Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/s5xSuo41HmXaY13utZ6xtQpAByQ.roa
File: s5xSuo41HmXaY13utZ6xtQpAByQ.roa (raw, json)
Hash identifier: Yiglqk2VjuwrYYOgfDsylfaInaXRal46WX4Dmkuk7qo=
Subject key identifier: B3:9C:52:BA:8E:35:1E:65:DA:63:5D:EE:B5:9E:B1:B5:0A:40:07:24
Certificate issuer: /CN=4806b9e62f1b00f2cf98d0dcc583292afacb522f
Certificate serial: 018F2E7A103F52FD9F86C6C7ED2F103D2171
Authority key identifier: 48:06:B9:E6:2F:1B:00:F2:CF:98:D0:DC:C5:83:29:2A:FA:CB:52:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAa55i8bAPLPmNDcxYMpKvrLUi8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/s5xSuo41HmXaY13utZ6xtQpAByQ.roa
Signing time: Tue 30 Apr 2024 10:08:22 +0000
ROA not before: Tue 30 Apr 2024 10:08:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57373
IP address blocks: 94.143.228.0/24 maxlen: 24
2a12:a580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/SAa55i8bAPLPmNDcxYMpKvrLUi8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/SAa55i8bAPLPmNDcxYMpKvrLUi8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAa55i8bAPLPmNDcxYMpKvrLUi8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:7a:10:3f:52:fd:9f:86:c6:c7:ed:2f:10:3d:21:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4806b9e62f1b00f2cf98d0dcc583292afacb522f
Validity
Not Before: Apr 30 10:08:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b39c52ba8e351e65da635deeb59eb1b50a400724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b1:10:09:61:5c:cb:45:a1:19:07:b1:80:b3:
36:52:d9:f7:a4:62:55:38:79:b4:9d:a6:87:cb:30:
7a:4b:ea:80:e4:04:49:b5:33:1b:0c:2c:06:37:8b:
af:f1:7b:33:94:8d:c6:98:58:76:0c:29:d4:e3:d4:
e4:71:33:9d:38:60:17:e7:c6:aa:83:3c:7a:d7:94:
b5:52:ea:d7:ee:3e:f4:c3:b9:53:82:c4:a2:2e:ed:
1a:08:4d:57:45:0c:76:c6:e7:3f:18:9d:27:49:51:
2f:32:3b:0d:e7:4c:93:86:2a:5e:f0:7e:89:f9:e8:
f0:b5:87:a6:19:dc:8b:f6:47:6c:e5:8d:73:b9:41:
24:51:98:97:a3:f5:04:98:98:84:d5:96:20:ba:a8:
a8:cb:25:11:9a:70:1b:0d:29:e4:8d:a8:1b:e8:80:
66:31:82:01:be:64:2e:e2:9c:2a:b8:31:2f:a8:fd:
54:87:d0:89:a6:65:4f:d8:b2:3f:f9:6e:38:b1:37:
b7:fc:92:3d:47:a8:62:36:18:43:29:f4:27:a8:25:
80:59:ad:0d:6b:4a:10:dd:db:a9:a9:40:af:72:82:
9c:a9:e3:d8:69:9c:4e:e0:70:6a:0d:cd:4f:48:75:
98:57:c8:79:38:47:05:e4:e9:59:f7:5a:59:47:67:
79:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:9C:52:BA:8E:35:1E:65:DA:63:5D:EE:B5:9E:B1:B5:0A:40:07:24
X509v3 Authority Key Identifier:
keyid:48:06:B9:E6:2F:1B:00:F2:CF:98:D0:DC:C5:83:29:2A:FA:CB:52:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAa55i8bAPLPmNDcxYMpKvrLUi8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/s5xSuo41HmXaY13utZ6xtQpAByQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/baa4bc-924e-4364-9f13-a5c96e211605/1/SAa55i8bAPLPmNDcxYMpKvrLUi8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.228.0/24
