Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/R0xLAxf49L1rSNYlvgW_WIqbWTY.roa
File: R0xLAxf49L1rSNYlvgW_WIqbWTY.roa (raw, json)
Hash identifier: obbHXsTu+Zyw79jtyHMHAN3sdGp7XCC4dy+SyONt8ME=
Subject key identifier: 47:4C:4B:03:17:F8:F4:BD:6B:48:D6:25:BE:05:BF:58:8A:9B:59:36
Certificate issuer: /CN=b799ac989c44b2e1cdabc258e96ca93caad4bd64
Certificate serial: 018CC6B7B893B40E2C644907B1A6C3DCD9D6
Authority key identifier: B7:99:AC:98:9C:44:B2:E1:CD:AB:C2:58:E9:6C:A9:3C:AA:D4:BD:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t5msmJxEsuHNq8JY6WypPKrUvWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/R0xLAxf49L1rSNYlvgW_WIqbWTY.roa
Signing time: Mon 01 Jan 2024 20:29:38 +0000
ROA not before: Mon 01 Jan 2024 20:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204517
IP address blocks: 185.242.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/t5msmJxEsuHNq8JY6WypPKrUvWQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/t5msmJxEsuHNq8JY6WypPKrUvWQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/t5msmJxEsuHNq8JY6WypPKrUvWQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:b8:93:b4:0e:2c:64:49:07:b1:a6:c3:dc:d9:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b799ac989c44b2e1cdabc258e96ca93caad4bd64
Validity
Not Before: Jan 1 20:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=474c4b0317f8f4bd6b48d625be05bf588a9b5936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5d:4a:c9:6a:52:5b:17:a4:c2:63:0e:a8:73:
86:95:44:8d:3d:44:1f:69:85:51:7d:5a:19:67:ed:
11:4b:3d:de:b6:14:ba:c6:48:ff:45:8e:9d:07:68:
a1:04:f3:57:69:46:90:65:df:a5:17:ee:10:11:d3:
c4:75:0e:9c:4e:b4:b6:52:eb:c7:6d:58:30:18:99:
4d:ba:79:14:3b:d5:44:70:9c:f3:19:0e:19:32:5b:
30:59:99:f5:a3:e1:f7:1f:d0:a9:45:3c:20:1a:c2:
01:8b:28:d0:52:d2:2f:2c:b0:51:58:96:d4:66:e0:
08:db:26:5f:be:2f:ed:67:04:6b:7f:ce:5d:eb:79:
90:9d:60:8b:52:42:3c:6f:5f:9a:98:f0:15:e1:24:
34:9e:41:86:5e:da:62:d6:aa:bb:fc:65:19:ea:b7:
0c:ee:ca:d1:d0:a9:be:23:0b:78:29:19:be:2d:c3:
dc:e8:80:9b:12:e5:c2:62:d1:5d:66:8b:11:90:70:
4d:d0:1a:1a:61:48:76:e1:dc:01:f4:34:b3:6e:8f:
f4:9f:34:0d:6f:0d:68:62:b3:50:64:ac:b8:7b:90:
1f:53:f0:f5:72:af:70:fb:5a:f4:53:26:a0:c3:6c:
27:86:1d:14:9b:57:3f:2e:d5:20:3e:00:44:47:e3:
8d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4C:4B:03:17:F8:F4:BD:6B:48:D6:25:BE:05:BF:58:8A:9B:59:36
X509v3 Authority Key Identifier:
keyid:B7:99:AC:98:9C:44:B2:E1:CD:AB:C2:58:E9:6C:A9:3C:AA:D4:BD:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5msmJxEsuHNq8JY6WypPKrUvWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/R0xLAxf49L1rSNYlvgW_WIqbWTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2e5c49-0d74-487a-a81c-9174df4ddb9a/1/t5msmJxEsuHNq8JY6WypPKrUvWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.138.0/24
