Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/R_Lza2jrfSNLrULh7JcQaui8SEw.roa
File: R_Lza2jrfSNLrULh7JcQaui8SEw.roa (raw, json)
Hash identifier: TNpTRKYXupuzHxQSBg2g/5aMkBjvKGfrKIMQqKH5Jfw=
Subject key identifier: 47:F2:F3:6B:68:EB:7D:23:4B:AD:42:E1:EC:97:10:6A:E8:BC:48:4C
Certificate issuer: /CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Certificate serial: 018CC725A6F72632B69AD7D201C14A71B108
Authority key identifier: 2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/R_Lza2jrfSNLrULh7JcQaui8SEw.roa
Signing time: Mon 01 Jan 2024 22:29:42 +0000
ROA not before: Mon 01 Jan 2024 22:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20760
IP address blocks: 193.127.0.0/16 maxlen: 24
193.201.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 13:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a6:f7:26:32:b6:9a:d7:d2:01:c1:4a:71:b1:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3b0ae5b7f781122c709a2650adf9729187e1e1
Validity
Not Before: Jan 1 22:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=47f2f36b68eb7d234bad42e1ec97106ae8bc484c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ca:30:30:a5:2f:69:34:12:32:19:ce:89:36:
5f:4a:8c:09:85:32:ef:35:e4:a0:47:6d:fd:96:39:
7f:ae:7f:84:28:f2:c9:48:29:b2:11:3b:ad:da:71:
6f:4a:7d:ba:59:ce:02:6b:43:14:1b:0b:1f:04:68:
0f:ae:4b:9c:82:5c:ca:94:58:54:37:f5:35:00:a9:
60:b7:19:ac:db:f1:af:ee:d5:60:e6:a6:6c:f1:3b:
9e:06:82:dc:cb:38:7e:1d:65:bc:6f:bc:b2:5e:91:
f5:a0:6f:9f:39:28:67:ab:12:13:40:c0:3e:4d:7b:
f7:95:b2:69:16:5b:11:16:a8:75:7f:12:a6:ee:d6:
fe:7f:a3:69:3a:6a:02:98:df:84:76:2e:f1:f0:18:
4f:be:8b:01:3c:1b:63:18:da:a0:82:6e:c0:ec:cb:
ce:3f:35:60:f3:86:0c:57:71:24:ca:21:91:77:40:
c5:5d:c0:96:db:a8:8d:7e:0c:0b:9f:b7:62:35:77:
99:17:f9:b1:39:27:82:6b:c2:1f:f7:24:e2:b2:79:
39:2c:08:db:62:8d:ce:5b:da:45:6d:dd:ad:e3:7d:
9f:28:80:bd:cc:1d:eb:db:52:bc:d7:90:6e:f5:9c:
d4:45:a3:ee:16:5b:c3:0b:bc:63:2f:8f:8e:0f:53:
7a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F2:F3:6B:68:EB:7D:23:4B:AD:42:E1:EC:97:10:6A:E8:BC:48:4C
X509v3 Authority Key Identifier:
keyid:2C:3B:0A:E5:B7:F7:81:12:2C:70:9A:26:50:AD:F9:72:91:87:E1:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDsK5bf3gRIscJomUK35cpGH4eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/R_Lza2jrfSNLrULh7JcQaui8SEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/53e26b-e7ee-473e-a54a-ffcca3e1f17f/1/LDsK5bf3gRIscJomUK35cpGH4eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.127.0.0/16