IPv6:
2a12:a580::/29
Signature Algorithm: sha256WithRSAEncryption
2a:70:a1:38:ca:1f:4f:e7:24:91:d0:6c:2a:11:c9:69:43:7d:
c4:8f:ee:17:66:ed:58:af:45:2e:e4:4d:43:f4:e9:99:d6:73:
41:2c:fe:d3:45:bf:a3:87:69:35:9a:f9:bd:6a:96:bd:a2:a7:
86:e7:8d:37:de:fa:56:fc:7e:a7:fc:1d:d2:98:28:f1:4b:1d:
b4:6b:c6:8f:6d:7c:e7:6c:e1:3c:bd:ca:80:63:ad:fd:7b:79:
92:05:31:38:8f:67:f1:1f:77:ce:77:0c:3e:2e:fb:de:2c:40:
00:ba:50:52:59:b7:99:04:fc:c5:2a:da:95:b1:67:67:7e:4b:
9e:19:42:f2:ee:9c:f1:35:4e:cb:d3:d9:86:59:6b:66:44:52:
2d:06:5a:c2:06:87:aa:24:c2:13:9e:ef:48:38:6e:af:ee:76:
5d:04:ef:20:0f:0c:67:ac:89:79:5e:0c:a3:3b:c7:cb:0e:c7:
f4:30:a3:cf:8c:eb:36:45:38:bc:70:eb:62:39:cb:9f:77:10:
e5:ab:83:db:7b:01:f6:c3:fd:0d:d7:89:c1:cc:0d:18:ba:d7:
ff:97:d2:29:df:71:b7:dc:78:ba:e2:67:a1:47:8d:bc:3a:73:
2e:af:d4:e0:57:c7:82:e0:b9:9e:83:bf:55:87:6d:db:e0:23:
8a:28:a0:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8uehA/Uv2fhsbH7S8QPSFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDZiOWU2MmYxYjAwZjJjZjk4ZDBkY2M1ODMyOTJhZmFj
YjUyMmYwHhcNMjQwNDMwMTAwODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzljNTJiYThlMzUxZTY1ZGE2MzVkZWViNTllYjFiNTBhNDAwNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbEQCWFcy0WhGQexgLM2Utn3pGJV
OHm0naaHyzB6S+qA5ARJtTMbDCwGN4uv8XszlI3GmFh2DCnU49TkcTOdOGAX58aq
gzx615S1UurX7j70w7lTgsSiLu0aCE1XRQx2xuc/GJ0nSVEvMjsN50yThipe8H6J
+ejwtYemGdyL9kds5Y1zuUEkUZiXo/UEmJiE1ZYguqioyyURmnAbDSnkjagb6IBm
MYIBvmQu4pwquDEvqP1Uh9CJpmVP2LI/+W44sTe3/JI9R6hiNhhDKfQnqCWAWa0N
a0oQ3dupqUCvcoKcqePYaZxO4HBqDc1PSHWYV8h5OEcF5OlZ91pZR2d5kQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLOcUrqONR5l2mNd7rWesbUKQAckMB8GA1UdIwQY
MBaAFEgGueYvGwDyz5jQ3MWDKSr6y1IvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FhNTVpOGJBUExQbU5EY3hZTXBLdnJMVWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iYWE0YmMtOTI0ZS00MzY0LTlmMTMt
YTVjOTZlMjExNjA1LzEvczV4U3VvNDFIbVhhWTEzdXRaNnh0UXBBQnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iYWE0YmMtOTI0ZS00MzY0LTlmMTMtYTVjOTZlMjExNjA1
LzEvU0FhNTVpOGJBUExQbU5EY3hZTXBLdnJMVWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXo/kMA0E
AgACMAcDBQMqEqWAMA0GCSqGSIb3DQEBCwUAA4IBAQAqcKE4yh9P5ySR0GwqEclp
Q33Ej+4XZu1Yr0Uu5E1D9OmZ1nNBLP7TRb+jh2k1mvm9apa9oqeG54033vpW/H6n
/B3SmCjxSx20a8aPbXznbOE8vcqAY639e3mSBTE4j2fxH3fOdww+LvveLEAAulBS
WbeZBPzFKtqVsWdnfkueGULy7pzxNU7L09mGWWtmRFItBlrCBoeqJMITnu9IOG6v
7nZdBO8gDwxnrIl5XgyjO8fLDsf0MKPPjOs2RTi8cOtiOcufdxDlq4PbewH2w/0N
14nBzA0Yutf/l9Ip33G33Hi64mehR428OnMur9TgV8eC4Lmeg79Vh23b4COKKKBs
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:46:57 2024 by rpki-client on console-fra.rpki-client.org