Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/8ccbcc-cd51-44ae-8f05-36fd233514f9/1/v5NL5lQpjvgr9El_3iji_I8jnEQ.roa
File: v5NL5lQpjvgr9El_3iji_I8jnEQ.roa (raw, json)
Hash identifier: I9+I6u/iteKqoZI/fzg7O/2rTxAUULYU1DfU78kCcBE=
Subject key identifier: BF:93:4B:E6:54:29:8E:F8:2B:F4:49:7F:DE:28:E2:FC:8F:23:9C:44
Certificate issuer: /CN=b921277f3e7954a4af5520a99042fb0893af804d
Certificate serial: 01929EDC18E2A2A1214564482B7CF3304B44
Authority key identifier: B9:21:27:7F:3E:79:54:A4:AF:55:20:A9:90:42:FB:08:93:AF:80:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uSEnfz55VKSvVSCpkEL7CJOvgE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/8ccbcc-cd51-44ae-8f05-36fd233514f9/1/v5NL5lQpjvgr9El_3iji_I8jnEQ.roa
Signing time: Fri 18 Oct 2024 09:01:17 +0000
ROA not before: Fri 18 Oct 2024 09:01:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43372
IP address blocks: 195.88.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/8ccbcc-cd51-44ae-8f05-36fd233514f9/1/uSEnfz55VKSvVSCpkEL7CJOvgE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/8ccbcc-cd51-44ae-8f05-36fd233514f9/1/uSEnfz55VKSvVSCpkEL7CJOvgE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/uSEnfz55VKSvVSCpkEL7CJOvgE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9e:dc:18:e2:a2:a1:21:45:64:48:2b:7c:f3:30:4b:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b921277f3e7954a4af5520a99042fb0893af804d
Validity
Not Before: Oct 18 09:01:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf934be654298ef82bf4497fde28e2fc8f239c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cd:9a:a2:98:f8:6d:d1:42:54:bd:b4:96:a4:
6f:bf:46:e8:25:af:04:f6:b9:ad:13:fc:e1:1a:22:
50:a9:f6:8b:c2:50:24:42:72:a2:16:a4:d4:0d:ef:
15:27:2b:17:41:c0:b2:09:83:70:30:26:78:b5:f2:
50:ea:1d:cc:37:cb:af:08:cc:cc:31:c9:51:a2:9b:
e0:af:51:18:a5:67:46:b0:d8:25:62:42:d3:bd:a8:
9d:ad:36:e1:37:7b:af:ef:c4:46:52:fe:5c:99:57:
b2:16:cb:35:c9:7b:9e:80:d1:15:29:7b:68:d7:b7:
dd:48:b5:ea:86:04:e8:dd:29:8a:e6:36:4f:1d:3a:
a4:2e:d7:ab:0c:11:19:15:e1:8d:f8:bc:70:94:56:
2d:29:9e:d5:ed:84:71:8a:dc:60:cb:b5:26:e0:33:
49:78:99:e7:27:9c:9d:ae:13:54:b7:73:b2:69:6c:
b3:65:cb:44:43:73:5f:a4:6f:9f:2d:b8:59:51:f1:
69:1b:75:44:b9:bc:44:39:2e:c7:ba:eb:12:43:68:
df:a5:f4:bf:ab:b3:b6:7f:74:b8:78:81:a6:53:38:
ac:7c:9f:1f:d8:68:9c:ca:81:6b:32:bc:35:49:d4:
eb:66:86:2d:bb:f4:d5:e7:3e:62:28:ea:26:2a:2e:
be:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:93:4B:E6:54:29:8E:F8:2B:F4:49:7F:DE:28:E2:FC:8F:23:9C:44
X509v3 Authority Key Identifier:
