Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/157ba9-5ae7-4460-887b-782b82ebcaae/1/pdA9ShOyymqlaxxMo3S6JxTrs10.roa
File: pdA9ShOyymqlaxxMo3S6JxTrs10.roa (raw, json)
Hash identifier: Pf7D3WV+AWuMYiE9pP+JqGLPMqduS0YXbYwutRFc/e8=
Subject key identifier: A5:D0:3D:4A:13:B2:CA:6A:A5:6B:1C:4C:A3:74:BA:27:14:EB:B3:5D
Certificate issuer: /CN=83e5d90301d3cf67b88fee42dd545afcf14ea561
Certificate serial: 018CC64B6CA3E062DB7A6629D855410F9C5F
Authority key identifier: 83:E5:D9:03:01:D3:CF:67:B8:8F:EE:42:DD:54:5A:FC:F1:4E:A5:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g-XZAwHTz2e4j-5C3VRa_PFOpWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/157ba9-5ae7-4460-887b-782b82ebcaae/1/pdA9ShOyymqlaxxMo3S6JxTrs10.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 194.29.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/157ba9-5ae7-4460-887b-782b82ebcaae/1/g-XZAwHTz2e4j-5C3VRa_PFOpWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/157ba9-5ae7-4460-887b-782b82ebcaae/1/g-XZAwHTz2e4j-5C3VRa_PFOpWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/g-XZAwHTz2e4j-5C3VRa_PFOpWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6c:a3:e0:62:db:7a:66:29:d8:55:41:0f:9c:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83e5d90301d3cf67b88fee42dd545afcf14ea561
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5d03d4a13b2ca6aa56b1c4ca374ba2714ebb35d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e9:0d:28:5d:f7:35:ab:e3:16:3b:66:38:0b:
91:a0:3f:8b:39:25:3d:fd:95:18:f6:70:29:7d:2c:
99:6a:4a:4a:0e:88:dd:59:78:bd:3f:ad:1b:bb:79:
06:f9:38:ce:77:4e:77:97:dd:0a:9a:01:16:0e:f3:
11:55:2c:2c:b3:b1:e0:9a:bf:0d:55:50:6b:46:da:
78:3a:85:40:0b:0e:33:fa:aa:18:ee:76:fc:aa:41:
ab:a2:48:9e:e9:82:99:bd:56:09:7d:b3:a4:0f:8e:
28:d0:d3:c0:b1:14:81:96:04:e8:7f:96:c2:2c:60:
2c:c0:10:31:6a:25:da:7d:7d:54:06:0b:76:19:30:
f4:20:23:81:fb:f6:b0:0a:54:1c:93:6c:54:f6:33:
dd:6a:6b:1a:07:a1:af:ed:17:2b:b2:47:3e:71:e0:
0a:15:79:73:11:6e:d7:0e:8b:c5:ea:8b:c4:d0:1a:
04:91:6a:61:d9:63:fc:db:9f:77:58:70:2d:a7:42:
14:3f:45:d9:63:81:7e:0d:c7:53:62:04:0a:a4:02:
8f:3c:17:50:c8:7c:68:42:f7:87:91:f2:03:59:dc:
78:6c:91:2b:ec:83:12:bb:1e:20:51:0f:1a:b1:90:
df:2b:a6:26:37:1c:d1:01:25:34:18:00:a1:a5:bf:
b6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:D0:3D:4A:13:B2:CA:6A:A5:6B:1C:4C:A3:74:BA:27:14:EB:B3:5D
X509v3 Authority Key Identifier:
keyid:83:E5:D9:03:01:D3:CF:67:B8:8F:EE:42:DD:54:5A:FC:F1:4E:A5:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-XZAwHTz2e4j-5C3VRa_PFOpWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/157ba9-5ae7-4460-887b-782b82ebcaae/1/pdA9ShOyymqlaxxMo3S6JxTrs10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/157ba9-5ae7-4460-887b-782b82ebcaae/1/g-XZAwHTz2e4j-5C3VRa_PFOpWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.29.54.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:da:60:0e:67:86:87:cd:1f:38:f8:3f:bd:39:40:2d:a6:77:
