Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/yA8FFQwWS21xHDJvnv7k1peLbSQ.roa
File: yA8FFQwWS21xHDJvnv7k1peLbSQ.roa (raw, json)
Hash identifier: IEIYsIExqZUtgs733xjhnv9gdE4AaRmHuPRhioNh/7I=
Subject key identifier: C8:0F:05:15:0C:16:4B:6D:71:1C:32:6F:9E:FE:E4:D6:97:8B:6D:24
Certificate issuer: /CN=54041941b1450d6b95b58ca3f077ce208dfdfb4b
Certificate serial: 018CC50120CAE81326FF894BABC13892554D
Authority key identifier: 54:04:19:41:B1:45:0D:6B:95:B5:8C:A3:F0:77:CE:20:8D:FD:FB:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAQZQbFFDWuVtYyj8HfOII39-0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/yA8FFQwWS21xHDJvnv7k1peLbSQ.roa
Signing time: Mon 01 Jan 2024 12:30:34 +0000
ROA not before: Mon 01 Jan 2024 12:30:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 195.20.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/VAQZQbFFDWuVtYyj8HfOII39-0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/VAQZQbFFDWuVtYyj8HfOII39-0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VAQZQbFFDWuVtYyj8HfOII39-0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:20:ca:e8:13:26:ff:89:4b:ab:c1:38:92:55:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54041941b1450d6b95b58ca3f077ce208dfdfb4b
Validity
Not Before: Jan 1 12:30:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c80f05150c164b6d711c326f9efee4d6978b6d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:12:18:d2:16:2f:5c:b8:8e:95:ac:70:8c:da:
9a:06:fe:14:35:68:28:bb:16:d7:8e:2c:24:30:e9:
d2:ae:b1:b7:66:93:d4:ff:e1:73:71:2b:08:c2:be:
36:79:2c:83:90:e0:ce:8e:57:16:e7:ec:7b:9c:ee:
27:e5:51:76:b2:f8:9d:ca:3d:27:0b:8f:f8:7d:22:
66:7a:d1:89:a3:e1:52:47:ad:24:0c:30:c3:1f:40:
1a:28:41:82:97:3e:1d:8b:b1:7d:32:17:3a:6a:28:
65:e2:27:9f:17:6f:6e:10:f9:f6:da:7d:00:25:95:
d1:76:c0:e5:1d:9e:04:56:65:fb:67:7c:32:65:dc:
d1:85:f9:c2:4f:86:49:30:3b:59:97:5a:bf:f1:0b:
5d:3c:54:c9:73:06:49:25:94:a6:dd:6b:b3:98:73:
87:2f:44:f7:f0:c6:f9:da:91:da:57:00:fd:fa:37:
20:e1:44:6a:b9:3f:25:4e:60:9f:3e:cd:16:aa:e1:
24:61:ab:fc:b4:2f:52:3b:06:a5:dd:ce:84:c3:d7:
32:75:b4:5c:cc:99:79:dc:03:70:cd:81:ba:d8:28:
0e:43:37:73:69:5b:79:38:80:e8:68:1e:4b:19:42:
77:fd:92:fd:ab:2b:14:21:fe:09:ea:95:87:74:45:
5e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:0F:05:15:0C:16:4B:6D:71:1C:32:6F:9E:FE:E4:D6:97:8B:6D:24
X509v3 Authority Key Identifier:
keyid:54:04:19:41:B1:45:0D:6B:95:B5:8C:A3:F0:77:CE:20:8D:FD:FB:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAQZQbFFDWuVtYyj8HfOII39-0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/yA8FFQwWS21xHDJvnv7k1peLbSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/9398b0-2fbb-4bd3-b9bc-1e89f9695d1b/1/VAQZQbFFDWuVtYyj8HfOII39-0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.115.0/24
