Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/_59mqk4WbBK5eEyaVMDVjSM8U7I.roa
File: _59mqk4WbBK5eEyaVMDVjSM8U7I.roa (raw, json)
Hash identifier: Yu0c9Hw7FdqwftysPXzjKNSPXHmEUP2k6VLA6dJAcHQ=
Subject key identifier: FF:9F:66:AA:4E:16:6C:12:B9:78:4C:9A:54:C0:D5:8D:23:3C:53:B2
Certificate issuer: /CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Certificate serial: 0191B326AFAD147D1DBC9017F7AA158A2D76
Authority key identifier: 77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/_59mqk4WbBK5eEyaVMDVjSM8U7I.roa
Signing time: Mon 02 Sep 2024 14:32:22 +0000
ROA not before: Mon 02 Sep 2024 14:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 195.184.252.0/24 maxlen: 24
195.184.253.0/24 maxlen: 24
195.184.254.0/24 maxlen: 24
195.184.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:26:af:ad:14:7d:1d:bc:90:17:f7:aa:15:8a:2d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7736a5c85a08d80749041cb9cfa517fb7d589ba8
Validity
Not Before: Sep 2 14:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff9f66aa4e166c12b9784c9a54c0d58d233c53b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:77:9f:40:49:3c:95:bf:be:72:a4:bd:70:ba:
2a:a5:12:1b:ca:18:31:7a:f2:22:f9:6e:50:8e:a2:
52:14:15:50:27:eb:9b:9a:42:33:ff:59:b9:3b:80:
5a:cf:c2:00:18:fb:ac:27:da:81:e5:fc:87:93:74:
84:b7:48:b8:fe:69:35:cd:88:b3:ef:7a:a0:3b:e7:
41:77:26:42:29:11:ea:ef:53:ca:eb:fa:b8:f5:d3:
cf:bb:d7:6b:11:e6:00:2c:dc:96:b3:a0:5e:56:df:
53:68:c5:01:0e:16:be:8a:9f:06:76:09:40:5e:18:
44:01:84:98:ab:2e:a2:d6:95:78:af:7f:a7:50:3c:
c1:e8:b0:bc:9f:b3:74:d2:3c:66:9d:62:16:47:26:
83:42:87:e0:f1:94:2c:25:52:43:6e:a4:b7:2c:3b:
f0:51:e6:d8:43:38:dd:6f:e8:e1:98:46:6c:71:04:
07:83:92:4b:b7:93:03:db:53:2b:7c:40:6b:dc:26:
5c:52:f5:5d:d6:87:42:79:0b:6d:4f:35:cc:97:21:
b7:cc:e4:e0:a4:76:e6:01:f7:b2:30:43:59:bf:7b:
a4:cf:ac:8b:f9:3d:70:77:7f:0c:c7:09:eb:15:6c:
a5:34:dc:c6:47:ac:bb:10:4e:04:a5:79:49:98:ea:
86:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:9F:66:AA:4E:16:6C:12:B9:78:4C:9A:54:C0:D5:8D:23:3C:53:B2
X509v3 Authority Key Identifier:
keyid:77:36:A5:C8:5A:08:D8:07:49:04:1C:B9:CF:A5:17:FB:7D:58:9B:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzalyFoI2AdJBBy5z6UX-31Ym6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/_59mqk4WbBK5eEyaVMDVjSM8U7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/6da289-abec-49f5-a759-cf1f4c7c9222/1/dzalyFoI2AdJBBy5z6UX-31Ym6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.184.252.0/22
