Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/v63vFn0tH4CHpsTM6zbwKNttsao.roa
File: v63vFn0tH4CHpsTM6zbwKNttsao.roa (raw, json)
Hash identifier: piyP/3vDHhAE5hCy9omFrHKJW5R5dXx3cvo7GnCZ5xs=
Subject key identifier: BF:AD:EF:16:7D:2D:1F:80:87:A6:C4:CC:EB:36:F0:28:DB:6D:B1:AA
Certificate issuer: /CN=c4b1b458abf797dedcc661e54a685f651834b5d1
Certificate serial: 01916B82D85F36853E9FEC0B216AF2C2DEB5
Authority key identifier: C4:B1:B4:58:AB:F7:97:DE:DC:C6:61:E5:4A:68:5F:65:18:34:B5:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLG0WKv3l97cxmHlSmhfZRg0tdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/v63vFn0tH4CHpsTM6zbwKNttsao.roa
Signing time: Mon 19 Aug 2024 16:40:22 +0000
ROA not before: Mon 19 Aug 2024 16:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196906
IP address blocks: 78.25.4.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/xLG0WKv3l97cxmHlSmhfZRg0tdE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/xLG0WKv3l97cxmHlSmhfZRg0tdE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xLG0WKv3l97cxmHlSmhfZRg0tdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6b:82:d8:5f:36:85:3e:9f:ec:0b:21:6a:f2:c2:de:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b1b458abf797dedcc661e54a685f651834b5d1
Validity
Not Before: Aug 19 16:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bfadef167d2d1f8087a6c4cceb36f028db6db1aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d9:f5:87:9c:11:39:7f:81:4b:3d:02:ac:88:
87:ab:61:bb:8c:a4:e2:e9:a9:3b:ad:77:05:65:7c:
c1:a6:2c:2b:90:25:79:bd:bd:46:7b:24:90:20:e9:
35:64:41:b4:a0:5e:61:a5:c3:b4:8c:26:ca:ae:a7:
a8:8d:6a:80:36:aa:1a:29:22:85:2c:df:ff:ec:26:
52:7a:96:21:e6:e3:ba:70:9e:d7:06:14:a8:f6:f4:
03:2f:e4:3f:ca:1c:f4:aa:63:97:9e:e7:1a:aa:2c:
ea:a6:53:78:ca:dc:90:8b:e8:64:87:51:64:85:43:
e4:48:70:9e:fc:ed:f7:68:5e:c4:a6:8b:00:96:c7:
68:5c:41:44:fa:ab:a2:02:b7:c2:af:65:1c:3f:7a:
56:dd:b1:a3:18:e4:2c:5e:19:97:45:97:1c:41:fb:
b0:41:85:45:92:e3:d6:48:1a:65:2e:42:ac:e7:23:
db:ea:7f:18:6c:23:b8:99:c5:4e:7d:f6:bd:70:c1:
7f:f7:45:e6:53:90:5b:ba:d8:a4:0e:4c:c8:f1:79:
29:4f:bd:2d:5e:53:7a:bb:7a:c1:84:9d:32:f3:41:
a6:f4:4e:13:5a:94:7a:33:1f:00:77:a5:99:79:0c:
d4:5c:92:30:11:34:e7:d6:d9:c4:83:c8:dd:54:38:
a9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:AD:EF:16:7D:2D:1F:80:87:A6:C4:CC:EB:36:F0:28:DB:6D:B1:AA
X509v3 Authority Key Identifier:
keyid:C4:B1:B4:58:AB:F7:97:DE:DC:C6:61:E5:4A:68:5F:65:18:34:B5:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLG0WKv3l97cxmHlSmhfZRg0tdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/v63vFn0tH4CHpsTM6zbwKNttsao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/xLG0WKv3l97cxmHlSmhfZRg0tdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.25.4.0/23
