Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/1-5dwj6SjgnHe4lBIUc8YGwbhnnw.roa
File: 1-5dwj6SjgnHe4lBIUc8YGwbhnnw.roa (raw, json)
Hash identifier: EsEC33RB7zI+vHJPDsFdDwepxYIgILK+FI56kie/PdA=
Subject key identifier: FB:97:70:8F:A4:A3:82:71:DE:E2:50:48:51:CF:18:1B:06:E1:9E:7C
Certificate issuer: /CN=c412bb3da65caab524851ef86ce9baa62074e1ed
Certificate serial: 018FDE6C80628A9F38E36E82A075BCF1DFEB
Authority key identifier: C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/1-5dwj6SjgnHe4lBIUc8YGwbhnnw.roa
Signing time: Mon 03 Jun 2024 14:06:43 +0000
ROA not before: Mon 03 Jun 2024 14:06:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 94.127.40.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 05:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:6c:80:62:8a:9f:38:e3:6e:82:a0:75:bc:f1:df:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c412bb3da65caab524851ef86ce9baa62074e1ed
Validity
Not Before: Jun 3 14:06:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb97708fa4a38271dee2504851cf181b06e19e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f4:66:db:f5:5d:53:e8:62:3e:af:30:11:c4:
46:bd:89:59:50:ac:27:58:0b:3b:22:10:be:6b:5d:
49:e9:82:64:e4:b9:98:06:c3:0b:06:31:d9:48:af:
af:86:ea:aa:7b:fe:e7:b8:a5:20:1e:90:ff:dc:e2:
f7:eb:fb:cd:d8:d5:f8:80:6c:b8:d9:da:cf:da:b0:
ba:c2:0d:cc:3b:0f:f5:eb:c3:bc:43:57:18:e7:cd:
bc:4f:e6:2c:37:61:fa:db:2c:94:8f:25:0a:81:5d:
58:6c:fa:96:2e:0d:a9:18:cb:98:6d:ef:56:97:22:
0f:b4:44:d8:2a:dc:cd:9c:a4:14:be:d7:8e:38:a0:
6d:cd:f2:7b:36:0c:36:e5:e5:44:02:46:6a:1e:f8:
86:ec:6a:5e:64:51:75:0d:c4:de:49:44:a0:99:63:
99:3c:81:18:22:76:50:9e:d7:d3:e0:23:09:9c:ba:
e7:72:8e:94:69:71:74:93:71:c6:5e:b9:8e:3d:9e:
e9:2a:e3:48:68:eb:ee:cb:5d:13:75:85:dc:de:3c:
bc:e8:e1:fe:e8:4f:e4:08:5f:de:d4:a7:18:b4:f8:
0f:21:f2:97:fd:27:74:4e:ab:07:ad:79:c6:30:3c:
49:01:6d:7a:5a:b4:2b:56:fe:d2:2f:82:ad:53:b6:
f8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:97:70:8F:A4:A3:82:71:DE:E2:50:48:51:CF:18:1B:06:E1:9E:7C
X509v3 Authority Key Identifier:
keyid:C4:12:BB:3D:A6:5C:AA:B5:24:85:1E:F8:6C:E9:BA:A6:20:74:E1:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBK7PaZcqrUkhR74bOm6piB04e0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/1-5dwj6SjgnHe4lBIUc8YGwbhnnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c7871c-51d9-463d-acb8-9b932ecd2ecc/1/xBK7PaZcqrUkhR74bOm6piB04e0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.40.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:bf:1c:54:5d:1c:32:ae:b3:9c:d5:59:72:66:e3:08:02:34:
f4:09:f1:71:0e:b5:0a:0f:ce:16:a4:f6:00:d3:6f:2a:bf:cd:
e6:ea:b6:be:4f:6e:de:cf:c8:a5:ff:ed:3e:c3:e3:87:e0:25:
ec:79:ef:a6:80:53:d7:d8:f8:9a:21:ea:d9:8c:90:37:4d:e6:
83:64:7f:97:cc:2d:cc:7f:08:c6:3b:93:76:f2:bd:f3:cf:ea:
8e:9c:55:09:46:a4:5a:a6:11:c3:6b:43:fd:7f:ce:be:2f:a0:
07:4f:6e:66:c7:f2:05:2a:d8:14:50:d9:23:cc:48:83:a1:b0:
98:05:8f:a4:b1:04:3d:6d:a9:fd:b3:ea:3a:0b:4f:52:ce:4b:
de:e2:46:1b:20:25:7b:38:fe:25:c2:c8:27:ca:ce:d1:7d:07:
c8:02:50:60:fa:bf:50:55:1b:60:b5:5c:3d:e6:19:e7:cb:87:
97:6c:ea:d1:f7:8f:6b:f7:54:16:1e:2a:dc:6a:54:f2:8c:d0:
a2:40:a9:fa:14:c2:7c:ad:57:19:7d:0e:16:34:94:c9:2c:fd:
97:14:1a:8f:a7:f3:fa:26:de:8c:db:9b:69:b6:4a:3d:68:6d:
f9:b0:92:f5:80:87:0f:5a:7b:ed:fd:24:df:2f:62:08:2a:73:
d4:73:43:90
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY/ebIBiip84426CoHW88d/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MTJiYjNkYTY1Y2FhYjUyNDg1MWVmODZjZTliYWE2MjA3
NGUxZWQwHhcNMjQwNjAzMTQwNjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjk3NzA4ZmE0YTM4MjcxZGVlMjUwNDg1MWNmMTgxYjA2ZTE5ZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvRm2/VdU+hiPq8wEcRGvYlZUKwn
WAs7IhC+a11J6YJk5LmYBsMLBjHZSK+vhuqqe/7nuKUgHpD/3OL36/vN2NX4gGy4
2drP2rC6wg3MOw/168O8Q1cY5828T+YsN2H62yyUjyUKgV1YbPqWLg2pGMuYbe9W
lyIPtETYKtzNnKQUvteOOKBtzfJ7Ngw25eVEAkZqHviG7GpeZFF1DcTeSUSgmWOZ
PIEYInZQntfT4CMJnLrnco6UaXF0k3HGXrmOPZ7pKuNIaOvuy10TdYXc3jy86OH+
6E/kCF/e1KcYtPgPIfKX/Sd0TqsHrXnGMDxJAW16WrQrVv7SL4KtU7b4OwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPuXcI+ko4Jx3uJQSFHPGBsG4Z58MB8GA1UdIwQY
MBaAFMQSuz2mXKq1JIUe+GzpuqYgdOHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJLN1BhWmNxclVraFI3NGJPbTZwaUIwNGUwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jNzg3MWMtNTFkOS00NjNkLWFjYjgt
OWI5MzJlY2QyZWNjLzEvMS01ZHdqNlNqZ25IZTRsQklVYzhZR3diaG5udy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGQvYzc4NzFjLTUxZDktNDYzZC1hY2I4LTliOTMyZWNkMmVj
Yy8xL3hCSzdQYVpjcXJVa2hSNzRiT202cGlCMDRlMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA15/KDAN
BgkqhkiG9w0BAQsFAAOCAQEAqr8cVF0cMq6znNVZcmbjCAI09AnxcQ61Cg/OFqT2
ANNvKr/N5uq2vk9u3s/Ipf/tPsPjh+Al7HnvpoBT19j4miHq2YyQN03mg2R/l8wt
zH8IxjuTdvK988/qjpxVCUakWqYRw2tD/X/Ovi+gB09uZsfyBSrYFFDZI8xIg6Gw
mAWPpLEEPW2p/bPqOgtPUs5L3uJGGyAlezj+JcLIJ8rO0X0HyAJQYPq/UFUbYLVc
PeYZ58uHl2zq0fePa/dUFh4q3GpU8ozQokCp+hTCfK1XGX0OFjSUySz9lxQaj6fz
+ibejNubabZKPWht+bCS9YCHD1p77f0k3y9iCCpz1HNDkA==
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:17:58 2024 by rpki-client on console-ams.rpki-client.org