Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/U3KbhFjgfo55AGuBYPQMQdf1wHM.roa
File: U3KbhFjgfo55AGuBYPQMQdf1wHM.roa (raw, json)
Hash identifier: A3J2gn99X+0GSruzNT1LL2+raTYbgu+geL0ngQ+zi0g=
Subject key identifier: 53:72:9B:84:58:E0:7E:8E:79:00:6B:81:60:F4:0C:41:D7:F5:C0:73
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018CC8DFA52901AEC488C794DEA425319B51
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/U3KbhFjgfo55AGuBYPQMQdf1wHM.roa
Signing time: Tue 02 Jan 2024 06:32:29 +0000
ROA not before: Tue 02 Jan 2024 06:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201624
IP address blocks: 193.238.44.0/24 maxlen: 24
176.118.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a5:29:01:ae:c4:88:c7:94:de:a4:25:31:9b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 2 06:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=53729b8458e07e8e79006b8160f40c41d7f5c073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cb:f8:8e:20:d3:3f:45:87:e0:a2:6a:a7:f1:
4a:b4:ea:7e:06:58:43:92:99:0a:bf:14:43:d0:5d:
65:c9:90:4e:0e:b6:59:eb:00:59:80:75:33:a1:24:
e4:08:7a:63:b9:72:64:f4:65:8d:78:b6:b6:8e:e9:
64:3c:18:9b:2b:e9:0a:b3:c2:43:ef:06:5f:16:c8:
b6:eb:4e:22:f8:36:0e:87:67:5f:8a:57:d3:b1:04:
bd:28:2a:41:8a:0a:e5:85:ea:48:70:2d:80:b2:a7:
9e:71:a2:b8:41:13:1c:61:b3:01:49:88:5f:ad:ae:
e3:29:44:63:0c:65:ba:f8:b4:6a:be:14:27:24:7b:
d6:49:35:06:35:61:3f:72:9e:e5:b8:7d:1f:e6:10:
60:52:79:76:16:1f:27:22:60:78:4b:9d:2a:4c:0e:
e0:2b:ce:ac:98:2f:aa:c3:dc:06:30:be:44:07:6b:
a1:04:40:4f:4f:2d:b1:97:31:e2:7f:18:36:ee:b7:
72:a7:4c:9d:2e:4b:36:d8:4f:c0:16:4c:4f:c2:aa:
fc:99:16:8e:5a:f2:71:d8:3f:4e:15:77:60:13:8d:
ad:b7:5f:96:25:24:ac:42:11:4f:7b:c4:06:d0:40:
28:80:e7:b7:fd:d2:3a:1d:30:ca:96:4d:2f:2d:5f:
32:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:72:9B:84:58:E0:7E:8E:79:00:6B:81:60:F4:0C:41:D7:F5:C0:73
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/U3KbhFjgfo55AGuBYPQMQdf1wHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.199.0/24
193.238.44.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:e3:29:9d:d8:35:86:e8:83:96:5d:6b:2a:44:6d:56:ba:fe:
68:36:2d:93:db:85:5b:c7:cb:10:5b:26:d0:6e:d7:52:f5:21:
89:bd:83:fe:16:29:b8:32:ce:b1:cf:88:d7:23:a1:ee:c5:d0:
e8:bf:b3:89:91:a9:e3:46:42:2d:22:83:61:40:a7:6e:dc:93:
42:3c:d0:bb:b5:05:e3:8b:28:21:a9:d7:52:66:c7:77:d8:d7:
dc:45:0a:46:2e:17:2e:25:6f:c3:e4:c9:84:ac:8d:e3:f6:e4:
ef:1c:17:78:00:7a:2a:fd:7d:33:04:7e:71:a6:28:27:b9:25:
41:74:64:5f:a3:ae:ff:0b:3c:b0:5b:21:92:9e:8b:d8:f9:be:
bf:35:3f:18:a0:f0:26:9f:e7:0a:6d:0d:6f:7a:3c:08:6d:d2:
7d:b6:d5:f4:65:61:f2:d1:9e:06:3c:75:14:1a:15:49:0f:ad:
2b:22:74:10:f6:8d:43:7c:c7:52:98:64:60:12:bc:59:a8:1a:
e1:5b:de:09:77:d4:1d:fe:32:d3:7c:1a:30:a1:67:4d:73:6b:
fc:80:2d:c5:34:6f:b8:b1:7b:bb:72:2b:98:98:c6:e2:71:bd:
52:f3:ef:83:04:8a:5b:0c:3f:5f:c8:be:c6:c1:cf:99:ad:4e:
6a:f3:82:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI36UpAa7EiMeU3qQlMZtRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwMTAyMDYzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzcyOWI4NDU4ZTA3ZThlNzkwMDZiODE2MGY0MGM0MWQ3ZjVjMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsv4jiDTP0WH4KJqp/FKtOp+BlhD
kpkKvxRD0F1lyZBODrZZ6wBZgHUzoSTkCHpjuXJk9GWNeLa2julkPBibK+kKs8JD
7wZfFsi2604i+DYOh2dfilfTsQS9KCpBigrlhepIcC2AsqeecaK4QRMcYbMBSYhf
ra7jKURjDGW6+LRqvhQnJHvWSTUGNWE/cp7luH0f5hBgUnl2Fh8nImB4S50qTA7g
K86smC+qw9wGML5EB2uhBEBPTy2xlzHifxg27rdyp0ydLks22E/AFkxPwqr8mRaO
WvJx2D9OFXdgE42tt1+WJSSsQhFPe8QG0EAogOe3/dI6HTDKlk0vLV8yPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFNym4RY4H6OeQBrgWD0DEHX9cBzMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVTNLYmhGamdmbzU1QUd1QllQUU1RZGYxd0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsHbHAwQA
we4sMA0GCSqGSIb3DQEBCwUAA4IBAQCo4ymd2DWG6IOWXWsqRG1Wuv5oNi2T24Vb
x8sQWybQbtdS9SGJvYP+Fim4Ms6xz4jXI6HuxdDov7OJkanjRkItIoNhQKdu3JNC
PNC7tQXjiyghqddSZsd32NfcRQpGLhcuJW/D5MmErI3j9uTvHBd4AHoq/X0zBH5x
pignuSVBdGRfo67/CzywWyGSnovY+b6/NT8YoPAmn+cKbQ1vejwIbdJ9ttX0ZWHy
0Z4GPHUUGhVJD60rInQQ9o1DfMdSmGRgErxZqBrhW94Jd9Qd/jLTfBowoWdNc2v8
gC3FNG+4sXu7ciuYmMbicb1S8++DBIpbDD9fyL7Gwc+ZrU5q84Lf
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:41:58 2024 by rpki-client on console-ams.rpki-client.org