Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/tjZDIne6Lh06R4o5e-okODsmQgw.roa
File: tjZDIne6Lh06R4o5e-okODsmQgw.roa (raw, json)
Hash identifier: SpruQ9gTaT5Np0Jbcr249Zlgr0yF1KQPIhU/7j1iDQY=
Subject key identifier: B6:36:43:22:77:BA:2E:1D:3A:47:8A:39:7B:EA:24:38:3B:26:42:0C
Certificate issuer: /CN=1c2ac1246a2e0ea97a0c2295b73ddbe006d0ed2c
Certificate serial: 018CC64AFF0CADC016E92B1D30CD70C23D8E
Authority key identifier: 1C:2A:C1:24:6A:2E:0E:A9:7A:0C:22:95:B7:3D:DB:E0:06:D0:ED:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/tjZDIne6Lh06R4o5e-okODsmQgw.roa
Signing time: Mon 01 Jan 2024 18:30:52 +0000
ROA not before: Mon 01 Jan 2024 18:30:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48769
IP address blocks: 194.153.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:ff:0c:ad:c0:16:e9:2b:1d:30:cd:70:c2:3d:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c2ac1246a2e0ea97a0c2295b73ddbe006d0ed2c
Validity
Not Before: Jan 1 18:30:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b636432277ba2e1d3a478a397bea24383b26420c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ce:a6:c2:c0:ef:5d:a6:31:2a:3d:9a:4a:ed:
ff:c2:90:62:0f:66:77:d3:82:cc:57:a3:de:a5:80:
f2:fa:83:e4:6c:10:d7:68:30:6c:cd:f7:42:b8:5d:
47:d9:54:f8:94:a7:0c:e1:96:fd:dc:6c:8b:b6:53:
33:9f:8f:30:12:e2:b5:d5:2b:b1:45:6c:21:d9:db:
dc:2b:63:78:6c:33:7b:f5:83:02:43:28:03:47:db:
04:c0:db:09:ac:c1:fa:b8:a0:db:bc:dd:76:0d:d6:
b3:29:e4:5c:0e:9a:db:99:06:68:2a:cf:a0:fa:52:
c5:14:cd:3b:9f:d9:24:ce:55:0d:62:8d:74:20:4e:
b1:c4:3b:aa:65:d1:e3:80:ae:ea:5a:67:c9:1e:77:
5a:cf:99:2d:98:b0:84:f5:c5:f4:4e:78:d9:02:32:
a4:78:50:7e:0c:69:54:29:4c:71:f4:c9:75:4f:39:
11:40:61:dc:93:87:d8:c9:e5:d7:cd:c1:de:90:9f:
bd:27:bb:57:50:75:bc:3c:15:c9:7e:6c:0e:60:5f:
d5:19:a7:42:91:b0:4f:a8:66:18:e0:0d:c4:9d:e4:
cd:1d:fe:83:f9:1f:c1:1b:b1:91:9b:c3:43:e8:58:
14:53:33:02:ae:6e:8e:fa:0a:6a:88:31:47:83:4d:
33:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:36:43:22:77:BA:2E:1D:3A:47:8A:39:7B:EA:24:38:3B:26:42:0C
X509v3 Authority Key Identifier:
keyid:1C:2A:C1:24:6A:2E:0E:A9:7A:0C:22:95:B7:3D:DB:E0:06:D0:ED:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCrBJGouDql6DCKVtz3b4AbQ7Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/tjZDIne6Lh06R4o5e-okODsmQgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0de7e1-bf7f-434f-9591-8d46e09df9f3/1/HCrBJGouDql6DCKVtz3b4AbQ7Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.153.187.0/24
Signature Algorithm: sha256WithRSAEncryption
