Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/sxPzTvbj5jZjOMhHkKK6m78zI1U.roa
File: sxPzTvbj5jZjOMhHkKK6m78zI1U.roa (raw, json)
Hash identifier: 5+5h8KxqsgbjuYX3coiecmehkY/ZvZog8iRBZVtSwlU=
Subject key identifier: B3:13:F3:4E:F6:E3:E6:36:63:38:C8:47:90:A2:BA:9B:BF:33:23:55
Certificate issuer: /CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Certificate serial: 018CC56ED8325E7F1A5C522444F4D67ACC9C
Authority key identifier: 4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/sxPzTvbj5jZjOMhHkKK6m78zI1U.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20719
IP address blocks: 213.244.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d8:32:5e:7f:1a:5c:52:24:44:f4:d6:7a:cc:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c37f27eb4997b3bef9f28266a39694050fe74f9
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b313f34ef6e3e6366338c84790a2ba9bbf332355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b2:75:47:dd:6b:f5:00:b8:db:30:0b:77:d9:
29:8d:03:a4:4a:69:86:ac:82:0b:45:d1:ed:24:d5:
d1:2b:ba:3a:fc:80:14:9d:75:da:76:62:07:a8:de:
cd:1d:a6:a4:b4:a8:cf:05:2f:3c:b2:e9:8c:7e:65:
28:17:4c:c6:3e:00:5a:c6:e0:f6:5f:e9:3a:92:34:
dc:09:ed:89:36:2a:48:16:83:e0:4a:00:53:18:5b:
a1:55:5f:ee:38:4c:4d:2c:cd:20:38:7e:66:31:6c:
17:ac:55:92:ad:45:29:b2:f4:34:36:6d:5f:76:cb:
42:47:26:ce:61:6e:99:96:85:13:59:6a:c0:1e:0e:
32:39:18:d5:28:4e:b1:58:30:82:a7:d0:a1:84:63:
82:a2:1e:05:50:fc:36:70:71:c9:ee:ea:7e:73:44:
59:eb:f9:cb:05:e3:70:99:c5:5b:f8:67:6c:6a:cc:
8b:80:8e:33:1b:44:36:6d:94:21:e5:42:60:37:96:
ca:d2:86:69:32:eb:ba:4c:cf:a1:3c:34:9e:bc:e2:
ca:92:e8:8b:ad:ed:f0:8c:6e:bd:e3:53:ef:c8:d9:
fe:1f:6c:53:fd:78:97:b7:07:85:82:90:5a:0b:45:
31:d2:e1:30:c6:e6:2a:d7:29:ac:51:03:63:36:b2:
34:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:13:F3:4E:F6:E3:E6:36:63:38:C8:47:90:A2:BA:9B:BF:33:23:55
X509v3 Authority Key Identifier:
keyid:4C:37:F2:7E:B4:99:7B:3B:EF:9F:28:26:6A:39:69:40:50:FE:74:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDfyfrSZezvvnygmajlpQFD-dPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/sxPzTvbj5jZjOMhHkKK6m78zI1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/09cea0-ef2b-4f20-a19a-eb5a627e76a3/1/TDfyfrSZezvvnygmajlpQFD-dPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.244.124.0/22
Signature Algorithm: sha256WithRSAEncryption
85:dc:f1:b9:31:60:85:66:dd:0c:9b:84:47:d4:75:72:40:ab:
00:4c:2a:5e:dc:da:b2:6a:3d:97:ee:a4:a8:2e:b6:7a:49:d8:
d7:42:ab:c4:fd:fa:77:3e:b3:57:36:6b:b2:16:db:59:5e:41:
36:19:81:8b:da:99:18:86:6c:63:eb:7a:d2:f7:e0:35:d7:20:
f2:09:82:e0:18:57:ab:ec:e0:27:a5:ff:ce:76:8f:cb:c6:e7:
9f:d1:b6:58:d5:d2:42:54:bd:54:db:c2:73:2f:a7:a4:32:1e:
aa:a8:00:45:e1:cb:5e:a5:16:25:c2:d1:c3:34:3b:1c:c3:5b:
79:6e:6d:08:cd:8b:bb:3b:4b:5c:b8:8d:29:ad:76:dc:12:7d:
9e:e9:86:f8:e2:f2:dd:e5:2b:cc:54:3c:79:50:55:9b:50:18:
f3:6d:90:85:5f:a8:85:44:e3:58:81:0b:0c:f9:9b:db:20:38:
eb:b4:2b:83:b8:18:c6:e5:39:a5:b0:86:66:0f:48:74:cd:83:
a8:f9:83:d7:d0:dc:b6:a5:13:8b:ae:bd:e3:0d:c2:9a:ff:2d:
8a:97:f2:ab:71:82:0c:4c:c6:4d:9d:ed:35:f9:51:af:d7:6f:
83:6a:be:b2:78:c6:28:95:5d:95:0e:38:ce:e2:04:54:2b:8d:
59:00:34:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbtgyXn8aXFIkRPTWesycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzdmMjdlYjQ5OTdiM2JlZjlmMjgyNjZhMzk2OTQwNTBm
ZTc0ZjkwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzEzZjM0ZWY2ZTNlNjM2NjMzOGM4NDc5MGEyYmE5YmJmMzMyMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrJ1R91r9QC42zALd9kpjQOkSmmG
rIILRdHtJNXRK7o6/IAUnXXadmIHqN7NHaaktKjPBS88sumMfmUoF0zGPgBaxuD2
X+k6kjTcCe2JNipIFoPgSgBTGFuhVV/uOExNLM0gOH5mMWwXrFWSrUUpsvQ0Nm1f
dstCRybOYW6ZloUTWWrAHg4yORjVKE6xWDCCp9ChhGOCoh4FUPw2cHHJ7up+c0RZ
6/nLBeNwmcVb+GdsasyLgI4zG0Q2bZQh5UJgN5bK0oZpMuu6TM+hPDSevOLKkuiL
re3wjG6941PvyNn+H2xT/XiXtweFgpBaC0Ux0uEwxuYq1ymsUQNjNrI09wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMT80724+Y2YzjIR5Ciupu/MyNVMB8GA1UdIwQY
MBaAFEw38n60mXs7758oJmo5aUBQ/nT5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEt
ZWI1YTYyN2U3NmEzLzEvc3hQelR2Ymo1alpqT01oSGtLSzZtNzh6STFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8wOWNlYTAtZWYyYi00ZjIwLWExOWEtZWI1YTYyN2U3NmEz
LzEvVERmeWZyU1plenZ2bnlnbWFqbHBRRkQtZFBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1fR8MA0G
CSqGSIb3DQEBCwUAA4IBAQCF3PG5MWCFZt0Mm4RH1HVyQKsATCpe3Nqyaj2X7qSo
LrZ6SdjXQqvE/fp3PrNXNmuyFttZXkE2GYGL2pkYhmxj63rS9+A11yDyCYLgGFer
7OAnpf/Odo/Lxuef0bZY1dJCVL1U28JzL6ekMh6qqABF4ctepRYlwtHDNDscw1t5
bm0IzYu7O0tcuI0prXbcEn2e6Yb44vLd5SvMVDx5UFWbUBjzbZCFX6iFRONYgQsM
+ZvbIDjrtCuDuBjG5TmlsIZmD0h0zYOo+YPX0Ny2pROLrr3jDcKa/y2Kl/KrcYIM
TMZNne01+VGv12+Dar6yeMYolV2VDjjO4gRUK41ZADR3
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:41 2024 by rpki-client on console-fra.rpki-client.org