Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/PuPuy531kNasXvi535wRY9D0_7w.roa
File: PuPuy531kNasXvi535wRY9D0_7w.roa (raw, json)
Hash identifier: rM3uXWVsndtJem4qvsOHFBKJtk9rzp4ADSIAH0zxD5g=
Subject key identifier: 3E:E3:EE:CB:9D:F5:90:D6:AC:5E:F8:B9:DF:9C:11:63:D0:F4:FF:BC
Certificate issuer: /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial: 018CC5012334A4A21EBAF75536AD85E7C3B2
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/PuPuy531kNasXvi535wRY9D0_7w.roa
Signing time: Mon 01 Jan 2024 12:30:35 +0000
ROA not before: Mon 01 Jan 2024 12:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20649
IP address blocks: 188.132.169.0/24 maxlen: 24
188.132.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:23:34:a4:a2:1e:ba:f7:55:36:ad:85:e7:c3:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Validity
Not Before: Jan 1 12:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ee3eecb9df590d6ac5ef8b9df9c1163d0f4ffbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ce:91:9b:28:95:4b:e0:09:86:9c:13:c3:2b:
f7:23:c4:4d:c6:74:42:5f:1c:42:9c:ac:e6:c1:33:
d9:38:7b:bd:c8:c1:a4:d8:ff:55:3a:56:e8:ee:53:
2a:66:ee:91:18:43:4a:a5:0c:ab:e4:11:e3:c2:f0:
2e:e9:c0:60:3b:54:a1:b1:5b:bd:f9:b3:19:c7:55:
a8:f1:03:5b:a5:8f:ed:1c:93:70:d3:0d:26:a8:cb:
25:91:e4:01:cd:8b:83:1d:fa:b6:33:72:89:f1:c2:
94:a9:8a:c3:bd:dd:14:ab:5e:cb:c6:1f:0c:68:ce:
ac:7f:9b:31:e7:98:c8:56:03:e7:fb:f3:61:b0:fe:
b7:cd:0a:72:d2:5e:5c:07:aa:da:4f:ea:c9:03:ca:
d1:d9:66:27:56:c5:f1:dd:7e:f8:bd:2a:75:92:88:
01:3e:7c:fc:90:77:06:44:0e:96:dc:c0:19:e4:e5:
0f:5c:a6:21:25:e6:2b:de:9e:68:60:5f:76:6d:a9:
41:93:b3:48:d2:1b:79:70:10:d4:9f:98:55:71:eb:
a6:74:7a:a5:6c:29:32:54:b9:51:2f:01:f8:98:29:
7a:fb:92:7b:21:59:85:dd:35:af:8c:66:d3:c6:58:
f7:24:25:b9:89:13:80:70:2d:db:21:04:c6:e2:c6:
7b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E3:EE:CB:9D:F5:90:D6:AC:5E:F8:B9:DF:9C:11:63:D0:F4:FF:BC
X509v3 Authority Key Identifier:
keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/PuPuy531kNasXvi535wRY9D0_7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.169.0/24
188.132.179.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:b8:38:c2:bb:d2:5f:db:07:f8:cf:21:c0:43:70:22:2b:71:
73:64:41:6f:db:d3:9a:1b:0b:a1:87:2c:00:9b:97:1c:ea:3d:
80:e1:dd:25:86:17:3b:62:5c:3c:b2:4e:bb:89:e9:f2:4b:54:
06:28:e6:00:38:92:d8:d0:3d:dc:a1:87:6c:07:5c:92:83:ed:
ba:a7:ba:7c:de:60:47:2d:ee:da:7f:d6:3c:d1:44:99:96:c4:
57:a6:5d:08:ec:59:20:db:47:ce:dc:ef:68:e5:d0:96:57:c2:
44:71:15:91:00:c0:2f:2c:e5:5d:a0:9c:32:4e:8c:ef:c0:ff:
ef:61:29:1e:b6:39:d6:b0:2b:e9:03:98:e5:cb:29:26:de:53:
cc:ab:81:ea:83:f8:5c:c9:e6:38:d6:25:05:af:6e:f6:e9:9f:
6f:60:22:52:65:a0:5e:30:8a:9c:d9:d3:34:02:8b:b7:9a:72:
a5:f4:4e:66:15:96:30:ba:08:4e:d3:35:28:9b:c9:80:fe:f0:
06:ec:1d:6a:fe:79:25:e2:9b:29:d5:3b:b3:df:eb:71:81:56:
b2:db:8d:88:9a:fa:49:90:c6:fd:f3:73:ed:00:85:7c:c1:05:
23:4a:07:04:e8:b6:b5:e8:a0:87:4a:21:76:58:63:b8:02:41:
11:35:0d:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFASM0pKIeuvdVNq2F58OyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjQwMTAxMTIzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWUzZWVjYjlkZjU5MGQ2YWM1ZWY4YjlkZjljMTE2M2QwZjRmZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc6RmyiVS+AJhpwTwyv3I8RNxnRC
XxxCnKzmwTPZOHu9yMGk2P9VOlbo7lMqZu6RGENKpQyr5BHjwvAu6cBgO1ShsVu9
+bMZx1Wo8QNbpY/tHJNw0w0mqMslkeQBzYuDHfq2M3KJ8cKUqYrDvd0Uq17Lxh8M
aM6sf5sx55jIVgPn+/NhsP63zQpy0l5cB6raT+rJA8rR2WYnVsXx3X74vSp1kogB
Pnz8kHcGRA6W3MAZ5OUPXKYhJeYr3p5oYF92balBk7NI0ht5cBDUn5hVceumdHql
bCkyVLlRLwH4mCl6+5J7IVmF3TWvjGbTxlj3JCW5iROAcC3bIQTG4sZ7MQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD7j7sud9ZDWrF74ud+cEWPQ9P+8MB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvUHVQdXk1MzFrTmFzWHZpNTM1d1JZOUQwXzd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvISpAwQA
vISzMA0GCSqGSIb3DQEBCwUAA4IBAQAKuDjCu9Jf2wf4zyHAQ3AiK3FzZEFv29Oa
GwuhhywAm5cc6j2A4d0lhhc7Ylw8sk67ienyS1QGKOYAOJLY0D3coYdsB1ySg+26
p7p83mBHLe7af9Y80USZlsRXpl0I7Fkg20fO3O9o5dCWV8JEcRWRAMAvLOVdoJwy
TozvwP/vYSketjnWsCvpA5jlyykm3lPMq4Hqg/hcyeY41iUFr2726Z9vYCJSZaBe
MIqc2dM0Aou3mnKl9E5mFZYwughO0zUom8mA/vAG7B1q/nkl4psp1Tuz3+txgVay
242ImvpJkMb983PtAIV8wQUjSgcE6La16KCHSiF2WGO4AkERNQ1R
-----END CERTIFICATE-----
Generated at Fri May 10 12:24:26 2024 by rpki-client on console-fra.rpki-client.org