Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/YHVLsY8wQVaw9L-kwAjn4vW1ZW4.roa
File: YHVLsY8wQVaw9L-kwAjn4vW1ZW4.roa (raw, json)
Hash identifier: owTMOKWwtfSB/dfblSFSjgdLOlfKMotokSb2kj8iUr8=
Subject key identifier: 60:75:4B:B1:8F:30:41:56:B0:F4:BF:A4:C0:08:E7:E2:F5:B5:65:6E
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 01904F6269C945A9AB4195B07608E32784DB
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/YHVLsY8wQVaw9L-kwAjn4vW1ZW4.roa
Signing time: Tue 25 Jun 2024 12:32:47 +0000
ROA not before: Tue 25 Jun 2024 12:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396617
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4f:62:69:c9:45:a9:ab:41:95:b0:76:08:e3:27:84:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Jun 25 12:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60754bb18f304156b0f4bfa4c008e7e2f5b5656e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:88:98:5a:57:d2:62:3b:f2:c3:ba:7f:a5:df:
e4:49:af:b0:dc:ca:de:e0:43:da:75:55:d8:e1:9b:
47:55:d3:e5:49:18:16:0e:fd:c4:ce:cc:40:e5:4d:
6e:33:9b:9a:ae:eb:93:b9:35:d1:2a:0c:36:76:92:
4f:00:b1:ee:4b:e6:89:d8:40:e3:13:d4:0b:ac:b1:
56:0b:dd:d5:eb:96:9a:c4:53:bd:6e:50:78:23:b2:
23:13:0a:dc:4e:08:90:76:d9:2b:19:d1:be:d4:2a:
f0:38:9f:0a:47:9e:17:d6:88:35:67:6a:31:3c:f2:
f8:4b:25:d0:95:d1:00:ea:de:54:2c:ac:6b:7e:d7:
32:62:b8:72:d2:b5:2c:fc:6e:7a:4d:cf:d1:50:56:
28:c9:72:92:9c:69:84:64:97:e0:24:90:fe:95:97:
c7:73:53:de:46:36:7e:7c:d0:96:2c:f8:8c:aa:2b:
64:c8:5c:35:bf:0e:ec:c8:bf:0d:66:35:f7:3a:54:
49:19:be:0f:0e:b4:7c:6b:86:65:34:b8:7c:a9:30:
c6:33:5d:0b:94:6a:0a:1c:cf:4d:22:d5:ea:4b:eb:
3e:a8:61:74:f0:7d:fd:75:0d:58:10:a1:4a:7a:a6:
ed:f1:68:fa:88:53:15:36:86:9f:7c:33:e8:15:73:
29:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:75:4B:B1:8F:30:41:56:B0:F4:BF:A4:C0:08:E7:E2:F5:B5:65:6E
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/YHVLsY8wQVaw9L-kwAjn4vW1ZW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
Signature Algorithm: sha256WithRSAEncryption
4d:3d:7a:5d:5e:26:a9:99:56:5f:38:4d:40:26:3a:b2:17:a2:
a1:f6:20:e7:2c:f2:37:72:08:9e:0f:85:00:81:f5:a2:ce:41:
8f:6b:3b:50:77:59:a4:bb:c3:e8:14:57:fe:1d:5d:db:cf:21:
7e:90:a0:e3:f9:8d:d9:f2:d6:dd:9f:92:0d:fc:bb:7a:67:c4:
55:10:fe:98:36:79:cf:0d:fd:42:c5:1d:b6:94:3b:d4:22:a3:
3d:62:79:ee:e3:7b:d8:f8:c8:70:03:b2:68:06:7c:b6:4f:3d:
ea:78:37:10:c2:ea:47:70:49:b6:99:c3:52:e6:0b:5e:f8:9a:
54:5e:e9:0e:bf:fa:b1:78:9c:56:cc:c8:ab:76:dc:e2:35:7b:
93:b0:a2:0b:fb:f7:29:6c:90:ae:cf:4b:ac:7f:d0:9a:e4:cc:
4e:39:67:d4:bb:0b:2f:d8:c2:a0:6b:d1:18:63:30:73:7e:8b:
05:5a:e0:9c:c9:4f:ee:14:f2:37:3a:0d:89:ee:2c:44:35:de:
69:cd:ba:19:e5:24:c8:c5:46:16:56:c0:a0:eb:f4:80:8a:14:
b1:a7:83:1c:d1:80:ed:fc:b7:0b:6c:f4:c4:e6:62:a8:f1:17:
9b:df:47:f0:e2:0d:56:da:ed:71:00:cb:0c:86:36:e8:f0:7b:
9c:6d:3d:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBPYmnJRamrQZWwdgjjJ4TbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjQwNjI1MTIzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDc1NGJiMThmMzA0MTU2YjBmNGJmYTRjMDA4ZTdlMmY1YjU2NTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYiYWlfSYjvyw7p/pd/kSa+w3Mre
4EPadVXY4ZtHVdPlSRgWDv3EzsxA5U1uM5uaruuTuTXRKgw2dpJPALHuS+aJ2EDj
E9QLrLFWC93V65aaxFO9blB4I7IjEwrcTgiQdtkrGdG+1CrwOJ8KR54X1og1Z2ox
PPL4SyXQldEA6t5ULKxrftcyYrhy0rUs/G56Tc/RUFYoyXKSnGmEZJfgJJD+lZfH
c1PeRjZ+fNCWLPiMqitkyFw1vw7syL8NZjX3OlRJGb4PDrR8a4ZlNLh8qTDGM10L
lGoKHM9NItXqS+s+qGF08H39dQ1YEKFKeqbt8Wj6iFMVNoaffDPoFXMpRwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGB1S7GPMEFWsPS/pMAI5+L1tWVuMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvWUhWTHNZOHdRVmF3OUwta3dBam40dlcxWlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUBURPDHjAN
BgkqhkiG9w0BAQsFAAOCAQEATT16XV4mqZlWXzhNQCY6sheiofYg5yzyN3IIng+F
AIH1os5Bj2s7UHdZpLvD6BRX/h1d288hfpCg4/mN2fLW3Z+SDfy7emfEVRD+mDZ5
zw39QsUdtpQ71CKjPWJ57uN72PjIcAOyaAZ8tk896ng3EMLqR3BJtpnDUuYLXvia
VF7pDr/6sXicVszIq3bc4jV7k7CiC/v3KWyQrs9LrH/QmuTMTjln1LsLL9jCoGvR
GGMwc36LBVrgnMlP7hTyNzoNie4sRDXeac26GeUkyMVGFlbAoOv0gIoUsaeDHNGA
7fy3C2z0xOZiqPEXm99H8OINVtrtcQDLDIY26PB7nG09eQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:34:19 2024 by rpki-client on console-fra.rpki-client.org