Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/sN2iaGB4Lxs9DJrImZU6d9XSNO0.roa
File: sN2iaGB4Lxs9DJrImZU6d9XSNO0.roa (raw, json)
Hash identifier: yTfyKpgQvvxyPEuZ/FJVj3kb50aGftOShS+05PqkQ2A=
Subject key identifier: B0:DD:A2:68:60:78:2F:1B:3D:0C:9A:C8:99:95:3A:77:D5:D2:34:ED
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 018FDD515C2E281B1B4015B0B5D724E16CCD
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/sN2iaGB4Lxs9DJrImZU6d9XSNO0.roa
Signing time: Mon 03 Jun 2024 08:57:27 +0000
ROA not before: Mon 03 Jun 2024 08:57:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 194.152.128.0/24 maxlen: 24
194.152.129.0/24 maxlen: 24
194.152.132.0/24 maxlen: 24
194.152.141.0/24 maxlen: 24
194.152.142.0/24 maxlen: 24
194.152.154.0/24 maxlen: 24
194.152.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:51:5c:2e:28:1b:1b:40:15:b0:b5:d7:24:e1:6c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Jun 3 08:57:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0dda26860782f1b3d0c9ac899953a77d5d234ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:11:06:36:81:33:90:63:40:c1:81:68:b3:91:
06:c9:25:b1:af:91:dd:16:f5:62:47:01:9d:bc:19:
61:4d:2b:34:79:c1:f9:ea:9f:48:5c:0d:d7:6e:fe:
c6:8d:16:98:5c:f5:5d:0c:3e:40:ee:c7:ae:03:44:
9c:de:ae:db:fd:8e:d5:e5:f4:78:7f:1d:5f:96:3d:
a9:3b:5e:bd:19:66:44:3a:ac:16:ed:53:cf:67:75:
91:03:3d:4b:5b:5f:b2:01:da:39:d5:ec:42:59:58:
a5:66:26:f9:0c:a7:01:c8:87:73:31:85:d7:28:93:
15:d3:9e:6a:47:fa:31:79:0f:23:6a:0c:5f:e4:bd:
63:bf:ba:8d:a9:ad:7a:2e:b3:42:55:ff:a7:3a:76:
f6:91:6e:25:1c:f4:f4:d7:48:9c:88:39:3f:41:26:
70:b3:fb:e3:b1:e3:68:e1:29:8d:cb:dd:d7:cf:02:
25:41:dc:b2:72:6e:02:0a:fe:78:98:b9:28:b6:8f:
bc:cb:57:31:f4:87:c2:72:71:9d:4b:ce:17:58:af:
d7:86:1d:2f:b1:3a:4e:cd:a9:e8:3c:d7:60:ae:c9:
20:4a:83:a7:9d:c1:09:f0:d8:c1:ed:33:b0:14:bf:
e8:4c:7a:25:96:a5:01:4a:ab:41:a8:7e:39:4c:dd:
0b:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:DD:A2:68:60:78:2F:1B:3D:0C:9A:C8:99:95:3A:77:D5:D2:34:ED
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/sN2iaGB4Lxs9DJrImZU6d9XSNO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.152.128.0/23
194.152.132.0/24
194.152.141.0-194.152.142.255
194.152.154.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:fb:0c:eb:d0:f1:ba:e1:82:cb:24:49:44:f4:99:d4:4a:e7:
03:fd:20:c6:b3:f8:1a:f3:43:31:b5:c7:90:1b:b5:00:1f:0b:
56:97:8e:5a:6c:ef:b2:68:28:d6:b3:17:5b:b3:d8:84:2a:8f:
fd:8e:08:b9:23:c4:eb:78:52:62:51:7f:0a:5e:db:f0:4d:7e:
49:59:36:c7:85:65:8e:01:44:20:5a:37:a6:ed:a8:f8:fe:09:
69:8e:4e:5b:39:78:8b:52:68:35:42:78:85:07:f5:ef:37:2c:
ab:fd:4e:dd:5c:7b:76:b3:d4:36:4e:2b:1c:53:ff:8c:b2:ad:
73:14:76:6f:4d:b1:70:9e:9d:2c:7b:b4:c5:3e:91:c1:e5:fc:
c8:35:dd:e5:2f:b9:1d:74:34:fe:ef:fe:3d:c3:1d:6a:80:cc:
a6:40:77:68:04:04:9a:79:c0:2c:e9:5a:63:d8:c8:d1:61:c0:
8a:6d:5a:a5:8e:3e:d2:c7:87:d3:5e:b5:29:ff:45:2b:a0:a8:
ec:48:e0:e7:2c:16:a7:ab:48:20:b1:12:00:cc:09:9e:8a:f7:
80:7f:84:75:5c:a7:23:94:a0:c9:96:dd:ac:75:ad:c3:58:18:
e9:6f:17:7e:6e:da:b7:5c:4d:2f:62:d8:c5:f2:c4:3e:26:a7:
6a:3f:be:8b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY/dUVwuKBsbQBWwtdck4WzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjQwNjAzMDg1NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGRkYTI2ODYwNzgyZjFiM2QwYzlhYzg5OTk1M2E3N2Q1ZDIzNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BEGNoEzkGNAwYFos5EGySWxr5Hd
FvViRwGdvBlhTSs0ecH56p9IXA3Xbv7GjRaYXPVdDD5A7seuA0Sc3q7b/Y7V5fR4
fx1flj2pO169GWZEOqwW7VPPZ3WRAz1LW1+yAdo51exCWVilZib5DKcByIdzMYXX
KJMV055qR/oxeQ8jagxf5L1jv7qNqa16LrNCVf+nOnb2kW4lHPT010iciDk/QSZw
s/vjseNo4SmNy93XzwIlQdyycm4CCv54mLkoto+8y1cx9IfCcnGdS84XWK/Xhh0v
sTpOzanoPNdgrskgSoOnncEJ8NjB7TOwFL/oTHollqUBSqtBqH45TN0LewIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLDdomhgeC8bPQyayJmVOnfV0jTtMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvc04yaWFHQjRMeHM5REpySW1aVTZkOVhTTk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBwpiAAwQA
wpiEMAwDBADCmI0DBADCmI4DBAHCmJowDQYJKoZIhvcNAQELBQADggEBAAr7DOvQ
8brhgsskSUT0mdRK5wP9IMaz+BrzQzG1x5AbtQAfC1aXjlps77JoKNazF1uz2IQq
j/2OCLkjxOt4UmJRfwpe2/BNfklZNseFZY4BRCBaN6btqPj+CWmOTls5eItSaDVC
eIUH9e83LKv9Tt1ce3az1DZOKxxT/4yyrXMUdm9NsXCenSx7tMU+kcHl/Mg13eUv
uR10NP7v/j3DHWqAzKZAd2gEBJp5wCzpWmPYyNFhwIptWqWOPtLHh9NetSn/RSug
qOxI4OcsFqerSCCxEgDMCZ6K94B/hHVcpyOUoMmW3ax1rcNYGOlvF35u2rdcTS9i
2MXyxD4mp2o/vos=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:43:34 2024 by rpki-client on console-ams.rpki-client.org