Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/RenWDpozyC5sgcprdsahUMIb1Ls.roa
File: RenWDpozyC5sgcprdsahUMIb1Ls.roa (raw, json)
Hash identifier: 89EF/ynW0vJdiNlY4AynWQ3bC255q+znq9UgZWd2R9U=
Subject key identifier: 45:E9:D6:0E:9A:33:C8:2E:6C:81:CA:6B:76:C6:A1:50:C2:1B:D4:BB
Certificate issuer: /CN=50bb4c781a5b393ff07fb405e528179f5ab87726
Certificate serial: 018CC8DF982D70565253D371C4D802F6D62C
Authority key identifier: 50:BB:4C:78:1A:5B:39:3F:F0:7F:B4:05:E5:28:17:9F:5A:B8:77:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULtMeBpbOT_wf7QF5SgXn1q4dyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/RenWDpozyC5sgcprdsahUMIb1Ls.roa
Signing time: Tue 02 Jan 2024 06:32:25 +0000
ROA not before: Tue 02 Jan 2024 06:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1103
IP address blocks: 129.125.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/ULtMeBpbOT_wf7QF5SgXn1q4dyY.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/ULtMeBpbOT_wf7QF5SgXn1q4dyY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ULtMeBpbOT_wf7QF5SgXn1q4dyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 03:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:98:2d:70:56:52:53:d3:71:c4:d8:02:f6:d6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50bb4c781a5b393ff07fb405e528179f5ab87726
Validity
Not Before: Jan 2 06:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45e9d60e9a33c82e6c81ca6b76c6a150c21bd4bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bd:13:9c:31:87:dc:c0:32:d2:0f:fe:9c:08:
78:8f:17:99:af:47:c1:fa:0b:10:2a:f1:93:4c:6e:
c0:98:03:49:23:14:2e:a5:d7:8f:ba:d1:97:cc:d9:
7e:87:6e:90:53:67:12:92:0b:17:d4:b8:07:e4:2b:
8c:ca:65:54:69:14:bc:80:03:a5:0f:5a:99:4c:6c:
db:85:96:85:aa:71:fb:53:bf:27:a8:3e:ef:a6:24:
36:97:3a:95:34:9f:42:88:70:2f:fd:d3:18:e0:93:
10:47:a8:b6:d5:6c:91:ba:4d:cc:da:a9:04:67:4d:
6e:d6:2b:fb:d2:e5:72:26:14:18:54:51:4f:03:ee:
ae:25:f1:31:64:93:d3:32:89:6e:55:3d:b3:2c:c7:
2d:e6:f5:f2:6c:72:78:56:b8:2b:45:4d:3a:59:a6:
b2:90:38:64:fc:3f:aa:49:ef:f5:3d:24:c5:4d:92:
91:a3:01:38:7b:18:55:0e:1d:4c:5c:ea:8b:3e:ef:
fa:63:99:5f:ae:e3:69:64:b0:56:f7:f6:1b:b9:3a:
df:fd:fd:2e:d5:8a:c5:2d:e7:ac:c9:81:57:44:3c:
f8:8d:bf:0f:76:9c:3f:f9:97:61:95:75:ce:31:1b:
e8:95:4b:51:dd:39:4d:c6:a1:e6:2d:93:af:c6:3a:
95:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E9:D6:0E:9A:33:C8:2E:6C:81:CA:6B:76:C6:A1:50:C2:1B:D4:BB
X509v3 Authority Key Identifier:
keyid:50:BB:4C:78:1A:5B:39:3F:F0:7F:B4:05:E5:28:17:9F:5A:B8:77:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULtMeBpbOT_wf7QF5SgXn1q4dyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/RenWDpozyC5sgcprdsahUMIb1Ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/1b138e-1e19-4c7d-8ca4-b87f91c29b9e/1/ULtMeBpbOT_wf7QF5SgXn1q4dyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:c1:38:22:6a:f4:ae:29:c5:89:7d:85:95:59:bf:ec:69:9e:
