Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/S4M4iJHQKxi1HHpunlQbjNxxbWU.roa
File: S4M4iJHQKxi1HHpunlQbjNxxbWU.roa (raw, json)
Hash identifier: GvtUI2IFj+Ij8DhMXbfq4eiR1KgXLTpfqDK8/u2Rm/A=
Subject key identifier: 4B:83:38:88:91:D0:2B:18:B5:1C:7A:6E:9E:54:1B:8C:DC:71:6D:65
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018CC7941481480A4DE5CBED03D663B83029
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/S4M4iJHQKxi1HHpunlQbjNxxbWU.roa
Signing time: Tue 02 Jan 2024 00:30:19 +0000
ROA not before: Tue 02 Jan 2024 00:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5505
IP address blocks: 188.130.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:14:81:48:0a:4d:e5:cb:ed:03:d6:63:b8:30:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jan 2 00:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b83388891d02b18b51c7a6e9e541b8cdc716d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:af:4e:3a:9b:13:3d:97:cc:be:2f:a8:a0:25:
7d:48:4d:e6:30:45:2e:de:a2:25:a5:19:64:8e:5c:
33:66:1a:5b:6f:d0:65:a7:49:61:04:32:d6:30:64:
7e:9f:ac:e8:2f:1c:10:ac:c0:8f:45:dc:fd:5b:08:
83:21:b0:e5:7d:f1:cb:db:c7:7d:d9:d4:eb:84:cb:
23:05:81:27:0a:8f:e8:76:32:12:d0:55:91:ff:2f:
aa:02:2c:9b:61:bc:b3:34:10:23:02:27:80:65:f6:
e2:bf:a3:fd:10:1e:aa:2e:c9:cb:36:3c:c3:a0:e5:
2a:e4:9e:b2:5e:e1:d9:fb:41:4d:59:55:00:01:75:
e8:c0:1c:8f:1e:f5:ac:e3:c7:68:c1:d5:ee:df:f3:
ad:5e:9c:8d:8f:5f:55:c3:68:1b:07:f1:1b:cf:bc:
7b:2d:6d:00:09:d2:81:12:21:a6:d0:48:55:e0:0c:
f2:85:b6:84:0e:de:fa:81:72:13:42:40:75:8d:6f:
b4:5e:87:d4:f7:39:95:5a:c8:1f:31:10:b0:3a:c5:
45:0e:9d:ff:4b:8d:2b:01:14:6d:97:44:37:4e:e7:
4e:aa:18:c7:22:dd:41:61:10:91:9a:6b:40:ea:eb:
7b:a1:74:d9:2d:98:46:51:f2:da:29:a9:2e:66:94:
4e:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:83:38:88:91:D0:2B:18:B5:1C:7A:6E:9E:54:1B:8C:DC:71:6D:65
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/S4M4iJHQKxi1HHpunlQbjNxxbWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.130.247.0/24
Signature Algorithm: sha256WithRSAEncryption
83:9e:11:ae:c0:24:85:6d:1a:ac:6b:80:ba:33:46:fc:c9:49:
2a:fd:ee:5a:2d:8b:3a:74:54:91:af:5f:46:94:c6:b1:56:16:
21:02:3e:92:50:d6:e9:97:22:f7:f3:c4:10:1f:ef:02:98:ae:
02:d5:d7:cb:40:81:7b:9d:29:b7:7c:45:96:3a:64:c9:0e:1b:
2c:22:4f:07:fb:a9:3e:f8:aa:76:2e:c6:c6:61:06:d6:f6:de:
ff:60:cf:d6:4e:7e:6e:ac:54:34:66:c6:6a:48:dc:e7:f8:a2:
04:e4:85:94:d7:a0:7a:4b:2d:63:2e:6d:8d:48:cd:5d:db:b6:
ee:2a:ec:6b:37:76:ce:a4:ea:ef:e8:ab:26:58:29:88:21:f4:
34:d4:d3:c8:61:e7:19:76:bb:ca:14:b4:8e:1d:ae:7d:9c:29:
82:86:2f:f0:5a:1d:61:74:03:64:ca:78:f2:38:68:fc:cf:7e:
f6:be:38:a8:52:44:55:19:73:7b:cc:43:c9:35:8f:4f:4e:b9:
f0:e5:48:7c:87:92:29:d9:e1:0f:27:16:36:35:7c:9e:4f:f7:
f1:59:83:1c:b1:13:23:9a:a0:6e:66:38:a3:1b:7a:86:71:01:
ff:89:dc:c7:29:da:0c:05:26:bb:e2:ae:7a:a2:88:6c:51:7a:
2e:0b:c0:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlBSBSApN5cvtA9ZjuDApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwMTAyMDAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjgzMzg4ODkxZDAyYjE4YjUxYzdhNmU5ZTU0MWI4Y2RjNzE2ZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAua9OOpsTPZfMvi+ooCV9SE3mMEUu
3qIlpRlkjlwzZhpbb9Blp0lhBDLWMGR+n6zoLxwQrMCPRdz9WwiDIbDlffHL28d9
2dTrhMsjBYEnCo/odjIS0FWR/y+qAiybYbyzNBAjAieAZfbiv6P9EB6qLsnLNjzD
oOUq5J6yXuHZ+0FNWVUAAXXowByPHvWs48dowdXu3/OtXpyNj19Vw2gbB/Ebz7x7
LW0ACdKBEiGm0EhV4AzyhbaEDt76gXITQkB1jW+0XofU9zmVWsgfMRCwOsVFDp3/
S40rARRtl0Q3TudOqhjHIt1BYRCRmmtA6ut7oXTZLZhGUfLaKakuZpROIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEuDOIiR0CsYtRx6bp5UG4zccW1lMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvUzRNNGlKSFFLeGkxSEhwdW5sUWJqTnh4YldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvIL3MA0G
CSqGSIb3DQEBCwUAA4IBAQCDnhGuwCSFbRqsa4C6M0b8yUkq/e5aLYs6dFSRr19G
lMaxVhYhAj6SUNbplyL388QQH+8CmK4C1dfLQIF7nSm3fEWWOmTJDhssIk8H+6k+
+Kp2LsbGYQbW9t7/YM/WTn5urFQ0ZsZqSNzn+KIE5IWU16B6Sy1jLm2NSM1d27bu
KuxrN3bOpOrv6KsmWCmIIfQ01NPIYecZdrvKFLSOHa59nCmChi/wWh1hdANkynjy
OGj8z372vjioUkRVGXN7zEPJNY9PTrnw5Uh8h5Ip2eEPJxY2NXyeT/fxWYMcsRMj
mqBuZjijG3qGcQH/idzHKdoMBSa74q56oohsUXouC8DY
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:46:42 2024 by rpki-client on console-ams.rpki-client.org