Signature Algorithm: sha256WithRSAEncryption
08:4a:b3:3d:43:31:ea:d8:2d:0a:70:80:af:97:a4:95:3f:18:
ef:15:57:72:00:23:b1:8d:fd:40:a9:a7:f5:62:39:1e:f9:9b:
e6:b6:e1:a4:77:65:d5:36:42:fd:b5:95:e5:b0:1d:be:fb:b2:
f1:0f:68:72:e5:17:20:e4:d0:0d:fa:15:15:0d:25:a4:95:7d:
fe:e4:85:3b:aa:e9:84:07:ab:38:10:fc:1a:d7:32:40:bd:e0:
78:96:ba:27:54:c6:54:72:c2:1f:08:1a:76:38:ae:74:59:03:
8a:49:05:95:60:60:6f:4c:07:91:85:27:d7:26:ef:8c:cd:c9:
35:80:99:72:ee:82:f7:a9:2c:4e:4d:f2:7b:ee:70:69:34:d9:
61:1e:ca:a3:58:5a:72:74:48:1e:56:86:cf:b6:08:5c:58:98:
87:e0:1a:d1:d8:9c:0e:8a:80:34:b4:7c:bb:ce:c8:49:63:57:
49:b4:c2:f5:ad:c4:20:2c:f4:29:6c:fb:0c:c7:85:c3:36:d7:
2b:40:7b:f5:cd:94:8c:ae:20:36:1b:26:27:3a:e5:b4:94:d9:
5e:5a:c6:33:f3:1f:23:fc:77:33:e1:17:4b:f5:0c:36:34:e1:
b3:ae:db:62:e1:ff:c1:b1:ae:83:0f:08:1e:67:1f:08:a8:2c:
e0:17:67:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGzJq+tFH0dvJAX96oVii12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzZhNWM4NWEwOGQ4MDc0OTA0MWNiOWNmYTUxN2ZiN2Q1
ODliYTgwHhcNMjQwOTAyMTQzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjlmNjZhYTRlMTY2YzEyYjk3ODRjOWE1NGMwZDU4ZDIzM2M1M2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23efQEk8lb++cqS9cLoqpRIbyhgx
evIi+W5QjqJSFBVQJ+ubmkIz/1m5O4Baz8IAGPusJ9qB5fyHk3SEt0i4/mk1zYiz
73qgO+dBdyZCKRHq71PK6/q49dPPu9drEeYALNyWs6BeVt9TaMUBDha+ip8GdglA
XhhEAYSYqy6i1pV4r3+nUDzB6LC8n7N00jxmnWIWRyaDQofg8ZQsJVJDbqS3LDvw
UebYQzjdb+jhmEZscQQHg5JLt5MD21MrfEBr3CZcUvVd1odCeQttTzXMlyG3zOTg
pHbmAfeyMENZv3ukz6yL+T1wd38MxwnrFWylNNzGR6y7EE4EpXlJmOqGIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP+fZqpOFmwSuXhMmlTA1Y0jPFOyMB8GA1UdIwQY
MBaAFHc2pchaCNgHSQQcuc+lF/t9WJuoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTkt
Y2YxZjRjN2M5MjIyLzEvXzU5bXFrNFdiQks1ZUV5YVZNRFZqU004VTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82ZGEyODktYWJlYy00OWY1LWE3NTktY2YxZjRjN2M5MjIy
LzEvZHphbHlGb0kyQWRKQkJ5NXo2VVgtMzFZbTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw7j8MA0G
CSqGSIb3DQEBCwUAA4IBAQAISrM9QzHq2C0KcICvl6SVPxjvFVdyACOxjf1Aqaf1
Yjke+ZvmtuGkd2XVNkL9tZXlsB2++7LxD2hy5Rcg5NAN+hUVDSWklX3+5IU7qumE
B6s4EPwa1zJAveB4lronVMZUcsIfCBp2OK50WQOKSQWVYGBvTAeRhSfXJu+Mzck1
gJly7oL3qSxOTfJ77nBpNNlhHsqjWFpydEgeVobPtghcWJiH4BrR2JwOioA0tHy7
zshJY1dJtML1rcQgLPQpbPsMx4XDNtcrQHv1zZSMriA2GyYnOuW0lNleWsYz8x8j
/Hcz4RdL9Qw2NOGzrtti4f/Bsa6DDwgeZx8IqCzgF2dT
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:51:55 2024 by rpki-client on console-ams.rpki-client.org