Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a7e55a-2672-4d76-9879-2ee4ff8b0a80/1/X0lKa5f42dWjDwavK7vz54Wp7Bk.roa
File: X0lKa5f42dWjDwavK7vz54Wp7Bk.roa (raw, json)
Hash identifier: iWa7ztbu9FWP57zNKMAsj/e1Lw9nCa+uPR3/8XnC+os=
Subject key identifier: 5F:49:4A:6B:97:F8:D9:D5:A3:0F:06:AF:2B:BB:F3:E7:85:A9:EC:19
Certificate issuer: /CN=10759c6a62e278da8311afec8f7677c41363d1f8
Certificate serial: 018F53D9D90007228423E8B89B0FE11BF18E
Authority key identifier: 10:75:9C:6A:62:E2:78:DA:83:11:AF:EC:8F:76:77:C4:13:63:D1:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHWcamLieNqDEa_sj3Z3xBNj0fg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a7e55a-2672-4d76-9879-2ee4ff8b0a80/1/X0lKa5f42dWjDwavK7vz54Wp7Bk.roa
Signing time: Tue 07 May 2024 16:18:56 +0000
ROA not before: Tue 07 May 2024 16:18:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.39.100.0/24 maxlen: 24
193.39.101.0/24 maxlen: 24
193.39.102.0/24 maxlen: 24
193.39.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/a7e55a-2672-4d76-9879-2ee4ff8b0a80/1/EHWcamLieNqDEa_sj3Z3xBNj0fg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/a7e55a-2672-4d76-9879-2ee4ff8b0a80/1/EHWcamLieNqDEa_sj3Z3xBNj0fg.mft
rsync://rpki.ripe.net/repository/DEFAULT/EHWcamLieNqDEa_sj3Z3xBNj0fg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:d9:d9:00:07:22:84:23:e8:b8:9b:0f:e1:1b:f1:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10759c6a62e278da8311afec8f7677c41363d1f8
Validity
Not Before: May 7 16:18:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f494a6b97f8d9d5a30f06af2bbbf3e785a9ec19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:38:24:55:81:89:87:4b:11:f7:16:21:32:46:
5f:d8:24:c8:11:33:d4:38:93:25:33:55:78:77:39:
28:9b:c9:d8:5c:62:55:98:3a:95:fd:a3:52:e8:30:
17:0a:8c:a3:cd:aa:6f:ce:00:c5:c5:05:7b:f3:78:
f9:03:34:f4:c6:dc:b9:96:ff:0d:32:31:84:c9:7e:
4b:06:75:81:c1:df:b1:12:60:9b:5c:08:88:83:a5:
be:35:4f:a5:d6:4d:db:78:e1:14:43:01:3e:48:5a:
09:02:65:4b:ad:eb:94:a0:d5:e2:da:03:df:ef:c1:
44:b4:ee:d4:3f:bc:42:a7:0a:43:bf:8d:f6:1b:2e:
15:a6:98:52:4e:72:26:b5:b9:04:2e:6b:a6:74:d0:
6a:41:af:06:27:27:14:fe:e2:33:10:5c:51:97:78:
6f:86:fe:fc:3d:da:53:cb:41:0c:ef:b7:8a:89:b3:
2a:6a:b4:33:eb:a6:31:28:e3:ac:02:0c:8f:5b:e7:
26:54:c3:05:66:08:10:56:ef:d4:47:cd:c0:21:ec:
30:4a:76:18:43:ec:54:de:f1:9b:19:15:24:4e:be:
5d:9c:cd:60:50:11:5e:9f:87:5b:a1:60:f2:50:bf:
58:65:ee:fc:5b:f5:8b:09:76:47:ec:fe:87:e4:13:
71:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:49:4A:6B:97:F8:D9:D5:A3:0F:06:AF:2B:BB:F3:E7:85:A9:EC:19
X509v3 Authority Key Identifier:
keyid:10:75:9C:6A:62:E2:78:DA:83:11:AF:EC:8F:76:77:C4:13:63:D1:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHWcamLieNqDEa_sj3Z3xBNj0fg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a7e55a-2672-4d76-9879-2ee4ff8b0a80/1/X0lKa5f42dWjDwavK7vz54Wp7Bk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a7e55a-2672-4d76-9879-2ee4ff8b0a80/1/EHWcamLieNqDEa_sj3Z3xBNj0fg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.39.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:18:57:39:f3:40:61:44:16:ac:d2:4a:40:7b:14:34:ea:a5:
bf:05:b8:8b:da:df:9e:ef:87:3b:63:9e:ec:4d:ca:6f:b1:6d:
d0:3c:13:71:d2:75:df:2c:c5:78:c3:51:0b:15:a6:36:3a:3f:
14:4e:8a:80:39:0a:7d:e9:86:f8:98:e4:b3:80:22:ae:e2:43:
0b:61:c3:c9:5a:94:2f:ee:b3:43:e7:09:fc:7c:f1:6e:12:59:
80:c7:ea:57:95:6d:e3:29:db:25:00:fd:c7:ed:58:15:1f:8a:
84:80:2a:32:29:55:f6:70:ca:d7:11:a1:6d:12:98:a5:86:ab:
93:01:ff:d6:9d:15:2e:6c:98:15:f0:69:b5:50:ad:0c:13:9a:
d1:a6:cc:16:2c:b4:c1:9e:f1:58:73:6d:70:81:cc:13:93:1b:
e6:31:c7:45:06:11:5c:c5:2d:84:fe:8b:e7:cd:0f:54:a3:3e:
63:9b:75:c3:8a:32:e7:81:fd:18:6e:ca:50:8a:08:38:68:5e:
05:c5:00:f7:ae:0d:e4:0b:b3:dc:ec:0e:27:47:f1:d8:88:2d:
42:06:86:5d:d1:fe:b0:b3:e7:b3:b9:63:94:3a:97:de:9e:74:
9e:59:23:0e:dc:48:9d:81:58:85:e3:6e:b5:57:25:e7:7a:2a:
e7:a7:71:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9T2dkAByKEI+i4mw/hG/GOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzU5YzZhNjJlMjc4ZGE4MzExYWZlYzhmNzY3N2M0MTM2
M2QxZjgwHhcNMjQwNTA3MTYxODU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQ5NGE2Yjk3ZjhkOWQ1YTMwZjA2YWYyYmJiZjNlNzg1YTllYzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzgkVYGJh0sR9xYhMkZf2CTIETPU
OJMlM1V4dzkom8nYXGJVmDqV/aNS6DAXCoyjzapvzgDFxQV783j5AzT0xty5lv8N
MjGEyX5LBnWBwd+xEmCbXAiIg6W+NU+l1k3beOEUQwE+SFoJAmVLreuUoNXi2gPf
78FEtO7UP7xCpwpDv432Gy4VpphSTnImtbkELmumdNBqQa8GJycU/uIzEFxRl3hv
hv78PdpTy0EM77eKibMqarQz66YxKOOsAgyPW+cmVMMFZggQVu/UR83AIewwSnYY
Q+xU3vGbGRUkTr5dnM1gUBFen4dboWDyUL9YZe78W/WLCXZH7P6H5BNxTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9JSmuX+NnVow8Gryu78+eFqewZMB8GA1UdIwQY
MBaAFBB1nGpi4njagxGv7I92d8QTY9H4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhXY2FtTGllTnFERWFfc2ozWjN4Qk5qMGZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hN2U1NWEtMjY3Mi00ZDc2LTk4Nzkt
MmVlNGZmOGIwYTgwLzEvWDBsS2E1ZjQyZFdqRHdhdks3dno1NFdwN0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hN2U1NWEtMjY3Mi00ZDc2LTk4NzktMmVlNGZmOGIwYTgw
LzEvRUhXY2FtTGllTnFERWFfc2ozWjN4Qk5qMGZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSdkMA0G
CSqGSIb3DQEBCwUAA4IBAQAbGFc580BhRBas0kpAexQ06qW/BbiL2t+e74c7Y57s
TcpvsW3QPBNx0nXfLMV4w1ELFaY2Oj8UToqAOQp96Yb4mOSzgCKu4kMLYcPJWpQv
7rND5wn8fPFuElmAx+pXlW3jKdslAP3H7VgVH4qEgCoyKVX2cMrXEaFtEpilhquT
Af/WnRUubJgV8Gm1UK0ME5rRpswWLLTBnvFYc21wgcwTkxvmMcdFBhFcxS2E/ovn
zQ9Uoz5jm3XDijLngf0YbspQigg4aF4FxQD3rg3kC7Pc7A4nR/HYiC1CBoZd0f6w
s+ezuWOUOpfennSeWSMO3EidgViF4261VyXneirnp3Gb
-----END CERTIFICATE-----
Generated at Sat Sep 7 20:54:36 2024 by rpki-client on console-fra.rpki-client.org