Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8fc30c-c1b1-47fb-85b8-417f53f1a4a0/1/p5imEiw9kXxcGFbkrxwPlthP6ns.roa
File: p5imEiw9kXxcGFbkrxwPlthP6ns.roa (raw, json)
Hash identifier: CblLheT2/A0ALlYxcPyQxa9l15TdWd4zDKCDksYDu9E=
Subject key identifier: A7:98:A6:12:2C:3D:91:7C:5C:18:56:E4:AF:1C:0F:96:D8:4F:EA:7B
Certificate issuer: /CN=0ea54639316f5cd5287f841d7f8cff16521d0576
Certificate serial: 01921E347A977FF8A980BD85BAB5BD153BEE
Authority key identifier: 0E:A5:46:39:31:6F:5C:D5:28:7F:84:1D:7F:8C:FF:16:52:1D:05:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DqVGOTFvXNUof4Qdf4z_FlIdBXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8fc30c-c1b1-47fb-85b8-417f53f1a4a0/1/p5imEiw9kXxcGFbkrxwPlthP6ns.roa
Signing time: Mon 23 Sep 2024 09:26:48 +0000
ROA not before: Mon 23 Sep 2024 09:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43928
IP address blocks: 79.171.136.0/21 maxlen: 21
193.84.130.0/23 maxlen: 23
193.84.140.0/23 maxlen: 23
2a00:c3c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/8fc30c-c1b1-47fb-85b8-417f53f1a4a0/1/DqVGOTFvXNUof4Qdf4z_FlIdBXY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/8fc30c-c1b1-47fb-85b8-417f53f1a4a0/1/DqVGOTFvXNUof4Qdf4z_FlIdBXY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DqVGOTFvXNUof4Qdf4z_FlIdBXY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:34:7a:97:7f:f8:a9:80:bd:85:ba:b5:bd:15:3b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ea54639316f5cd5287f841d7f8cff16521d0576
Validity
Not Before: Sep 23 09:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a798a6122c3d917c5c1856e4af1c0f96d84fea7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:d7:08:e4:ce:de:86:2f:53:74:bd:45:ae:26:
9d:54:b5:4b:db:5e:01:15:49:02:f1:f0:0a:e0:87:
72:24:e2:2d:55:30:1c:95:4c:94:87:45:e1:86:cd:
13:05:2f:d6:22:30:c1:39:b9:8d:7b:09:d9:db:81:
7b:9d:32:2c:1d:e7:83:3c:ad:a2:db:c1:5b:d6:5f:
15:17:0d:ea:21:35:3e:7e:75:2d:56:82:3c:b6:21:
7c:4d:d2:82:a6:4a:bc:65:70:c3:aa:ca:bd:52:77:
71:73:6e:10:2a:30:13:c8:00:0a:49:f0:64:41:68:
d2:1e:db:a3:16:3c:dc:22:0e:4b:85:0e:0d:b3:e6:
03:d9:e3:89:d7:b4:c5:40:33:08:5b:9d:b0:b3:ad:
3c:81:5b:29:bc:72:92:93:4c:a8:05:cb:1d:cf:2c:
54:95:7a:8c:20:05:fc:c1:09:4c:ee:36:40:9a:ad:
68:b0:b5:44:2b:6d:a6:5a:49:00:75:ca:20:a9:80:
16:67:8c:ce:21:df:23:dc:bb:d8:cd:2f:14:4f:4e:
e4:5d:fa:7b:45:02:c6:be:61:1b:69:54:ca:ae:10:
26:c5:d5:36:e0:5b:ef:7c:c2:6f:7f:91:0a:0b:c2:
d7:c0:0d:c1:51:e7:90:e3:d9:14:32:60:7a:17:42:
86:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:98:A6:12:2C:3D:91:7C:5C:18:56:E4:AF:1C:0F:96:D8:4F:EA:7B
X509v3 Authority Key Identifier:
keyid:0E:A5:46:39:31:6F:5C:D5:28:7F:84:1D:7F:8C:FF:16:52:1D:05:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DqVGOTFvXNUof4Qdf4z_FlIdBXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8fc30c-c1b1-47fb-85b8-417f53f1a4a0/1/p5imEiw9kXxcGFbkrxwPlthP6ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8fc30c-c1b1-47fb-85b8-417f53f1a4a0/1/DqVGOTFvXNUof4Qdf4z_FlIdBXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.136.0/21