43:1d:01:6a:38:15:c7:99:00:bb:d5:5c:7e:3a:d6:11:ee:f4:
67:b8:4b:0b:3c:c2:b9:94:83:47:06:86:db:42:3a:d0:d7:dd:
79:e5:0e:35:09:3f:d7:fe:04:c6:1e:53:ab:21:01:2e:3a:c8:
ea:24:54:fa:41:4e:8d:00:d2:11:4c:fa:50:9e:e7:4f:fd:98:
8b:6e:88:2b:4c:f2:20:fb:5b:7a:95:21:f8:b6:b0:68:49:d3:
f5:6a:1a:1a:6e:b0:0e:6e:4c:be:34:4e:e1:44:a2:5a:3f:5b:
f7:30:fa:32:43:3c:b0:4b:4f:6e:f6:fb:6d:c3:e4:a9:b4:1a:
92:72:20:b0:bd:47:dc:c4:7b:5c:78:eb:36:72:8b:30:eb:e8:
dd:30:bb:b0:62:17:43:a7:b5:58:1c:6e:21:95:70:1f:34:ad:
e4:e4:a3:5d:82:87:40:05:45:10:9e:94:35:8c:74:28:4e:23:
bc:10:fa:8d:c1:7e:0c:9c:d4:f4:c1:ae:0a:66:ad:85:01:e6:
66:c7:88:73:77:5a:c5:4f:aa:bd:08:ea:ff:0a:c5:b3:be:bb:
92:48:17:e3:ae:39:57:71:b8:18:f2:00:2c:2b:2a:27:e6:10:
5a:e0:4f:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS2yj4GLbemYp2FVBD5xfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZTVkOTAzMDFkM2NmNjdiODhmZWU0MmRkNTQ1YWZjZjE0
ZWE1NjEwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWQwM2Q0YTEzYjJjYTZhYTU2YjFjNGNhMzc0YmEyNzE0ZWJiMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkekNKF33NavjFjtmOAuRoD+LOSU9
/ZUY9nApfSyZakpKDojdWXi9P60bu3kG+TjOd053l90KmgEWDvMRVSwss7Hgmr8N
VVBrRtp4OoVACw4z+qoY7nb8qkGrokie6YKZvVYJfbOkD44o0NPAsRSBlgTof5bC
LGAswBAxaiXafX1UBgt2GTD0ICOB+/awClQck2xU9jPdamsaB6Gv7Rcrskc+ceAK
FXlzEW7XDovF6ovE0BoEkWph2WP82593WHAtp0IUP0XZY4F+DcdTYgQKpAKPPBdQ
yHxoQveHkfIDWdx4bJEr7IMSux4gUQ8asZDfK6YmNxzRASU0GAChpb+2wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXQPUoTsspqpWscTKN0uicU67NdMB8GA1UdIwQY
MBaAFIPl2QMB089nuI/uQt1UWvzxTqVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy1YWkF3SFR6MmU0ai01QzNWUmFfUEZPcFdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8xNTdiYTktNWFlNy00NDYwLTg4N2It
NzgyYjgyZWJjYWFlLzEvcGRBOVNoT3l5bXFsYXh4TW8zUzZKeFRyczEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8xNTdiYTktNWFlNy00NDYwLTg4N2ItNzgyYjgyZWJjYWFl
LzEvZy1YWkF3SFR6MmU0ai01QzNWUmFfUEZPcFdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh02MA0G
CSqGSIb3DQEBCwUAA4IBAQAt2mAOZ4aHzR84+D+9OUAtpndDHQFqOBXHmQC71Vx+
OtYR7vRnuEsLPMK5lINHBobbQjrQ19155Q41CT/X/gTGHlOrIQEuOsjqJFT6QU6N
ANIRTPpQnudP/ZiLbogrTPIg+1t6lSH4trBoSdP1ahoabrAObky+NE7hRKJaP1v3
MPoyQzywS09u9vttw+SptBqSciCwvUfcxHtceOs2cosw6+jdMLuwYhdDp7VYHG4h
lXAfNK3k5KNdgodABUUQnpQ1jHQoTiO8EPqNwX4MnNT0wa4KZq2FAeZmx4hzd1rF
T6q9COr/CsWzvruSSBfjrjlXcbgY8gAsKyon5hBa4E9y
-----END CERTIFICATE-----
Generated at Fri May 3 02:08:24 2024 by rpki-client on console-ams.rpki-client.org