Signature Algorithm: sha256WithRSAEncryption
50:2c:9c:e3:af:95:3a:fc:b5:e8:83:94:f1:1e:00:e8:9f:ad:
b2:44:f6:19:de:4f:c6:dc:cc:29:39:dd:cd:31:4a:b4:ea:97:
01:b7:92:b2:d7:8f:7d:5e:c0:d0:07:66:1f:3c:4e:6c:ce:6a:
97:54:49:3f:4f:30:e1:b1:4b:d0:d6:d8:b0:09:ba:7d:aa:a3:
24:d6:26:e4:ff:d3:07:63:02:8e:7e:03:56:ef:cf:78:3b:5e:
27:7e:c1:20:b1:e7:c6:c8:8f:cf:21:4c:c1:4a:d1:6b:02:91:
c4:6c:6e:1c:ad:6e:db:3e:70:36:26:0f:13:76:d6:15:ac:42:
01:04:d8:1e:cb:4c:db:9d:ae:b3:a7:34:db:85:b0:fb:d9:b7:
48:31:97:1e:b9:15:7e:e7:b9:85:a0:88:4c:30:5e:80:bf:8e:
76:fe:0b:c7:2f:58:35:7c:ed:9c:68:51:13:d3:97:be:8b:2b:
45:2d:c8:e2:5b:da:aa:3f:50:4a:87:42:65:e3:04:6c:d2:4a:
97:9c:0b:36:82:de:17:93:3e:dc:d8:95:d5:63:26:2b:ee:5d:
65:eb:26:84:18:88:45:83:26:7d:6d:f7:16:c2:63:e1:5f:4d:
89:42:b8:5b:2e:fb:98:20:60:af:20:8f:d6:39:82:83:7a:5f:
c3:f8:95:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt7iTtA4sZEkHsabD3NnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3OTlhYzk4OWM0NGIyZTFjZGFiYzI1OGU5NmNhOTNjYWFk
NGJkNjQwHhcNMjQwMTAxMjAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzRjNGIwMzE3ZjhmNGJkNmI0OGQ2MjViZTA1YmY1ODhhOWI1OTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn11KyWpSWxekwmMOqHOGlUSNPUQf
aYVRfVoZZ+0RSz3ethS6xkj/RY6dB2ihBPNXaUaQZd+lF+4QEdPEdQ6cTrS2UuvH
bVgwGJlNunkUO9VEcJzzGQ4ZMlswWZn1o+H3H9CpRTwgGsIBiyjQUtIvLLBRWJbU
ZuAI2yZfvi/tZwRrf85d63mQnWCLUkI8b1+amPAV4SQ0nkGGXtpi1qq7/GUZ6rcM
7srR0Km+Iwt4KRm+LcPc6ICbEuXCYtFdZosRkHBN0BoaYUh24dwB9DSzbo/0nzQN
bw1oYrNQZKy4e5AfU/D1cq9w+1r0Uyagw2wnhh0Um1c/LtUgPgBER+ONKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdMSwMX+PS9a0jWJb4Fv1iKm1k2MB8GA1UdIwQY
MBaAFLeZrJicRLLhzavCWOlsqTyq1L1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDVtc21KeEVzdUhOcThKWTZXeXBQS3JVdldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yZTVjNDktMGQ3NC00ODdhLWE4MWMt
OTE3NGRmNGRkYjlhLzEvUjB4TEF4ZjQ5TDFyU05ZbHZnV19XSXFiV1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8yZTVjNDktMGQ3NC00ODdhLWE4MWMtOTE3NGRmNGRkYjlh
LzEvdDVtc21KeEVzdUhOcThKWTZXeXBQS3JVdldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufKKMA0G
CSqGSIb3DQEBCwUAA4IBAQBQLJzjr5U6/LXog5TxHgDon62yRPYZ3k/G3MwpOd3N
MUq06pcBt5Ky1499XsDQB2YfPE5szmqXVEk/TzDhsUvQ1tiwCbp9qqMk1ibk/9MH
YwKOfgNW7894O14nfsEgsefGyI/PIUzBStFrApHEbG4crW7bPnA2Jg8TdtYVrEIB
BNgey0zbna6zpzTbhbD72bdIMZceuRV+57mFoIhMMF6Av452/gvHL1g1fO2caFET
05e+iytFLcjiW9qqP1BKh0Jl4wRs0kqXnAs2gt4Xkz7c2JXVYyYr7l1l6yaEGIhF
gyZ9bfcWwmPhX02JQrhbLvuYIGCvII/WOYKDel/D+JW2
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:08:44 2024 by rpki-client on console-ams.rpki-client.org