Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/41OSN5RVla3NV8CQwlckXdV91d8.roa
File: 41OSN5RVla3NV8CQwlckXdV91d8.roa (raw, json)
Hash identifier: U/U20M8vMZS7whCpFE2GATMdSYrkwq69FieDxNU4528=
Subject key identifier: E3:53:92:37:94:55:95:AD:CD:57:C0:90:C2:57:24:5D:D5:7D:D5:DF
Certificate issuer: /CN=6987d47935e1137d544426db5288e12a9c025ac2
Certificate serial: 018CC7951AD405453456E582F70CC942242A
Authority key identifier: 69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/41OSN5RVla3NV8CQwlckXdV91d8.roa
Signing time: Tue 02 Jan 2024 00:31:26 +0000
ROA not before: Tue 02 Jan 2024 00:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.84.4.0/24 maxlen: 24
193.84.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:1a:d4:05:45:34:56:e5:82:f7:0c:c9:42:24:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6987d47935e1137d544426db5288e12a9c025ac2
Validity
Not Before: Jan 2 00:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3539237945595adcd57c090c257245dd57dd5df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bf:69:63:43:cf:95:b3:b8:52:52:7f:20:c2:
76:7d:e3:af:4f:29:75:59:60:b6:dc:21:53:af:d0:
96:16:ca:56:04:24:28:20:11:f8:97:7e:ec:e4:98:
87:e6:47:89:e9:ec:d8:d1:55:2e:aa:9b:5f:3f:b8:
3b:ae:b5:14:ba:96:fc:9d:ab:4c:00:8a:d1:4e:00:
e1:dd:1d:b2:06:12:a9:9f:5b:7e:16:0a:e2:1d:94:
0a:17:a4:03:0f:3a:58:cc:d0:45:b0:d3:e6:2d:bd:
2f:a1:88:a4:1b:0b:69:5f:b6:41:57:99:38:2b:2b:
01:75:75:88:23:13:1a:6e:76:41:f8:55:69:8c:6f:
74:0a:76:8c:06:c2:94:9f:5a:1d:41:88:63:d4:93:
16:dc:ff:60:34:dc:33:a5:a6:56:ad:a0:c6:79:72:
49:c6:81:a1:fc:03:e5:aa:8e:a6:b6:25:9e:43:91:
f5:16:c2:4e:b3:d9:7d:77:2c:fc:8a:20:33:7e:42:
bd:af:e9:91:27:1e:e2:c9:a2:3a:59:37:8c:5f:43:
f8:37:f3:db:f0:cd:74:09:2a:af:48:b6:4f:9b:03:
be:b6:20:e4:68:52:00:76:fe:fe:79:b2:ef:7d:b0:
e1:96:9c:e1:41:3f:e7:f8:f8:b0:59:b3:18:da:91:
55:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:53:92:37:94:55:95:AD:CD:57:C0:90:C2:57:24:5D:D5:7D:D5:DF
X509v3 Authority Key Identifier:
keyid:69:87:D4:79:35:E1:13:7D:54:44:26:DB:52:88:E1:2A:9C:02:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYfUeTXhE31URCbbUojhKpwCWsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/41OSN5RVla3NV8CQwlckXdV91d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32d7ad-8bf9-4274-95f8-9c953594d6b1/1/aYfUeTXhE31URCbbUojhKpwCWsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.4.0/23
Signature Algorithm: sha256WithRSAEncryption
