Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/X4rdDQ2a2OMkbzoCoSYIgcZaNIc.roa
File: X4rdDQ2a2OMkbzoCoSYIgcZaNIc.roa (raw, json)
Hash identifier: 36WWUi/V8+U4pnfVNq7bgc7AxxM0YmNrqX3/IB4mqu8=
Subject key identifier: 5F:8A:DD:0D:0D:9A:D8:E3:24:6F:3A:02:A1:26:08:81:C6:5A:34:87
Certificate issuer: /CN=77bdd75f2efc244f86a321b150e62936a14029db
Certificate serial: 018CC9BC78B961E768C697B21831E13D6EA8
Authority key identifier: 77:BD:D7:5F:2E:FC:24:4F:86:A3:21:B1:50:E6:29:36:A1:40:29:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/X4rdDQ2a2OMkbzoCoSYIgcZaNIc.roa
Signing time: Tue 02 Jan 2024 10:33:41 +0000
ROA not before: Tue 02 Jan 2024 10:33:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 195.234.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/d73XXy78JE-GoyGxUOYpNqFAKds.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/d73XXy78JE-GoyGxUOYpNqFAKds.mft
rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:78:b9:61:e7:68:c6:97:b2:18:31:e1:3d:6e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77bdd75f2efc244f86a321b150e62936a14029db
Validity
Not Before: Jan 2 10:33:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f8add0d0d9ad8e3246f3a02a1260881c65a3487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:91:2a:57:ce:8a:53:e8:68:38:9c:36:0c:54:
b9:f9:bc:47:61:d6:a3:36:e5:1b:2f:bf:f1:cf:25:
6d:a0:05:17:7f:b6:00:e3:58:c8:b2:70:1a:21:a6:
0f:03:f5:7a:63:5d:a4:45:4a:c2:e6:d1:83:0c:7d:
18:7d:a6:7a:8a:0c:4d:2f:ca:af:c9:94:07:76:90:
49:91:3f:e9:96:fe:e8:12:bd:6d:97:62:2c:77:03:
d9:41:e9:f1:49:71:6d:66:fe:0d:9a:b3:62:64:26:
ef:a9:f2:5d:ec:1d:be:6c:a6:50:38:17:a1:95:13:
29:3a:dd:99:79:40:1f:da:e6:81:11:ad:c4:47:a5:
0c:99:ca:91:49:ca:f2:22:3f:7e:25:25:3d:74:09:
eb:27:f4:e3:a1:e0:a0:a0:73:64:03:c4:1b:71:39:
ed:af:c8:54:46:73:31:e7:45:64:95:77:bc:6e:d0:
4d:1a:46:ea:4d:64:1b:58:96:6e:cc:8c:54:de:d5:
ce:0a:b4:15:4a:75:28:93:70:cf:b2:7a:1d:4d:b2:
7f:d8:b5:9d:7e:0a:ce:2a:a3:97:8b:eb:80:75:15:
12:16:95:3f:6f:4b:7e:8a:9d:a6:5a:c4:31:fa:60:
21:e4:52:7f:7b:f2:89:ab:86:48:68:a7:10:2c:b6:
2e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:8A:DD:0D:0D:9A:D8:E3:24:6F:3A:02:A1:26:08:81:C6:5A:34:87
X509v3 Authority Key Identifier:
keyid:77:BD:D7:5F:2E:FC:24:4F:86:A3:21:B1:50:E6:29:36:A1:40:29:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/X4rdDQ2a2OMkbzoCoSYIgcZaNIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/d73XXy78JE-GoyGxUOYpNqFAKds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.155.0/24
Signature Algorithm: sha256WithRSAEncryption
