Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/ydK1pHUIFPXo_3iqdql6xaB40is.roa
File: ydK1pHUIFPXo_3iqdql6xaB40is.roa (raw, json)
Hash identifier: Ev+hzeMa4qcGNVeN+kuik3EGCOKBqtfD4JLHI73rzNU=
Subject key identifier: C9:D2:B5:A4:75:08:14:F5:E8:FF:78:AA:76:A9:7A:C5:A0:78:D2:2B
Certificate issuer: /CN=3c2c854011140a10947da7b53bbb350f3c54b33e
Certificate serial: 018CCA285F52337165C32595BE8D0F2025B6
Authority key identifier: 3C:2C:85:40:11:14:0A:10:94:7D:A7:B5:3B:BB:35:0F:3C:54:B3:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PCyFQBEUChCUfae1O7s1DzxUsz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/ydK1pHUIFPXo_3iqdql6xaB40is.roa
Signing time: Tue 02 Jan 2024 12:31:32 +0000
ROA not before: Tue 02 Jan 2024 12:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211010
IP address blocks: 193.35.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/PCyFQBEUChCUfae1O7s1DzxUsz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/PCyFQBEUChCUfae1O7s1DzxUsz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/PCyFQBEUChCUfae1O7s1DzxUsz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:5f:52:33:71:65:c3:25:95:be:8d:0f:20:25:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c2c854011140a10947da7b53bbb350f3c54b33e
Validity
Not Before: Jan 2 12:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9d2b5a4750814f5e8ff78aa76a97ac5a078d22b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b5:fe:dd:4a:e5:8c:97:ab:ea:9a:54:73:8e:
47:20:31:13:fd:e6:f8:70:87:93:05:54:15:1a:35:
1e:b3:c3:a7:f4:1f:7b:41:3e:42:d5:a4:e6:7e:c9:
a4:fc:e7:ca:c5:39:45:c7:16:e6:03:67:33:79:68:
92:d3:ff:26:42:33:b0:a2:c5:cc:ec:ad:8c:be:c6:
a7:ad:7a:34:4c:20:fa:0a:c5:48:2c:01:4d:dd:14:
dd:46:20:28:0e:09:80:f7:ed:08:9c:de:7c:0c:d6:
90:b2:cb:e8:9d:b1:dd:96:46:ce:2e:36:f9:f6:69:
27:46:2f:b0:cf:dc:0a:cc:07:f3:e1:41:c2:10:d9:
3b:29:d1:6d:c7:da:4f:9f:01:cd:3e:9c:8b:7e:91:
9e:86:7d:b6:1a:9f:8a:89:cb:3d:d1:cc:60:52:11:
cb:46:d1:66:80:62:93:c9:58:e1:fd:21:c1:23:b6:
49:b8:30:08:a9:60:15:cd:f9:0d:2d:a6:d0:77:14:
fc:96:4a:c2:75:b0:9e:ca:77:ca:ee:54:a6:d7:6c:
02:a0:b2:35:e8:8f:9a:1d:1a:60:a4:a4:1c:93:a6:
83:15:39:42:dd:a9:af:09:fa:78:9f:6d:e6:eb:5f:
15:43:e5:cd:2b:a2:bd:cc:5b:14:38:38:5d:7a:ec:
01:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D2:B5:A4:75:08:14:F5:E8:FF:78:AA:76:A9:7A:C5:A0:78:D2:2B
X509v3 Authority Key Identifier:
keyid:3C:2C:85:40:11:14:0A:10:94:7D:A7:B5:3B:BB:35:0F:3C:54:B3:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PCyFQBEUChCUfae1O7s1DzxUsz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/ydK1pHUIFPXo_3iqdql6xaB40is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e0580d-048a-4e6d-bec6-b5bbd0b5e0aa/1/PCyFQBEUChCUfae1O7s1DzxUsz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.63.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:9e:3f:34:33:ea:35:8b:0c:47:53:40:93:27:8a:ae:11:28:
1c:55:9b:18:97:1c:51:13:e4:14:34:f7:f8:1f:ca:4c:3c:c2:
b0:f9:e1:c1:a8:28:f0:88:b1:66:c9:ea:76:ad:8d:57:93:ce:
f3:b8:68:30:2a:95:66:3f:8e:f9:fe:df:7e:0e:18:1c:20:eb:
ce:4b:66:19:00:1a:f2:c8:f7:69:8a:92:9b:3b:fd:3a:90:50:
72:ac:7f:15:51:c9:48:ca:c9:c9:60:e8:72:21:f4:e8:04:d9:
67:98:b4:d3:6a:cb:4e:8e:69:bb:2d:8b:00:b7:f7:2d:66:5e:
57:78:45:a9:d1:ef:08:e1:e7:ad:40:4d:61:96:77:d7:d0:a5:
2c:9d:47:15:7b:8f:fd:d1:dd:c7:cd:8a:0a:14:f3:53:04:6f:
c1:be:37:11:84:cb:be:df:27:1d:a4:f1:65:8f:b8:8b:c3:d2:
9c:71:45:7d:17:4f:72:6a:bb:b9:94:1f:f8:e3:a8:68:a0:09:
a4:85:8f:7e:9a:96:e5:69:68:df:fe:53:8b:12:eb:f0:9b:82:
31:8a:7d:cd:70:07:8e:47:7e:e5:fc:65:f6:0a:5a:9a:fc:de:
32:92:02:eb:d2:5f:4d:4d:48:a3:81:d4:c9:6b:13:e2:f5:05:
3e:1d:60:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKF9SM3FlwyWVvo0PICW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMmM4NTQwMTExNDBhMTA5NDdkYTdiNTNiYmIzNTBmM2M1
NGIzM2UwHhcNMjQwMTAyMTIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQyYjVhNDc1MDgxNGY1ZThmZjc4YWE3NmE5N2FjNWEwNzhkMjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrX+3UrljJer6ppUc45HIDET/eb4
cIeTBVQVGjUes8On9B97QT5C1aTmfsmk/OfKxTlFxxbmA2czeWiS0/8mQjOwosXM
7K2MvsanrXo0TCD6CsVILAFN3RTdRiAoDgmA9+0InN58DNaQssvonbHdlkbOLjb5
9mknRi+wz9wKzAfz4UHCENk7KdFtx9pPnwHNPpyLfpGehn22Gp+Kics90cxgUhHL
RtFmgGKTyVjh/SHBI7ZJuDAIqWAVzfkNLabQdxT8lkrCdbCeynfK7lSm12wCoLI1
6I+aHRpgpKQck6aDFTlC3amvCfp4n23m618VQ+XNK6K9zFsUODhdeuwB/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMnStaR1CBT16P94qnapesWgeNIrMB8GA1UdIwQY
MBaAFDwshUARFAoQlH2ntTu7NQ88VLM+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEN5RlFCRVVDaENVZmFlMU83czFEenhVc3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lMDU4MGQtMDQ4YS00ZTZkLWJlYzYt
YjViYmQwYjVlMGFhLzEveWRLMXBIVUlGUFhvXzNpcWRxbDZ4YUI0MGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lMDU4MGQtMDQ4YS00ZTZkLWJlYzYtYjViYmQwYjVlMGFh
LzEvUEN5RlFCRVVDaENVZmFlMU83czFEenhVc3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSM/MA0G
CSqGSIb3DQEBCwUAA4IBAQB/nj80M+o1iwxHU0CTJ4quESgcVZsYlxxRE+QUNPf4
H8pMPMKw+eHBqCjwiLFmyep2rY1Xk87zuGgwKpVmP475/t9+DhgcIOvOS2YZABry
yPdpipKbO/06kFByrH8VUclIysnJYOhyIfToBNlnmLTTastOjmm7LYsAt/ctZl5X
eEWp0e8I4eetQE1hlnfX0KUsnUcVe4/90d3HzYoKFPNTBG/BvjcRhMu+3ycdpPFl
j7iLw9KccUV9F09yaru5lB/446hooAmkhY9+mpblaWjf/lOLEuvwm4Ixin3NcAeO
R37l/GX2Clqa/N4ykgLr0l9NTUijgdTJaxPi9QU+HWBn
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:01:19 2024 by rpki-client on console-ams.rpki-client.org