Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/oN9bLxViS3H9h679xqkIa0XAt5U.roa
File: oN9bLxViS3H9h679xqkIa0XAt5U.roa (raw, json)
Hash identifier: LnvXrcyDZQy0JxC38lDk0YL0oUi+2JnuVVgYO49U7g0=
Subject key identifier: A0:DF:5B:2F:15:62:4B:71:FD:87:AE:FD:C6:A9:08:6B:45:C0:B7:95
Certificate issuer: /CN=e4bdd6b1ebfc95899a58333dc94cf82a19a6b3be
Certificate serial: 018CC3B6A1C059FC3943278E599B7B4CC260
Authority key identifier: E4:BD:D6:B1:EB:FC:95:89:9A:58:33:3D:C9:4C:F8:2A:19:A6:B3:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5L3Wsev8lYmaWDM9yUz4Khmms74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/oN9bLxViS3H9h679xqkIa0XAt5U.roa
Signing time: Mon 01 Jan 2024 06:29:35 +0000
ROA not before: Mon 01 Jan 2024 06:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47381
IP address blocks: 195.5.177.0/24 maxlen: 24
5.159.232.0/21 maxlen: 24
80.77.112.0/20 maxlen: 24
188.227.224.0/21 maxlen: 24
2001:950::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/5L3Wsev8lYmaWDM9yUz4Khmms74.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/5L3Wsev8lYmaWDM9yUz4Khmms74.mft
rsync://rpki.ripe.net/repository/DEFAULT/5L3Wsev8lYmaWDM9yUz4Khmms74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:a1:c0:59:fc:39:43:27:8e:59:9b:7b:4c:c2:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4bdd6b1ebfc95899a58333dc94cf82a19a6b3be
Validity
Not Before: Jan 1 06:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0df5b2f15624b71fd87aefdc6a9086b45c0b795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d0:e3:b2:e3:c5:11:a6:73:74:45:8d:15:f1:
1f:50:ca:69:7b:95:45:3b:9b:43:d9:bf:94:52:be:
7a:a3:88:bd:41:ec:76:d1:a4:22:88:24:12:22:23:
b4:4f:22:9f:9b:ac:1f:08:b5:ad:3e:a0:5e:19:d4:
b3:f5:be:ec:33:21:1f:30:ba:1d:e2:f7:5a:ad:c2:
22:79:03:cb:d7:69:33:1a:ff:be:6b:a2:85:7c:6f:
91:a2:ee:32:62:aa:d8:d4:54:34:9e:93:8b:24:74:
94:0c:31:7e:0d:7a:8b:3c:9e:bd:ee:5b:70:08:cb:
78:46:a7:15:13:f6:e0:8f:8e:a5:69:e7:4c:ff:ee:
f8:7e:ac:a4:3a:89:d0:e7:07:cf:7e:0b:b1:70:11:
1f:f7:69:cc:15:4b:e2:12:16:0c:ee:d4:fa:ee:60:
e3:fa:ae:9d:27:e3:cf:a4:8d:3c:ad:f7:b5:5b:79:
75:1b:4c:49:ed:9e:ae:ea:12:1c:b1:b2:fb:c7:39:
c4:67:d0:42:5a:c5:61:8a:9d:04:80:2e:87:0d:7c:
ee:fe:00:2f:73:87:bc:12:15:e4:e3:4a:17:2a:7a:
26:a3:6b:78:dc:da:e3:a9:a1:98:6f:ee:e4:0d:1d:
6f:9e:10:c7:4a:77:57:9a:4b:fb:d1:2f:23:8c:bb:
8a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DF:5B:2F:15:62:4B:71:FD:87:AE:FD:C6:A9:08:6B:45:C0:B7:95
X509v3 Authority Key Identifier:
keyid:E4:BD:D6:B1:EB:FC:95:89:9A:58:33:3D:C9:4C:F8:2A:19:A6:B3:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L3Wsev8lYmaWDM9yUz4Khmms74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/oN9bLxViS3H9h679xqkIa0XAt5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/2a8f88-b05d-4291-93d4-07f7d5195c2c/1/5L3Wsev8lYmaWDM9yUz4Khmms74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.232.0/21
