Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/V1-RA5UhLbt5fQNNb8BDNPf3TVw.roa
File: V1-RA5UhLbt5fQNNb8BDNPf3TVw.roa (raw, json)
Hash identifier: oHxFkGdXz6+irsKwlvdmJbfmp8bgy4ZpElgxyHWGfw8=
Subject key identifier: 57:5F:91:03:95:21:2D:BB:79:7D:03:4D:6F:C0:43:34:F7:F7:4D:5C
Certificate issuer: /CN=1cd8b25cceac38c99372bf72b00c6c8b6418e923
Certificate serial: 018CC7954E75157AFC9F2B0507EF3D4DF101
Authority key identifier: 1C:D8:B2:5C:CE:AC:38:C9:93:72:BF:72:B0:0C:6C:8B:64:18:E9:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/V1-RA5UhLbt5fQNNb8BDNPf3TVw.roa
Signing time: Tue 02 Jan 2024 00:31:39 +0000
ROA not before: Tue 02 Jan 2024 00:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39686
IP address blocks: 193.53.16.0/22 maxlen: 24
193.53.20.0/23 maxlen: 24
2a00:f620:1::/48 maxlen: 64
2a00:f620:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/HNiyXM6sOMmTcr9ysAxsi2QY6SM.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/HNiyXM6sOMmTcr9ysAxsi2QY6SM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4e:75:15:7a:fc:9f:2b:05:07:ef:3d:4d:f1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cd8b25cceac38c99372bf72b00c6c8b6418e923
Validity
Not Before: Jan 2 00:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=575f910395212dbb797d034d6fc04334f7f74d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2b:5f:59:db:87:da:e2:28:84:c8:16:bb:46:
e7:d4:ee:89:56:09:09:6d:cd:20:b7:14:1b:7f:79:
e0:b6:17:f0:11:58:ee:83:d2:93:93:24:3f:2f:ff:
6b:cd:8b:da:a8:cc:dc:8d:c6:a8:97:ae:8c:59:c8:
e2:9b:93:77:50:01:bb:0d:65:61:d4:13:98:4d:7b:
fc:89:c3:b9:69:2f:e4:1b:5c:09:27:83:ee:90:22:
f1:01:ac:b0:09:d0:87:37:8c:e3:31:83:ef:98:96:
3e:3f:3b:6d:b2:80:56:33:54:d7:4a:d5:e6:f4:04:
40:45:c5:2c:76:45:31:ae:48:ae:21:19:84:77:92:
ee:40:d0:a9:46:21:7c:9d:bd:23:c7:46:c7:a4:5e:
30:95:ab:97:fe:04:61:72:ae:a6:25:f7:27:32:3f:
85:cb:84:61:42:60:7b:8e:b4:71:2d:27:ff:1e:36:
ab:21:64:47:33:03:43:a2:8c:9f:11:4f:2b:39:c6:
40:4a:a5:7e:6f:9f:11:4e:30:66:3c:dd:24:da:13:
87:5b:7a:75:7e:f0:d1:22:91:85:03:be:8f:28:c5:
69:c5:39:14:7e:82:30:25:be:a3:61:f8:94:fd:a6:
62:f9:e1:06:01:62:8f:a9:68:17:3a:ca:3c:00:7f:
24:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:5F:91:03:95:21:2D:BB:79:7D:03:4D:6F:C0:43:34:F7:F7:4D:5C
X509v3 Authority Key Identifier:
keyid:1C:D8:B2:5C:CE:AC:38:C9:93:72:BF:72:B0:0C:6C:8B:64:18:E9:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNiyXM6sOMmTcr9ysAxsi2QY6SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/V1-RA5UhLbt5fQNNb8BDNPf3TVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b6c783-f55d-4ead-8c6a-19633f08ed6a/1/HNiyXM6sOMmTcr9ysAxsi2QY6SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.53.16.0-193.53.21.255
