Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/P22Xu7Odpb6rHs84C5Z0ip8hPqM.roa
File: P22Xu7Odpb6rHs84C5Z0ip8hPqM.roa (raw, json)
Hash identifier: AYGw0zqszLh0A3A359kT4i4m2xr6R3QiaEpwdHejtU8=
Subject key identifier: 3F:6D:97:BB:B3:9D:A5:BE:AB:1E:CF:38:0B:96:74:8A:9F:21:3E:A3
Certificate issuer: /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial: 018CC3493047471A245C8F3D4B4200108E9E
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/P22Xu7Odpb6rHs84C5Z0ip8hPqM.roa
Signing time: Mon 01 Jan 2024 04:30:02 +0000
ROA not before: Mon 01 Jan 2024 04:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 193.31.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:30:47:47:1a:24:5c:8f:3d:4b:42:00:10:8e:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Validity
Not Before: Jan 1 04:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f6d97bbb39da5beab1ecf380b96748a9f213ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:85:23:dd:11:8c:62:7d:55:d8:8a:20:07:ef:
82:68:46:be:ce:64:54:48:c2:51:0c:0b:88:12:30:
b7:5c:88:d7:fd:a6:9a:f0:e3:d9:19:1c:0d:a5:06:
01:72:44:80:af:15:76:22:06:77:8c:2d:c7:4e:82:
39:3a:44:e4:77:42:20:07:1d:ff:63:45:cf:ce:84:
c5:76:e9:65:48:f1:8b:5e:f7:dc:22:3f:6c:ea:6b:
ec:5b:90:10:07:b8:e9:00:86:e6:1f:01:8b:87:24:
e7:0e:f8:92:db:1b:3a:ee:41:6f:59:4f:4d:2a:0c:
17:3e:99:11:f4:19:a3:a8:ed:26:d0:81:c4:71:9c:
c8:43:79:71:38:51:87:4f:1a:94:13:77:bd:17:f9:
1e:29:53:81:08:ce:1d:47:a5:40:dc:72:25:76:72:
0d:22:3b:46:e4:c9:95:7f:e9:17:1f:11:e9:e3:84:
ba:c2:66:f1:e6:ac:3c:23:e7:c1:91:a5:0a:2d:a2:
01:b6:95:12:66:8b:77:b9:a3:08:2f:39:ba:24:4e:
71:b6:47:b3:99:14:4e:3c:81:e8:5d:22:5d:11:21:
1f:3d:62:49:85:22:e7:20:87:8c:35:52:98:92:07:
e9:81:c7:fe:34:a8:93:b0:ed:51:71:98:ff:c1:60:
4b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6D:97:BB:B3:9D:A5:BE:AB:1E:CF:38:0B:96:74:8A:9F:21:3E:A3
X509v3 Authority Key Identifier:
keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/P22Xu7Odpb6rHs84C5Z0ip8hPqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.15.0/24
Signature Algorithm: sha256WithRSAEncryption
56:04:9d:2a:0b:37:a6:ac:e3:c7:93:81:86:7e:96:84:6c:e6:
06:c2:3e:d8:4b:cf:c1:f9:b5:9b:19:8c:9f:f0:b4:9f:72:02:
9f:13:af:ab:21:df:88:15:38:c7:bb:44:0e:a0:7f:15:8b:7c:
d4:a2:9f:74:65:6d:11:d5:91:17:ef:7d:49:4b:a4:0f:9f:21:
85:c8:cb:44:5b:46:32:a2:06:8c:27:80:cf:ec:5f:14:53:a2:
20:86:0e:32:da:f4:aa:0d:8f:10:47:03:9d:32:3c:d4:f5:fd:
be:d2:cd:92:83:0b:2e:12:e7:88:69:5a:82:63:2a:3e:a2:4f:
c9:e1:5d:59:58:50:4c:24:5c:a2:54:8a:00:33:ee:15:55:7f:
9f:79:52:7a:51:b1:2c:ab:85:2a:72:f5:c1:59:46:7c:87:fe:
61:7a:b6:7a:dd:89:14:1a:f7:b3:b1:cb:44:00:7f:63:be:04:
c8:10:56:cc:c9:fe:b5:d5:ce:69:40:37:a4:2f:da:a0:22:0c:
68:9e:b8:d8:28:1c:e8:3f:0a:1a:dd:ce:74:86:da:69:db:9a:
e7:20:73:56:9b:1d:2b:bd:0c:b9:5e:47:93:d4:59:67:19:1e:
9c:4e:9d:29:40:d1:03:00:6d:44:24:65:5c:a0:de:a6:01:f8:
2a:76:5f:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSTBHRxokXI89S0IAEI6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjQwMTAxMDQzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjZkOTdiYmIzOWRhNWJlYWIxZWNmMzgwYjk2NzQ4YTlmMjEzZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIUj3RGMYn1V2IogB++CaEa+zmRU
SMJRDAuIEjC3XIjX/aaa8OPZGRwNpQYBckSArxV2IgZ3jC3HToI5OkTkd0IgBx3/
Y0XPzoTFdullSPGLXvfcIj9s6mvsW5AQB7jpAIbmHwGLhyTnDviS2xs67kFvWU9N
KgwXPpkR9BmjqO0m0IHEcZzIQ3lxOFGHTxqUE3e9F/keKVOBCM4dR6VA3HIldnIN
IjtG5MmVf+kXHxHp44S6wmbx5qw8I+fBkaUKLaIBtpUSZot3uaMILzm6JE5xtkez
mRROPIHoXSJdESEfPWJJhSLnIIeMNVKYkgfpgcf+NKiTsO1RcZj/wWBLLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9tl7uznaW+qx7POAuWdIqfIT6jMB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvUDIyWHU3T2RwYjZySHM4NEM1WjBpcDhoUHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR8PMA0G
CSqGSIb3DQEBCwUAA4IBAQBWBJ0qCzemrOPHk4GGfpaEbOYGwj7YS8/B+bWbGYyf
8LSfcgKfE6+rId+IFTjHu0QOoH8Vi3zUop90ZW0R1ZEX731JS6QPnyGFyMtEW0Yy
ogaMJ4DP7F8UU6Ighg4y2vSqDY8QRwOdMjzU9f2+0s2SgwsuEueIaVqCYyo+ok/J
4V1ZWFBMJFyiVIoAM+4VVX+feVJ6UbEsq4UqcvXBWUZ8h/5herZ63YkUGvezsctE
AH9jvgTIEFbMyf611c5pQDekL9qgIgxonrjYKBzoPwoa3c50htpp25rnIHNWmx0r
vQy5XkeT1FlnGR6cTp0pQNEDAG1EJGVcoN6mAfgqdl+9
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:43:13 2024 by rpki-client on console-fra.rpki-client.org