Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/540e53-c4a6-4f52-811e-6afc4ec63cf0/1/rPB2Dzbcnlf95ndGFfliQobgcZE.roa
File: rPB2Dzbcnlf95ndGFfliQobgcZE.roa (raw, json)
Hash identifier: Q9laqmeBYgRp4qfJAsCUK2xDhaOeYtfBrHUWDI5DtJg=
Subject key identifier: AC:F0:76:0F:36:DC:9E:57:FD:E6:77:46:15:F9:62:42:86:E0:71:91
Certificate issuer: /CN=e505d93497f19d2563066b409200969711f28c67
Certificate serial: 018CCA998A5B7A6C462C584B77B79073B57D
Authority key identifier: E5:05:D9:34:97:F1:9D:25:63:06:6B:40:92:00:96:97:11:F2:8C:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QXZNJfxnSVjBmtAkgCWlxHyjGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/540e53-c4a6-4f52-811e-6afc4ec63cf0/1/rPB2Dzbcnlf95ndGFfliQobgcZE.roa
Signing time: Tue 02 Jan 2024 14:35:09 +0000
ROA not before: Tue 02 Jan 2024 14:35:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42184
IP address blocks: 194.49.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/540e53-c4a6-4f52-811e-6afc4ec63cf0/1/5QXZNJfxnSVjBmtAkgCWlxHyjGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/540e53-c4a6-4f52-811e-6afc4ec63cf0/1/5QXZNJfxnSVjBmtAkgCWlxHyjGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/5QXZNJfxnSVjBmtAkgCWlxHyjGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:8a:5b:7a:6c:46:2c:58:4b:77:b7:90:73:b5:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e505d93497f19d2563066b409200969711f28c67
Validity
Not Before: Jan 2 14:35:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acf0760f36dc9e57fde6774615f9624286e07191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4f:38:c0:27:ec:c7:fc:bd:d6:d0:4b:cf:03:
97:56:8f:fd:12:ca:44:b0:4c:a6:63:44:da:b3:38:
b4:ca:f8:ff:e4:50:2f:02:ee:d2:18:4a:f7:ed:91:
c0:ea:6c:04:e2:5e:4b:3e:26:3b:29:96:35:8e:9f:
5c:de:09:9e:c5:c9:fe:11:83:f4:94:66:39:7c:87:
f1:46:30:ae:c3:ff:bc:bf:8b:c3:46:78:9f:62:14:
62:d4:04:d9:63:04:54:58:15:6b:6a:0a:3c:36:14:
25:a2:96:1d:92:95:d6:25:9e:95:3b:32:97:29:99:
41:44:b1:f6:9a:cd:c8:c8:e1:77:24:d7:95:11:80:
49:f3:8e:d3:58:d7:40:05:a5:16:e6:f0:91:03:57:
87:de:99:03:62:11:cd:a3:7e:cc:dd:b9:49:ad:f8:
b1:b2:7a:0e:97:aa:2f:17:e8:86:75:6e:9a:a8:7f:
07:94:8b:1c:79:93:87:5b:70:d3:d5:bc:be:8c:cd:
81:74:71:fb:82:93:4d:7c:e5:b4:46:e3:9f:61:f0:
4a:92:4f:22:5f:bd:d8:7a:9c:f0:ee:89:84:00:9d:
11:bb:1f:7a:28:86:4b:25:b0:2b:c1:4d:82:ec:e6:
8e:8d:19:a5:0b:73:aa:1f:bd:72:64:95:74:75:62:
56:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F0:76:0F:36:DC:9E:57:FD:E6:77:46:15:F9:62:42:86:E0:71:91
X509v3 Authority Key Identifier:
