Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/X3dyIGOpQtITHllmxWgQJpnMhDk.roa
File: X3dyIGOpQtITHllmxWgQJpnMhDk.roa (raw, json)
Hash identifier: n3cpzsZSbYMKUN/zaDZI7gF3cG+prsQRz8zf0YWS6Yo=
Subject key identifier: 5F:77:72:20:63:A9:42:D2:13:1E:59:66:C5:68:10:26:99:CC:84:39
Certificate issuer: /CN=42217a2d513a9fb0fce1a1cfc2b3c05c018bd8c1
Certificate serial: 018CC5DC9083537B75655CEAA34C8ED0DF6E
Authority key identifier: 42:21:7A:2D:51:3A:9F:B0:FC:E1:A1:CF:C2:B3:C0:5C:01:8B:D8:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QiF6LVE6n7D84aHPwrPAXAGL2ME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/X3dyIGOpQtITHllmxWgQJpnMhDk.roa
Signing time: Mon 01 Jan 2024 16:30:15 +0000
ROA not before: Mon 01 Jan 2024 16:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 193.188.196.0/24 maxlen: 24
2001:67c:b80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/QiF6LVE6n7D84aHPwrPAXAGL2ME.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/QiF6LVE6n7D84aHPwrPAXAGL2ME.mft
rsync://rpki.ripe.net/repository/DEFAULT/QiF6LVE6n7D84aHPwrPAXAGL2ME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:90:83:53:7b:75:65:5c:ea:a3:4c:8e:d0:df:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42217a2d513a9fb0fce1a1cfc2b3c05c018bd8c1
Validity
Not Before: Jan 1 16:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f77722063a942d2131e5966c568102699cc8439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:12:7a:67:cd:dc:2a:9e:b0:29:bc:31:43:8c:
cc:48:3b:d0:72:df:3e:c0:18:60:7f:14:65:de:ac:
ec:47:4c:ec:fc:4e:bd:b0:77:20:ef:a1:49:b4:46:
b4:be:39:ba:2d:6d:98:c9:d8:f6:02:75:47:ec:a4:
31:c6:20:72:eb:06:6f:9c:29:c2:e6:6a:b1:80:b1:
5a:65:ed:00:c4:35:00:be:2f:9c:11:95:c8:aa:de:
a4:22:5a:aa:bd:90:c5:45:48:e0:a7:5b:f9:86:4e:
0a:fa:d3:01:fa:90:34:8b:f7:cf:5f:47:56:2c:b8:
bf:48:6e:1c:dd:ad:3f:03:66:68:15:76:eb:a7:eb:
b8:87:46:eb:03:f9:00:0f:61:89:61:2e:38:5d:17:
a1:69:21:7f:f1:fa:94:2e:61:e8:e5:31:30:80:5d:
c5:61:7d:d0:c4:be:07:70:f2:2d:65:f1:c6:97:61:
ef:96:1b:ff:c7:60:ca:55:0c:13:b9:1b:48:53:bb:
9d:2a:79:62:36:70:96:52:4a:a2:9b:43:cd:d6:ce:
bc:77:de:5d:25:fb:4f:6a:ed:b0:f7:cd:7e:4e:5b:
39:53:51:da:56:51:0a:b3:91:6f:c7:dc:6a:20:d2:
b3:a2:e5:c4:e3:af:50:36:df:d4:85:3d:b0:0b:ea:
ec:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:77:72:20:63:A9:42:D2:13:1E:59:66:C5:68:10:26:99:CC:84:39
X509v3 Authority Key Identifier:
keyid:42:21:7A:2D:51:3A:9F:B0:FC:E1:A1:CF:C2:B3:C0:5C:01:8B:D8:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QiF6LVE6n7D84aHPwrPAXAGL2ME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/X3dyIGOpQtITHllmxWgQJpnMhDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/f12551-20cc-4218-a426-f41d6c0c84b6/1/QiF6LVE6n7D84aHPwrPAXAGL2ME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.188.196.0/24
