Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/bLNpMNkvk0YXTrsGo_sbVIrjvs4.roa
File: bLNpMNkvk0YXTrsGo_sbVIrjvs4.roa (raw, json)
Hash identifier: qOsCKvOUAPO0FC1itc1nzqHCocvbz7tnf4bTEnR4tzY=
Subject key identifier: 6C:B3:69:30:D9:2F:93:46:17:4E:BB:06:A3:FB:1B:54:8A:E3:BE:CE
Certificate issuer: /CN=01292e03a731796e1d7b148b1dd235d144352f5d
Certificate serial: 018CC5DC19DE8B21CD15D3FEFA4D355E3D2C
Authority key identifier: 01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/bLNpMNkvk0YXTrsGo_sbVIrjvs4.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57474
IP address blocks: 195.96.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/ASkuA6cxeW4dexSLHdI10UQ1L10.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/ASkuA6cxeW4dexSLHdI10UQ1L10.mft
rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:19:de:8b:21:cd:15:d3:fe:fa:4d:35:5e:3d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01292e03a731796e1d7b148b1dd235d144352f5d
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cb36930d92f9346174ebb06a3fb1b548ae3bece
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7d:22:b1:8b:9d:0c:63:40:b0:54:5d:ab:5e:
86:ad:f2:3e:e6:f1:54:0d:4a:09:5b:ad:e4:48:5e:
68:90:b2:c2:25:a2:7d:f6:65:d8:a9:00:d0:30:0c:
6e:5f:d9:7e:6e:c2:38:84:00:5b:08:ad:a4:cc:56:
6d:d8:94:77:e0:d2:78:65:d5:5d:85:f0:a6:c3:74:
c7:b7:76:70:8d:b2:be:20:6e:68:24:b5:7d:1a:cf:
1c:4e:0a:05:5f:e6:4c:fb:99:5e:7a:1c:06:4b:92:
3b:22:55:7f:d2:2b:62:94:3e:74:7b:9e:27:16:f6:
d6:5e:3a:83:3d:ed:e4:0e:0a:c9:1e:a9:10:77:fe:
31:2c:e7:84:92:c8:57:89:e2:11:01:f6:ec:73:dc:
2c:16:e4:a3:d5:c6:fd:66:5c:59:b8:f2:bd:34:86:
1d:da:bc:43:be:12:c9:ea:8b:d7:30:36:33:1e:6e:
60:8b:7b:e6:34:c5:4d:3b:bb:75:21:8a:29:5a:32:
fe:13:72:c4:e2:92:f2:6a:c1:ed:0f:45:06:84:78:
56:ff:e9:c4:45:34:e4:99:da:70:9e:61:79:f9:d4:
72:fc:f3:cb:dd:74:a2:b6:ba:4c:7a:b8:f6:5c:58:
92:19:2c:c3:1f:3d:70:a9:e4:fa:a2:c5:ff:de:6f:
54:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:B3:69:30:D9:2F:93:46:17:4E:BB:06:A3:FB:1B:54:8A:E3:BE:CE
X509v3 Authority Key Identifier:
keyid:01:29:2E:03:A7:31:79:6E:1D:7B:14:8B:1D:D2:35:D1:44:35:2F:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ASkuA6cxeW4dexSLHdI10UQ1L10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/bLNpMNkvk0YXTrsGo_sbVIrjvs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3aa0f5-eae5-49a3-8ee9-0df7df4d5b01/1/ASkuA6cxeW4dexSLHdI10UQ1L10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.153.0/24
Signature Algorithm: sha256WithRSAEncryption
