Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/J_pS-3hod1niqk_UKiVyDDyxoS8.roa
File: J_pS-3hod1niqk_UKiVyDDyxoS8.roa (raw, json)
Hash identifier: MCXsYcQlfaOOSOT/b4Ts6cKXvIrIBtOE/xWIkx1r8/w=
Subject key identifier: 27:FA:52:FB:78:68:77:59:E2:AA:4F:D4:2A:25:72:0C:3C:B1:A1:2F
Certificate issuer: /CN=9303622b3c54e45f4166f301798f86dbba47180c
Certificate serial: 018CC500533F5555E1794577E2B826689B82
Authority key identifier: 93:03:62:2B:3C:54:E4:5F:41:66:F3:01:79:8F:86:DB:BA:47:18:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/J_pS-3hod1niqk_UKiVyDDyxoS8.roa
Signing time: Mon 01 Jan 2024 12:29:42 +0000
ROA not before: Mon 01 Jan 2024 12:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47377
IP address blocks: 195.66.115.0/24 maxlen: 24
194.107.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:53:3f:55:55:e1:79:45:77:e2:b8:26:68:9b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9303622b3c54e45f4166f301798f86dbba47180c
Validity
Not Before: Jan 1 12:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27fa52fb78687759e2aa4fd42a25720c3cb1a12f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8d:5f:87:a0:04:10:92:9d:fb:a6:14:96:42:
fb:10:33:8a:73:dd:25:26:59:fa:73:47:0d:7b:b5:
64:89:69:58:3b:58:d1:ab:06:e7:83:84:8d:42:8f:
fc:d4:ce:f9:a0:a4:ba:c7:bc:70:6d:aa:ab:e0:c0:
af:0f:54:76:50:8e:9f:82:dd:e2:39:1e:fe:95:f1:
e7:09:55:c3:0b:a2:9c:83:e8:06:7c:6c:06:5c:3f:
d5:c7:e8:e5:17:a8:64:80:50:47:8b:a6:b2:7a:2f:
72:ea:fa:75:42:9e:4e:19:3a:6f:4a:5f:7a:a1:07:
1d:71:28:e8:19:98:0f:5b:e2:b9:ef:81:a5:92:11:
67:4d:82:15:9e:59:26:54:3d:5a:05:93:b5:be:8a:
51:a8:ba:63:bd:72:eb:aa:cf:07:f7:fa:91:88:68:
18:73:e1:cd:34:14:0c:3f:f8:cd:dc:43:d3:40:2c:
99:f6:9b:b8:33:ce:52:71:e4:f5:33:ab:84:c0:90:
be:9c:81:68:1d:9b:25:60:cd:85:66:49:6f:8a:2f:
43:c3:25:b6:e3:ce:7b:7c:e4:57:36:9d:7c:90:ab:
54:c2:fc:d3:bc:eb:61:e0:43:fe:7f:b1:8d:6b:6f:
f7:0e:8b:08:13:37:ee:c3:b1:26:48:8f:80:24:78:
85:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:FA:52:FB:78:68:77:59:E2:AA:4F:D4:2A:25:72:0C:3C:B1:A1:2F
X509v3 Authority Key Identifier:
keyid:93:03:62:2B:3C:54:E4:5F:41:66:F3:01:79:8F:86:DB:BA:47:18:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/J_pS-3hod1niqk_UKiVyDDyxoS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.123.0/24
195.66.115.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a5:4f:79:e1:1c:f2:ca:8f:84:12:2a:db:94:22:31:3d:54:
c7:3a:fa:79:e5:0e:9d:76:f8:7f:9b:2c:a7:e8:56:1f:2d:fc:
13:9d:01:0f:05:ed:7a:dc:ef:39:2b:a2:65:8c:cd:6f:f1:aa:
cb:8f:85:14:ef:3e:00:7e:97:ec:3b:7e:35:70:45:db:c3:90:
6e:1a:25:35:f4:04:6d:17:80:e1:61:a2:c7:59:db:2e:ef:4a:
24:c7:3f:89:2f:6d:63:f1:20:99:ee:86:91:5b:67:2a:87:2c:
95:06:19:26:72:9f:2d:13:6c:c0:38:21:21:4b:39:d0:da:7c:
ca:e7:08:13:69:bc:ad:40:e1:25:17:24:b6:8f:d4:30:48:29:
52:70:36:b7:b2:a2:61:d7:d7:dc:87:18:ec:53:6e:2e:a5:76:
98:71:89:61:4c:2f:ce:7f:c1:7b:5f:e1:8f:89:29:19:46:fc:
f3:53:fe:e0:87:b2:b0:6d:9d:bc:04:96:27:bc:4b:47:51:51:
a3:f4:e7:de:fe:4b:5c:57:36:b8:17:12:9f:50:16:f2:e0:61:
5a:4a:0b:0c:a7:12:25:b8:b8:c5:36:7a:04:a8:ba:63:f3:87:
f5:3d:90:75:aa:cd:d6:25:01:24:df:38:da:54:81:f7:da:fd:
04:9c:57:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAFM/VVXheUV34rgmaJuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMDM2MjJiM2M1NGU0NWY0MTY2ZjMwMTc5OGY4NmRiYmE0
NzE4MGMwHhcNMjQwMTAxMTIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2ZhNTJmYjc4Njg3NzU5ZTJhYTRmZDQyYTI1NzIwYzNjYjFhMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn41fh6AEEJKd+6YUlkL7EDOKc90l
Jln6c0cNe7VkiWlYO1jRqwbng4SNQo/81M75oKS6x7xwbaqr4MCvD1R2UI6fgt3i
OR7+lfHnCVXDC6Kcg+gGfGwGXD/Vx+jlF6hkgFBHi6ayei9y6vp1Qp5OGTpvSl96
oQcdcSjoGZgPW+K574GlkhFnTYIVnlkmVD1aBZO1vopRqLpjvXLrqs8H9/qRiGgY
c+HNNBQMP/jN3EPTQCyZ9pu4M85SceT1M6uEwJC+nIFoHZslYM2FZklvii9DwyW2
4857fORXNp18kKtUwvzTvOth4EP+f7GNa2/3DosIEzfuw7EmSI+AJHiF2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCf6Uvt4aHdZ4qpP1Colcgw8saEvMB8GA1UdIwQY
MBaAFJMDYis8VORfQWbzAXmPhtu6RxgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wNzdhNTAtNDViNi00YTM4LTlkYjkt
OTUwYzdlNzMyNDVjLzEvSl9wUy0zaG9kMW5pcWtfVUtpVnlERHl4b1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wNzdhNTAtNDViNi00YTM4LTlkYjktOTUwYzdlNzMyNDVj
LzEva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwmt7AwQA
w0JzMA0GCSqGSIb3DQEBCwUAA4IBAQBKpU954Rzyyo+EEirblCIxPVTHOvp55Q6d
dvh/myyn6FYfLfwTnQEPBe163O85K6JljM1v8arLj4UU7z4AfpfsO341cEXbw5Bu
GiU19ARtF4DhYaLHWdsu70okxz+JL21j8SCZ7oaRW2cqhyyVBhkmcp8tE2zAOCEh
SznQ2nzK5wgTabytQOElFyS2j9QwSClScDa3sqJh19fchxjsU24upXaYcYlhTC/O
f8F7X+GPiSkZRvzzU/7gh7KwbZ28BJYnvEtHUVGj9Ofe/ktcVza4FxKfUBby4GFa
SgsMpxIluLjFNnoEqLpj84f1PZB1qs3WJQEk3zjaVIH32v0EnFd7
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:53:52 2024 by rpki-client on console-ams.rpki-client.org