Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/n5JASCkWUx4SgnsseQ3nVkN1mlY.roa
File: n5JASCkWUx4SgnsseQ3nVkN1mlY.roa (raw, json)
Hash identifier: pBu1gKTg6Fwzt9vpYlkOxUt+OBvggWXTZNMpjSUCC8A=
Subject key identifier: 9F:92:40:48:29:16:53:1E:12:82:7B:2C:79:0D:E7:56:43:75:9A:56
Certificate issuer: /CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
Certificate serial: 018CC5DC84BF7452EC05C8639A028BEC3539
Authority key identifier: FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/n5JASCkWUx4SgnsseQ3nVkN1mlY.roa
Signing time: Mon 01 Jan 2024 16:30:12 +0000
ROA not before: Mon 01 Jan 2024 16:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31433
IP address blocks: 185.100.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:84:bf:74:52:ec:05:c8:63:9a:02:8b:ec:35:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa70b42d7af6ad78222b30f05f2b7913f8063570
Validity
Not Before: Jan 1 16:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f9240482916531e12827b2c790de75643759a56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:04:0b:a1:f7:76:c6:02:af:76:7a:ee:47:f2:
9d:30:b0:9a:df:e7:84:2d:f6:9a:8a:65:08:a7:5a:
d7:9d:7b:97:ad:50:6a:74:3e:b4:3b:45:aa:4d:cf:
6d:39:c9:fd:c2:ad:e8:bf:71:b5:25:f9:97:8c:1c:
a0:ba:8a:3f:55:99:7f:ba:43:a1:b4:36:ea:b6:59:
f9:f5:51:e4:2b:00:e2:eb:6e:b0:c4:0d:4e:19:c8:
49:22:cf:0c:98:7c:dc:a2:cb:14:2a:6e:01:78:19:
b6:e8:c4:2e:e7:2e:01:65:ea:ca:a3:7b:cc:aa:1d:
8d:fc:01:79:34:cf:58:b5:3c:7f:c0:0c:33:92:ad:
d9:3b:01:e6:81:86:b3:5f:cb:db:c7:9c:e1:fe:84:
eb:98:b8:f1:41:ca:19:5c:1f:76:db:7d:01:e9:d9:
64:86:46:08:5c:a5:3a:d8:41:0c:99:14:f0:4f:25:
95:b0:d7:e9:4b:41:56:0e:72:d5:6e:75:b3:2a:e6:
65:fd:1c:73:c2:02:c2:d9:4f:89:24:ae:56:de:51:
65:15:6c:f9:44:57:3d:16:e4:09:8b:bb:b3:db:c6:
cb:b0:04:22:ef:2e:4b:18:0c:5c:cd:99:a6:e3:bd:
c2:c8:28:f0:e9:04:28:84:9f:40:0d:7c:31:ea:f1:
10:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:92:40:48:29:16:53:1E:12:82:7B:2C:79:0D:E7:56:43:75:9A:56
X509v3 Authority Key Identifier:
keyid:FA:70:B4:2D:7A:F6:AD:78:22:2B:30:F0:5F:2B:79:13:F8:06:35:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/n5JASCkWUx4SgnsseQ3nVkN1mlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d3bfe6-78b5-437b-98e9-b914159ba8ad/1/1-nC0LXr2rXgiKzDwXyt5E_gGNXA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.192.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:08:b7:8d:2a:77:a0:86:ea:35:07:72:e3:27:2c:1e:29:30:
c5:07:14:51:e8:fb:9f:f8:b7:bf:79:f9:72:28:3c:5e:d4:f6:
aa:18:f2:b1:78:17:8b:83:23:2d:f1:2b:f8:b4:77:de:d3:ec:
a8:8a:e9:22:0e:b5:7e:a8:2d:1e:ba:01:90:c7:09:3c:ab:b1:
ae:f0:47:ad:57:ce:5f:0c:84:16:89:5d:98:8d:17:2f:60:ef:
fc:8a:52:93:17:fa:f9:37:61:ab:5b:8d:e7:a2:93:e1:09:cb:
73:98:a8:ae:8e:3f:e9:bf:65:4d:60:26:7b:81:ad:a4:2f:37:
8d:b3:9d:4f:ce:2e:4c:7a:6e:23:5c:5a:e3:39:59:77:90:38:
12:4a:71:87:53:43:be:f1:f6:53:03:76:0a:a0:0f:55:6a:b1:
0f:b7:51:ff:3c:a9:4f:dc:26:3b:68:cf:d9:27:2f:65:f1:24:
e7:62:78:5f:57:3b:66:32:85:e8:ec:76:fc:45:42:f7:c8:66:
c7:3e:70:4e:c7:c2:1a:ac:e7:72:ed:65:15:3f:0d:e1:cd:e0:
e8:84:14:82:d2:e2:12:fe:00:dc:a2:76:1d:b0:be:40:dd:c1:
ca:c9:a7:cc:7c:86:0d:64:19:c8:b1:c3:ad:8b:5d:d1:74:85:
e2:c1:ea:9c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzF3IS/dFLsBchjmgKL7DU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNzBiNDJkN2FmNmFkNzgyMjJiMzBmMDVmMmI3OTEzZjgw
NjM1NzAwHhcNMjQwMTAxMTYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjkyNDA0ODI5MTY1MzFlMTI4MjdiMmM3OTBkZTc1NjQzNzU5YTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QQLofd2xgKvdnruR/KdMLCa3+eE
LfaaimUIp1rXnXuXrVBqdD60O0WqTc9tOcn9wq3ov3G1JfmXjByguoo/VZl/ukOh
tDbqtln59VHkKwDi626wxA1OGchJIs8MmHzcossUKm4BeBm26MQu5y4BZerKo3vM
qh2N/AF5NM9YtTx/wAwzkq3ZOwHmgYazX8vbx5zh/oTrmLjxQcoZXB92230B6dlk
hkYIXKU62EEMmRTwTyWVsNfpS0FWDnLVbnWzKuZl/RxzwgLC2U+JJK5W3lFlFWz5
RFc9FuQJi7uz28bLsAQi7y5LGAxczZmm473CyCjw6QQohJ9ADXwx6vEQnwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJ+SQEgpFlMeEoJ7LHkN51ZDdZpWMB8GA1UdIwQY
MBaAFPpwtC169q14Iisw8F8reRP4BjVwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1uQzBMWHIyclhnaUt6RHdYeXQ1RV9nR05YQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEvZDNiZmU2LTc4YjUtNDM3Yi05OGU5
LWI5MTQxNTliYThhZC8xL241SkFTQ2tXVXg0U2duc3NlUTNuVmtOMW1sWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmEvZDNiZmU2LTc4YjUtNDM3Yi05OGU5LWI5MTQxNTliYThh
ZC8xLzEtbkMwTFhyMnJYZ2lLekR3WHl0NUVfZ0dOWEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5ZMAw
DQYJKoZIhvcNAQELBQADggEBAKMIt40qd6CG6jUHcuMnLB4pMMUHFFHo+5/4t795
+XIoPF7U9qoY8rF4F4uDIy3xK/i0d97T7KiK6SIOtX6oLR66AZDHCTyrsa7wR61X
zl8MhBaJXZiNFy9g7/yKUpMX+vk3Yatbjeeik+EJy3OYqK6OP+m/ZU1gJnuBraQv
N42znU/OLkx6biNcWuM5WXeQOBJKcYdTQ77x9lMDdgqgD1VqsQ+3Uf88qU/cJjto
z9knL2XxJOdieF9XO2YyhejsdvxFQvfIZsc+cE7Hwhqs53LtZRU/DeHN4OiEFILS
4hL+ANyidh2wvkDdwcrJp8x8hg1kGcixw62LXdF0heLB6pw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:00:11 2024 by rpki-client on console-fra.rpki-client.org