3 Authority Key Identifier:
keyid:B8:59:DB:7F:2C:2E:3B:3A:BD:8B:F4:15:F0:CE:1F:FF:33:43:29:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uFnbfywuOzq9i_QV8M4f_zNDKew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7eb7c3-e34a-4fbc-9272-4c1c57a81ffd/1/CnSP3Ja7HA15evGdjozyK8G5Z40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7eb7c3-e34a-4fbc-9272-4c1c57a81ffd/1/uFnbfywuOzq9i_QV8M4f_zNDKew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.136.0/22
195.28.22.0/23
IPv6:
2a07:b440::/29
Signature Algorithm: sha256WithRSAEncryption
82:0b:16:8a:6a:a7:95:e7:35:70:f8:b5:74:53:16:70:76:f1:
58:ad:1d:00:2c:69:e1:36:f6:1b:28:6a:7e:35:36:b8:91:78:
a8:1c:21:25:60:f1:c0:95:d1:3f:3e:46:d7:e7:a2:3c:70:0c:
c2:46:83:e1:d6:a6:ac:46:eb:04:58:08:1a:97:c7:a8:24:d6:
4a:11:f2:02:b1:83:f3:e7:f7:38:da:d4:48:4b:83:71:ef:cb:
ab:40:b6:ca:60:be:94:de:0b:62:b5:e6:36:fd:e5:d4:60:92:
39:89:c1:8f:cb:e8:ca:af:82:19:12:5c:ba:7f:e7:1f:e2:58:
f1:09:b4:00:aa:65:52:11:a0:af:29:b4:0d:67:8b:26:84:8a:
af:23:d6:27:0b:a0:d0:6f:1f:fa:9b:37:44:8a:b9:06:b7:ee:
56:fa:9b:66:0c:f0:ba:83:d7:4f:23:09:46:0e:8e:dd:d3:7c:
c0:de:70:03:4b:42:9c:e0:29:bc:15:44:18:a6:a9:57:fb:20:
79:20:9c:76:02:5c:30:36:09:4a:cf:39:db:cb:8b:15:72:53:
9b:59:a0:46:ce:8e:f2:37:e9:19:2b:55:fb:59:19:5f:09:e0:
3a:00:0d:5b:52:b1:6f:d0:12:8f:0d:15:e7:55:c0:4f:36:4c:
27:8e:df:0e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkoVIzdZ3ae8Cr7zl6FtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NTlkYjdmMmMyZTNiM2FiZDhiZjQxNWYwY2UxZmZmMzM0
MzI5ZWMwHhcNMjQwMTAxMTAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTc0OGZkYzk2YmIxYzBkNzk3YWYxOWQ4ZThjZjIyYmMxYjk2NzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtma0KBYY4ucVPzrElvC5VGDY517g
NB52beDMHq5zgEv0JsplAAJAkHH0vTIPwGRyPmajw44szE4Ou/1h2iQ6nAQYbR9w
lj1sskG0wbOHvMzaPzuCJWMpXlNfs4AI4IWVXja3FofhasvceYNUc9sX5beccVMV
rlQFz4b/OfWJ7gsHqzTIeX0BN4clYaVp9/hFtweP6DEHbXPBqtDaNEXV9bpRMmz9
MJHUpy4zjhRGPe/KFQ+JhfaLM1zNnzmLKTFM0eC9/pzV0I2JxS7EIMAc0tN3qP9X
8wIPi+E4s2pHEhdn04YUqocmRnrcRHrQ9VgDRkTZfMOpJ/oxwPeWffJiHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAp0j9yWuxwNeXrxnY6M8ivBuWeNMB8GA1UdIwQY
MBaAFLhZ238sLjs6vYv0FfDOH/8zQynsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUZuYmZ5d3VPenE5aV9RVjhNNGZfek5ES2V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZWI3YzMtZTM0YS00ZmJjLTkyNzIt
NGMxYzU3YTgxZmZkLzEvQ25TUDNKYTdIQTE1ZXZHZGpvenlLOEc1WjQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZWI3YzMtZTM0YS00ZmJjLTkyNzItNGMxYzU3YTgxZmZk
LzEvdUZuYmZ5d3VPenE5aV9RVjhNNGZfek5ES2V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuZ+IAwQB
wxwWMA0EAgACMAcDBQMqB7RAMA0GCSqGSIb3DQEBCwUAA4IBAQCCCxaKaqeV5zVw
+LV0UxZwdvFYrR0ALGnhNvYbKGp+NTa4kXioHCElYPHAldE/PkbX56I8cAzCRoPh
1qasRusEWAgal8eoJNZKEfICsYPz5/c42tRIS4Nx78urQLbKYL6U3gtiteY2/eXU
YJI5icGPy+jKr4IZEly6f+cf4ljxCbQAqmVSEaCvKbQNZ4smhIqvI9YnC6DQbx/6
mzdEirkGt+5W+ptmDPC6g9dPIwlGDo7d03zA3nADS0Kc4Cm8FUQYpqlX+yB5IJx2
AlwwNglKzznby4sVclObWaBGzo7yN+kZK1X7WRlfCeA6AA1bUrFv0BKPDRXnVcBP
Nkwnjt8O
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:09:58 2024 by rpki-client on console-fra.rpki-client.org