Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/Pl1pKCoQYqFXYXSJZKmnb0uNJog.roa
File: Pl1pKCoQYqFXYXSJZKmnb0uNJog.roa (raw, json)
Hash identifier: YYw7h/HVOQ+xr/z/kn98QxIMVVOmgaQGAJdsgShCxDA=
Subject key identifier: 3E:5D:69:28:2A:10:62:A1:57:61:74:89:64:A9:A7:6F:4B:8D:26:88
Certificate issuer: /CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Certificate serial: 018CC56DED959BF6AB2232949775EB85D06A
Authority key identifier: 84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/Pl1pKCoQYqFXYXSJZKmnb0uNJog.roa
Signing time: Mon 01 Jan 2024 14:29:24 +0000
ROA not before: Mon 01 Jan 2024 14:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12363
IP address blocks: 195.110.96.0/19 maxlen: 24
195.110.97.0/24 maxlen: 24
195.110.96.0/24 maxlen: 24
195.110.99.0/24 maxlen: 24
2a0e:f080:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.mft
rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ed:95:9b:f6:ab:22:32:94:97:75:eb:85:d0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Validity
Not Before: Jan 1 14:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e5d69282a1062a15761748964a9a76f4b8d2688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:09:e1:a4:99:22:d5:bc:4e:d3:98:54:7d:f3:
f9:29:f4:dc:d2:c8:06:a2:64:0a:c4:19:7a:08:84:
dd:f4:9f:cd:35:bc:5d:f9:c7:69:3b:12:aa:8c:e7:
0c:04:46:35:0c:9f:17:f1:27:f6:a9:d0:85:00:5b:
50:17:f5:7b:ea:55:ed:1a:22:44:4d:aa:2c:dd:0f:
75:24:79:4b:ab:c2:f7:82:7d:f2:f4:dd:a0:7f:4a:
7d:15:2b:dc:a4:02:cc:76:40:82:7c:63:51:b7:ac:
20:f6:b6:6c:25:83:5f:03:6d:a9:8e:91:0a:8f:2a:
3a:0e:61:78:a8:7b:c1:02:36:54:08:92:0b:7e:c8:
01:fa:01:f1:df:35:2d:c9:0e:9f:6c:79:0d:5e:71:
ac:3e:cd:19:83:2f:56:11:f4:bc:53:75:f8:f0:90:
a7:00:d8:97:09:6d:c7:77:6b:29:5a:13:94:9b:10:
59:df:56:73:81:7c:da:43:52:f6:46:c1:7c:66:ef:
d6:91:d0:cb:a4:59:5a:2c:56:a4:01:5c:c9:36:91:
c7:b0:11:69:16:b5:37:3c:2f:0e:b6:84:aa:85:b0:
27:dd:bc:a5:d3:ba:81:97:2c:ec:05:97:33:74:04:
c3:95:6b:fe:a9:c4:e9:b6:b3:c3:fe:b2:59:2a:40:
9f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:5D:69:28:2A:10:62:A1:57:61:74:89:64:A9:A7:6F:4B:8D:26:88
X509v3 Authority Key Identifier:
keyid:84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/Pl1pKCoQYqFXYXSJZKmnb0uNJog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.110.96.0/19
IPv6:
2a0e:f080:1::/48
Signature Algorithm: sha256WithRSAEncryption
78:13:89:63:9a:5b:c2:2c:b2:d4:6e:ca:9b:4f:a5:ff:74:ed:
57:77:42:15:88:99:a2:81:b9:82:db:e3:05:1b:a2:91:85:50:
bf:39:9e:9b:30:fc:30:30:39:d9:2c:33:b5:06:fb:f9:63:26:
6f:bc:6a:25:04:ac:b3:30:6f:c4:a2:3a:53:db:da:0f:65:63:
cb:de:89:3d:97:89:75:82:fb:c2:87:6f:39:4b:b2:51:b3:d0:
39:e3:f5:70:a8:65:f1:bd:c5:9a:f7:62:f4:8b:e5:a8:fa:4d:
b6:a1:26:6d:2e:b3:85:42:ef:65:c9:55:61:0a:eb:f1:d3:37:
ce:f6:bc:15:1e:45:9c:f7:86:64:56:bf:04:0f:d8:6e:48:5f:
a4:e6:6c:ed:f2:a9:b0:80:56:ec:95:4a:40:29:99:50:09:89:
10:67:ba:ac:4e:3f:67:69:f7:18:dd:ce:97:18:5b:ee:66:02:
e6:3d:11:72:c0:04:40:d7:d7:ca:39:6e:ea:a4:38:f6:6d:3f:
7e:24:d8:8c:6a:a4:a0:28:5e:b1:ed:97:b7:3a:73:2b:2a:b3:
e8:30:ef:ce:b1:5f:09:b8:b6:89:51:61:7b:f8:87:06:4e:64:
57:af:47:1f:a4:ae:9f:22:9c:ae:50:b3:cb:be:8f:41:73:a3:
4d:b6:f9:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbe2Vm/arIjKUl3XrhdBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZGI3NDdiMjg5NzE3YTA2ODRjZDZhYzgyMzA3YWE2N2Ji
MmQ3YmIwHhcNMjQwMTAxMTQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTVkNjkyODJhMTA2MmExNTc2MTc0ODk2NGE5YTc2ZjRiOGQyNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgnhpJki1bxO05hUffP5KfTc0sgG
omQKxBl6CITd9J/NNbxd+cdpOxKqjOcMBEY1DJ8X8Sf2qdCFAFtQF/V76lXtGiJE
Taos3Q91JHlLq8L3gn3y9N2gf0p9FSvcpALMdkCCfGNRt6wg9rZsJYNfA22pjpEK
jyo6DmF4qHvBAjZUCJILfsgB+gHx3zUtyQ6fbHkNXnGsPs0Zgy9WEfS8U3X48JCn
ANiXCW3Hd2spWhOUmxBZ31ZzgXzaQ1L2RsF8Zu/WkdDLpFlaLFakAVzJNpHHsBFp
FrU3PC8OtoSqhbAn3byl07qBlyzsBZczdATDlWv+qcTptrPD/rJZKkCf2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD5daSgqEGKhV2F0iWSpp29LjSaIMB8GA1UdIwQY
MBaAFITbdHsolxegaEzWrIIweqZ7ste7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQt
OWZlN2VlOWMwMzY4LzEvUGwxcEtDb1FZcUZYWVhTSlpLbW5iMHVOSm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQtOWZlN2VlOWMwMzY4
LzEvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQFw25gMA8E
AgACMAkDBwAqDvCAAAEwDQYJKoZIhvcNAQELBQADggEBAHgTiWOaW8IsstRuyptP
pf907Vd3QhWImaKBuYLb4wUbopGFUL85npsw/DAwOdksM7UG+/ljJm+8aiUErLMw
b8SiOlPb2g9lY8veiT2XiXWC+8KHbzlLslGz0Dnj9XCoZfG9xZr3YvSL5aj6Tbah
Jm0us4VC72XJVWEK6/HTN872vBUeRZz3hmRWvwQP2G5IX6TmbO3yqbCAVuyVSkAp
mVAJiRBnuqxOP2dp9xjdzpcYW+5mAuY9EXLABEDX18o5buqkOPZtP34k2IxqpKAo
XrHtl7c6cysqs+gw786xXwm4tolRYXv4hwZOZFevRx+krp8inK5Qs8u+j0Fzo022
+S4=
-----END CERTIFICATE-----
Generated at Sat Jun 1 22:15:01 2024 by rpki-client on console-fra.rpki-client.org