Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/cERV0SshptRsefq-dpzg57EkY_s.roa
File: cERV0SshptRsefq-dpzg57EkY_s.roa (raw, json)
Hash identifier: QKZkzWste6kwWTGjAR2boXN2OGJXn03AiEgRUfoaTj0=
Subject key identifier: 70:44:55:D1:2B:21:A6:D4:6C:79:FA:BE:76:9C:E0:E7:B1:24:63:FB
Certificate issuer: /CN=b5344218a4880b500c033321e76bd78b4f3c1658
Certificate serial: 018EAEE3487690CB987A0FA1301C311CDC16
Authority key identifier: B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/cERV0SshptRsefq-dpzg57EkY_s.roa
Signing time: Fri 05 Apr 2024 15:31:54 +0000
ROA not before: Fri 05 Apr 2024 15:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61320
IP address blocks: 192.109.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.mft
rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:e3:48:76:90:cb:98:7a:0f:a1:30:1c:31:1c:dc:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5344218a4880b500c033321e76bd78b4f3c1658
Validity
Not Before: Apr 5 15:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=704455d12b21a6d46c79fabe769ce0e7b12463fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:83:97:62:c3:e8:7d:14:66:28:3e:54:31:f4:
42:6b:69:38:e8:37:4b:bf:da:2a:b4:d6:f6:10:ba:
f4:59:55:f9:9d:5d:25:02:e0:2f:f1:fc:eb:1d:2a:
1f:11:af:d3:0c:a8:70:5b:2b:52:f4:9f:1a:36:52:
24:30:e2:30:ef:50:f9:48:85:be:45:50:dd:e3:7d:
62:c5:6c:99:a9:bf:f7:82:30:39:b4:73:77:e7:08:
bf:1e:41:6d:96:c6:1f:7d:be:5c:08:19:44:53:2b:
3d:ab:e8:7a:25:f7:9b:0e:df:50:3c:6f:08:04:9d:
a6:6d:c0:93:19:e8:d0:b0:f2:af:78:5c:15:4b:57:
3f:87:13:ca:5d:18:35:97:fd:c2:26:ae:22:45:14:
34:1a:ad:5b:41:41:e7:96:9a:3a:ad:e6:c7:96:5d:
37:1d:48:da:47:b5:8c:bd:df:96:3c:0a:f1:a6:23:
f9:d8:2d:03:62:1e:8a:fd:94:0c:7c:b4:13:73:18:
b3:a2:fe:c9:ba:20:2d:1c:34:3c:b0:5d:ad:19:30:
e8:68:60:16:03:04:0c:74:4d:81:8c:b4:7b:55:36:
ce:02:12:98:12:a2:32:d7:f7:05:cc:e5:71:bd:bf:
b8:a6:48:19:5d:0e:75:f8:2f:e7:19:af:24:20:99:
91:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:44:55:D1:2B:21:A6:D4:6C:79:FA:BE:76:9C:E0:E7:B1:24:63:FB
X509v3 Authority Key Identifier:
keyid:B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/cERV0SshptRsefq-dpzg57EkY_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.47.0/24
Signature Algorithm: sha256WithRSAEncryption
82:8f:ab:b6:d9:72:af:3f:69:a2:d4:f8:83:05:8d:82:1b:e9:
49:3e:9c:0d:e0:94:00:cf:1b:8d:1a:26:82:b2:33:97:02:c4:
ae:ba:7c:bb:e9:02:0f:5e:85:e8:73:3c:d1:0f:2a:f2:4d:ea:
39:b2:15:73:71:4f:89:9d:3e:e0:a4:4d:8c:49:7e:33:6e:95:
a4:09:ce:b8:3e:64:a1:f4:49:ea:ce:40:da:13:ad:a4:0f:10:
a7:6f:be:83:0d:aa:e9:6b:4c:d0:18:6d:d8:2b:6e:43:77:81:
ae:31:f7:88:4d:9b:4a:e7:8e:1b:96:b9:9c:dd:ff:8b:80:1d:
de:b6:97:ba:45:44:3f:15:4d:8a:96:7c:bf:c8:6a:ee:44:07:
bf:ad:16:98:71:57:ae:1c:c7:cc:ab:8f:3c:34:29:6a:65:84:
d2:47:bc:18:b2:ef:62:c2:09:46:db:60:51:33:ef:ce:98:22:
89:b1:70:67:14:93:ef:a3:b7:01:87:10:a3:fe:2e:fa:45:67:
05:65:77:86:66:93:ef:d9:5c:15:77:91:09:75:77:38:48:cc:
b7:3a:ad:2a:89:bd:41:6f:e0:ee:37:d5:41:52:05:38:8b:7a:
04:61:35:8f:5d:e4:4e:09:3f:10:86:06:45:99:9c:a9:1a:9b:
6c:e4:62:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6u40h2kMuYeg+hMBwxHNwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzQ0MjE4YTQ4ODBiNTAwYzAzMzMyMWU3NmJkNzhiNGYz
YzE2NTgwHhcNMjQwNDA1MTUzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDQ0NTVkMTJiMjFhNmQ0NmM3OWZhYmU3NjljZTBlN2IxMjQ2M2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIOXYsPofRRmKD5UMfRCa2k46DdL
v9oqtNb2ELr0WVX5nV0lAuAv8fzrHSofEa/TDKhwWytS9J8aNlIkMOIw71D5SIW+
RVDd431ixWyZqb/3gjA5tHN35wi/HkFtlsYffb5cCBlEUys9q+h6JfebDt9QPG8I
BJ2mbcCTGejQsPKveFwVS1c/hxPKXRg1l/3CJq4iRRQ0Gq1bQUHnlpo6rebHll03
HUjaR7WMvd+WPArxpiP52C0DYh6K/ZQMfLQTcxizov7JuiAtHDQ8sF2tGTDoaGAW
AwQMdE2BjLR7VTbOAhKYEqIy1/cFzOVxvb+4pkgZXQ51+C/nGa8kIJmRDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHBEVdErIabUbHn6vnac4OexJGP7MB8GA1UdIwQY
MBaAFLU0QhikiAtQDAMzIedr14tPPBZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQt
Y2ZhYjEwZDMwNjkzLzEvY0VSVjBTc2hwdFJzZWZxLWRwemc1N0VrWV9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQtY2ZhYjEwZDMwNjkz
LzEvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG0vMA0G
CSqGSIb3DQEBCwUAA4IBAQCCj6u22XKvP2mi1PiDBY2CG+lJPpwN4JQAzxuNGiaC
sjOXAsSuuny76QIPXoXoczzRDyryTeo5shVzcU+JnT7gpE2MSX4zbpWkCc64PmSh
9EnqzkDaE62kDxCnb76DDarpa0zQGG3YK25Dd4GuMfeITZtK544blrmc3f+LgB3e
tpe6RUQ/FU2Klny/yGruRAe/rRaYcVeuHMfMq488NClqZYTSR7wYsu9iwglG22BR
M+/OmCKJsXBnFJPvo7cBhxCj/i76RWcFZXeGZpPv2VwVd5EJdXc4SMy3Oq0qib1B
b+DuN9VBUgU4i3oEYTWPXeROCT8QhgZFmZypGpts5GIC
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:46:25 2024 by rpki-client on console-fra.rpki-client.org