Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/1H17hr_hUobWuXYgGJhlVMl0vAc.roa
File: 1H17hr_hUobWuXYgGJhlVMl0vAc.roa (raw, json)
Hash identifier: Rkxn+UezcsjedNVWyRrXBhJiByNzWdCMDO+NHJTfQBQ=
Subject key identifier: D4:7D:7B:86:BF:E1:52:86:D6:B9:76:20:18:98:65:54:C9:74:BC:07
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA57D04F87A23BFD15905C3C79D61
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/1H17hr_hUobWuXYgGJhlVMl0vAc.roa
Signing time: Tue 02 Jan 2024 04:30:09 +0000
ROA not before: Tue 02 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 194.5.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 05:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a5:7d:04:f8:7a:23:bf:d1:59:05:c3:c7:9d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d47d7b86bfe15286d6b9762018986554c974bc07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0a:5c:91:d3:60:00:34:01:1f:cd:48:c4:96:
d9:6b:0c:67:38:dc:d5:32:46:19:80:7d:11:8e:4e:
78:43:c8:99:01:e1:a6:4f:12:6a:b8:82:d6:0e:4e:
5f:50:f3:a9:05:7b:09:c9:cb:a5:74:4a:90:80:bd:
fe:22:ec:42:30:7e:e3:29:21:62:a2:e7:d9:1f:4a:
82:6b:fa:5b:94:76:23:d1:b4:0b:75:17:d3:23:0e:
71:c7:93:dd:b5:68:9a:3e:59:e4:15:d8:a2:da:91:
fb:74:3c:3d:0f:2a:ea:4c:66:4e:01:73:3d:55:aa:
09:63:7d:55:1d:6e:25:39:0e:15:ed:78:72:4f:3d:
6c:e2:00:14:2a:51:c6:1b:16:77:f8:24:b0:bf:64:
38:30:fe:ff:f7:ba:85:68:e5:65:1b:69:ac:87:09:
8e:26:f7:2f:8d:6e:ef:93:2d:f7:27:3f:79:e4:da:
52:b0:a4:f8:d0:ed:f8:bd:3d:f5:aa:6e:9f:45:7c:
3e:52:72:30:fe:ba:4d:14:e8:d9:55:87:31:f4:b9:
00:7a:33:0a:f8:1e:95:6d:82:f2:9a:c0:20:ab:94:
81:4f:14:17:8d:2a:43:36:1b:d8:b5:48:25:b7:52:
b4:c2:15:95:e1:3a:4e:1a:f5:17:9b:21:bc:6f:e5:
73:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7D:7B:86:BF:E1:52:86:D6:B9:76:20:18:98:65:54:C9:74:BC:07
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/1H17hr_hUobWuXYgGJhlVMl0vAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.49.0/24
Signature Algorithm: sha256WithRSAEncryption
64:3c:58:c0:66:a8:47:cf:f4:23:1d:82:b1:52:af:46:20:c4:
b5:c0:8c:58:8c:63:51:2a:06:0e:df:29:0f:73:d3:06:2e:3e:
43:7c:c0:c1:20:c3:b4:86:4b:51:4a:06:cc:16:2c:8c:01:e4:
97:62:50:b7:17:09:0f:5f:3b:e8:ce:81:cf:fa:a4:f3:57:e3:
2c:39:8a:2d:d3:34:f4:cb:04:dd:a3:92:76:c6:86:c4:93:ed:
2e:be:bb:b4:ed:a4:82:4c:27:d4:85:2e:0b:a4:10:4c:ee:0d:
39:7d:39:e4:a4:c8:c3:d1:07:50:18:2c:49:c8:5f:83:16:8e:
94:ba:cd:a5:c6:65:b2:78:f6:82:26:4c:a6:f0:e3:b7:b9:e0:
cb:bf:d8:62:3b:52:98:7f:9b:35:50:71:f6:b3:c2:4d:99:15:
46:9e:f2:22:a9:31:4a:bd:0e:54:da:a6:46:3a:94:5b:38:85:
09:0e:c8:35:8b:ce:b6:a4:85:a1:9e:7c:f4:7b:52:a3:b8:e7:
dc:2e:5a:89:7c:9e:d0:7f:ba:df:0f:f1:8b:20:9d:99:c3:00:
7e:ca:fb:c4:29:03:5f:b1:ef:61:84:7d:ae:3d:17:50:91:59:
db:0e:f6:38:a7:96:76:cf:d1:c8:c1:ff:fc:39:36:31:d2:f9:
8c:7e:ac:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb6V9BPh6I7/RWQXDx51hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDdkN2I4NmJmZTE1Mjg2ZDZiOTc2MjAxODk4NjU1NGM5NzRiYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgpckdNgADQBH81IxJbZawxnONzV
MkYZgH0Rjk54Q8iZAeGmTxJquILWDk5fUPOpBXsJyculdEqQgL3+IuxCMH7jKSFi
oufZH0qCa/pblHYj0bQLdRfTIw5xx5PdtWiaPlnkFdii2pH7dDw9DyrqTGZOAXM9
VaoJY31VHW4lOQ4V7XhyTz1s4gAUKlHGGxZ3+CSwv2Q4MP7/97qFaOVlG2mshwmO
JvcvjW7vky33Jz955NpSsKT40O34vT31qm6fRXw+UnIw/rpNFOjZVYcx9LkAejMK
+B6VbYLymsAgq5SBTxQXjSpDNhvYtUglt1K0whWV4TpOGvUXmyG8b+Vz+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNR9e4a/4VKG1rl2IBiYZVTJdLwHMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvMUgxN2hyX2hVb2JXdVhZZ0dKaGxWTWwwdkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgUxMA0G
CSqGSIb3DQEBCwUAA4IBAQBkPFjAZqhHz/QjHYKxUq9GIMS1wIxYjGNRKgYO3ykP
c9MGLj5DfMDBIMO0hktRSgbMFiyMAeSXYlC3FwkPXzvozoHP+qTzV+MsOYot0zT0
ywTdo5J2xobEk+0uvru07aSCTCfUhS4LpBBM7g05fTnkpMjD0QdQGCxJyF+DFo6U
us2lxmWyePaCJkym8OO3ueDLv9hiO1KYf5s1UHH2s8JNmRVGnvIiqTFKvQ5U2qZG
OpRbOIUJDsg1i862pIWhnnz0e1KjuOfcLlqJfJ7Qf7rfD/GLIJ2ZwwB+yvvEKQNf
se9hhH2uPRdQkVnbDvY4p5Z2z9HIwf/8OTYx0vmMfqyo
-----END CERTIFICATE-----
Generated at Tue Apr 30 11:31:13 2024 by rpki-client on console-fra.rpki-client.org