Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/vYiw0GXNfeIVJ7PtV2QQXWxyo04.roa
File: vYiw0GXNfeIVJ7PtV2QQXWxyo04.roa (raw, json)
Hash identifier: qtpXwTwNGn+4OhTYZURFF4vDI9QiXmmSBrhlBbTB0uo=
Subject key identifier: BD:88:B0:D0:65:CD:7D:E2:15:27:B3:ED:57:64:10:5D:6C:72:A3:4E
Certificate issuer: /CN=294a1cdb68f154cf95418a308c82d8da50775109
Certificate serial: 018CC794AB156B11D4252526351718E37DFE
Authority key identifier: 29:4A:1C:DB:68:F1:54:CF:95:41:8A:30:8C:82:D8:DA:50:77:51:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUoc22jxVM-VQYowjILY2lB3UQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/vYiw0GXNfeIVJ7PtV2QQXWxyo04.roa
Signing time: Tue 02 Jan 2024 00:30:58 +0000
ROA not before: Tue 02 Jan 2024 00:30:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15404
IP address blocks: 193.16.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.mft
rsync://rpki.ripe.net/repository/DEFAULT/KUoc22jxVM-VQYowjILY2lB3UQk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:ab:15:6b:11:d4:25:25:26:35:17:18:e3:7d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=294a1cdb68f154cf95418a308c82d8da50775109
Validity
Not Before: Jan 2 00:30:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd88b0d065cd7de21527b3ed5764105d6c72a34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:65:a3:ca:4f:a7:79:f9:fd:7b:27:00:33:a0:
45:0b:e8:1f:a1:db:3e:d0:bd:ae:d3:58:32:09:53:
66:19:b6:1b:a1:e4:65:5b:d1:22:cd:35:60:24:72:
18:97:94:5e:f9:37:ec:0f:73:0e:5e:8b:9e:6f:e1:
ee:3f:00:b3:86:56:a8:51:47:3d:ab:8e:9b:01:c0:
d5:90:b7:2d:b9:46:17:9f:59:c6:a2:04:fc:a3:34:
84:8e:09:5f:a1:70:2c:7d:48:1c:da:e0:52:1d:f6:
46:76:f8:80:5c:3f:ee:84:45:16:e7:a4:88:34:1c:
a7:d6:33:dd:5a:57:94:63:85:c0:bb:e1:e5:12:8e:
2c:9a:07:34:8a:9e:06:22:d8:06:d7:33:d9:9d:c1:
28:63:b8:46:39:90:b7:ad:08:37:28:c7:40:7f:8b:
f3:ba:26:83:fc:25:a1:16:7b:51:6a:12:aa:72:aa:
c0:3e:7d:80:ed:ba:d8:4e:fb:63:38:4f:30:c2:5d:
8c:97:52:75:7a:89:c4:3a:26:c3:a0:a5:07:b8:14:
17:5f:73:ae:3c:0a:b3:4f:3a:9b:35:33:be:20:62:
8b:60:68:bd:63:32:93:1e:80:a1:d8:7a:9d:c4:ba:
10:b5:45:c7:06:f8:44:93:51:fd:07:8a:d7:d8:da:
c7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:88:B0:D0:65:CD:7D:E2:15:27:B3:ED:57:64:10:5D:6C:72:A3:4E
X509v3 Authority Key Identifier:
keyid:29:4A:1C:DB:68:F1:54:CF:95:41:8A:30:8C:82:D8:DA:50:77:51:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUoc22jxVM-VQYowjILY2lB3UQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/vYiw0GXNfeIVJ7PtV2QQXWxyo04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/04f474-e3b5-4595-a044-657e41c63ca9/1/KUoc22jxVM-VQYowjILY2lB3UQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.245.0/24
