Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/1f4d56-bdd9-4116-954c-2240d27402fe/1/tftXyR1gKht19pz38x_BNSqKFEE.roa
File: tftXyR1gKht19pz38x_BNSqKFEE.roa (raw, json)
Hash identifier: usHo9R1WngCxLqF9b4/7XoVOa0/xaIO8M0WJ1/RKBlA=
Subject key identifier: B5:FB:57:C9:1D:60:2A:1B:75:F6:9C:F7:F3:1F:C1:35:2A:8A:14:41
Certificate issuer: /CN=fea2da9911b31bf5b0d614912fdbf95bf1d7035b
Certificate serial: 018D5EC90E19C36F863DAB3A13A229A1181C
Authority key identifier: FE:A2:DA:99:11:B3:1B:F5:B0:D6:14:91:2F:DB:F9:5B:F1:D7:03:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_qLamRGzG_Ww1hSRL9v5W_HXA1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/1f4d56-bdd9-4116-954c-2240d27402fe/1/tftXyR1gKht19pz38x_BNSqKFEE.roa
Signing time: Wed 31 Jan 2024 09:10:51 +0000
ROA not before: Wed 31 Jan 2024 09:10:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41236
IP address blocks: 195.35.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/1f4d56-bdd9-4116-954c-2240d27402fe/1/_qLamRGzG_Ww1hSRL9v5W_HXA1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/1f4d56-bdd9-4116-954c-2240d27402fe/1/_qLamRGzG_Ww1hSRL9v5W_HXA1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/_qLamRGzG_Ww1hSRL9v5W_HXA1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:c9:0e:19:c3:6f:86:3d:ab:3a:13:a2:29:a1:18:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fea2da9911b31bf5b0d614912fdbf95bf1d7035b
Validity
Not Before: Jan 31 09:10:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5fb57c91d602a1b75f69cf7f31fc1352a8a1441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f7:7c:19:a4:da:98:36:9e:86:2f:8e:2d:b8:
a6:a5:e8:84:38:4f:8d:0c:86:3c:22:6c:b3:84:7e:
28:c6:f8:f9:19:d2:33:94:34:51:52:d8:ac:d1:44:
79:d5:99:81:9e:94:8d:88:e3:08:e5:8e:4f:1a:39:
c6:48:24:6c:c9:42:da:a0:ba:09:44:2f:44:74:b0:
e1:bc:ed:f4:df:e3:2c:ee:27:61:fc:c5:43:0c:17:
5a:1b:47:7d:28:a5:ae:ce:3e:d3:21:3e:98:00:b5:
9c:25:95:9b:e5:e9:98:ff:8b:a8:36:38:7d:5b:ca:
52:36:7f:9c:88:e2:7f:50:8b:90:0c:51:6b:61:50:
07:2a:45:40:59:ce:fd:48:34:b9:98:37:da:5d:9e:
cb:5c:fc:dc:49:e6:b6:1c:41:ff:e6:3b:19:16:d6:
7b:b1:68:ab:86:3e:78:95:d0:9c:c9:9d:20:65:76:
96:bc:36:c7:f8:a5:81:de:67:3b:cd:00:6d:9d:f7:
ae:e3:7b:77:00:9a:d9:00:e8:c0:71:71:90:cd:32:
cb:5d:50:48:96:59:f5:0a:61:8a:47:d1:f9:fc:31:
f9:70:93:ae:2c:af:f6:f8:d9:3e:2d:93:0c:26:d4:
99:13:3e:55:d8:5d:1b:ea:90:2d:bd:63:66:19:68:
39:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FB:57:C9:1D:60:2A:1B:75:F6:9C:F7:F3:1F:C1:35:2A:8A:14:41
X509v3 Authority Key Identifier:
keyid:FE:A2:DA:99:11:B3:1B:F5:B0:D6:14:91:2F:DB:F9:5B:F1:D7:03:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_qLamRGzG_Ww1hSRL9v5W_HXA1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1f4d56-bdd9-4116-954c-2240d27402fe/1/tftXyR1gKht19pz38x_BNSqKFEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/1f4d56-bdd9-4116-954c-2240d27402fe/1/_qLamRGzG_Ww1hSRL9v5W_HXA1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.35.100.0/24
