Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/dSfRQc_TfWd42qcHTH9nP01EqCY.roa
File: dSfRQc_TfWd42qcHTH9nP01EqCY.roa (raw, json)
Hash identifier: Rrjr6wjE9Wv5B9gbEmVubSMnVbrIPXD8iJ6XW7I18nE=
Subject key identifier: 75:27:D1:41:CF:D3:7D:67:78:DA:A7:07:4C:7F:67:3F:4D:44:A8:26
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 018CC50034FF618F8D440B6572007F328471
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/dSfRQc_TfWd42qcHTH9nP01EqCY.roa
Signing time: Mon 01 Jan 2024 12:29:34 +0000
ROA not before: Mon 01 Jan 2024 12:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199667
IP address blocks: 213.109.37.0/24 maxlen: 24
213.109.38.0/24 maxlen: 24
128.127.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:34:ff:61:8f:8d:44:0b:65:72:00:7f:32:84:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 12:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7527d141cfd37d6778daa7074c7f673f4d44a826
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0f:22:b8:b7:48:38:bf:59:87:38:8c:cb:81:
1f:fa:ff:d5:77:14:36:85:2e:fc:27:f6:6a:37:6e:
ea:21:a9:86:88:b3:d1:2f:ee:af:cb:af:25:91:87:
86:4c:82:75:5d:33:e4:76:f8:f9:c0:5a:c1:b7:69:
d6:ba:e1:b0:5b:1f:b5:05:63:7f:68:34:c8:74:cc:
05:76:d8:8b:30:fd:ac:75:9f:75:18:f3:be:d3:cb:
0e:d2:d5:18:ad:64:8d:21:14:c5:b8:2b:f8:cf:b8:
ef:88:0c:d4:c8:66:91:30:15:da:9a:1b:30:4a:17:
ca:39:9c:43:78:af:23:92:82:c3:71:31:a0:2c:8a:
dd:26:36:35:66:e1:a4:3a:ad:4d:a0:7a:79:cb:a2:
42:d3:80:dd:04:1c:db:ed:f7:e5:52:c4:83:e4:3a:
78:08:fc:a3:c1:c1:da:fa:dd:c9:e4:1c:98:82:b9:
63:5a:5e:3b:9b:d7:c9:79:25:7c:47:fc:87:f8:5e:
c8:03:43:c8:a4:9b:4b:bb:20:16:0f:e8:3e:eb:b6:
1d:38:82:be:cb:80:ca:cb:31:f0:96:b1:e6:82:6e:
af:cd:e5:e7:70:3e:7c:8c:30:1f:bd:f5:f5:e0:e9:
84:ff:4b:65:d7:40:a8:b7:cc:1d:13:21:a2:6f:b4:
37:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:27:D1:41:CF:D3:7D:67:78:DA:A7:07:4C:7F:67:3F:4D:44:A8:26
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/dSfRQc_TfWd42qcHTH9nP01EqCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.127.89.0/24
213.109.37.0-213.109.38.255
Signature Algorithm: sha256WithRSAEncryption
12:4b:7a:90:4b:e8:1f:48:4d:eb:70:7a:fd:b2:85:31:c1:68:
d0:22:66:bc:1d:a7:76:d1:1e:8a:98:39:17:8c:8e:63:98:01:
9c:f2:6d:42:a0:1d:3e:30:55:79:fd:f7:ea:59:88:3a:ec:12:
0d:19:ec:d7:27:53:a3:e2:78:c4:e5:8f:91:9b:1e:e8:70:23:
dd:ce:18:3c:49:a4:6e:8e:51:57:ba:6e:4a:0a:67:11:18:cf:
4a:f3:9e:ec:10:ce:a8:e2:ae:cc:cf:17:40:00:d0:3c:31:d4:
71:5b:c6:48:e9:04:00:83:78:5f:32:ce:3d:95:f5:de:1e:f5:
7e:16:c5:ff:44:12:8c:ad:3d:4a:46:6b:9b:4a:ac:97:cc:0f:
f8:ab:2a:fd:1d:03:fe:7b:3c:07:06:d9:e5:52:f3:e6:22:95:
2d:4d:d9:3a:13:e8:9a:4e:e4:b8:1e:ab:5c:31:d9:d6:e9:9d:
63:82:7e:e2:6a:4c:46:2b:af:03:a4:9e:5e:27:5a:79:d7:ae:
d7:17:d3:36:d6:76:7c:72:ab:88:f9:00:25:a2:19:6b:f2:c2:
92:6d:f5:6f:90:8a:31:fd:ef:0a:d3:82:8c:a9:49:87:a0:76:
44:08:ba:49:e7:33:a5:2a:74:4f:a0:49:6f:3f:25:f5:60:92:
8c:f0:5b:f5
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzFADT/YY+NRAtlcgB/MoRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjQwMTAxMTIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTI3ZDE0MWNmZDM3ZDY3NzhkYWE3MDc0YzdmNjczZjRkNDRhODI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw8iuLdIOL9ZhziMy4Ef+v/VdxQ2
hS78J/ZqN27qIamGiLPRL+6vy68lkYeGTIJ1XTPkdvj5wFrBt2nWuuGwWx+1BWN/
aDTIdMwFdtiLMP2sdZ91GPO+08sO0tUYrWSNIRTFuCv4z7jviAzUyGaRMBXamhsw
ShfKOZxDeK8jkoLDcTGgLIrdJjY1ZuGkOq1NoHp5y6JC04DdBBzb7fflUsSD5Dp4
CPyjwcHa+t3J5ByYgrljWl47m9fJeSV8R/yH+F7IA0PIpJtLuyAWD+g+67YdOIK+
y4DKyzHwlrHmgm6vzeXncD58jDAfvfX14OmE/0tl10Cot8wdEyGib7Q33QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHUn0UHP031neNqnB0x/Zz9NRKgmMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvZFNmUlFjX1RmV2Q0MnFjSFRIOW5QMDFFcUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAgH9ZMAwD
BADVbSUDBADVbSYwDQYJKoZIhvcNAQELBQADggEBABJLepBL6B9ITetwev2yhTHB
aNAiZrwdp3bRHoqYOReMjmOYAZzybUKgHT4wVXn99+pZiDrsEg0Z7NcnU6PieMTl
j5GbHuhwI93OGDxJpG6OUVe6bkoKZxEYz0rznuwQzqjirszPF0AA0Dwx1HFbxkjp
BACDeF8yzj2V9d4e9X4Wxf9EEoytPUpGa5tKrJfMD/irKv0dA/57PAcG2eVS8+Yi
lS1N2ToT6JpO5Lgeq1wx2dbpnWOCfuJqTEYrrwOknl4nWnnXrtcX0zbWdnxyq4j5
ACWiGWvywpJt9W+QijH97wrTgoypSYegdkQIuknnM6UqdE+gSW8/JfVgkozwW/U=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:59 2024 by rpki-client on console-ams.rpki-client.org