Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/JUyqLmUi2ur6KsC97_Mo-8pP-qs.roa
File: JUyqLmUi2ur6KsC97_Mo-8pP-qs.roa (raw, json)
Hash identifier: oHhHVjFoxL4qEpH1Nsb0J4QJllHsEnBPjmcOWaf9Tbo=
Subject key identifier: 25:4C:AA:2E:65:22:DA:EA:FA:2A:C0:BD:EF:F3:28:FB:CA:4F:FA:AB
Certificate issuer: /CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Certificate serial: 018CC5DBFE88E6B16E03C668458728C6DFA6
Authority key identifier: D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/JUyqLmUi2ur6KsC97_Mo-8pP-qs.roa
Signing time: Mon 01 Jan 2024 16:29:38 +0000
ROA not before: Mon 01 Jan 2024 16:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54103
IP address blocks: 130.185.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:fe:88:e6:b1:6e:03:c6:68:45:87:28:c6:df:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48555f9a52727f6bcf715cb4750a2a4a6c35161
Validity
Not Before: Jan 1 16:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=254caa2e6522daeafa2ac0bdeff328fbca4ffaab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:38:1e:05:df:5a:6b:31:78:4b:6b:32:8a:e5:
32:87:14:bb:c0:66:9b:1d:9c:8b:e7:6a:95:09:bc:
f9:86:68:cc:26:ee:70:46:cb:a5:d3:48:56:10:ec:
f8:3f:55:9d:0f:5f:a5:3e:6b:a5:77:8e:04:17:33:
fe:f9:a5:86:dc:4d:19:45:66:d0:e0:22:d7:05:cf:
b2:2b:9f:8b:6c:18:25:ff:78:19:0f:68:9a:42:b1:
34:8f:85:74:7b:33:89:74:0f:04:97:61:9c:15:e5:
d2:6e:3d:eb:81:c9:62:fa:66:ff:b4:c8:ce:2c:9c:
9b:6f:83:3b:30:ad:9b:32:ff:7e:2d:e6:d5:73:a5:
50:14:b2:58:b9:7d:11:a1:b2:ad:ab:62:44:c1:81:
69:a9:af:dc:a6:c5:e7:64:32:ba:f6:19:de:b0:5d:
91:15:ed:81:05:07:91:a6:f6:18:63:57:7f:13:04:
e9:15:da:90:79:5e:7d:9b:b9:8d:bf:fa:b5:0f:ad:
f2:be:e4:02:de:79:92:20:6b:cd:23:d9:37:87:4f:
8a:a8:26:55:55:81:82:ab:04:a3:72:45:6a:22:ee:
84:44:4f:93:0b:22:f0:11:a8:1f:f1:70:fc:c9:2d:
10:91:03:86:95:ea:f3:bd:e2:05:d5:9e:29:85:c5:
c8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4C:AA:2E:65:22:DA:EA:FA:2A:C0:BD:EF:F3:28:FB:CA:4F:FA:AB
X509v3 Authority Key Identifier:
keyid:D4:85:55:F9:A5:27:27:F6:BC:F7:15:CB:47:50:A2:A4:A6:C3:51:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1IVV-aUnJ_a89xXLR1CipKbDUWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/JUyqLmUi2ur6KsC97_Mo-8pP-qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/e45577-65b1-4d43-853a-02abf8572fcb/1/1IVV-aUnJ_a89xXLR1CipKbDUWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.172.0/22
Signature Algorithm: sha256WithRSAEncryption
