Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/s5Lz7uokRVJ_IZ6nYTkz_QoLMy8.roa
File: s5Lz7uokRVJ_IZ6nYTkz_QoLMy8.roa (raw, json)
Hash identifier: PUS8wQG57NyBpbqrlY9m4knbPzDEzrzmSFM7272cMaQ=
Subject key identifier: B3:92:F3:EE:EA:24:45:52:7F:21:9E:A7:61:39:33:FD:0A:0B:33:2F
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 018E13CC9FD2EEDA3D8D2B8D0ED7460FD26C
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/s5Lz7uokRVJ_IZ6nYTkz_QoLMy8.roa
Signing time: Wed 06 Mar 2024 12:46:01 +0000
ROA not before: Wed 06 Mar 2024 12:46:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200017
IP address blocks: 2.58.232.0/24 maxlen: 24
2.58.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:cc:9f:d2:ee:da:3d:8d:2b:8d:0e:d7:46:0f:d2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Mar 6 12:46:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b392f3eeea2445527f219ea7613933fd0a0b332f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2a:f4:c2:4e:46:aa:88:d3:78:99:4d:9a:4e:
7d:c1:59:1a:da:e0:e1:2e:59:79:a4:96:6a:ec:59:
7e:80:ac:b9:54:df:73:82:ba:1f:f8:79:75:2b:a2:
e4:d5:d0:be:1e:b2:ac:d9:5b:79:da:4c:38:04:ae:
20:6b:7f:3f:03:be:7a:f0:a4:cb:2b:a1:4f:75:a4:
2e:2e:a8:a2:9c:ef:3d:82:2c:35:50:f9:53:dc:a9:
f2:6d:62:ee:60:38:9a:cc:02:79:fb:7e:df:0a:60:
3b:c9:24:df:33:9d:bf:ee:bb:25:0f:98:22:a6:5f:
65:e4:8b:1c:64:48:a7:3a:bb:62:1b:76:a4:30:36:
8a:ab:10:b4:78:bd:a8:d6:4d:c8:1b:bb:d9:b5:7e:
e7:b8:d1:5d:86:fa:73:ab:e7:73:9d:02:af:b8:e7:
a5:6c:ce:6d:fb:a4:c2:e5:90:9d:f0:fa:3e:87:fc:
c6:36:31:9b:3e:1c:61:50:94:d4:43:21:2d:01:39:
c6:15:16:56:42:e5:55:23:65:7b:83:bb:47:05:89:
03:59:0a:c6:19:a5:57:21:92:a5:3f:69:d9:46:0d:
27:2f:1c:2a:ed:2c:95:4e:d6:23:24:fa:36:cd:eb:
f8:b6:36:7e:5f:07:11:36:7f:ef:9e:9c:25:37:ca:
a2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:92:F3:EE:EA:24:45:52:7F:21:9E:A7:61:39:33:FD:0A:0B:33:2F
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/s5Lz7uokRVJ_IZ6nYTkz_QoLMy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.232.0/24
2.58.234.0/24
Signature Algorithm: sha256WithRSAEncryption
88:49:46:d7:c4:1e:3d:c7:40:af:df:00:dd:41:f9:d9:e5:5c:
2f:f4:25:a8:8f:d3:80:f0:19:7c:fb:f5:2c:08:79:77:7c:b4:
d4:44:c6:1c:e8:23:c3:eb:01:8f:75:40:54:51:07:32:99:84:
82:20:28:66:9d:28:9e:1f:62:4d:7b:b1:8e:4f:e6:da:b5:b3:
46:67:55:81:71:32:f5:b9:35:ee:43:c4:0c:4a:67:57:57:9c:
58:31:17:2e:eb:d4:38:85:51:ec:0c:38:ec:d7:b8:ed:d8:0e:
7d:e8:a5:94:72:0f:03:55:40:75:45:a9:dd:ea:15:07:f6:5e:
87:73:fa:bc:ae:37:4c:d4:f1:8d:52:7c:b4:86:df:60:6f:ae:
79:dd:4e:8c:0b:cc:86:10:95:bd:fa:40:47:29:4d:28:d1:fd:
f8:75:6a:5b:f0:60:0f:63:2f:d7:a2:96:94:a5:a7:81:a5:c6:
19:96:b4:f9:57:d1:a4:3a:b7:31:9e:27:d2:b3:24:1c:a5:04:
a1:c1:0b:39:09:2a:2e:8c:4b:86:34:bd:53:dd:74:f6:82:2a:
cd:3d:84:fb:bc:ed:f8:7a:ae:da:f2:23:c6:23:21:13:33:a1:
e8:0e:c4:b4:48:14:22:8b:71:9c:fc:01:62:77:4f:cf:62:8a:
d1:55:dc:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4TzJ/S7to9jSuNDtdGD9JsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjQwMzA2MTI0NjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzkyZjNlZWVhMjQ0NTUyN2YyMTllYTc2MTM5MzNmZDBhMGIzMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyr0wk5GqojTeJlNmk59wVka2uDh
Lll5pJZq7Fl+gKy5VN9zgrof+Hl1K6Lk1dC+HrKs2Vt52kw4BK4ga38/A7568KTL
K6FPdaQuLqiinO89giw1UPlT3KnybWLuYDiazAJ5+37fCmA7ySTfM52/7rslD5gi
pl9l5IscZEinOrtiG3akMDaKqxC0eL2o1k3IG7vZtX7nuNFdhvpzq+dznQKvuOel
bM5t+6TC5ZCd8Po+h/zGNjGbPhxhUJTUQyEtATnGFRZWQuVVI2V7g7tHBYkDWQrG
GaVXIZKlP2nZRg0nLxwq7SyVTtYjJPo2zev4tjZ+XwcRNn/vnpwlN8qimwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLOS8+7qJEVSfyGep2E5M/0KCzMvMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvczVMejd1b2tSVkpfSVo2bllUa3pfUW9MTXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjroAwQA
AjrqMA0GCSqGSIb3DQEBCwUAA4IBAQCISUbXxB49x0Cv3wDdQfnZ5Vwv9CWoj9OA
8Bl8+/UsCHl3fLTURMYc6CPD6wGPdUBUUQcymYSCIChmnSieH2JNe7GOT+batbNG
Z1WBcTL1uTXuQ8QMSmdXV5xYMRcu69Q4hVHsDDjs17jt2A596KWUcg8DVUB1Rand
6hUH9l6Hc/q8rjdM1PGNUny0ht9gb6553U6MC8yGEJW9+kBHKU0o0f34dWpb8GAP
Yy/XopaUpaeBpcYZlrT5V9GkOrcxnifSsyQcpQShwQs5CSoujEuGNL1T3XT2girN
PYT7vO34eq7a8iPGIyETM6HoDsS0SBQii3Gc/AFid0/PYorRVdxr
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:57:09 2024 by rpki-client on console-fra.rpki-client.org