Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/RqBJ-xO6SX8hoo3SBuwSWz7roXM.roa
File: RqBJ-xO6SX8hoo3SBuwSWz7roXM.roa (raw, json)
Hash identifier: NQcKOXenUg3NwtILJ68xLquwwWYUkdS9se4BVT9SURU=
Subject key identifier: 46:A0:49:FB:13:BA:49:7F:21:A2:8D:D2:06:EC:12:5B:3E:EB:A1:73
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 018D7FB4DC2FFBB132EA8D920EF831CDFA46
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/RqBJ-xO6SX8hoo3SBuwSWz7roXM.roa
Signing time: Tue 06 Feb 2024 18:36:15 +0000
ROA not before: Tue 06 Feb 2024 18:36:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199614
IP address blocks: 192.145.53.0/24 maxlen: 24
192.145.54.0/24 maxlen: 24
192.145.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:b4:dc:2f:fb:b1:32:ea:8d:92:0e:f8:31:cd:fa:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Feb 6 18:36:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46a049fb13ba497f21a28dd206ec125b3eeba173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:23:91:69:06:8a:eb:6b:09:7a:ca:50:f4:f8:
45:89:12:a0:bf:a3:54:b8:58:0c:ff:a6:08:71:22:
3b:5a:c0:83:15:04:34:fe:f5:d1:00:ef:8f:6e:d1:
1e:67:02:17:53:0b:9b:25:d4:db:d0:27:e4:3c:c6:
59:4e:8f:d6:5c:59:f4:03:bf:16:de:7f:a0:fe:20:
5d:b6:78:d7:50:0f:86:c0:7a:41:2f:23:ab:08:c1:
28:42:60:7a:d1:ba:8b:5e:60:df:1e:06:db:2f:79:
06:d7:3b:84:d4:e6:84:23:d3:03:3d:73:23:14:cc:
fb:e9:55:1a:95:9e:15:5b:74:a0:ba:bd:c6:d8:bc:
cd:a9:db:37:cb:88:fb:da:67:32:c0:26:17:45:dc:
b6:8d:37:fb:72:30:5f:fb:63:28:31:6e:bc:f3:86:
af:98:dc:44:10:a3:69:a0:de:62:78:f2:36:da:dc:
c9:3c:68:2d:26:62:01:91:f3:d2:99:14:3b:40:b2:
22:5f:c5:85:8b:03:fc:52:66:06:ba:2b:ab:cc:92:
30:a3:0f:bc:32:9f:77:1e:1f:be:b7:36:06:9c:fe:
eb:5c:ff:9a:85:3c:df:c5:3a:39:96:12:87:c8:80:
53:7e:93:ef:37:50:fd:ff:5c:c0:99:32:93:2b:cf:
b6:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:A0:49:FB:13:BA:49:7F:21:A2:8D:D2:06:EC:12:5B:3E:EB:A1:73
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/RqBJ-xO6SX8hoo3SBuwSWz7roXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.53.0-192.145.55.255
Signature Algorithm: sha256WithRSAEncryption
7b:fe:c4:b8:84:42:e1:2f:14:d9:e2:f8:82:bd:12:a0:74:1e:
5a:63:07:cb:52:5e:f1:c4:0c:08:30:f8:ab:de:2c:cb:d9:0d:
75:53:e4:e0:64:e5:e8:cd:09:79:1e:db:97:b3:9f:54:51:9d:
f6:d6:08:09:2d:91:29:4a:f2:35:2a:b3:f5:28:56:da:b1:d4:
14:81:bf:44:ca:6a:fd:ea:a4:bf:76:c6:dc:5c:0a:ec:7b:60:
97:19:bb:6e:cf:a5:21:f0:4c:3f:eb:45:77:c3:b4:23:ce:94:
af:50:33:5f:1c:1c:f1:af:a7:4b:36:c5:1f:36:a1:6e:90:f7:
7b:49:16:2c:2a:c5:8d:7a:43:63:67:57:bd:68:89:da:7c:94:
76:24:7b:e9:81:68:09:11:00:2a:cc:56:c9:1f:a1:87:d3:33:
49:d6:a8:d2:65:60:66:8b:d2:38:e9:7e:e9:c0:d9:a9:ac:8b:
c6:5c:b5:8f:5d:13:3c:3c:01:9d:21:2f:0b:fb:d1:e2:50:e6:
e6:0c:98:15:b9:d8:48:a9:f8:08:4d:d8:1e:d6:84:45:63:a1:
79:a5:ff:04:2a:da:ba:cb:67:6b:fc:00:66:4f:a7:fe:06:78:
14:dc:78:31:df:aa:f8:e1:33:d6:ff:12:d8:a5:17:04:58:95:
23:5f:7f:67
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY1/tNwv+7Ey6o2SDvgxzfpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjQwMjA2MTgzNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmEwNDlmYjEzYmE0OTdmMjFhMjhkZDIwNmVjMTI1YjNlZWJhMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiORaQaK62sJespQ9PhFiRKgv6NU
uFgM/6YIcSI7WsCDFQQ0/vXRAO+PbtEeZwIXUwubJdTb0CfkPMZZTo/WXFn0A78W
3n+g/iBdtnjXUA+GwHpBLyOrCMEoQmB60bqLXmDfHgbbL3kG1zuE1OaEI9MDPXMj
FMz76VUalZ4VW3Sgur3G2LzNqds3y4j72mcywCYXRdy2jTf7cjBf+2MoMW6884av
mNxEEKNpoN5iePI22tzJPGgtJmIBkfPSmRQ7QLIiX8WFiwP8UmYGuiurzJIwow+8
Mp93Hh++tzYGnP7rXP+ahTzfxTo5lhKHyIBTfpPvN1D9/1zAmTKTK8+2/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEagSfsTukl/IaKN0gbsEls+66FzMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvUnFCSi14TzZTWDhob28zU0J1d1NXejdyb1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADAkTUD
BAPAkTAwDQYJKoZIhvcNAQELBQADggEBAHv+xLiEQuEvFNni+IK9EqB0HlpjB8tS
XvHEDAgw+KveLMvZDXVT5OBk5ejNCXke25ezn1RRnfbWCAktkSlK8jUqs/UoVtqx
1BSBv0TKav3qpL92xtxcCux7YJcZu27PpSHwTD/rRXfDtCPOlK9QM18cHPGvp0s2
xR82oW6Q93tJFiwqxY16Q2NnV71oidp8lHYke+mBaAkRACrMVskfoYfTM0nWqNJl
YGaL0jjpfunA2amsi8ZctY9dEzw8AZ0hLwv70eJQ5uYMmBW52Eip+AhN2B7WhEVj
oXml/wQq2rrLZ2v8AGZPp/4GeBTceDHfqvjhM9b/EtilFwRYlSNff2c=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:52:17 2024 by rpki-client on console-fra.rpki-client.org