Signature Algorithm: sha256WithRSAEncryption
64:62:e2:0a:c7:fc:a8:48:25:f8:ec:bc:64:3d:30:74:57:af:
a0:60:93:66:58:2a:68:ef:f4:7d:b8:40:63:f3:6c:7d:4f:db:
cd:87:16:11:13:b6:93:2c:bd:9c:2d:f1:30:83:1d:19:28:62:
96:2d:62:02:aa:dd:35:d5:06:df:e0:7a:92:56:c3:03:dd:b7:
64:05:5f:9a:97:87:52:be:d5:9e:ca:00:70:d0:79:bb:8b:b2:
d1:3f:7c:39:5c:88:17:0e:ca:25:72:ee:33:8a:82:8f:c9:6c:
f8:50:18:9d:4f:15:59:2c:ea:21:bd:01:a3:cc:78:21:e1:89:
21:03:67:01:2f:63:ee:0a:97:84:65:c5:a0:f1:82:c7:d7:8c:
b3:0b:58:c0:f4:61:d8:55:84:ae:f8:5b:3a:d8:f2:e7:1a:0d:
b3:54:d2:32:cd:de:df:40:d1:98:60:ca:7b:e3:bc:39:e5:07:
6b:cc:80:02:94:81:a0:e7:78:43:97:4f:df:20:0f:42:0e:15:
17:b9:17:60:f5:de:cc:28:48:a1:34:c9:28:4a:9a:8c:2c:02:
30:c3:77:c3:b6:60:21:25:bb:21:74:55:07:f4:4a:20:44:d5:
cb:72:c9:32:b3:7f:cb:8d:4e:55:64:d4:d9:20:7d:58:2f:b8:
e7:4b:ac:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASDK6BMm/4lLq8E4klVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MDQxOTQxYjE0NTBkNmI5NWI1OGNhM2YwNzdjZTIwOGRm
ZGZiNGIwHhcNMjQwMTAxMTIzMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODBmMDUxNTBjMTY0YjZkNzExYzMyNmY5ZWZlZTRkNjk3OGI2ZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRIY0hYvXLiOlaxwjNqaBv4UNWgo
uxbXjiwkMOnSrrG3ZpPU/+FzcSsIwr42eSyDkODOjlcW5+x7nO4n5VF2svidyj0n
C4/4fSJmetGJo+FSR60kDDDDH0AaKEGClz4di7F9Mhc6aihl4iefF29uEPn22n0A
JZXRdsDlHZ4EVmX7Z3wyZdzRhfnCT4ZJMDtZl1q/8QtdPFTJcwZJJZSm3WuzmHOH
L0T38Mb52pHaVwD9+jcg4URquT8lTmCfPs0WquEkYav8tC9SOwal3c6Ew9cydbRc
zJl53ANwzYG62CgOQzdzaVt5OIDoaB5LGUJ3/ZL9qysUIf4J6pWHdEVeSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgPBRUMFkttcRwyb57+5NaXi20kMB8GA1UdIwQY
MBaAFFQEGUGxRQ1rlbWMo/B3ziCN/ftLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkFRWlFiRkZEV3VWdFl5ajhIZk9JSTM5LTBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi85Mzk4YjAtMmZiYi00YmQzLWI5YmMt
MWU4OWY5Njk1ZDFiLzEveUE4RkZRd1dTMjF4SERKdm52N2sxcGVMYlNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi85Mzk4YjAtMmZiYi00YmQzLWI5YmMtMWU4OWY5Njk1ZDFi
LzEvVkFRWlFiRkZEV3VWdFl5ajhIZk9JSTM5LTBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxRzMA0G
CSqGSIb3DQEBCwUAA4IBAQBkYuIKx/yoSCX47LxkPTB0V6+gYJNmWCpo7/R9uEBj
82x9T9vNhxYRE7aTLL2cLfEwgx0ZKGKWLWICqt011Qbf4HqSVsMD3bdkBV+al4dS
vtWeygBw0Hm7i7LRP3w5XIgXDsolcu4zioKPyWz4UBidTxVZLOohvQGjzHgh4Ykh
A2cBL2PuCpeEZcWg8YLH14yzC1jA9GHYVYSu+Fs62PLnGg2zVNIyzd7fQNGYYMp7
47w55QdrzIAClIGg53hDl0/fIA9CDhUXuRdg9d7MKEihNMkoSpqMLAIww3fDtmAh
JbshdFUH9EogRNXLcskys3/LjU5VZNTZIH1YL7jnS6wH
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:28:20 2024 by rpki-client on console-ams.rpki-client.org