72:82:ed:b2:bc:d2:db:ee:eb:a9:97:92:4d:b7:fe:28:d1:d1:
3b:43:46:73:f1:b9:3b:c4:1d:29:69:41:8a:10:84:b3:8d:cb:
7a:6a:c1:1a:52:38:c2:f3:40:b9:59:e2:7e:7e:f6:10:e8:ec:
72:f8:ac:47:75:7e:d6:44:1d:d2:c7:7c:cc:98:30:62:48:d9:
ab:35:c8:19:52:fc:55:e7:64:d9:87:21:03:44:36:76:d0:c8:
9a:e6:31:30:62:49:72:24:42:78:f8:02:0a:f9:ce:f0:d6:61:
39:c1:92:a9:10:63:48:12:a4:bc:24:e4:93:0f:be:d9:a4:d5:
2f:26:71:c2:e0:2a:48:bc:4f:4b:0d:f9:3b:a7:34:e9:96:fc:
d7:22:63:38:f8:0c:ac:ca:f7:4d:2f:94:f1:59:7c:89:38:0c:
8e:b1:3d:8d:6a:6c:d9:0c:85:5d:1b:7b:90:50:b5:49:c0:51:
93:2e:c3:05:74:d2:84:14:c5:4b:91:1b:83:f5:73:2b:60:a3:
d0:e0:50:7d:60:cf:71:c1:82:f6:6c:61:29:c2:fd:4b:f0:31:
ec:d4:55:17:c7:89:5a:8d:22:9f:3b:9d:09:c8:47:f0:29:a8:
2f:53:7a:41:fb:c7:2b:5a:31:4c:24:16:83:89:be:56:1e:09:
1f:73:15:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvHi5YedoxpeyGDHhPW6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmRkNzVmMmVmYzI0NGY4NmEzMjFiMTUwZTYyOTM2YTE0
MDI5ZGIwHhcNMjQwMTAyMTAzMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjhhZGQwZDBkOWFkOGUzMjQ2ZjNhMDJhMTI2MDg4MWM2NWEzNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpEqV86KU+hoOJw2DFS5+bxHYdaj
NuUbL7/xzyVtoAUXf7YA41jIsnAaIaYPA/V6Y12kRUrC5tGDDH0YfaZ6igxNL8qv
yZQHdpBJkT/plv7oEr1tl2IsdwPZQenxSXFtZv4NmrNiZCbvqfJd7B2+bKZQOBeh
lRMpOt2ZeUAf2uaBEa3ER6UMmcqRScryIj9+JSU9dAnrJ/TjoeCgoHNkA8QbcTnt
r8hURnMx50VklXe8btBNGkbqTWQbWJZuzIxU3tXOCrQVSnUok3DPsnodTbJ/2LWd
fgrOKqOXi+uAdRUSFpU/b0t+ip2mWsQx+mAh5FJ/e/KJq4ZIaKcQLLYuvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+K3Q0NmtjjJG86AqEmCIHGWjSHMB8GA1UdIwQY
MBaAFHe9118u/CRPhqMhsVDmKTahQCnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDczWFh5NzhKRS1Hb3lHeFVPWXBOcUZBS2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8yNmEzNGUtMjA5NC00ZTc2LWExZWEt
MWRlZGJlN2I1YmFmLzEvWDRyZERRMmEyT01rYnpvQ29TWUlnY1phTkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8yNmEzNGUtMjA5NC00ZTc2LWExZWEtMWRlZGJlN2I1YmFm
LzEvZDczWFh5NzhKRS1Hb3lHeFVPWXBOcUZBS2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qbMA0G
CSqGSIb3DQEBCwUAA4IBAQBygu2yvNLb7uupl5JNt/4o0dE7Q0Zz8bk7xB0paUGK
EISzjct6asEaUjjC80C5WeJ+fvYQ6Oxy+KxHdX7WRB3Sx3zMmDBiSNmrNcgZUvxV
52TZhyEDRDZ20Mia5jEwYklyJEJ4+AIK+c7w1mE5wZKpEGNIEqS8JOSTD77ZpNUv
JnHC4CpIvE9LDfk7pzTplvzXImM4+AysyvdNL5TxWXyJOAyOsT2NamzZDIVdG3uQ
ULVJwFGTLsMFdNKEFMVLkRuD9XMrYKPQ4FB9YM9xwYL2bGEpwv1L8DHs1FUXx4la
jSKfO50JyEfwKagvU3pB+8crWjFMJBaDib5WHgkfcxVt
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:38:16 2024 by rpki-client on console-fra.rpki-client.org