50:e2:04:3a:eb:a1:27:29:d3:cf:a8:c0:87:6f:80:1e:05:0a:
e0:46:d7:b1:3b:e4:a1:85:60:4e:79:9a:2f:27:ce:27:f4:40:
d2:09:69:33:44:8b:4b:73:79:17:7b:67:42:b3:c3:36:92:9e:
d3:35:54:cd:9d:8c:05:fb:67:48:fd:18:4e:58:ec:d3:8b:f2:
a5:12:02:3d:2a:c7:21:f1:5f:40:8e:cf:84:0a:8f:1c:f0:92:
c8:a6:51:11:a3:77:6d:af:0b:e2:e7:9e:80:48:77:25:31:de:
89:17:d8:4b:54:4b:37:5c:a0:29:74:70:f9:64:1e:dd:f5:f9:
c1:a6:f2:07:6b:94:04:1d:ae:b0:49:f2:86:3b:f1:54:d9:09:
50:a7:c8:b2:4b:01:1b:1c:e2:54:a6:d5:43:4b:bd:ee:d5:14:
59:70:88:ae:01:2c:e2:e6:c9:bf:57:18:c9:62:ef:2c:e5:50:
3a:63:eb:02:52:68:f9:21:e7:90:ff:13:9b:b7:0e:dc:2c:fc:
bd:7a:2f:50:cb:7d:78:b4:4f:ba:a6:fa:79:99:2c:5f:47:8c:
1a:a5:d0:a2:5a:2e:06:46:23:8b:ce:e1:90:9c:8a:dc:6a:70:
26:24:15:aa:6c:5a:2d:54:31:c9:da:8d:71:51:0c:9e:40:4a:
ce:8a:a7:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3BneiyHNFdP++k01Xj0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMjkyZTAzYTczMTc5NmUxZDdiMTQ4YjFkZDIzNWQxNDQz
NTJmNWQwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2IzNjkzMGQ5MmY5MzQ2MTc0ZWJiMDZhM2ZiMWI1NDhhZTNiZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAln0isYudDGNAsFRdq16GrfI+5vFU
DUoJW63kSF5okLLCJaJ99mXYqQDQMAxuX9l+bsI4hABbCK2kzFZt2JR34NJ4ZdVd
hfCmw3THt3ZwjbK+IG5oJLV9Gs8cTgoFX+ZM+5leehwGS5I7IlV/0itilD50e54n
FvbWXjqDPe3kDgrJHqkQd/4xLOeEkshXieIRAfbsc9wsFuSj1cb9ZlxZuPK9NIYd
2rxDvhLJ6ovXMDYzHm5gi3vmNMVNO7t1IYopWjL+E3LE4pLyasHtD0UGhHhW/+nE
RTTkmdpwnmF5+dRy/PPL3XSitrpMerj2XFiSGSzDHz1wqeT6osX/3m9UIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGyzaTDZL5NGF067BqP7G1SK477OMB8GA1UdIwQY
MBaAFAEpLgOnMXluHXsUix3SNdFENS9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVNrdUE2Y3hlVzRkZXhTTEhkSTEwVVExTDEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zYWEwZjUtZWFlNS00OWEzLThlZTkt
MGRmN2RmNGQ1YjAxLzEvYkxOcE1Oa3ZrMFlYVHJzR29fc2JWSXJqdnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zYWEwZjUtZWFlNS00OWEzLThlZTktMGRmN2RmNGQ1YjAx
LzEvQVNrdUE2Y3hlVzRkZXhTTEhkSTEwVVExTDEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CZMA0G
CSqGSIb3DQEBCwUAA4IBAQBQ4gQ666EnKdPPqMCHb4AeBQrgRtexO+ShhWBOeZov
J84n9EDSCWkzRItLc3kXe2dCs8M2kp7TNVTNnYwF+2dI/RhOWOzTi/KlEgI9Ksch
8V9Ajs+ECo8c8JLIplERo3dtrwvi556ASHclMd6JF9hLVEs3XKApdHD5ZB7d9fnB
pvIHa5QEHa6wSfKGO/FU2QlQp8iySwEbHOJUptVDS73u1RRZcIiuASzi5sm/VxjJ
Yu8s5VA6Y+sCUmj5IeeQ/xObtw7cLPy9ei9Qy314tE+6pvp5mSxfR4wapdCiWi4G
RiOLzuGQnIrcanAmJBWqbFotVDHJ2o1xUQyeQErOiqc9
-----END CERTIFICATE-----
Generated at Tue Nov 26 09:37:09 2024 by rpki-client on console-fra.rpki-client.org