193.201.108.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:e1:70:c4:23:cb:54:aa:d8:6d:ca:ba:26:66:6e:1f:f9:77:
1a:f5:29:ee:77:44:eb:40:ab:ee:49:bd:24:49:b9:8b:b2:92:
a4:c2:c0:43:40:dc:d6:15:c6:fc:69:17:79:61:68:84:16:33:
99:d3:f2:7b:27:c2:c1:b5:28:cb:d9:87:19:f5:5a:3d:58:69:
ec:ab:18:f3:e8:1f:0d:62:82:9a:1c:73:cd:84:9b:c2:da:95:
8c:e6:18:48:6e:81:9d:76:28:47:77:b4:b0:e5:9d:d5:8b:b5:
2d:6f:ca:a4:eb:42:f8:34:c7:e6:cf:8b:a4:e5:64:6a:9c:f5:
d0:da:3c:a0:cc:bd:de:93:54:ca:d2:07:ad:bf:56:cb:50:c2:
f2:02:9d:23:4e:4e:b3:e2:99:d1:a8:4c:a4:d6:e1:01:48:a2:
79:d1:70:e7:f3:5c:bd:d8:43:1d:d8:68:20:0a:03:4f:8b:61:
45:7e:c1:cc:f7:c9:67:4a:f5:8c:d4:b3:48:f9:17:33:e1:0e:
2f:3e:40:e7:e5:8e:44:23:11:0d:a8:56:2b:d8:22:b7:68:c4:
03:29:56:c1:76:e8:55:a4:e5:ab:a4:4d:4a:ef:b5:ff:61:b4:
fe:04:13:e6:e9:c9:52:80:95:de:f6:ee:01:df:eb:ad:83:2a:
63:5f:5a:13
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzHJab3JjK2mtfSAcFKcbEIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjM2IwYWU1YjdmNzgxMTIyYzcwOWEyNjUwYWRmOTcyOTE4
N2UxZTEwHhcNMjQwMTAxMjIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2YyZjM2YjY4ZWI3ZDIzNGJhZDQyZTFlYzk3MTA2YWU4YmM0ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsowMKUvaTQSMhnOiTZfSowJhTLv
NeSgR239ljl/rn+EKPLJSCmyETut2nFvSn26Wc4Ca0MUGwsfBGgPrkucglzKlFhU
N/U1AKlgtxms2/Gv7tVg5qZs8TueBoLcyzh+HWW8b7yyXpH1oG+fOShnqxITQMA+
TXv3lbJpFlsRFqh1fxKm7tb+f6NpOmoCmN+Edi7x8BhPvosBPBtjGNqggm7A7MvO
PzVg84YMV3EkyiGRd0DFXcCW26iNfgwLn7diNXeZF/mxOSeCa8If9yTisnk5LAjb
Yo3OW9pFbd2t432fKIC9zB3r21K815Bu9ZzURaPuFlvDC7xjL4+OD1N6zQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFEfy82to630jS61C4eyXEGrovEhMMB8GA1UdIwQY
MBaAFCw7CuW394ESLHCaJlCt+XKRh+HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEt
ZmZjY2EzZTFmMTdmLzEvUl9MemEyanJmU05MclVMaDdKY1FhdWk4U0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi81M2UyNmItZTdlZS00NzNlLWE1NGEtZmZjY2EzZTFmMTdm
LzEvTERzSzViZjNnUklzY0pvbVVLMzVjcEdINGVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAwX8DBADB
yWwwDQYJKoZIhvcNAQELBQADggEBAH7hcMQjy1Sq2G3KuiZmbh/5dxr1Ke53ROtA
q+5JvSRJuYuykqTCwENA3NYVxvxpF3lhaIQWM5nT8nsnwsG1KMvZhxn1Wj1Yaeyr
GPPoHw1igpocc82Em8LalYzmGEhugZ12KEd3tLDlndWLtS1vyqTrQvg0x+bPi6Tl
ZGqc9dDaPKDMvd6TVMrSB62/VstQwvICnSNOTrPimdGoTKTW4QFIonnRcOfzXL3Y
Qx3YaCAKA0+LYUV+wcz3yWdK9YzUs0j5FzPhDi8+QOfljkQjEQ2oVivYIrdoxAMp
VsF26FWk5aukTUrvtf9htP4EE+bpyVKAld727gHf662DKmNfWhM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:38:12 2024 by rpki-client on console-ams.rpki-client.org