Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/u1nzbmJlHanwi550hpGS3Ome9L0.roa
File: u1nzbmJlHanwi550hpGS3Ome9L0.roa (raw, json)
Hash identifier: XMajDyqBCKkX9KuBNec3ZveKETO74oJnseFatDGN770=
Subject key identifier: BB:59:F3:6E:62:65:1D:A9:F0:8B:9E:74:86:91:92:DC:E9:9E:F4:BD
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 018CC94D88D07E70476514F70F1EFA0DCBE9
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/u1nzbmJlHanwi550hpGS3Ome9L0.roa
Signing time: Tue 02 Jan 2024 08:32:30 +0000
ROA not before: Tue 02 Jan 2024 08:32:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 45.95.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:88:d0:7e:70:47:65:14:f7:0f:1e:fa:0d:cb:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jan 2 08:32:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb59f36e62651da9f08b9e74869192dce99ef4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:48:1e:14:9d:75:be:ed:5e:ca:a3:97:35:8a:
46:d3:fe:c3:94:09:39:42:c0:ca:48:06:90:a0:63:
b3:0c:8e:8b:98:b6:ff:9e:39:b6:9f:e0:21:fa:8d:
05:40:3e:b4:f5:4a:13:95:28:e7:59:bd:dd:23:b0:
0a:cc:27:ec:b6:6b:e8:b1:cf:ed:16:e7:da:be:56:
34:d3:d8:77:a9:ea:9d:38:4f:92:37:8c:ff:5e:44:
99:9a:ce:7d:7c:e5:93:35:c0:c4:93:7d:55:bb:43:
8a:02:b2:e4:c0:b5:83:08:83:7c:ea:87:2f:58:07:
c4:ac:53:6d:07:82:e9:e2:23:7a:7e:a9:c9:96:ed:
03:07:6a:f4:08:2b:f6:3c:a8:5e:9f:af:66:ac:f2:
72:e5:36:10:f0:fc:7c:a7:22:57:fd:ca:b0:f6:09:
aa:a5:35:9e:c9:31:9d:5d:b7:49:85:eb:4b:b8:7c:
cd:60:83:a5:1c:97:58:ba:f2:56:4d:49:41:03:0e:
43:4c:6d:ea:98:ef:60:17:75:ad:af:70:8e:d1:6d:
03:65:93:e5:1c:16:8a:51:0d:12:9f:15:57:a2:a9:
a8:d3:6b:42:04:8f:fb:f0:83:d1:bf:f9:b4:3e:f0:
fd:46:58:2e:c6:09:b0:8e:02:95:63:e2:e3:18:3e:
3c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:59:F3:6E:62:65:1D:A9:F0:8B:9E:74:86:91:92:DC:E9:9E:F4:BD
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/u1nzbmJlHanwi550hpGS3Ome9L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.35.0/24
Signature Algorithm: sha256WithRSAEncryption
79:39:b0:d0:b0:6a:d7:90:05:7c:27:78:eb:72:14:60:8d:f6:
2f:ba:ea:32:8b:74:ad:7d:a4:41:fc:95:63:5a:83:c4:65:93:
32:5d:34:a3:87:f1:da:01:62:2d:7e:56:a7:5b:b7:8a:c4:98:
e1:d6:b2:0f:2c:a4:22:80:5b:9c:f6:d0:6b:4d:dd:64:7e:b5:
66:48:dd:33:c5:51:ed:b6:15:e0:4e:b7:53:03:4d:bd:e7:47:
31:1f:48:f2:96:f0:89:8f:b2:28:b2:1b:b1:b8:4d:f0:b3:95:
9f:a0:fe:93:94:8d:a3:19:ba:1c:0f:ae:32:85:96:aa:94:05:
77:18:7a:af:25:af:46:c9:1d:8a:82:a2:81:04:29:d1:f2:d1:
67:64:2d:21:02:fd:a2:21:74:cb:01:5a:5e:ab:bb:cf:47:fe:
15:32:66:67:17:f8:66:03:70:00:e8:fb:2f:66:64:ec:00:fa:
1f:70:16:57:23:4d:ea:c9:e9:c0:56:c3:fe:b2:1f:a7:45:43:
65:20:29:a6:13:1f:37:d0:c7:60:68:1d:d4:47:78:88:33:d8:
10:be:21:03:7d:30:9a:d5:b4:e8:0f:84:c3:0a:4f:bf:84:c2:
a7:01:6c:19:47:2e:34:91:47:79:d6:2b:b1:88:ae:01:7b:02:
bd:57:7d:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTYjQfnBHZRT3Dx76DcvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjQwMTAyMDgzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjU5ZjM2ZTYyNjUxZGE5ZjA4YjllNzQ4NjkxOTJkY2U5OWVmNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEgeFJ11vu1eyqOXNYpG0/7DlAk5
QsDKSAaQoGOzDI6LmLb/njm2n+Ah+o0FQD609UoTlSjnWb3dI7AKzCfstmvosc/t
FufavlY009h3qeqdOE+SN4z/XkSZms59fOWTNcDEk31Vu0OKArLkwLWDCIN86ocv
WAfErFNtB4Lp4iN6fqnJlu0DB2r0CCv2PKhen69mrPJy5TYQ8Px8pyJX/cqw9gmq
pTWeyTGdXbdJhetLuHzNYIOlHJdYuvJWTUlBAw5DTG3qmO9gF3Wtr3CO0W0DZZPl
HBaKUQ0SnxVXoqmo02tCBI/78IPRv/m0PvD9RlguxgmwjgKVY+LjGD48rwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtZ825iZR2p8IuedIaRktzpnvS9MB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvdTFuemJtSmxIYW53aTU1MGhwR1MzT21lOUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV8jMA0G
CSqGSIb3DQEBCwUAA4IBAQB5ObDQsGrXkAV8J3jrchRgjfYvuuoyi3StfaRB/JVj
WoPEZZMyXTSjh/HaAWItflanW7eKxJjh1rIPLKQigFuc9tBrTd1kfrVmSN0zxVHt
thXgTrdTA02950cxH0jylvCJj7IoshuxuE3ws5WfoP6TlI2jGbocD64yhZaqlAV3
GHqvJa9GyR2KgqKBBCnR8tFnZC0hAv2iIXTLAVpeq7vPR/4VMmZnF/hmA3AA6Psv
ZmTsAPofcBZXI03qyenAVsP+sh+nRUNlICmmEx830MdgaB3UR3iIM9gQviEDfTCa
1bToD4TDCk+/hMKnAWwZRy40kUd51iuxiK4BewK9V30B
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:30:17 2024 by rpki-client on console-fra.rpki-client.org