62:b9:14:fb:9c:16:f3:20:9a:54:5f:04:0b:66:f3:c1:b0:9d:
ea:8e:c3:61:e5:1d:f5:d8:75:8f:f9:12:76:c4:46:58:8a:7c:
86:3a:11:95:b4:83:44:db:bf:df:fc:54:bb:53:97:1f:12:18:
67:f0:be:bd:bf:e1:7d:d4:10:4f:22:26:86:af:00:d1:16:f1:
f4:8d:33:b9:b7:52:41:1f:1f:1d:32:f0:2c:30:c5:08:61:cb:
6e:17:4c:0c:29:85:1e:27:18:14:5e:b1:c8:5a:44:08:57:e0:
89:76:90:52:4e:2a:59:eb:20:04:58:f9:e8:3a:34:e5:05:1c:
24:ec:f5:aa:cc:79:94:66:f4:fe:85:ba:6f:6e:2e:8a:fe:9a:
0e:28:fe:06:43:c1:08:08:81:e2:1b:6e:8d:89:a0:59:c7:e4:
2b:ff:56:2b:3a:d4:cd:5c:e9:e2:2a:d1:98:30:bc:ae:f7:ab:
30:2f:4b:f5:8c:db:26:20:63:8a:24:a6:08:ca:ed:55:bf:51:
3d:e5:05:b1:0a:28:19:72:7d:6f:8c:6a:32:1c:c4:88:4b:4d:
b3:7f:9e:d7:79:d9:fa:ef:cd:c8:c9:01:fe:26:1e:c8:57:93:
e5:bc:ff:be:53:98:cd:40:32:3f:99:a3:51:97:58:48:31:8b:
82:33:f5:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlRrUBUU0VuWC9wzJQiQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODdkNDc5MzVlMTEzN2Q1NDQ0MjZkYjUyODhlMTJhOWMw
MjVhYzIwHhcNMjQwMTAyMDAzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzUzOTIzNzk0NTU5NWFkY2Q1N2MwOTBjMjU3MjQ1ZGQ1N2RkNWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr9pY0PPlbO4UlJ/IMJ2feOvTyl1
WWC23CFTr9CWFspWBCQoIBH4l37s5JiH5keJ6ezY0VUuqptfP7g7rrUUupb8natM
AIrRTgDh3R2yBhKpn1t+FgriHZQKF6QDDzpYzNBFsNPmLb0voYikGwtpX7ZBV5k4
KysBdXWIIxMabnZB+FVpjG90CnaMBsKUn1odQYhj1JMW3P9gNNwzpaZWraDGeXJJ
xoGh/APlqo6mtiWeQ5H1FsJOs9l9dyz8iiAzfkK9r+mRJx7iyaI6WTeMX0P4N/Pb
8M10CSqvSLZPmwO+tiDkaFIAdv7+ebLvfbDhlpzhQT/n+PiwWbMY2pFVBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONTkjeUVZWtzVfAkMJXJF3VfdXfMB8GA1UdIwQY
MBaAFGmH1Hk14RN9VEQm21KI4SqcAlrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zMmQ3YWQtOGJmOS00Mjc0LTk1Zjgt
OWM5NTM1OTRkNmIxLzEvNDFPU041UlZsYTNOVjhDUXdsY2tYZFY5MWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8zMmQ3YWQtOGJmOS00Mjc0LTk1ZjgtOWM5NTM1OTRkNmIx
LzEvYVlmVWVUWGhFMzFVUkNiYlVvamhLcHdDV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwVQEMA0G
CSqGSIb3DQEBCwUAA4IBAQBiuRT7nBbzIJpUXwQLZvPBsJ3qjsNh5R312HWP+RJ2
xEZYinyGOhGVtINE27/f/FS7U5cfEhhn8L69v+F91BBPIiaGrwDRFvH0jTO5t1JB
Hx8dMvAsMMUIYctuF0wMKYUeJxgUXrHIWkQIV+CJdpBSTipZ6yAEWPnoOjTlBRwk
7PWqzHmUZvT+hbpvbi6K/poOKP4GQ8EICIHiG26NiaBZx+Qr/1YrOtTNXOniKtGY
MLyu96swL0v1jNsmIGOKJKYIyu1Vv1E95QWxCigZcn1vjGoyHMSIS02zf57Xedn6
783IyQH+Jh7IV5PlvP++U5jNQDI/maNRl1hIMYuCM/XA
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:37:19 2024 by rpki-client on console-fra.rpki-client.org