IPv6:
2001:67c:b80::/48
Signature Algorithm: sha256WithRSAEncryption
b3:ce:7e:b2:5a:51:27:75:91:e6:36:e2:e4:6a:7d:e7:6e:58:
09:2d:70:03:63:72:ba:81:63:9d:f4:88:6b:84:9e:22:65:d6:
b2:5c:c1:30:33:2c:bc:af:ff:58:96:06:c4:53:15:88:5d:59:
b0:a8:31:9a:9d:3c:eb:a7:ee:40:40:5c:b2:d9:bd:b9:68:1d:
8c:68:e7:6d:a7:32:09:95:54:0f:be:e3:3f:e2:42:fd:97:da:
3d:7f:ec:75:5b:cc:04:db:4e:e8:19:e4:da:9e:f3:3f:1c:6d:
b2:7b:ca:8d:2c:d0:c0:86:27:c7:02:59:5b:78:60:1b:30:a9:
26:9c:a6:9a:19:22:b9:c7:10:70:54:d8:12:c3:9a:dc:18:b8:
31:28:8c:f0:97:51:a6:67:fe:b9:13:fb:74:77:f8:58:fb:c2:
9c:12:f9:b6:96:08:e6:ed:77:82:fe:a4:79:7c:42:9e:97:02:
73:bd:ea:9b:e1:3f:16:9f:2b:5e:c9:7b:b7:fe:23:78:79:f5:
af:94:d8:00:f1:a9:d2:23:3b:e3:74:1e:3a:45:93:d1:af:39:
5c:02:72:07:7c:e6:52:19:a8:38:eb:34:ee:fa:53:70:7e:30:
44:f1:82:f1:97:a1:9c:74:8c:fd:61:bd:83:6b:4c:13:67:36:
3e:50:32:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3JCDU3t1ZVzqo0yO0N9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMjE3YTJkNTEzYTlmYjBmY2UxYTFjZmMyYjNjMDVjMDE4
YmQ4YzEwHhcNMjQwMTAxMTYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc3NzIyMDYzYTk0MmQyMTMxZTU5NjZjNTY4MTAyNjk5Y2M4NDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBJ6Z83cKp6wKbwxQ4zMSDvQct8+
wBhgfxRl3qzsR0zs/E69sHcg76FJtEa0vjm6LW2Yydj2AnVH7KQxxiBy6wZvnCnC
5mqxgLFaZe0AxDUAvi+cEZXIqt6kIlqqvZDFRUjgp1v5hk4K+tMB+pA0i/fPX0dW
LLi/SG4c3a0/A2ZoFXbrp+u4h0brA/kAD2GJYS44XRehaSF/8fqULmHo5TEwgF3F
YX3QxL4HcPItZfHGl2Hvlhv/x2DKVQwTuRtIU7udKnliNnCWUkqim0PN1s68d95d
JftPau2w981+Tls5U1HaVlEKs5Fvx9xqINKzouXE469QNt/UhT2wC+rs7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF93ciBjqULSEx5ZZsVoECaZzIQ5MB8GA1UdIwQY
MBaAFEIhei1ROp+w/OGhz8KzwFwBi9jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWlGNkxWRTZuN0Q4NGFIUHdyUEFYQUdMMk1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9mMTI1NTEtMjBjYy00MjE4LWE0MjYt
ZjQxZDZjMGM4NGI2LzEvWDNkeUlHT3BRdElUSGxsbXhXZ1FKcG5NaERrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9mMTI1NTEtMjBjYy00MjE4LWE0MjYtZjQxZDZjMGM4NGI2
LzEvUWlGNkxWRTZuN0Q4NGFIUHdyUEFYQUdMMk1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwbzEMA8E
AgACMAkDBwAgAQZ8C4AwDQYJKoZIhvcNAQELBQADggEBALPOfrJaUSd1keY24uRq
feduWAktcANjcrqBY530iGuEniJl1rJcwTAzLLyv/1iWBsRTFYhdWbCoMZqdPOun
7kBAXLLZvbloHYxo522nMgmVVA++4z/iQv2X2j1/7HVbzATbTugZ5Nqe8z8cbbJ7
yo0s0MCGJ8cCWVt4YBswqSacppoZIrnHEHBU2BLDmtwYuDEojPCXUaZn/rkT+3R3
+Fj7wpwS+baWCObtd4L+pHl8Qp6XAnO96pvhPxafK17Je7f+I3h59a+U2ADxqdIj
O+N0HjpFk9GvOVwCcgd85lIZqDjrNO76U3B+METxgvGXoZx0jP1hvYNrTBNnNj5Q
Mu8=
-----END CERTIFICATE-----
Generated at Sun May 12 20:57:57 2024 by rpki-client on console-ams.rpki-client.org