Signature Algorithm: sha256WithRSAEncryption
10:bb:52:f9:f8:79:c3:42:df:19:0d:1e:db:63:76:0e:54:5c:
c8:bf:41:f5:36:56:9d:d7:2e:44:bf:88:1c:4f:46:21:6c:28:
f9:26:6c:b1:9e:f4:1a:bf:32:7d:f8:0c:56:4c:98:c3:8b:f6:
ba:f7:53:67:f1:dc:5c:c6:c9:c3:62:7a:9e:92:d7:32:c4:f7:
99:e7:c1:90:c7:ea:01:f6:96:4e:7d:c4:ef:75:ae:4d:a2:64:
42:6d:62:c9:fd:bf:6a:06:20:45:5e:b8:77:d7:1f:51:b3:16:
00:e7:bf:54:19:55:5d:97:15:d9:24:99:55:7a:f5:e4:62:b2:
6e:e3:72:75:78:13:a0:1d:16:c3:8a:7f:28:b7:48:7e:bc:a7:
eb:10:4a:de:aa:84:82:6c:63:15:b4:3e:a7:ec:4e:dd:41:1c:
ba:e6:b2:40:96:1e:6c:69:f7:2f:8e:aa:d4:40:19:33:c0:c1:
0b:5c:be:4c:00:09:7b:13:4b:3c:9a:49:dc:ea:8c:f7:c6:a4:
0f:96:a0:45:12:9e:97:75:82:31:c9:8a:57:14:24:1b:63:56:
b2:dc:b8:f5:b9:4b:c8:d5:2a:1c:56:b3:f3:18:44:56:ec:2f:
b8:d7:16:fa:59:16:3c:bf:7c:92:1e:c2:08:52:45:a0:77:f8:
84:54:f1:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1eyQ4Zw2+GPas6E6IpoRgcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlYTJkYTk5MTFiMzFiZjViMGQ2MTQ5MTJmZGJmOTViZjFk
NzAzNWIwHhcNMjQwMTMxMDkxMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWZiNTdjOTFkNjAyYTFiNzVmNjljZjdmMzFmYzEzNTJhOGExNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fd8GaTamDaehi+OLbimpeiEOE+N
DIY8ImyzhH4oxvj5GdIzlDRRUtis0UR51ZmBnpSNiOMI5Y5PGjnGSCRsyULaoLoJ
RC9EdLDhvO303+Ms7idh/MVDDBdaG0d9KKWuzj7TIT6YALWcJZWb5emY/4uoNjh9
W8pSNn+ciOJ/UIuQDFFrYVAHKkVAWc79SDS5mDfaXZ7LXPzcSea2HEH/5jsZFtZ7
sWirhj54ldCcyZ0gZXaWvDbH+KWB3mc7zQBtnfeu43t3AJrZAOjAcXGQzTLLXVBI
lln1CmGKR9H5/DH5cJOuLK/2+Nk+LZMMJtSZEz5V2F0b6pAtvWNmGWg59wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLX7V8kdYCobdfac9/MfwTUqihRBMB8GA1UdIwQY
MBaAFP6i2pkRsxv1sNYUkS/b+Vvx1wNbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3FMYW1SR3pHX1d3MWhTUkw5djVXX0hYQTFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8xZjRkNTYtYmRkOS00MTE2LTk1NGMt
MjI0MGQyNzQwMmZlLzEvdGZ0WHlSMWdLaHQxOXB6Mzh4X0JOU3FLRkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8xZjRkNTYtYmRkOS00MTE2LTk1NGMtMjI0MGQyNzQwMmZl
LzEvX3FMYW1SR3pHX1d3MWhTUkw5djVXX0hYQTFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyNkMA0G
CSqGSIb3DQEBCwUAA4IBAQAQu1L5+HnDQt8ZDR7bY3YOVFzIv0H1Nlad1y5Ev4gc
T0YhbCj5JmyxnvQavzJ9+AxWTJjDi/a691Nn8dxcxsnDYnqektcyxPeZ58GQx+oB
9pZOfcTvda5NomRCbWLJ/b9qBiBFXrh31x9RsxYA579UGVVdlxXZJJlVevXkYrJu
43J1eBOgHRbDin8ot0h+vKfrEEreqoSCbGMVtD6n7E7dQRy65rJAlh5safcvjqrU
QBkzwMELXL5MAAl7E0s8mknc6oz3xqQPlqBFEp6XdYIxyYpXFCQbY1ay3Lj1uUvI
1SocVrPzGERW7C+41xb6WRY8v3ySHsIIUkWgd/iEVPFT
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:08 2024 by rpki-client on console-fra.rpki-client.org