Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/SypWgCBWFQX4-ZAG8lG5XcjM8GU.roa
File: SypWgCBWFQX4-ZAG8lG5XcjM8GU.roa (raw, json)
Hash identifier: A8wPer5j4z7Sn7Iq/Ipb+g7pq7iIT60lSmtMgAZJN4k=
Subject key identifier: 4B:2A:56:80:20:56:15:05:F8:F9:90:06:F2:51:B9:5D:C8:CC:F0:65
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018CC649E3E7381438C76F8A7C02852FF2E6
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/SypWgCBWFQX4-ZAG8lG5XcjM8GU.roa
Signing time: Mon 01 Jan 2024 18:29:40 +0000
ROA not before: Mon 01 Jan 2024 18:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202041
IP address blocks: 194.170.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e3:e7:38:14:38:c7:6f:8a:7c:02:85:2f:f2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 1 18:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b2a568020561505f8f99006f251b95dc8ccf065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f6:58:e3:d6:02:98:7a:8d:5a:a7:0d:df:7a:
eb:34:8c:51:a6:ec:2b:c7:3c:06:83:8a:ee:af:08:
4e:91:fe:cc:4a:35:ba:a2:f6:bb:17:15:27:fd:ae:
70:fd:14:b2:54:c9:ae:dd:0c:98:8b:b5:69:14:84:
b8:2e:8b:79:1e:e1:9f:f2:a9:09:e2:19:cb:63:4e:
a8:da:4b:83:28:66:e1:63:0c:0e:28:4f:29:c2:42:
a3:5a:9e:c0:7b:7f:fd:fc:b5:fa:31:a3:0a:db:1d:
37:98:3d:0b:6a:7a:c1:0c:6a:56:a8:4d:18:8c:49:
56:64:41:93:a4:48:ab:e4:e4:3c:da:78:15:43:82:
6b:1b:74:45:db:2a:18:b2:9f:16:49:45:03:94:29:
9f:33:e2:c5:28:02:7f:1d:c3:33:5d:9a:59:b9:10:
60:ee:c7:d2:11:fd:c1:f3:f4:36:14:20:71:4f:74:
44:72:03:f7:46:9d:80:c2:88:91:b2:e3:61:d6:e8:
22:3f:58:32:60:e3:fb:72:f0:49:b0:83:9a:1e:7b:
bb:36:9a:c6:df:28:9a:7e:dc:96:87:ee:05:e7:55:
0c:6f:60:46:84:a4:9f:fc:a2:df:8c:a5:42:93:1a:
88:d2:48:55:eb:66:74:cb:c7:cb:17:23:28:37:39:
35:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2A:56:80:20:56:15:05:F8:F9:90:06:F2:51:B9:5D:C8:CC:F0:65
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/SypWgCBWFQX4-ZAG8lG5XcjM8GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.170.242.0/24
Signature Algorithm: sha256WithRSAEncryption
69:54:39:a5:01:42:e5:8b:08:ff:29:fd:5c:9d:e9:9a:7a:a5:
40:37:63:c7:44:07:02:b4:5a:ad:12:f6:bb:56:0c:8e:af:1a:
3d:3f:7f:38:b8:44:8b:00:6e:4d:cb:dc:a6:29:7a:51:b6:28:
1c:e5:20:83:f6:75:6c:bd:16:ce:56:29:f7:18:22:a5:3b:81:
69:07:03:bb:76:0a:92:a2:a0:8e:66:db:7a:c1:83:fe:60:ab:
e2:92:88:f4:91:39:2a:e9:6a:09:6d:d2:13:ce:02:52:0d:a6:
02:e0:de:16:38:aa:4e:94:f2:51:c5:31:35:71:e7:53:07:4d:
98:a2:a8:18:0e:3c:d5:53:d7:cc:8e:f5:99:f7:1c:86:04:89:
ab:55:3a:9f:7e:37:da:9c:fe:9e:19:83:c6:45:40:cc:20:36:
7c:53:da:de:b8:f4:c0:64:8e:13:aa:9f:f7:60:b5:c2:5f:82:
cc:8f:5e:37:88:a4:63:2d:4e:6d:a8:90:6b:ac:ab:04:d2:39:
e4:aa:51:36:5a:70:eb:87:88:20:d3:b0:e4:5d:82:b9:5e:b7:
9e:92:5a:66:f9:73:90:e2:e6:04:78:4f:c8:82:c9:78:1f:9a:
4c:70:85:60:d3:34:4d:2d:d1:a9:16:df:ed:8f:f5:9d:47:d2:
84:ec:4a:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSePnOBQ4x2+KfAKFL/LmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjQwMTAxMTgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjJhNTY4MDIwNTYxNTA1ZjhmOTkwMDZmMjUxYjk1ZGM4Y2NmMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/ZY49YCmHqNWqcN33rrNIxRpuwr
xzwGg4rurwhOkf7MSjW6ova7FxUn/a5w/RSyVMmu3QyYi7VpFIS4Lot5HuGf8qkJ
4hnLY06o2kuDKGbhYwwOKE8pwkKjWp7Ae3/9/LX6MaMK2x03mD0LanrBDGpWqE0Y
jElWZEGTpEir5OQ82ngVQ4JrG3RF2yoYsp8WSUUDlCmfM+LFKAJ/HcMzXZpZuRBg
7sfSEf3B8/Q2FCBxT3REcgP3Rp2AwoiRsuNh1ugiP1gyYOP7cvBJsIOaHnu7NprG
3yiaftyWh+4F51UMb2BGhKSf/KLfjKVCkxqI0khV62Z0y8fLFyMoNzk1sQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsqVoAgVhUF+PmQBvJRuV3IzPBlMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvU3lwV2dDQldGUVg0LVpBRzhsRzVYY2pNOEdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqryMA0G
CSqGSIb3DQEBCwUAA4IBAQBpVDmlAULliwj/Kf1cnemaeqVAN2PHRAcCtFqtEva7
VgyOrxo9P384uESLAG5Ny9ymKXpRtigc5SCD9nVsvRbOVin3GCKlO4FpBwO7dgqS
oqCOZtt6wYP+YKvikoj0kTkq6WoJbdITzgJSDaYC4N4WOKpOlPJRxTE1cedTB02Y
oqgYDjzVU9fMjvWZ9xyGBImrVTqffjfanP6eGYPGRUDMIDZ8U9reuPTAZI4Tqp/3
YLXCX4LMj143iKRjLU5tqJBrrKsE0jnkqlE2WnDrh4gg07DkXYK5Xreeklpm+XOQ
4uYEeE/Igsl4H5pMcIVg0zRNLdGpFt/tj/WdR9KE7Eo2
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:02:38 2024 by rpki-client on console-ams.rpki-client.org