Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/y-u-Q56xHVZ7YQVEAyW0fe53_Ew.roa
File: y-u-Q56xHVZ7YQVEAyW0fe53_Ew.roa (raw, json)
Hash identifier: VaQxzcgPEMOcTkPHUfiyY9EF5NxnbRxfzKocMXQBf7Q=
Subject key identifier: CB:EB:BE:43:9E:B1:1D:56:7B:61:05:44:03:25:B4:7D:EE:77:FC:4C
Certificate issuer: /CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Certificate serial: 018CC348BED3EF0F42CBE8E0C068817DA70C
Authority key identifier: EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/y-u-Q56xHVZ7YQVEAyW0fe53_Ew.roa
Signing time: Mon 01 Jan 2024 04:29:33 +0000
ROA not before: Mon 01 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39142
IP address blocks: 195.191.240.0/24 maxlen: 24
195.191.240.0/23 maxlen: 23
195.191.241.0/24 maxlen: 24
2a0a:dc07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.mft
rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:be:d3:ef:0f:42:cb:e8:e0:c0:68:81:7d:a7:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Validity
Not Before: Jan 1 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbebbe439eb11d567b6105440325b47dee77fc4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c3:0a:c8:a5:cb:1f:65:d9:a6:7c:ca:0c:5c:
8e:c9:49:03:d3:56:b6:e1:74:6b:69:c9:0d:71:33:
71:18:31:60:65:40:87:4c:f0:e8:47:22:4f:1b:a8:
3b:35:ba:8a:b9:4b:34:7d:1b:3c:01:14:9c:f5:d2:
e1:95:52:37:0d:ac:38:a7:c3:cc:1a:e1:9f:ca:63:
88:92:5c:b2:1c:b0:fa:54:9b:c9:4e:ec:48:3e:c4:
fc:2b:af:90:55:a9:32:9d:79:c9:ef:bb:c3:3a:ff:
f4:56:a7:89:be:05:c0:6b:81:ed:9b:7e:c0:17:51:
0a:61:24:30:14:30:a5:1b:9e:1a:2c:ec:2e:ff:b3:
e3:2e:6f:ea:90:0a:e4:10:7c:d2:a9:00:07:2e:88:
81:44:6b:82:61:fd:a9:af:bf:dd:56:0f:9d:f5:37:
02:c3:16:90:63:8e:d7:da:cd:34:08:fa:08:18:5e:
8d:ca:6b:0a:b0:aa:61:56:5d:02:76:32:57:ed:d2:
f2:06:c6:e7:5e:e2:22:da:0e:b4:fe:c5:8d:46:d0:
1b:28:e8:b5:b9:39:e7:99:d9:cf:6e:1c:63:47:3d:
66:40:7d:5f:59:54:51:b5:13:5d:a5:82:3c:58:6a:
23:db:ad:29:70:c2:34:d8:1d:20:6d:d9:fd:58:3f:
9d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EB:BE:43:9E:B1:1D:56:7B:61:05:44:03:25:B4:7D:EE:77:FC:4C
X509v3 Authority Key Identifier:
keyid:EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/y-u-Q56xHVZ7YQVEAyW0fe53_Ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.240.0/23
IPv6:
2a0a:dc07::/32
Signature Algorithm: sha256WithRSAEncryption
8f:5e:f7:03:96:24:a6:ef:28:73:70:09:1e:1f:f6:53:a1:77:
66:03:22:7c:97:4a:e9:a7:e2:60:b0:15:fa:c0:74:7e:76:34:
cb:45:9b:12:42:5f:0d:4e:43:7b:e2:9a:79:8a:1e:93:d1:79:
66:25:18:43:26:8d:9b:24:2c:7e:27:92:8d:66:a3:dd:27:8f:
55:b2:2b:eb:33:e2:d1:ee:11:65:e8:06:5c:15:52:ca:d3:c6:
49:bf:f4:0c:f9:65:d7:a2:a4:88:95:c4:2b:d8:01:2a:59:7a:
c5:6f:f5:79:59:df:e1:12:6f:0f:81:94:ce:ce:a9:12:40:b8:
8c:a1:52:b3:42:5a:8a:e4:1f:3b:1f:0f:11:d3:b5:61:f7:01:
88:c3:73:5d:07:77:27:33:ad:4e:82:53:fa:33:b5:63:e5:66:
7a:6b:4b:5f:25:7b:e1:f2:e5:1f:16:0c:cf:73:02:13:59:62:
e9:ce:ff:df:a9:b2:46:19:30:dc:aa:4a:93:e1:68:76:26:64:
41:37:c0:68:ab:5e:52:9e:30:6c:08:44:67:b0:c0:cf:53:eb:
9e:fe:77:09:24:21:b3:ac:c1:93:53:c7:b2:f7:11:a7:e1:98:
2b:12:1d:74:cb:ca:aa:45:7c:cd:cc:37:91:42:03:9b:e6:d6:
72:66:19:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSL7T7w9Cy+jgwGiBfacMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZTY5MTQyN2M2ZTQxODA2ZjZjZWIxZTIxOGE3ZGM2MzIw
ZmRlZWQwHhcNMjQwMTAxMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmViYmU0MzllYjExZDU2N2I2MTA1NDQwMzI1YjQ3ZGVlNzdmYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcMKyKXLH2XZpnzKDFyOyUkD01a2
4XRrackNcTNxGDFgZUCHTPDoRyJPG6g7NbqKuUs0fRs8ARSc9dLhlVI3Daw4p8PM
GuGfymOIklyyHLD6VJvJTuxIPsT8K6+QVakynXnJ77vDOv/0VqeJvgXAa4Htm37A
F1EKYSQwFDClG54aLOwu/7PjLm/qkArkEHzSqQAHLoiBRGuCYf2pr7/dVg+d9TcC
wxaQY47X2s00CPoIGF6NymsKsKphVl0CdjJX7dLyBsbnXuIi2g60/sWNRtAbKOi1
uTnnmdnPbhxjRz1mQH1fWVRRtRNdpYI8WGoj260pcMI02B0gbdn9WD+dhwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMvrvkOesR1We2EFRAMltH3ud/xMMB8GA1UdIwQY
MBaAFO/mkUJ8bkGAb2zrHiGKfcYyD97tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMt
MzgxNGM1N2ZlOWJiLzEveS11LVE1NnhIVlo3WVFWRUF5VzBmZTUzX0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMtMzgxNGM1N2ZlOWJi
LzEvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw7/wMA0E
AgACMAcDBQAqCtwHMA0GCSqGSIb3DQEBCwUAA4IBAQCPXvcDliSm7yhzcAkeH/ZT
oXdmAyJ8l0rpp+JgsBX6wHR+djTLRZsSQl8NTkN74pp5ih6T0XlmJRhDJo2bJCx+
J5KNZqPdJ49VsivrM+LR7hFl6AZcFVLK08ZJv/QM+WXXoqSIlcQr2AEqWXrFb/V5
Wd/hEm8PgZTOzqkSQLiMoVKzQlqK5B87Hw8R07Vh9wGIw3NdB3cnM61OglP6M7Vj
5WZ6a0tfJXvh8uUfFgzPcwITWWLpzv/fqbJGGTDcqkqT4Wh2JmRBN8Boq15SnjBs
CERnsMDPU+ue/ncJJCGzrMGTU8ey9xGn4ZgrEh10y8qqRXzNzDeRQgOb5tZyZhlD
-----END CERTIFICATE-----
Generated at Sat May 25 22:18:43 2024 by rpki-client on console-ams.rpki-client.org