Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/IDnBSmnvbmV8GNY-NPWfqp7d0_k.roa
File: IDnBSmnvbmV8GNY-NPWfqp7d0_k.roa (raw, json)
Hash identifier: 3f38vEibiOlv6qIhhPW4kV+0+nK5kFfPe4udd4ANKYw=
Subject key identifier: 20:39:C1:4A:69:EF:6E:65:7C:18:D6:3E:34:F5:9F:AA:9E:DD:D3:F9
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBCD91EE8FFD6A9CD1C3D94155C884
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/IDnBSmnvbmV8GNY-NPWfqp7d0_k.roa
Signing time: Tue 02 Jan 2024 10:32:57 +0000
ROA not before: Tue 02 Jan 2024 10:32:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33954
IP address blocks: 195.228.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:cd:91:ee:8f:fd:6a:9c:d1:c3:d9:41:55:c8:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2039c14a69ef6e657c18d63e34f59faa9eddd3f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:69:e1:03:fe:a7:8b:f5:38:12:83:f7:cd:cc:
35:5f:9d:5f:8a:1e:ec:0d:42:18:0d:d0:82:e9:0b:
1e:35:a8:82:8b:94:a8:58:5a:59:65:3c:f6:a2:00:
ce:24:f2:aa:ee:7c:6b:80:77:4b:a5:30:93:49:cf:
b9:98:db:7c:ac:3c:0c:95:9a:ee:16:eb:89:57:b0:
f8:20:91:bb:70:94:71:fd:1c:ae:42:62:3b:cb:27:
06:f5:88:30:b1:0d:0a:82:a1:9d:f3:bd:a2:47:5e:
ed:e7:91:86:e5:51:3f:6c:ea:5a:b6:47:9d:bc:a9:
20:e0:38:87:13:6c:32:20:21:c4:cd:7a:09:33:90:
e6:6c:d4:15:7d:ba:7c:a0:ad:e6:ff:c5:e5:c0:29:
0f:04:5e:8e:f0:70:1d:ae:91:5e:fb:8d:a9:e2:57:
95:90:61:94:6d:df:cc:ec:e9:17:ec:7a:c6:b2:0e:
34:f7:45:2f:9d:08:7e:7a:27:d7:6b:90:e8:2c:c7:
09:e3:2b:b0:46:25:c6:b3:13:99:12:7c:18:df:d3:
e1:49:e7:e9:de:14:85:da:ef:ec:7b:2a:f4:20:29:
33:a2:27:a2:5c:4a:00:cd:7b:6e:02:a3:28:b9:95:
2e:37:af:75:49:ac:59:9c:3e:69:e8:92:be:56:8c:
40:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:39:C1:4A:69:EF:6E:65:7C:18:D6:3E:34:F5:9F:AA:9E:DD:D3:F9
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/IDnBSmnvbmV8GNY-NPWfqp7d0_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.228.53.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ba:72:ac:e4:c0:59:9a:b1:49:b7:f9:78:62:ce:c1:90:60:
69:cc:61:93:23:22:ed:ef:bc:70:ad:b1:6a:9c:89:e7:e1:32:
b8:00:75:d0:7e:5a:c4:35:39:24:31:8f:b3:f7:cd:cc:88:5c:
3d:30:f6:b2:d6:a5:96:b8:f6:a4:32:8e:aa:a7:03:10:c0:2b:
3a:c9:63:a4:b3:e5:c4:ad:ac:54:56:4b:24:7a:87:b6:b5:f6:
39:0c:d6:5d:cb:08:84:33:2e:10:06:5d:2e:08:ce:43:50:9b:
9a:0c:7f:9c:c6:5b:66:31:4a:80:66:4f:e1:fa:bd:d9:72:99:
97:c8:a9:69:bf:b5:b3:0d:3e:30:ea:84:26:21:61:12:62:fb:
ff:ee:81:33:20:05:48:ba:82:0c:ea:05:13:bc:72:8a:ed:8f:
73:bd:cd:76:fc:2a:d4:64:19:73:e9:71:cd:51:e9:31:8d:9a:
15:8d:ef:75:59:62:7c:bc:7a:6a:dc:98:b7:af:54:d6:84:00:
1e:e5:e7:5b:43:60:41:8a:ee:42:29:00:74:92:fa:62:b7:74:
0a:c0:35:02:2f:30:e6:67:e6:6b:55:71:5f:c8:30:5e:a5:09:
cb:af:9c:1c:1b:24:26:e5:1a:69:17:e6:c6:1d:3e:a9:82:0a:
a7:d8:55:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu82R7o/9apzRw9lBVciEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM5YzE0YTY5ZWY2ZTY1N2MxOGQ2M2UzNGY1OWZhYTllZGRkM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mnhA/6ni/U4EoP3zcw1X51fih7s
DUIYDdCC6QseNaiCi5SoWFpZZTz2ogDOJPKq7nxrgHdLpTCTSc+5mNt8rDwMlZru
FuuJV7D4IJG7cJRx/RyuQmI7yycG9YgwsQ0KgqGd872iR17t55GG5VE/bOpatked
vKkg4DiHE2wyICHEzXoJM5DmbNQVfbp8oK3m/8XlwCkPBF6O8HAdrpFe+42p4leV
kGGUbd/M7OkX7HrGsg4090UvnQh+eifXa5DoLMcJ4yuwRiXGsxOZEnwY39PhSefp
3hSF2u/seyr0ICkzoieiXEoAzXtuAqMouZUuN691SaxZnD5p6JK+VoxAswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCA5wUpp725lfBjWPjT1n6qe3dP5MB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvSURuQlNtbnZibVY4R05ZLU5QV2ZxcDdkMF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+Q1MA0G
CSqGSIb3DQEBCwUAA4IBAQAwunKs5MBZmrFJt/l4Ys7BkGBpzGGTIyLt77xwrbFq
nInn4TK4AHXQflrENTkkMY+z983MiFw9MPay1qWWuPakMo6qpwMQwCs6yWOks+XE
raxUVkskeoe2tfY5DNZdywiEMy4QBl0uCM5DUJuaDH+cxltmMUqAZk/h+r3ZcpmX
yKlpv7WzDT4w6oQmIWESYvv/7oEzIAVIuoIM6gUTvHKK7Y9zvc12/CrUZBlz6XHN
UekxjZoVje91WWJ8vHpq3Ji3r1TWhAAe5edbQ2BBiu5CKQB0kvpit3QKwDUCLzDm
Z+ZrVXFfyDBepQnLr5wcGyQm5RppF+bGHT6pggqn2FWK
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:25:27 2024 by rpki-client on console-fra.rpki-client.org