Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/wFCgi72TVafqSZd9B7LqF51gmVA.roa
File: wFCgi72TVafqSZd9B7LqF51gmVA.roa (raw, json)
Hash identifier: htxdlukuUZ1X/fIbnGY2rNtwlVD+npXWH71aRHoEoq8=
Subject key identifier: C0:50:A0:8B:BD:93:55:A7:EA:49:97:7D:07:B2:EA:17:9D:60:99:50
Certificate issuer: /CN=b587bc12eb2de29a1026b8f56be8d469f2f58cf3
Certificate serial: 018CC94CC92D6AC5873C30B971601BED142F
Authority key identifier: B5:87:BC:12:EB:2D:E2:9A:10:26:B8:F5:6B:E8:D4:69:F2:F5:8C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tYe8Eust4poQJrj1a-jUafL1jPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/wFCgi72TVafqSZd9B7LqF51gmVA.roa
Signing time: Tue 02 Jan 2024 08:31:41 +0000
ROA not before: Tue 02 Jan 2024 08:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31481
IP address blocks: 195.225.152.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/tYe8Eust4poQJrj1a-jUafL1jPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/tYe8Eust4poQJrj1a-jUafL1jPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/tYe8Eust4poQJrj1a-jUafL1jPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c9:2d:6a:c5:87:3c:30:b9:71:60:1b:ed:14:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b587bc12eb2de29a1026b8f56be8d469f2f58cf3
Validity
Not Before: Jan 2 08:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c050a08bbd9355a7ea49977d07b2ea179d609950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4f:3b:ee:2d:31:ec:85:6c:ee:9d:a1:d7:b2:
f2:21:a2:16:3f:01:bf:1e:4d:5b:84:ed:74:30:49:
8f:2b:c2:41:16:db:54:59:b6:bb:0e:92:8d:1f:a6:
75:87:f4:c9:04:49:71:86:b3:77:58:ef:5a:f1:fa:
89:22:80:60:56:fb:58:27:57:29:82:0f:b3:ed:7e:
7f:bf:ab:05:8d:10:30:ac:d4:3c:59:33:74:e8:9f:
83:ac:16:f2:18:59:cd:47:88:0d:e8:b1:db:61:61:
41:02:90:3a:89:df:ce:7c:4a:06:87:1d:d8:46:cc:
7b:70:dd:2d:31:c2:f6:f5:66:00:8f:dd:26:2b:e7:
33:bc:a1:68:bf:06:30:36:d4:89:49:65:6d:b3:16:
e2:61:5c:2e:43:e4:20:2d:14:97:47:2e:7b:4e:c5:
3e:5e:57:7c:cd:17:9c:50:54:84:c1:f2:e0:f2:a3:
b4:80:03:e5:b6:08:77:78:1d:b8:fe:5e:4b:fb:c3:
92:81:5e:63:10:9a:63:c8:1e:f5:aa:4e:f2:86:e3:
51:8a:20:c2:ba:ac:43:2f:f4:09:2b:ad:6c:5a:01:
46:10:6d:9f:24:a1:28:b2:a2:b7:07:b9:f5:9a:98:
0f:f7:21:5c:61:a4:e4:70:9b:88:8a:03:53:57:d1:
88:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:50:A0:8B:BD:93:55:A7:EA:49:97:7D:07:B2:EA:17:9D:60:99:50
X509v3 Authority Key Identifier:
keyid:B5:87:BC:12:EB:2D:E2:9A:10:26:B8:F5:6B:E8:D4:69:F2:F5:8C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYe8Eust4poQJrj1a-jUafL1jPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/wFCgi72TVafqSZd9B7LqF51gmVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/tYe8Eust4poQJrj1a-jUafL1jPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.152.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:52:cc:72:bf:4a:fa:c6:ab:54:c3:21:f7:ef:7c:b8:55:52:
3a:2d:ec:5a:2d:6f:c6:c7:41:72:14:6b:67:d7:05:8d:5c:c1:
2f:95:66:13:ed:d2:22:e9:4c:db:3b:b3:78:16:e4:3c:87:02:
6c:e4:19:fa:18:b5:53:9d:dd:d3:d0:4f:68:08:42:ad:6a:01:
00:17:5d:7c:8d:29:f1:ee:96:53:26:3b:fe:22:49:64:77:21:
fa:af:ce:a3:36:9f:e2:b4:e6:12:80:33:7c:5c:ae:c6:7b:70:
89:6e:99:39:5e:98:86:7e:9d:3d:e7:0c:76:04:57:ed:e9:52:
cc:ab:ae:2c:5c:48:8d:8b:4e:98:03:3f:96:c8:7b:bf:f4:a5:
59:0a:66:41:0f:d3:a2:2e:25:4c:e1:15:85:9e:2f:54:42:df:
59:f7:a5:d6:9b:3a:5b:25:05:08:af:a4:fb:0b:5f:7b:5b:9c:
a7:22:2f:13:5d:fc:47:4b:7c:b9:b4:52:66:81:3e:81:cd:ad:
c2:32:68:00:17:74:ee:75:56:da:f5:11:56:aa:85:92:3c:ea:
43:16:96:61:69:bd:e2:a3:48:6a:78:68:5d:fa:ed:5e:04:9b:
47:85:6d:b7:9e:7c:0a:19:20:9c:66:14:e5:53:22:bd:1b:8e:
e1:08:5e:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTMktasWHPDC5cWAb7RQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ODdiYzEyZWIyZGUyOWExMDI2YjhmNTZiZThkNDY5ZjJm
NThjZjMwHhcNMjQwMTAyMDgzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDUwYTA4YmJkOTM1NWE3ZWE0OTk3N2QwN2IyZWExNzlkNjA5OTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk877i0x7IVs7p2h17LyIaIWPwG/
Hk1bhO10MEmPK8JBFttUWba7DpKNH6Z1h/TJBElxhrN3WO9a8fqJIoBgVvtYJ1cp
gg+z7X5/v6sFjRAwrNQ8WTN06J+DrBbyGFnNR4gN6LHbYWFBApA6id/OfEoGhx3Y
Rsx7cN0tMcL29WYAj90mK+czvKFovwYwNtSJSWVtsxbiYVwuQ+QgLRSXRy57TsU+
Xld8zRecUFSEwfLg8qO0gAPltgh3eB24/l5L+8OSgV5jEJpjyB71qk7yhuNRiiDC
uqxDL/QJK61sWgFGEG2fJKEosqK3B7n1mpgP9yFcYaTkcJuIigNTV9GI4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMBQoIu9k1Wn6kmXfQey6hedYJlQMB8GA1UdIwQY
MBaAFLWHvBLrLeKaECa49Wvo1Gny9YzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFllOEV1c3Q0cG9RSnJqMWEtalVhZkwxalBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi80YzNlMTktYTQ4OS00ZTNhLWEzYTIt
N2U1MmU3NDljM2FkLzEvd0ZDZ2k3MlRWYWZxU1pkOUI3THFGNTFnbVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi80YzNlMTktYTQ4OS00ZTNhLWEzYTItN2U1MmU3NDljM2Fk
LzEvdFllOEV1c3Q0cG9RSnJqMWEtalVhZkwxalBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+GYMA0G
CSqGSIb3DQEBCwUAA4IBAQANUsxyv0r6xqtUwyH373y4VVI6LexaLW/Gx0FyFGtn
1wWNXMEvlWYT7dIi6UzbO7N4FuQ8hwJs5Bn6GLVTnd3T0E9oCEKtagEAF118jSnx
7pZTJjv+IklkdyH6r86jNp/itOYSgDN8XK7Ge3CJbpk5XpiGfp095wx2BFft6VLM
q64sXEiNi06YAz+WyHu/9KVZCmZBD9OiLiVM4RWFni9UQt9Z96XWmzpbJQUIr6T7
C197W5ynIi8TXfxHS3y5tFJmgT6Bza3CMmgAF3TudVba9RFWqoWSPOpDFpZhab3i
o0hqeGhd+u1eBJtHhW23nnwKGSCcZhTlUyK9G47hCF6o
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:53 2024 by rpki-client on console-fra.rpki-client.org