Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/N7tH7buzIu0N2-g9B0fM2wqP0Rc.roa
File: N7tH7buzIu0N2-g9B0fM2wqP0Rc.roa (raw, json)
Hash identifier: OK6Jv6CUHfmKjr0XiW9AOvYpr8ZuIlaiUiop3dCuoaQ=
Subject key identifier: 37:BB:47:ED:BB:B3:22:ED:0D:DB:E8:3D:07:47:CC:DB:0A:8F:D1:17
Certificate issuer: /CN=4cad185414c16ae5d229a8aa2bfa15fefc71a222
Certificate serial: 018CC5010FFCC2A57C75A089D6BA1A831275
Authority key identifier: 4C:AD:18:54:14:C1:6A:E5:D2:29:A8:AA:2B:FA:15:FE:FC:71:A2:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TK0YVBTBauXSKaiqK_oV_vxxoiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/N7tH7buzIu0N2-g9B0fM2wqP0Rc.roa
Signing time: Mon 01 Jan 2024 12:30:30 +0000
ROA not before: Mon 01 Jan 2024 12:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 553
IP address blocks: 141.7.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/TK0YVBTBauXSKaiqK_oV_vxxoiI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/TK0YVBTBauXSKaiqK_oV_vxxoiI.mft
rsync://rpki.ripe.net/repository/DEFAULT/TK0YVBTBauXSKaiqK_oV_vxxoiI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0f:fc:c2:a5:7c:75:a0:89:d6:ba:1a:83:12:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cad185414c16ae5d229a8aa2bfa15fefc71a222
Validity
Not Before: Jan 1 12:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=37bb47edbbb322ed0ddbe83d0747ccdb0a8fd117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1d:9c:36:64:84:dc:78:11:f5:1b:b1:5f:98:
69:fb:48:ed:a1:08:3e:01:b4:d3:9a:68:33:c9:62:
ec:a4:15:b8:dd:a5:c8:3f:a6:b0:1f:6a:55:1e:0b:
b5:38:6b:32:a6:44:40:cd:2f:4a:5b:f3:ff:1d:ac:
41:ed:33:0d:ba:83:90:7a:e7:9f:c8:74:94:a4:35:
79:da:b6:e3:d8:30:28:51:9f:16:af:f8:c5:69:99:
68:92:37:0c:50:1a:f8:bf:bc:28:85:dc:28:63:56:
13:37:07:2c:e1:05:f6:e7:e0:c7:2e:53:a9:87:e7:
72:5a:7e:18:13:77:cb:ac:9e:52:ed:72:a3:36:5a:
6b:0d:06:64:34:0b:1f:f4:47:df:6d:48:f6:29:5f:
c6:17:1d:a0:24:fa:6e:80:c3:2d:f8:5e:c0:d1:3f:
2f:b8:74:31:e2:49:cf:1e:39:54:10:4f:30:c4:21:
fa:a8:d8:e4:54:7a:6d:11:be:3a:f2:e9:4a:c7:5e:
e8:56:c1:90:e3:57:a1:9d:c3:ac:85:7d:c7:f1:5d:
c1:ba:dd:e2:18:6f:a5:5c:d9:ee:5d:66:90:00:7d:
79:38:39:1b:b7:f9:45:62:1d:45:4e:7e:cc:c7:34:
96:80:bc:a7:b8:94:e5:26:6f:01:03:10:76:4c:ff:
41:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BB:47:ED:BB:B3:22:ED:0D:DB:E8:3D:07:47:CC:DB:0A:8F:D1:17
X509v3 Authority Key Identifier:
keyid:4C:AD:18:54:14:C1:6A:E5:D2:29:A8:AA:2B:FA:15:FE:FC:71:A2:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TK0YVBTBauXSKaiqK_oV_vxxoiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/N7tH7buzIu0N2-g9B0fM2wqP0Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/TK0YVBTBauXSKaiqK_oV_vxxoiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.7.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:bc:d1:ee:3f:ee:22:0e:71:be:c6:00:18:7c:48:12:cf:30:
47:b1:17:67:a3:2a:3a:05:cb:ff:23:40:a9:b8:20:00:5d:33:
ec:78:91:33:4f:34:2e:ae:3a:ac:87:c3:50:70:c3:f7:a7:4c:
e0:20:26:d9:09:4d:0b:03:53:5c:d7:10:11:f0:80:69:6b:f4:
79:10:9d:4f:33:ea:6c:4e:04:70:1b:6c:1f:29:cd:97:5e:15:
e2:97:55:1d:60:26:78:14:80:9b:70:b5:19:7e:c6:15:4d:04:
ca:38:2d:33:1b:23:c0:c0:23:cf:9a:51:27:37:51:d3:59:db:
10:bb:e1:bc:5c:2c:9d:0e:ff:d8:06:c7:9d:9d:cc:53:bd:f9:
97:37:76:90:ce:37:fd:fa:90:e9:14:82:e1:12:45:f1:fd:80:
97:e6:8f:45:14:6c:6c:51:a2:0d:2a:8f:9e:dc:f8:fb:2d:dc:
b6:58:22:56:3c:af:67:6a:2a:5a:f3:94:07:73:d0:36:32:93:
19:f3:93:da:1f:3f:b6:66:4d:1b:9b:aa:01:91:c0:fb:b2:b1:
33:53:57:6e:4f:11:70:45:cb:bc:11:89:7f:8c:c3:ec:32:87:
4b:9c:7e:74:de:a9:d3:65:36:0b:33:86:57:cf:9d:64:b6:f6:
a9:83:56:a7
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzFAQ/8wqV8daCJ1roagxJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYWQxODU0MTRjMTZhZTVkMjI5YThhYTJiZmExNWZlZmM3
MWEyMjIwHhcNMjQwMTAxMTIzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JiNDdlZGJiYjMyMmVkMGRkYmU4M2QwNzQ3Y2NkYjBhOGZkMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth2cNmSE3HgR9RuxX5hp+0jtoQg+
AbTTmmgzyWLspBW43aXIP6awH2pVHgu1OGsypkRAzS9KW/P/HaxB7TMNuoOQeuef
yHSUpDV52rbj2DAoUZ8Wr/jFaZlokjcMUBr4v7wohdwoY1YTNwcs4QX25+DHLlOp
h+dyWn4YE3fLrJ5S7XKjNlprDQZkNAsf9EffbUj2KV/GFx2gJPpugMMt+F7A0T8v
uHQx4knPHjlUEE8wxCH6qNjkVHptEb468ulKx17oVsGQ41ehncOshX3H8V3But3i
GG+lXNnuXWaQAH15ODkbt/lFYh1FTn7MxzSWgLynuJTlJm8BAxB2TP9B6QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDe7R+27syLtDdvoPQdHzNsKj9EXMB8GA1UdIwQY
MBaAFEytGFQUwWrl0imoqiv6Ff78caIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEswWVZCVEJhdVhTS2FpcUtfb1Zfdnh4b2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81Yjc4OGUtZjg0Ny00ZGY5LTkzMzQt
OTY0Y2NhNzIyZjczLzEvTjd0SDdidXpJdTBOMi1nOUIwZk0yd3FQMFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81Yjc4OGUtZjg0Ny00ZGY5LTkzMzQtOTY0Y2NhNzIyZjcz
LzEvVEswWVZCVEJhdVhTS2FpcUtfb1Zfdnh4b2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjQcwDQYJ
KoZIhvcNAQELBQADggEBAHC80e4/7iIOcb7GABh8SBLPMEexF2ejKjoFy/8jQKm4
IABdM+x4kTNPNC6uOqyHw1Bww/enTOAgJtkJTQsDU1zXEBHwgGlr9HkQnU8z6mxO
BHAbbB8pzZdeFeKXVR1gJngUgJtwtRl+xhVNBMo4LTMbI8DAI8+aUSc3UdNZ2xC7
4bxcLJ0O/9gGx52dzFO9+Zc3dpDON/36kOkUguESRfH9gJfmj0UUbGxRog0qj57c
+Pst3LZYIlY8r2dqKlrzlAdz0DYykxnzk9ofP7ZmTRubqgGRwPuysTNTV25PEXBF
y7wRiX+Mw+wyh0ucfnTeqdNlNgszhlfPnWS29qmDVqc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:12 2024 by rpki-client on console-fra.rpki-client.org