Signature Algorithm: sha256WithRSAEncryption
75:8f:8d:b1:0d:99:42:7d:d3:7b:b2:e1:5d:6b:3e:d4:59:cb:
2e:ed:60:fa:cc:95:72:c4:0e:56:84:f4:bf:e1:08:63:34:44:
93:40:95:97:3f:f1:63:11:de:4e:57:e0:9d:35:4c:5c:91:88:
71:32:53:cf:29:65:ce:0b:9f:14:24:f7:87:74:d5:4a:2b:3a:
b9:ae:b7:f0:6a:85:3f:42:f9:b9:8b:11:89:fb:13:64:04:65:
b2:47:d0:5b:77:d2:4b:5a:2e:0b:b1:d0:2b:e6:6b:bf:88:a2:
6c:2d:36:bd:d1:8c:4d:7d:37:80:3d:34:5f:bd:8b:cd:89:3a:
e0:8b:95:c0:7c:ca:f0:73:68:90:de:5f:bb:4a:c7:03:c5:5a:
14:c1:6d:1d:88:30:ab:6f:04:f8:81:b2:ad:14:a4:66:75:5a:
cd:71:f4:ea:4a:b1:52:00:85:93:06:8d:98:20:b3:a5:0a:40:
07:da:b5:5e:6c:ad:7d:1e:dc:25:49:96:ae:57:26:2b:01:3d:
20:a0:7f:ec:8b:1e:36:00:08:18:56:92:85:11:41:02:90:f0:
63:52:c6:60:f8:47:70:2c:d9:e7:46:29:aa:7f:d9:80:21:81:
1d:9c:32:27:51:e0:08:a6:18:5f:10:98:e3:71:0f:f1:1b:e6:
bb:ef:15:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlKsVaxHUJSUmNRcY433+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NGExY2RiNjhmMTU0Y2Y5NTQxOGEzMDhjODJkOGRhNTA3
NzUxMDkwHhcNMjQwMTAyMDAzMDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDg4YjBkMDY1Y2Q3ZGUyMTUyN2IzZWQ1NzY0MTA1ZDZjNzJhMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWWjyk+nefn9eycAM6BFC+gfods+
0L2u01gyCVNmGbYboeRlW9EizTVgJHIYl5Re+TfsD3MOXoueb+HuPwCzhlaoUUc9
q46bAcDVkLctuUYXn1nGogT8ozSEjglfoXAsfUgc2uBSHfZGdviAXD/uhEUW56SI
NByn1jPdWleUY4XAu+HlEo4smgc0ip4GItgG1zPZncEoY7hGOZC3rQg3KMdAf4vz
uiaD/CWhFntRahKqcqrAPn2A7brYTvtjOE8wwl2Ml1J1eonEOibDoKUHuBQXX3Ou
PAqzTzqbNTO+IGKLYGi9YzKTHoCh2HqdxLoQtUXHBvhEk1H9B4rX2NrHkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL2IsNBlzX3iFSez7VdkEF1scqNOMB8GA1UdIwQY
MBaAFClKHNto8VTPlUGKMIyC2NpQd1EJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1VvYzIyanhWTS1WUVlvd2pJTFkybEIzVVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNGY0NzQtZTNiNS00NTk1LWEwNDQt
NjU3ZTQxYzYzY2E5LzEvdllpdzBHWE5mZUlWSjdQdFYyUVFYV3h5bzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNGY0NzQtZTNiNS00NTk1LWEwNDQtNjU3ZTQxYzYzY2E5
LzEvS1VvYzIyanhWTS1WUVlvd2pJTFkybEIzVVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRD1MA0G
CSqGSIb3DQEBCwUAA4IBAQB1j42xDZlCfdN7suFdaz7UWcsu7WD6zJVyxA5WhPS/
4QhjNESTQJWXP/FjEd5OV+CdNUxckYhxMlPPKWXOC58UJPeHdNVKKzq5rrfwaoU/
Qvm5ixGJ+xNkBGWyR9Bbd9JLWi4LsdAr5mu/iKJsLTa90YxNfTeAPTRfvYvNiTrg
i5XAfMrwc2iQ3l+7SscDxVoUwW0diDCrbwT4gbKtFKRmdVrNcfTqSrFSAIWTBo2Y
ILOlCkAH2rVebK19HtwlSZauVyYrAT0goH/six42AAgYVpKFEUECkPBjUsZg+Edw
LNnnRimqf9mAIYEdnDInUeAIphhfEJjjcQ/xG+a77xVa
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:13:27 2024 by rpki-client on console-ams.rpki-client.org