56:97:a4:51:5f:f0:56:79:b3:4f:c3:88:7e:a3:71:f7:2f:6c:
22:58:c5:ae:3b:02:4e:99:85:92:fb:6e:3d:5b:f5:b4:a0:33:
a0:13:5c:45:b3:7e:04:00:f0:99:32:62:4a:d6:7d:18:1f:86:
1b:48:cd:71:8d:cd:11:52:aa:9a:6e:60:20:8a:36:e9:9a:7e:
68:af:f5:4b:e1:74:2d:35:0f:86:2f:3b:6e:5d:ea:da:cb:8a:
e0:fc:6f:1c:38:01:c2:5e:d5:93:54:fa:6f:48:bd:f7:7c:90:
63:f5:74:6c:39:c6:6c:ce:49:3a:04:f9:15:48:ea:08:6c:bc:
f2:a3:bd:ac:3a:82:11:ef:13:ed:93:ac:3b:b1:87:a0:0b:97:
71:4a:64:cc:4a:f1:99:59:ba:bd:24:c8:39:4d:5c:78:28:6d:
ba:c8:c4:98:fc:6f:25:f5:27:dc:91:74:e2:9f:e0:18:ab:fd:
88:5e:58:04:3f:e8:9e:a8:66:4d:61:17:1a:87:c2:07:a9:b5:
c4:e8:d9:c4:bd:b4:42:14:6d:05:8d:8a:35:be:44:db:7a:92:
99:34:2d:fb:4f:76:af:c1:43:ff:92:d9:fa:d2:2d:50:bb:fe:
41:43:93:86:9f:4c:ba:71:a9:07:c8:da:be:7f:44:f9:96:d9:
e8:d8:b7:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSv8MrcAW6SsdMM1wwj2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMmFjMTI0NmEyZTBlYTk3YTBjMjI5NWI3M2RkYmUwMDZk
MGVkMmMwHhcNMjQwMTAxMTgzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjM2NDMyMjc3YmEyZTFkM2E0NzhhMzk3YmVhMjQzODNiMjY0MjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc6mwsDvXaYxKj2aSu3/wpBiD2Z3
04LMV6PepYDy+oPkbBDXaDBszfdCuF1H2VT4lKcM4Zb93GyLtlMzn48wEuK11Sux
RWwh2dvcK2N4bDN79YMCQygDR9sEwNsJrMH6uKDbvN12DdazKeRcDprbmQZoKs+g
+lLFFM07n9kkzlUNYo10IE6xxDuqZdHjgK7qWmfJHndaz5ktmLCE9cX0TnjZAjKk
eFB+DGlUKUxx9Ml1TzkRQGHck4fYyeXXzcHekJ+9J7tXUHW8PBXJfmwOYF/VGadC
kbBPqGYY4A3EneTNHf6D+R/BG7GRm8ND6FgUUzMCrm6O+gpqiDFHg00z3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLY2QyJ3ui4dOkeKOXvqJDg7JkIMMB8GA1UdIwQY
MBaAFBwqwSRqLg6pegwilbc92+AG0O0sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENyQkpHb3VEcWw2RENLVnR6M2I0QWJRN1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8wZGU3ZTEtYmY3Zi00MzRmLTk1OTEt
OGQ0NmUwOWRmOWYzLzEvdGpaREluZTZMaDA2UjRvNWUtb2tPRHNtUWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8wZGU3ZTEtYmY3Zi00MzRmLTk1OTEtOGQ0NmUwOWRmOWYz
LzEvSENyQkpHb3VEcWw2RENLVnR6M2I0QWJRN1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpm7MA0G
CSqGSIb3DQEBCwUAA4IBAQBWl6RRX/BWebNPw4h+o3H3L2wiWMWuOwJOmYWS+249
W/W0oDOgE1xFs34EAPCZMmJK1n0YH4YbSM1xjc0RUqqabmAgijbpmn5or/VL4XQt
NQ+GLztuXeray4rg/G8cOAHCXtWTVPpvSL33fJBj9XRsOcZszkk6BPkVSOoIbLzy
o72sOoIR7xPtk6w7sYegC5dxSmTMSvGZWbq9JMg5TVx4KG26yMSY/G8l9SfckXTi
n+AYq/2IXlgEP+ieqGZNYRcah8IHqbXE6NnEvbRCFG0FjYo1vkTbepKZNC37T3av
wUP/ktn60i1Qu/5BQ5OGn0y6cakHyNq+f0T5ltno2Len
-----END CERTIFICATE-----
Generated at Sun Jun 23 00:56:03 2024 by rpki-client on console-fra.rpki-client.org