80.77.112.0/20
188.227.224.0/21
195.5.177.0/24
IPv6:
2001:950::/32
Signature Algorithm: sha256WithRSAEncryption
69:f5:db:48:3f:bb:88:9f:a0:66:42:4d:e7:15:d3:45:ff:b6:
3b:2b:a1:56:ce:4f:6a:7e:e2:4d:10:ad:cb:61:ff:d8:41:e2:
56:03:07:cc:5e:9f:a4:53:ff:ac:e1:b5:d9:97:50:bc:cf:73:
68:fd:45:ab:fa:59:84:af:d9:5d:7b:d7:3f:eb:78:aa:33:5b:
cd:b5:c3:6c:03:81:c2:36:66:26:97:ea:e0:cc:bf:5e:da:62:
b7:48:7a:a7:03:18:a3:47:c7:80:c6:96:0a:d3:d0:ec:4c:b5:
b2:1d:d1:57:61:e9:d4:60:3f:10:59:c5:d4:82:aa:4b:27:74:
96:24:6e:58:4d:6e:9e:fb:1a:19:5c:c3:92:12:8a:3a:91:8b:
05:79:16:a0:4b:21:59:2e:f8:c8:fb:fc:d6:ab:cf:ce:91:61:
4d:2f:bf:04:73:6b:e8:73:a3:fe:74:2f:43:83:c1:81:6b:cc:
96:50:f6:5b:e3:1f:38:61:ff:3a:02:8b:0a:8c:7a:a4:fb:20:
8a:e2:5e:50:90:d2:fb:0a:45:1c:9b:db:95:dc:57:e0:72:3c:
bc:b8:c4:f4:43:c8:d9:0a:85:95:0c:6d:af:b8:b0:bf:2b:1b:
9f:2d:65:5b:e4:e1:1f:0f:30:84:d9:be:4b:97:7b:e9:a2:20:
5a:08:f5:a6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDtqHAWfw5QyeOWZt7TMJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmRkNmIxZWJmYzk1ODk5YTU4MzMzZGM5NGNmODJhMTlh
NmIzYmUwHhcNMjQwMTAxMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRmNWIyZjE1NjI0YjcxZmQ4N2FlZmRjNmE5MDg2YjQ1YzBiNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltDjsuPFEaZzdEWNFfEfUMppe5VF
O5tD2b+UUr56o4i9Qex20aQiiCQSIiO0TyKfm6wfCLWtPqBeGdSz9b7sMyEfMLod
4vdarcIieQPL12kzGv++a6KFfG+Rou4yYqrY1FQ0npOLJHSUDDF+DXqLPJ697ltw
CMt4RqcVE/bgj46laedM/+74fqykOonQ5wfPfguxcBEf92nMFUviEhYM7tT67mDj
+q6dJ+PPpI08rfe1W3l1G0xJ7Z6u6hIcsbL7xznEZ9BCWsVhip0EgC6HDXzu/gAv
c4e8EhXk40oXKnomo2t43NrjqaGYb+7kDR1vnhDHSndXmkv70S8jjLuKAwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKDfWy8VYktx/Yeu/capCGtFwLeVMB8GA1UdIwQY
MBaAFOS91rHr/JWJmlgzPclM+CoZprO+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUwzV3NldjhsWW1hV0RNOXlVejRLaG1tczc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yYThmODgtYjA1ZC00MjkxLTkzZDQt
MDdmN2Q1MTk1YzJjLzEvb045Ykx4VmlTM0g5aDY3OXhxa0lhMFhBdDVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yYThmODgtYjA1ZC00MjkxLTkzZDQtMDdmN2Q1MTk1YzJj
LzEvNUwzV3NldjhsWW1hV0RNOXlVejRLaG1tczc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZ/oAwQE
UE1wAwQDvOPgAwQAwwWxMA0EAgACMAcDBQAgAQlQMA0GCSqGSIb3DQEBCwUAA4IB
AQBp9dtIP7uIn6BmQk3nFdNF/7Y7K6FWzk9qfuJNEK3LYf/YQeJWAwfMXp+kU/+s
4bXZl1C8z3No/UWr+lmEr9lde9c/63iqM1vNtcNsA4HCNmYml+rgzL9e2mK3SHqn
AxijR8eAxpYK09DsTLWyHdFXYenUYD8QWcXUgqpLJ3SWJG5YTW6e+xoZXMOSEoo6
kYsFeRagSyFZLvjI+/zWq8/OkWFNL78Ec2voc6P+dC9Dg8GBa8yWUPZb4x84Yf86
AosKjHqk+yCK4l5QkNL7CkUcm9uV3Ffgcjy8uMT0Q8jZCoWVDG2vuLC/KxufLWVb
5OEfDzCE2b5Ll3vpoiBaCPWm
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:41:17 2024 by rpki-client on console-ams.rpki-client.org