Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/yrFBh3W3QaSUCTcwFH_YvJm0qy0.roa
File: yrFBh3W3QaSUCTcwFH_YvJm0qy0.roa (raw, json)
Hash identifier: kLH3zuS+jAYBgHeUGg3GBiWSdPwx24QxPGIZy7NddEM=
Subject key identifier: CA:B1:41:87:75:B7:41:A4:94:09:37:30:14:7F:D8:BC:99:B4:AB:2D
Certificate issuer: /CN=756fba46634d22b93db1bf46ec5a8d665e62dac7
Certificate serial: 018CC94BE240291172A93FD6B636E5289257
Authority key identifier: 75:6F:BA:46:63:4D:22:B9:3D:B1:BF:46:EC:5A:8D:66:5E:62:DA:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dW-6RmNNIrk9sb9G7FqNZl5i2sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/yrFBh3W3QaSUCTcwFH_YvJm0qy0.roa
Signing time: Tue 02 Jan 2024 08:30:42 +0000
ROA not before: Tue 02 Jan 2024 08:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33915
IP address blocks: 195.128.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/dW-6RmNNIrk9sb9G7FqNZl5i2sc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/dW-6RmNNIrk9sb9G7FqNZl5i2sc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dW-6RmNNIrk9sb9G7FqNZl5i2sc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:e2:40:29:11:72:a9:3f:d6:b6:36:e5:28:92:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=756fba46634d22b93db1bf46ec5a8d665e62dac7
Validity
Not Before: Jan 2 08:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cab1418775b741a494093730147fd8bc99b4ab2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:63:e1:f0:c1:bf:35:d2:56:dc:64:00:8f:3c:
4c:c6:9b:86:83:0e:54:65:0e:55:94:1c:61:bd:be:
ce:6e:ae:0f:24:1d:9b:ec:3a:5b:4b:8e:92:f2:bb:
65:1f:a8:d2:f7:e1:96:31:be:bd:aa:7c:b2:35:c7:
dc:e2:aa:41:6e:13:86:82:ab:03:04:8a:c6:9e:70:
30:ec:78:a5:ae:7f:cf:0c:ea:1e:d0:2b:7e:2e:b0:
fb:e6:6f:cd:99:6a:10:6b:04:25:e3:23:6b:a8:eb:
bd:08:3c:58:3c:94:15:41:2f:96:24:97:48:e1:c7:
42:6f:a5:00:0f:b8:e7:a4:26:d5:d7:5c:e0:35:21:
7f:80:4e:ae:ca:b9:a0:a5:fb:1c:4e:c7:8a:8f:78:
3b:9f:68:f0:7c:74:45:30:d2:82:82:96:fe:8f:ec:
88:cc:82:d1:67:77:c1:73:e2:7b:f6:8d:82:82:f2:
cd:76:5c:3a:df:15:ba:ca:fb:a1:15:cd:19:d9:39:
fe:46:91:3b:62:8b:3a:66:2f:d7:7b:f2:86:23:86:
fe:00:04:4d:57:94:8f:86:07:2d:2a:e9:03:6d:8f:
71:c9:14:6a:b9:0d:ea:a9:c3:b7:0d:e0:80:42:85:
6e:c1:87:a5:98:89:ac:04:0c:45:6b:26:4e:c3:09:
47:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B1:41:87:75:B7:41:A4:94:09:37:30:14:7F:D8:BC:99:B4:AB:2D
X509v3 Authority Key Identifier:
keyid:75:6F:BA:46:63:4D:22:B9:3D:B1:BF:46:EC:5A:8D:66:5E:62:DA:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dW-6RmNNIrk9sb9G7FqNZl5i2sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/yrFBh3W3QaSUCTcwFH_YvJm0qy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/dW-6RmNNIrk9sb9G7FqNZl5i2sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.144.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:dd:4d:75:9c:9b:ff:61:11:93:4a:d4:cd:c8:43:56:b6:b4:
d5:80:5c:05:a9:2b:4d:d5:da:60:89:1c:e7:aa:0e:f3:56:a0:
fe:c9:73:ca:b4:e9:fd:47:d4:5e:61:a7:f0:f6:db:b3:ce:78:
ad:d8:cf:56:40:c5:4c:1e:90:97:74:a0:41:1b:e9:8a:a4:ee:
1c:df:2a:9e:b8:c5:4b:a9:6c:be:3d:b6:0e:c2:03:bb:94:0f:
69:2f:33:37:d6:02:c8:c1:97:da:cf:8f:23:e8:b7:5d:41:ba:
e6:98:ae:32:34:a4:d0:a4:62:b1:2d:12:fc:de:00:5e:89:3d:
93:b7:15:07:1c:b0:67:b1:0c:77:8a:ac:22:55:ac:53:82:96:
1a:6b:80:08:2a:dd:56:c9:b3:f5:7e:9a:a6:68:a5:15:77:00:
c5:e6:ba:b3:43:32:ab:dd:9a:99:7f:cf:2d:d5:d0:55:76:18:
7d:37:a0:5e:58:1e:ae:c3:3e:5c:1f:a2:1b:86:a8:c7:6b:ef:
3d:63:25:85:42:2e:8a:07:c1:b0:d5:e9:cd:84:48:d6:da:15:
39:9e:49:a5:64:33:ba:ec:f1:46:37:54:f8:c7:d8:d4:a0:8c:
f6:7a:c0:a7:be:9d:7b:13:cc:0b:06:bf:7c:c9:b9:ab:1a:26:
a1:81:9a:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJS+JAKRFyqT/WtjblKJJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NmZiYTQ2NjM0ZDIyYjkzZGIxYmY0NmVjNWE4ZDY2NWU2
MmRhYzcwHhcNMjQwMTAyMDgzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIxNDE4Nzc1Yjc0MWE0OTQwOTM3MzAxNDdmZDhiYzk5YjRhYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimPh8MG/NdJW3GQAjzxMxpuGgw5U
ZQ5VlBxhvb7Obq4PJB2b7DpbS46S8rtlH6jS9+GWMb69qnyyNcfc4qpBbhOGgqsD
BIrGnnAw7Hilrn/PDOoe0Ct+LrD75m/NmWoQawQl4yNrqOu9CDxYPJQVQS+WJJdI
4cdCb6UAD7jnpCbV11zgNSF/gE6uyrmgpfscTseKj3g7n2jwfHRFMNKCgpb+j+yI
zILRZ3fBc+J79o2CgvLNdlw63xW6yvuhFc0Z2Tn+RpE7Yos6Zi/Xe/KGI4b+AARN
V5SPhgctKukDbY9xyRRquQ3qqcO3DeCAQoVuwYelmImsBAxFayZOwwlHJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqxQYd1t0GklAk3MBR/2LyZtKstMB8GA1UdIwQY
MBaAFHVvukZjTSK5PbG/RuxajWZeYtrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFctNlJtTk5Jcms5c2I5RzdGcU5abDVpMnNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9iNjg0MjEtOTliMS00ODVlLWIyMTct
ZDNhZGM3NDQ5MzkxLzEveXJGQmgzVzNRYVNVQ1Rjd0ZIX1l2Sm0wcXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9iNjg0MjEtOTliMS00ODVlLWIyMTctZDNhZGM3NDQ5Mzkx
LzEvZFctNlJtTk5Jcms5c2I5RzdGcU5abDVpMnNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4CQMA0G
CSqGSIb3DQEBCwUAA4IBAQAf3U11nJv/YRGTStTNyENWtrTVgFwFqStN1dpgiRzn
qg7zVqD+yXPKtOn9R9ReYafw9tuzznit2M9WQMVMHpCXdKBBG+mKpO4c3yqeuMVL
qWy+PbYOwgO7lA9pLzM31gLIwZfaz48j6LddQbrmmK4yNKTQpGKxLRL83gBeiT2T
txUHHLBnsQx3iqwiVaxTgpYaa4AIKt1WybP1fpqmaKUVdwDF5rqzQzKr3ZqZf88t
1dBVdhh9N6BeWB6uwz5cH6IbhqjHa+89YyWFQi6KB8Gw1enNhEjW2hU5nkmlZDO6
7PFGN1T4x9jUoIz2esCnvp17E8wLBr98ybmrGiahgZqO
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:33:22 2024 by rpki-client on console-ams.rpki-client.org