IPv6:
2a00:f620:1::-2a00:f620:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
82:ef:62:3c:90:64:a5:39:58:12:c8:2b:83:aa:bc:38:8a:27:
15:53:36:b4:35:cf:16:0b:3e:dc:b4:a1:c8:8b:35:29:fe:35:
91:c9:f3:60:19:15:e4:75:c0:2a:b1:e1:82:a8:38:a6:c2:c0:
07:2c:b8:ee:ee:f6:ca:de:eb:17:29:c5:2e:cb:e7:fa:9c:a9:
ad:62:58:a2:61:0c:ae:92:ee:75:dc:b2:9d:19:33:ec:8c:f1:
9c:3a:a2:0c:65:43:4e:b6:f7:24:f9:a0:11:9a:f9:e5:2a:d1:
95:43:06:45:78:54:bf:e2:83:b2:02:33:44:ed:44:c1:2a:e5:
e6:9b:eb:d3:e3:a4:dd:a8:5f:78:60:76:73:85:8c:66:fc:05:
c0:1b:94:1d:df:61:cd:bf:93:f3:68:40:3b:c8:0e:22:a8:a1:
ed:26:e5:e3:0f:d1:8c:84:fb:3c:e8:f5:61:a4:ea:4d:7c:74:
22:00:51:92:f4:82:79:0e:de:63:be:de:6c:da:5d:af:bc:fb:
4b:fa:92:e6:27:fc:26:ee:2f:b4:81:37:67:64:6b:44:47:77:
5e:ab:53:b3:5f:e2:86:66:27:c5:74:8f:9e:71:21:b2:6f:d1:
d5:ba:7b:af:fb:b2:03:7d:e2:c1:93:de:52:28:2b:d7:71:f6:
82:d7:0b:c4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzHlU51FXr8nysFB+89TfEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDhiMjVjY2VhYzM4Yzk5MzcyYmY3MmIwMGM2YzhiNjQx
OGU5MjMwHhcNMjQwMTAyMDAzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzVmOTEwMzk1MjEyZGJiNzk3ZDAzNGQ2ZmMwNDMzNGY3Zjc0ZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqStfWduH2uIohMgWu0bn1O6JVgkJ
bc0gtxQbf3ngthfwEVjug9KTkyQ/L/9rzYvaqMzcjcaol66MWcjim5N3UAG7DWVh
1BOYTXv8icO5aS/kG1wJJ4PukCLxAaywCdCHN4zjMYPvmJY+PzttsoBWM1TXStXm
9ARARcUsdkUxrkiuIRmEd5LuQNCpRiF8nb0jx0bHpF4wlauX/gRhcq6mJfcnMj+F
y4RhQmB7jrRxLSf/HjarIWRHMwNDooyfEU8rOcZASqV+b58RTjBmPN0k2hOHW3p1
fvDRIpGFA76PKMVpxTkUfoIwJb6jYfiU/aZi+eEGAWKPqWgXOso8AH8kOQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFdfkQOVIS27eX0DTW/AQzT3901cMB8GA1UdIwQY
MBaAFBzYslzOrDjJk3K/crAMbItkGOkjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5peVhNNnNPTW1UY3I5eXNBeHNpMlFZNlNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9iNmM3ODMtZjU1ZC00ZWFkLThjNmEt
MTk2MzNmMDhlZDZhLzEvVjEtUkE1VWhMYnQ1ZlFOTmI4QkROUGYzVFZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9iNmM3ODMtZjU1ZC00ZWFkLThjNmEtMTk2MzNmMDhlZDZh
LzEvSE5peVhNNnNPTW1UY3I5eXNBeHNpMlFZNlNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBATBNRAD
BAHBNRQwGgQCAAIwFDASAwcAKgD2IAABAwcAKgD2IAACMA0GCSqGSIb3DQEBCwUA
A4IBAQCC72I8kGSlOVgSyCuDqrw4iicVUza0Nc8WCz7ctKHIizUp/jWRyfNgGRXk
dcAqseGCqDimwsAHLLju7vbK3usXKcUuy+f6nKmtYliiYQyuku513LKdGTPsjPGc
OqIMZUNOtvck+aARmvnlKtGVQwZFeFS/4oOyAjNE7UTBKuXmm+vT46TdqF94YHZz
hYxm/AXAG5Qd32HNv5PzaEA7yA4iqKHtJuXjD9GMhPs86PVhpOpNfHQiAFGS9IJ5
Dt5jvt5s2l2vvPtL+pLmJ/wm7i+0gTdnZGtER3deq1OzX+KGZifFdI+ecSGyb9HV
unuv+7IDfeLBk95SKCvXcfaC1wvE
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:35 2024 by rpki-client on console-fra.rpki-client.org