Signature Algorithm: sha256WithRSAEncryption
52:46:c5:e3:38:0b:22:33:61:cc:54:9e:ad:94:2f:1c:1b:b6:
20:69:e9:48:5e:b8:92:a1:aa:e3:4e:05:dd:d9:0c:8d:70:df:
af:f0:f4:6a:3b:98:03:0f:45:5c:95:59:27:e2:9f:01:70:c6:
fc:53:2a:bd:16:17:ca:9a:ea:48:75:5a:ad:52:b1:a8:d2:18:
e1:73:69:bf:68:6b:5d:5d:06:16:7d:6c:24:71:88:85:d0:f0:
3e:13:fa:71:6d:4d:4e:77:23:b3:2c:66:80:5f:da:51:bd:c5:
b4:e4:37:6f:4c:64:a3:58:ae:5e:01:8d:b1:fe:24:02:6b:54:
97:5e:dd:c8:90:db:73:08:46:f0:87:99:18:93:f9:8a:7a:0f:
91:49:76:1b:e0:8f:45:cf:a6:13:74:6c:47:7e:3a:79:17:35:
d4:1c:4a:dc:37:a1:74:79:a9:1b:d3:4c:30:0a:e1:c3:10:6b:
ac:18:3c:94:8b:1d:89:17:7d:75:7d:15:bf:1d:38:71:64:34:
cc:ca:fd:70:fa:44:03:75:b8:8b:7e:d5:48:48:77:ad:c0:7a:
a8:0e:57:ed:cb:44:51:5c:5e:d5:48:e8:5a:4e:61:39:62:18:
da:ca:8c:72:f5:72:74:50:1f:3a:74:d1:5f:1b:78:ec:aa:4f:
68:48:68:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFrgthfNoU+n+wLIWrywt61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjFiNDU4YWJmNzk3ZGVkY2M2NjFlNTRhNjg1ZjY1MTgz
NGI1ZDEwHhcNMjQwODE5MTY0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmFkZWYxNjdkMmQxZjgwODdhNmM0Y2NlYjM2ZjAyOGRiNmRiMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNn1h5wROX+BSz0CrIiHq2G7jKTi
6ak7rXcFZXzBpiwrkCV5vb1GeySQIOk1ZEG0oF5hpcO0jCbKrqeojWqANqoaKSKF
LN//7CZSepYh5uO6cJ7XBhSo9vQDL+Q/yhz0qmOXnucaqizqplN4ytyQi+hkh1Fk
hUPkSHCe/O33aF7EposAlsdoXEFE+quiArfCr2UcP3pW3bGjGOQsXhmXRZccQfuw
QYVFkuPWSBplLkKs5yPb6n8YbCO4mcVOffa9cMF/90XmU5BbutikDkzI8XkpT70t
XlN6u3rBhJ0y80Gm9E4TWpR6Mx8Ad6WZeQzUXJIwETTn1tnEg8jdVDip/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL+t7xZ9LR+Ah6bEzOs28CjbbbGqMB8GA1UdIwQY
MBaAFMSxtFir95fe3MZh5UpoX2UYNLXRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExHMFdLdjNsOTdjeG1IbFNtaGZaUmcwdGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yNjBlMjQtMjA0MC00YTVjLTkyY2Yt
ZWM1OGEzMTI1ZWU1LzEvdjYzdkZuMHRINENIcHNUTTZ6YndLTnR0c2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yNjBlMjQtMjA0MC00YTVjLTkyY2YtZWM1OGEzMTI1ZWU1
LzEveExHMFdLdjNsOTdjeG1IbFNtaGZaUmcwdGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBThkEMA0G
CSqGSIb3DQEBCwUAA4IBAQBSRsXjOAsiM2HMVJ6tlC8cG7YgaelIXriSoarjTgXd
2QyNcN+v8PRqO5gDD0VclVkn4p8BcMb8Uyq9FhfKmupIdVqtUrGo0hjhc2m/aGtd
XQYWfWwkcYiF0PA+E/pxbU1OdyOzLGaAX9pRvcW05DdvTGSjWK5eAY2x/iQCa1SX
Xt3IkNtzCEbwh5kYk/mKeg+RSXYb4I9Fz6YTdGxHfjp5FzXUHErcN6F0eakb00ww
CuHDEGusGDyUix2JF311fRW/HThxZDTMyv1w+kQDdbiLftVISHetwHqoDlfty0RR
XF7VSOhaTmE5Yhjayoxy9XJ0UB86dNFfG3jsqk9oSGgO
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:53:19 2024 by rpki-client on console-fra.rpki-client.org