keyid:B9:21:27:7F:3E:79:54:A4:AF:55:20:A9:90:42:FB:08:93:AF:80:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uSEnfz55VKSvVSCpkEL7CJOvgE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/8ccbcc-cd51-44ae-8f05-36fd233514f9/1/v5NL5lQpjvgr9El_3iji_I8jnEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/8ccbcc-cd51-44ae-8f05-36fd233514f9/1/uSEnfz55VKSvVSCpkEL7CJOvgE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.232.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:a7:2d:0f:44:0c:40:4e:ad:ec:d9:6c:b3:bf:bd:1f:22:bf:
6a:a4:1e:e7:bd:c9:72:ab:e6:05:dc:05:c7:f9:35:1d:40:50:
e2:29:be:ee:7e:6c:5e:78:a9:00:eb:99:96:c8:8e:8f:45:8e:
fa:b5:1d:18:ed:77:e3:aa:b4:c9:fb:ea:92:8d:b1:f5:45:7b:
1a:34:81:a8:00:90:91:13:95:35:12:08:17:32:73:e4:ae:62:
e0:6a:9a:e8:65:be:c8:50:a6:5b:d9:54:a9:94:7f:c3:14:1a:
77:3b:39:af:fc:d4:69:14:20:d2:ff:3c:28:26:06:99:89:c9:
15:f3:1e:0f:8e:dd:ed:4e:61:44:36:c6:9c:ea:cd:61:7e:fc:
2c:ce:7f:5f:57:cd:34:d4:64:de:f0:6e:b7:5b:dc:42:8e:1f:
fb:f9:88:95:fe:b3:82:c7:6f:c1:96:ed:4f:03:7d:cf:53:27:
fe:8d:13:b2:b8:b7:30:f5:80:cf:7b:ac:75:f5:2a:e9:5b:be:
06:63:c0:42:85:c9:28:64:b8:7d:c2:56:ab:77:e0:69:54:c6:
b3:31:f3:e1:d1:e2:cf:32:5d:e1:a5:4a:7a:32:6c:4c:3a:f7:
44:16:8a:0b:8f:f5:c9:28:fa:70:db:19:a6:5e:21:f8:51:8b:
93:02:46:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKe3BjioqEhRWRIK3zzMEtEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MjEyNzdmM2U3OTU0YTRhZjU1MjBhOTkwNDJmYjA4OTNh
ZjgwNGQwHhcNMjQxMDE4MDkwMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjkzNGJlNjU0Mjk4ZWY4MmJmNDQ5N2ZkZTI4ZTJmYzhmMjM5YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAns2aopj4bdFCVL20lqRvv0boJa8E
9rmtE/zhGiJQqfaLwlAkQnKiFqTUDe8VJysXQcCyCYNwMCZ4tfJQ6h3MN8uvCMzM
MclRopvgr1EYpWdGsNglYkLTvaidrTbhN3uv78RGUv5cmVeyFss1yXuegNEVKXto
17fdSLXqhgTo3SmK5jZPHTqkLterDBEZFeGN+LxwlFYtKZ7V7YRxitxgy7Um4DNJ
eJnnJ5ydrhNUt3OyaWyzZctEQ3NfpG+fLbhZUfFpG3VEubxEOS7HuusSQ2jfpfS/
q7O2f3S4eIGmUzisfJ8f2GicyoFrMrw1SdTrZoYtu/TV5z5iKOomKi6+kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL+TS+ZUKY74K/RJf94o4vyPI5xEMB8GA1UdIwQY
MBaAFLkhJ38+eVSkr1UgqZBC+wiTr4BNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVNFbmZ6NTVWS1N2VlNDcGtFTDdDSk92Z0UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84Y2NiY2MtY2Q1MS00NGFlLThmMDUt
MzZmZDIzMzUxNGY5LzEvdjVOTDVsUXBqdmdyOUVsXzNpamlfSThqbkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84Y2NiY2MtY2Q1MS00NGFlLThmMDUtMzZmZDIzMzUxNGY5
LzEvdVNFbmZ6NTVWS1N2VlNDcGtFTDdDSk92Z0UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1joMA0G
CSqGSIb3DQEBCwUAA4IBAQBbpy0PRAxATq3s2Wyzv70fIr9qpB7nvclyq+YF3AXH
+TUdQFDiKb7ufmxeeKkA65mWyI6PRY76tR0Y7XfjqrTJ++qSjbH1RXsaNIGoAJCR
E5U1EggXMnPkrmLgaproZb7IUKZb2VSplH/DFBp3Ozmv/NRpFCDS/zwoJgaZickV
8x4Pjt3tTmFENsac6s1hfvwszn9fV8001GTe8G63W9xCjh/7+YiV/rOCx2/Blu1P
A33PUyf+jROyuLcw9YDPe6x19SrpW74GY8BChckoZLh9wlard+BpVMazMfPh0eLP
Ml3hpUp6MmxMOvdEFooLj/XJKPpw2xmmXiH4UYuTAkY6
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:37:32 2024 by rpki-client on console-ams.rpki-client.org