49:42:10:cd:ce:d9:cd:a7:1b:85:0b:8e:2b:3c:36:c3:af:39:
d5:48:e4:5b:c0:99:df:90:8b:cb:41:43:0a:4f:00:cf:16:02:
e3:e9:48:82:0d:6e:81:e9:25:5a:0e:c2:98:2c:87:6a:76:8e:
60:17:46:8f:bb:8b:5c:9a:bf:8a:9e:34:eb:b4:78:79:33:3b:
42:7f:99:a7:63:6d:d2:2d:17:90:cc:24:03:34:8a:5f:8f:2d:
27:16:5f:39:ce:f6:7f:38:45:43:8d:f2:1c:1c:63:64:5e:10:
63:2a:c8:58:6f:d1:0e:fc:b5:f2:75:4c:38:3d:8d:29:c2:40:
f8:52:c3:c7:42:d0:b5:5b:21:a5:c2:d6:4b:d1:ed:80:53:f6:
8d:04:cf:8f:1a:91:b5:63:e4:3d:95:ca:5b:90:72:84:6f:af:
78:76:ad:78:62:ed:b2:8a:7a:bc:7c:d0:14:4c:93:fd:a1:9d:
d4:b7:62:1d:c8:66:9b:d9:7c:91:e9:a5:9f:d9:4d:4c:fa:59:
04:c4:e5:46:5f:7f:35:02:ce:11:2e:bc:80:e7:25:52:45:fd:
f1:0e:ea:d3:dc:41:88:be:6e:df:e0:7b:ff:9d:77:fc:fd:24:
a8:a8:23:b3:a5:e1:92:f4:0f:b1:a0:ad:c0:34:38:f2:07:11:
b2:e1:23:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2/6I5rFuA8ZoRYcoxt+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ODU1NWY5YTUyNzI3ZjZiY2Y3MTVjYjQ3NTBhMmE0YTZj
MzUxNjEwHhcNMjQwMTAxMTYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRjYWEyZTY1MjJkYWVhZmEyYWMwYmRlZmYzMjhmYmNhNGZmYWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTgeBd9aazF4S2syiuUyhxS7wGab
HZyL52qVCbz5hmjMJu5wRsul00hWEOz4P1WdD1+lPmuld44EFzP++aWG3E0ZRWbQ
4CLXBc+yK5+LbBgl/3gZD2iaQrE0j4V0ezOJdA8El2GcFeXSbj3rgcli+mb/tMjO
LJybb4M7MK2bMv9+LebVc6VQFLJYuX0RobKtq2JEwYFpqa/cpsXnZDK69hnesF2R
Fe2BBQeRpvYYY1d/EwTpFdqQeV59m7mNv/q1D63yvuQC3nmSIGvNI9k3h0+KqCZV
VYGCqwSjckVqIu6ERE+TCyLwEagf8XD8yS0QkQOGlerzveIF1Z4phcXIeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCVMqi5lItrq+irAve/zKPvKT/qrMB8GA1UdIwQY
MBaAFNSFVfmlJyf2vPcVy0dQoqSmw1FhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2Et
MDJhYmY4NTcyZmNiLzEvSlV5cUxtVWkydXI2S3NDOTdfTW8tOHBQLXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9lNDU1NzctNjViMS00ZDQzLTg1M2EtMDJhYmY4NTcyZmNi
LzEvMUlWVi1hVW5KX2E4OXhYTFIxQ2lwS2JEVVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgrmsMA0G
CSqGSIb3DQEBCwUAA4IBAQBJQhDNztnNpxuFC44rPDbDrznVSORbwJnfkIvLQUMK
TwDPFgLj6UiCDW6B6SVaDsKYLIdqdo5gF0aPu4tcmr+KnjTrtHh5MztCf5mnY23S
LReQzCQDNIpfjy0nFl85zvZ/OEVDjfIcHGNkXhBjKshYb9EO/LXydUw4PY0pwkD4
UsPHQtC1WyGlwtZL0e2AU/aNBM+PGpG1Y+Q9lcpbkHKEb694dq14Yu2yinq8fNAU
TJP9oZ3Ut2IdyGab2XyR6aWf2U1M+lkExOVGX381As4RLryA5yVSRf3xDurT3EGI
vm7f4Hv/nXf8/SSoqCOzpeGS9A+xoK3ANDjyBxGy4SNx
-----END CERTIFICATE-----
Generated at Sat May 18 00:23:09 2024 by rpki-client on console-fra.rpki-client.org