Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/20uYHblnmTLP-ldaJY8u6kHVjSs.roa
File: 20uYHblnmTLP-ldaJY8u6kHVjSs.roa (raw, json)
Hash identifier: VxR9TQEv11WFiSmR2f0AnX3ngRfNpsIhtqQswHqtmxo=
Subject key identifier: DB:4B:98:1D:B9:67:99:32:CF:FA:57:5A:25:8F:2E:EA:41:D5:8D:2B
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 0192CE3202A3139D8475C52DA494EE50AE02
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/20uYHblnmTLP-ldaJY8u6kHVjSs.roa
Signing time: Sun 27 Oct 2024 13:37:16 +0000
ROA not before: Sun 27 Oct 2024 13:37:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41050
IP address blocks: 5.59.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ce:32:02:a3:13:9d:84:75:c5:2d:a4:94:ee:50:ae:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Oct 27 13:37:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db4b981db9679932cffa575a258f2eea41d58d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c4:26:f4:44:be:1f:a6:33:b1:c2:a1:9d:00:
77:69:4f:49:a1:9a:59:bc:30:5e:64:39:50:d3:6d:
f4:af:05:4e:d4:a4:36:28:a1:70:18:0a:a2:94:49:
6a:f7:b2:f3:c5:0e:28:71:0a:63:f9:df:35:52:09:
d8:37:26:a5:fa:f8:98:e9:0c:57:98:95:8e:76:0c:
56:66:3c:f2:a3:ac:7d:32:47:1d:e8:58:8c:91:af:
5d:67:80:4d:70:03:b8:51:df:50:9a:f5:cf:e1:ff:
7d:89:ca:4b:39:63:64:02:0d:01:26:1a:61:aa:f6:
6a:9d:73:a8:c3:f7:a7:a6:23:bc:b9:10:22:1b:3c:
b4:99:75:28:6c:12:4b:bd:7a:e8:c6:b5:02:d9:b1:
7f:4f:b4:16:d1:97:09:68:d4:85:bc:90:2c:ef:36:
d3:b0:4c:f4:90:c9:fe:5f:03:d3:f6:60:dd:8f:d3:
57:ad:80:ec:49:c2:97:d9:c6:6f:85:13:c0:29:83:
71:27:ad:d7:db:27:59:d0:85:49:1d:33:33:ba:56:
f4:0e:9e:db:85:2c:37:42:25:49:e6:af:29:37:6d:
e2:86:fe:b5:58:9e:38:4c:79:a0:f3:eb:ac:d0:db:
ca:82:94:b7:73:72:af:75:07:82:39:c3:71:14:a2:
3d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4B:98:1D:B9:67:99:32:CF:FA:57:5A:25:8F:2E:EA:41:D5:8D:2B
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/20uYHblnmTLP-ldaJY8u6kHVjSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.59.96.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:37:8f:2d:6b:a2:df:56:a0:a3:49:c8:6d:a0:ce:2c:75:2d:
32:f4:df:a0:fa:cf:52:d2:06:68:7b:be:f7:c9:98:0d:cd:10:
0e:44:03:68:7a:20:6f:b2:1f:f3:6a:93:49:1c:13:02:21:d7:
3a:15:43:00:96:10:a6:6b:d8:61:c7:59:15:d9:d0:83:22:df:
79:5e:5a:6d:e8:7b:e7:02:a0:cf:7c:89:fc:ff:ea:3f:d0:b8:
98:86:cb:f8:59:3f:59:bc:5a:09:21:fc:cd:6e:5e:b1:4e:2c:
ff:b7:07:8b:62:42:d5:22:17:53:6b:5f:cb:ed:cb:cd:9f:4e:
18:41:4f:24:3c:3e:41:55:95:a7:07:7b:4b:23:88:80:a2:f4:
a5:74:86:62:73:30:23:45:63:7e:40:2c:60:6b:54:fc:bd:0d:
18:2c:dd:e7:be:d2:cf:cd:4b:60:a7:e7:ad:48:fe:d7:5d:d2:
ef:72:9f:cf:c2:6c:d2:1a:8a:49:88:c9:9c:1a:e8:ad:c9:2c:
2a:37:8c:31:59:ba:bb:1d:3b:a5:fa:3a:cc:00:09:84:40:9d:
cc:85:7e:bf:69:c9:38:5c:b0:98:25:62:ee:d9:5a:2b:da:c9:
f6:38:a8:eb:8c:80:68:d6:e0:99:b1:71:43:0f:f8:a1:b3:7c:
35:8b:e7:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLOMgKjE52EdcUtpJTuUK4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjQxMDI3MTMzNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjRiOTgxZGI5Njc5OTMyY2ZmYTU3NWEyNThmMmVlYTQxZDU4ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsQm9ES+H6YzscKhnQB3aU9JoZpZ
vDBeZDlQ0230rwVO1KQ2KKFwGAqilElq97LzxQ4ocQpj+d81UgnYNyal+viY6QxX
mJWOdgxWZjzyo6x9Mkcd6FiMka9dZ4BNcAO4Ud9QmvXP4f99icpLOWNkAg0BJhph
qvZqnXOow/enpiO8uRAiGzy0mXUobBJLvXroxrUC2bF/T7QW0ZcJaNSFvJAs7zbT
sEz0kMn+XwPT9mDdj9NXrYDsScKX2cZvhRPAKYNxJ63X2ydZ0IVJHTMzulb0Dp7b
hSw3QiVJ5q8pN23ihv61WJ44THmg8+us0NvKgpS3c3KvdQeCOcNxFKI9XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtLmB25Z5kyz/pXWiWPLupB1Y0rMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvMjB1WUhibG5tVExQLWxkYUpZOHU2a0hWalNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTtgMA0G
CSqGSIb3DQEBCwUAA4IBAQCaN48ta6LfVqCjSchtoM4sdS0y9N+g+s9S0gZoe773
yZgNzRAORANoeiBvsh/zapNJHBMCIdc6FUMAlhCma9hhx1kV2dCDIt95Xlpt6Hvn
AqDPfIn8/+o/0LiYhsv4WT9ZvFoJIfzNbl6xTiz/tweLYkLVIhdTa1/L7cvNn04Y
QU8kPD5BVZWnB3tLI4iAovSldIZiczAjRWN+QCxga1T8vQ0YLN3nvtLPzUtgp+et
SP7XXdLvcp/PwmzSGopJiMmcGuitySwqN4wxWbq7HTul+jrMAAmEQJ3MhX6/ack4
XLCYJWLu2Vor2sn2OKjrjIBo1uCZsXFDD/ihs3w1i+fA
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:33 2024 by rpki-client on console-ams.rpki-client.org