193.84.130.0/23
193.84.140.0/23
IPv6:
2a00:c3c0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:8c:01:e4:7d:c6:4b:e8:65:e0:40:18:f6:0f:cc:53:ff:ba:
9d:34:5c:ed:da:d3:25:58:6f:71:5a:f0:77:2e:d4:c7:fb:2a:
58:d3:d5:51:f9:9d:82:df:a3:99:ca:14:eb:2f:51:3e:b4:2f:
34:71:cb:0a:0e:75:a5:e6:f7:cd:46:c7:50:4c:32:84:d1:b6:
7d:77:05:39:0b:cb:64:50:03:3d:93:d9:3a:d6:3c:ee:5b:44:
b6:7a:f5:c1:a5:6d:aa:16:53:5b:d5:97:09:3f:4b:31:77:ad:
42:2a:3d:78:f1:a3:fb:38:81:b0:01:af:95:9f:ae:ee:e8:4b:
5e:2b:84:d8:31:7e:8c:e7:73:ca:5b:97:d1:b8:91:2a:bf:fe:
92:26:b2:41:7a:04:89:11:bd:a4:0d:72:2d:7f:2c:30:15:32:
39:8f:c3:71:b3:dc:ab:e7:c5:fb:2d:a0:1a:37:45:63:ea:31:
31:d4:b2:0b:d4:27:dc:9e:01:6b:53:d7:75:98:69:d8:a3:4d:
df:6d:89:a3:01:b2:d7:0f:36:44:11:eb:33:c5:ef:33:cd:e2:
66:87:d2:90:9e:80:62:b4:c6:ba:c7:f3:8c:24:8c:4f:1d:09:
f6:3e:6a:81:3d:6a:7a:3b:a4:d4:6c:4d:e5:20:18:95:e0:1e:
97:ca:0d:30
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZIeNHqXf/ipgL2FurW9FTvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlYTU0NjM5MzE2ZjVjZDUyODdmODQxZDdmOGNmZjE2NTIx
ZDA1NzYwHhcNMjQwOTIzMDkyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzk4YTYxMjJjM2Q5MTdjNWMxODU2ZTRhZjFjMGY5NmQ4NGZlYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiNcI5M7ehi9TdL1FriadVLVL214B
FUkC8fAK4IdyJOItVTAclUyUh0Xhhs0TBS/WIjDBObmNewnZ24F7nTIsHeeDPK2i
28Fb1l8VFw3qITU+fnUtVoI8tiF8TdKCpkq8ZXDDqsq9Undxc24QKjATyAAKSfBk
QWjSHtujFjzcIg5LhQ4Ns+YD2eOJ17TFQDMIW52ws608gVspvHKSk0yoBcsdzyxU
lXqMIAX8wQlM7jZAmq1osLVEK22mWkkAdcogqYAWZ4zOId8j3LvYzS8UT07kXfp7
RQLGvmEbaVTKrhAmxdU24FvvfMJvf5EKC8LXwA3BUeeQ49kUMmB6F0KGGQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKeYphIsPZF8XBhW5K8cD5bYT+p7MB8GA1UdIwQY
MBaAFA6lRjkxb1zVKH+EHX+M/xZSHQV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHFWR09URnZYTlVvZjRRZGY0el9GbElkQlhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZmMzMGMtYzFiMS00N2ZiLTg1Yjgt
NDE3ZjUzZjFhNGEwLzEvcDVpbUVpdzlrWHhjR0Zia3J4d1BsdGhQNm5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZmMzMGMtYzFiMS00N2ZiLTg1YjgtNDE3ZjUzZjFhNGEw
LzEvRHFWR09URnZYTlVvZjRRZGY0el9GbElkQlhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDT6uIAwQB
wVSCAwQBwVSMMA0EAgACMAcDBQAqAMPAMA0GCSqGSIb3DQEBCwUAA4IBAQC8jAHk
fcZL6GXgQBj2D8xT/7qdNFzt2tMlWG9xWvB3LtTH+ypY09VR+Z2C36OZyhTrL1E+
tC80ccsKDnWl5vfNRsdQTDKE0bZ9dwU5C8tkUAM9k9k61jzuW0S2evXBpW2qFlNb
1ZcJP0sxd61CKj148aP7OIGwAa+Vn67u6EteK4TYMX6M53PKW5fRuJEqv/6SJrJB
egSJEb2kDXItfywwFTI5j8Nxs9yr58X7LaAaN0Vj6jEx1LIL1CfcngFrU9d1mGnY
o03fbYmjAbLXDzZEEeszxe8zzeJmh9KQnoBitMa6x/OMJIxPHQn2PmqBPWp6O6TU
bE3lIBiV4B6Xyg0w
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:17:10 2024 by rpki-client on console-fra.rpki-client.org