eb:d6:dc:da:b7:b3:69:d4:65:5b:f2:d0:2a:50:ad:bf:bf:20:
d7:97:ae:2b:56:3e:40:0c:bb:03:b6:7f:df:56:b2:50:06:6d:
47:20:1b:9f:1b:d1:c9:b5:c5:2e:a3:4f:b4:2a:84:ff:4b:e1:
1d:c0:ee:f2:a8:42:51:1e:b8:74:f5:39:b9:d5:1b:13:f8:7b:
ce:20:9b:8c:78:34:1c:5a:91:74:54:4e:fa:2a:66:91:cc:d3:
83:6a:71:e9:00:08:0c:3d:ae:ee:ee:c0:6b:b5:a8:03:d7:d2:
68:32:82:8e:76:52:e2:27:fe:6b:0a:de:98:34:0a:d0:68:6b:
16:e5:7f:c7:59:24:e2:1b:0d:30:a6:0f:37:46:4a:2b:c8:b5:
53:bd:b1:3e:e0:f0:8f:f0:cd:a3:46:1d:4d:11:29:c2:74:d2:
be:b4:b2:ef:c4:0c:94:d9:d4:8f:c6:3f:d2:c9:bc:2c:07:07:
69:53:8c:54:78:08:94:a6:45:62:28:15:27:d9:51:77:99:e3:
bb:f7:29:1e:49:95:c0:7a:1d:46:e4:65:7b:47:b3:c9:b1:c3:
f0:b8:d3:86:e7:68:1b:6f:e9:e8:ee:da:2b:5c:36:7e:5a:c1:
a1:7e:31:18
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzI35gtcFZSU9NxxNgC9tYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYmI0Yzc4MWE1YjM5M2ZmMDdmYjQwNWU1MjgxNzlmNWFi
ODc3MjYwHhcNMjQwMTAyMDYzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWU5ZDYwZTlhMzNjODJlNmM4MWNhNmI3NmM2YTE1MGMyMWJkNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz70TnDGH3MAy0g/+nAh4jxeZr0fB
+gsQKvGTTG7AmANJIxQupdePutGXzNl+h26QU2cSkgsX1LgH5CuMymVUaRS8gAOl
D1qZTGzbhZaFqnH7U78nqD7vpiQ2lzqVNJ9CiHAv/dMY4JMQR6i21WyRuk3M2qkE
Z01u1iv70uVyJhQYVFFPA+6uJfExZJPTMoluVT2zLMct5vXybHJ4VrgrRU06Waay
kDhk/D+qSe/1PSTFTZKRowE4exhVDh1MXOqLPu/6Y5lfruNpZLBW9/YbuTrf/f0u
1YrFLeesyYFXRDz4jb8Pdpw/+ZdhlXXOMRvolUtR3TlNxqHmLZOvxjqV3wIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEXp1g6aM8gubIHKa3bGoVDCG9S7MB8GA1UdIwQY
MBaAFFC7THgaWzk/8H+0BeUoF59auHcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUx0TWVCcGJPVF93ZjdRRjVTZ1huMXE0ZHlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8xYjEzOGUtMWUxOS00YzdkLThjYTQt
Yjg3ZjkxYzI5YjllLzEvUmVuV0Rwb3p5QzVzZ2NwcmRzYWhVTUliMUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8xYjEzOGUtMWUxOS00YzdkLThjYTQtYjg3ZjkxYzI5Yjll
LzEvVUx0TWVCcGJPVF93ZjdRRjVTZ1huMXE0ZHlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAgX0wDQYJ
KoZIhvcNAQELBQADggEBAHbBOCJq9K4pxYl9hZVZv+xpnuvW3Nq3s2nUZVvy0CpQ
rb+/INeXritWPkAMuwO2f99WslAGbUcgG58b0cm1xS6jT7QqhP9L4R3A7vKoQlEe
uHT1ObnVGxP4e84gm4x4NBxakXRUTvoqZpHM04NqcekACAw9ru7uwGu1qAPX0mgy
go52UuIn/msK3pg0CtBoaxblf8dZJOIbDTCmDzdGSivItVO9sT7g8I/wzaNGHU0R
KcJ00r60su/EDJTZ1I/GP9LJvCwHB2lTjFR4CJSmRWIoFSfZUXeZ47v3KR5JlcB6
HUbkZXtHs8mxw/C404bnaBtv6eju2itcNn5awaF+MRg=
-----END CERTIFICATE-----
Generated at Tue Nov 26 12:32:59 2024 by rpki-client on console-ams.rpki-client.org