Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/pXvrgSb9yYfl9m__EJG7vDpPM3Q.roa
File: pXvrgSb9yYfl9m__EJG7vDpPM3Q.roa (raw, json)
Hash identifier: 0JaHhYOUVuAUBmcLhnOpiqONgvXppwFwxFM6tCwzA+Q=
Subject key identifier: A5:7B:EB:81:26:FD:C9:87:E5:F6:6F:FF:10:91:BB:BC:3A:4F:33:74
Certificate issuer: /CN=51bfb46353bfcccff9412dcbdd480f19b4c98397
Certificate serial: 0191986949A8F95EF9D5BC37E82F6D3CE487
Authority key identifier: 51:BF:B4:63:53:BF:CC:CF:F9:41:2D:CB:DD:48:0F:19:B4:C9:83:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/pXvrgSb9yYfl9m__EJG7vDpPM3Q.roa
Signing time: Wed 28 Aug 2024 09:55:22 +0000
ROA not before: Wed 28 Aug 2024 09:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33806
IP address blocks: 109.197.38.0/24 maxlen: 24
195.200.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:69:49:a8:f9:5e:f9:d5:bc:37:e8:2f:6d:3c:e4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51bfb46353bfcccff9412dcbdd480f19b4c98397
Validity
Not Before: Aug 28 09:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a57beb8126fdc987e5f66fff1091bbbc3a4f3374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5b:5b:47:39:7e:e8:1a:07:66:17:f8:16:9d:
97:f2:80:a8:01:9f:f6:7d:75:0c:ad:2f:d1:cc:73:
38:a7:9c:14:7f:b9:5e:44:d4:83:46:5a:99:ad:da:
e2:56:d4:fd:21:e5:e6:6b:0a:ee:c9:ee:c5:37:3a:
52:7a:ca:69:54:e3:8f:db:db:04:4d:8e:dc:19:2d:
93:70:3c:56:0b:f2:da:c4:3b:0c:38:59:bd:cc:66:
84:a3:92:81:96:c1:85:c6:59:48:ea:53:98:11:97:
c2:f7:33:d7:ac:2c:65:f2:e1:16:20:39:38:29:94:
39:82:93:6d:6b:e4:a6:8d:56:fa:31:15:a4:e8:23:
d7:f0:03:89:9c:50:f5:47:a3:51:40:99:b0:f5:fd:
0e:c0:cc:69:b3:95:1f:69:f0:1e:85:03:c7:d2:4e:
fa:5c:ec:a9:3e:fc:b7:eb:ef:aa:95:db:b2:3d:93:
38:e7:38:67:77:81:f6:6f:df:f0:9a:75:b1:9e:0c:
fb:57:aa:77:32:33:be:76:47:2f:f0:8b:89:13:fe:
ea:46:bc:02:9f:de:96:4b:d6:aa:4a:9c:68:9a:7a:
93:07:06:eb:6c:1c:05:b1:69:0e:ad:7e:eb:38:ca:
98:47:bb:75:8c:37:6d:ee:8c:b2:82:e6:85:53:cb:
7b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:7B:EB:81:26:FD:C9:87:E5:F6:6F:FF:10:91:BB:BC:3A:4F:33:74
X509v3 Authority Key Identifier:
keyid:51:BF:B4:63:53:BF:CC:CF:F9:41:2D:CB:DD:48:0F:19:B4:C9:83:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/pXvrgSb9yYfl9m__EJG7vDpPM3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/d92557-8c46-482c-91a8-c1e974bed12e/1/Ub-0Y1O_zM_5QS3L3UgPGbTJg5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.197.38.0/24
195.200.206.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:dd:8e:66:70:fb:e0:2d:0e:97:6f:c7:a4:a3:0c:d7:2c:a3:
b6:a4:7c:a9:e7:e6:4e:49:7a:b3:e7:b9:99:9b:cc:3a:3d:23:
0b:36:d4:ba:cb:78:cd:4d:23:9b:2d:1d:b9:70:ce:5a:71:b6:
f0:bc:72:a8:0a:31:02:2a:c1:84:6b:03:3a:89:6a:22:0c:ba:
9c:79:cb:d5:73:85:b9:bb:fc:a0:41:42:2c:98:e3:6c:90:a3:
e6:58:b7:88:d1:74:22:38:07:d9:e4:33:e3:33:e8:53:ce:7e:
cc:c7:35:9b:39:0e:f3:35:70:7b:b3:29:f8:02:33:71:de:3c:
96:80:1d:91:3f:c0:15:60:84:15:6b:bc:62:3b:8d:b5:88:cf:
73:34:da:ad:56:b1:9c:c4:40:03:81:45:5b:ad:e2:d6:7d:2f:
34:01:9f:99:cd:b4:03:2f:5f:fd:e9:b0:f3:ea:71:f8:41:a8:
7d:82:48:35:ec:95:26:5f:5c:4e:3a:30:5f:77:60:ff:87:1f:
f9:02:5d:a7:4f:74:79:c9:65:52:48:00:f7:22:e7:98:69:49:
e6:1c:c2:28:9f:47:0e:ff:47:77:a9:7b:4c:ed:cc:47:a4:36:
3a:f5:83:28:8f:10:29:c2:74:4f:86:cf:b1:bb:5e:75:9b:29:
ef:25:1b:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGYaUmo+V751bw36C9tPOSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYmZiNDYzNTNiZmNjY2ZmOTQxMmRjYmRkNDgwZjE5YjRj
OTgzOTcwHhcNMjQwODI4MDk1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTdiZWI4MTI2ZmRjOTg3ZTVmNjZmZmYxMDkxYmJiYzNhNGYzMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1tbRzl+6BoHZhf4Fp2X8oCoAZ/2
fXUMrS/RzHM4p5wUf7leRNSDRlqZrdriVtT9IeXmawruye7FNzpSesppVOOP29sE
TY7cGS2TcDxWC/LaxDsMOFm9zGaEo5KBlsGFxllI6lOYEZfC9zPXrCxl8uEWIDk4
KZQ5gpNta+SmjVb6MRWk6CPX8AOJnFD1R6NRQJmw9f0OwMxps5UfafAehQPH0k76
XOypPvy36++qlduyPZM45zhnd4H2b9/wmnWxngz7V6p3MjO+dkcv8IuJE/7qRrwC
n96WS9aqSpxomnqTBwbrbBwFsWkOrX7rOMqYR7t1jDdt7oyyguaFU8t7MwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKV764Em/cmH5fZv/xCRu7w6TzN0MB8GA1UdIwQY
MBaAFFG/tGNTv8zP+UEty91IDxm0yYOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWItMFkxT196TV81UVMzTDNVZ1BHYlRKZzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kOTI1NTctOGM0Ni00ODJjLTkxYTgt
YzFlOTc0YmVkMTJlLzEvcFh2cmdTYjl5WWZsOW1fX0VKRzd2RHBQTTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kOTI1NTctOGM0Ni00ODJjLTkxYTgtYzFlOTc0YmVkMTJl
LzEvVWItMFkxT196TV81UVMzTDNVZ1BHYlRKZzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbcUmAwQA
w8jOMA0GCSqGSIb3DQEBCwUAA4IBAQAv3Y5mcPvgLQ6Xb8ekowzXLKO2pHyp5+ZO
SXqz57mZm8w6PSMLNtS6y3jNTSObLR25cM5acbbwvHKoCjECKsGEawM6iWoiDLqc
ecvVc4W5u/ygQUIsmONskKPmWLeI0XQiOAfZ5DPjM+hTzn7MxzWbOQ7zNXB7syn4
AjNx3jyWgB2RP8AVYIQVa7xiO421iM9zNNqtVrGcxEADgUVbreLWfS80AZ+ZzbQD
L1/96bDz6nH4Qah9gkg17JUmX1xOOjBfd2D/hx/5Al2nT3R5yWVSSAD3IueYaUnm
HMIon0cO/0d3qXtM7cxHpDY69YMojxApwnRPhs+xu151mynvJRuT
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:13:32 2024 by rpki-client on console-fra.rpki-client.org