keyid:E5:05:D9:34:97:F1:9D:25:63:06:6B:40:92:00:96:97:11:F2:8C:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QXZNJfxnSVjBmtAkgCWlxHyjGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/540e53-c4a6-4f52-811e-6afc4ec63cf0/1/rPB2Dzbcnlf95ndGFfliQobgcZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/540e53-c4a6-4f52-811e-6afc4ec63cf0/1/5QXZNJfxnSVjBmtAkgCWlxHyjGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.22.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:ee:20:41:a1:84:d4:d3:aa:b4:da:d1:d8:94:f5:59:34:0e:
6c:fb:3b:be:5a:33:fe:87:a1:ca:76:5f:52:16:cc:b4:60:39:
2d:2f:1a:83:d8:b2:36:1e:18:e1:e6:e0:11:3a:a6:e1:32:0e:
44:d9:46:a4:60:ff:fc:a9:b9:30:8b:e3:22:68:1c:f9:3c:93:
dc:4e:80:65:cd:fd:c6:98:7d:fb:a6:ff:c9:28:74:b4:a0:8d:
0f:97:6b:f6:4b:67:c0:95:73:cd:29:b0:c1:eb:ba:8b:e2:95:
c2:88:95:1d:40:95:3a:63:13:63:77:d1:7d:ff:2d:a6:9a:17:
e4:23:79:31:f6:9b:4e:54:64:89:75:0c:14:19:e2:f6:14:a8:
b2:44:d2:f1:06:b1:0f:2d:6c:2b:ac:20:2a:18:05:1f:22:c8:
a1:1b:70:36:ce:28:92:5e:f0:b4:cc:83:e7:00:8d:92:f8:95:
1e:fc:a6:a7:72:47:7c:38:4a:86:75:71:c0:c0:76:3c:77:31:
de:01:bf:be:6d:1d:15:47:fb:73:62:50:c8:37:17:b1:5c:92:
e8:8c:27:a8:f5:62:6f:75:5c:15:db:94:8d:b4:fc:d7:89:de:
e4:0a:b4:e6:45:70:9c:0c:3a:85:4e:1f:0d:41:f0:b7:57:ee:
5d:15:81:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKmYpbemxGLFhLd7eQc7V9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDVkOTM0OTdmMTlkMjU2MzA2NmI0MDkyMDA5Njk3MTFm
MjhjNjcwHhcNMjQwMTAyMTQzNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2YwNzYwZjM2ZGM5ZTU3ZmRlNjc3NDYxNWY5NjI0Mjg2ZTA3MTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk84wCfsx/y91tBLzwOXVo/9EspE
sEymY0Taszi0yvj/5FAvAu7SGEr37ZHA6mwE4l5LPiY7KZY1jp9c3gmexcn+EYP0
lGY5fIfxRjCuw/+8v4vDRnifYhRi1ATZYwRUWBVrago8NhQlopYdkpXWJZ6VOzKX
KZlBRLH2ms3IyOF3JNeVEYBJ847TWNdABaUW5vCRA1eH3pkDYhHNo37M3blJrfix
snoOl6ovF+iGdW6aqH8HlIsceZOHW3DT1by+jM2BdHH7gpNNfOW0RuOfYfBKkk8i
X73Yepzw7omEAJ0Rux96KIZLJbArwU2C7OaOjRmlC3OqH71yZJV0dWJWXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKzwdg823J5X/eZ3RhX5YkKG4HGRMB8GA1UdIwQY
MBaAFOUF2TSX8Z0lYwZrQJIAlpcR8oxnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFYWk5KZnhuU1ZqQm10QWtnQ1dseEh5akdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NDBlNTMtYzRhNi00ZjUyLTgxMWUt
NmFmYzRlYzYzY2YwLzEvclBCMkR6YmNubGY5NW5kR0ZmbGlRb2JnY1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NDBlNTMtYzRhNi00ZjUyLTgxMWUtNmFmYzRlYzYzY2Yw
LzEvNVFYWk5KZnhuU1ZqQm10QWtnQ1dseEh5akdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjEWMA0G
CSqGSIb3DQEBCwUAA4IBAQCc7iBBoYTU06q02tHYlPVZNA5s+zu+WjP+h6HKdl9S
Fsy0YDktLxqD2LI2Hhjh5uAROqbhMg5E2UakYP/8qbkwi+MiaBz5PJPcToBlzf3G
mH37pv/JKHS0oI0Pl2v2S2fAlXPNKbDB67qL4pXCiJUdQJU6YxNjd9F9/y2mmhfk
I3kx9ptOVGSJdQwUGeL2FKiyRNLxBrEPLWwrrCAqGAUfIsihG3A2ziiSXvC0zIPn
AI2S+JUe/Kanckd8OEqGdXHAwHY8dzHeAb++bR0VR/tzYlDINxexXJLojCeo9WJv
dVwV25SNtPzXid7kCrTmRXCcDDqFTh8NQfC3V+5dFYG2
-----END CERTIFICATE-----
Generated at Fri May 17 18:47:49 2024 by rpki-client on console-ams.rpki-client.org