Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RRa6Vbh6hjX_EYh-MJ4Ywutz4Fw.roa
File: RRa6Vbh6hjX_EYh-MJ4Ywutz4Fw.roa (raw, json)
Hash identifier: uNclefwtA+nzHLVnvXYQXkttdsnBtyv4xcnl8VOUg7E=
Subject key identifier: 45:16:BA:55:B8:7A:86:35:FF:11:88:7E:30:9E:18:C2:EB:73:E0:5C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019088F5F538815FD73ECF3A4C5720CAAFB0
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RRa6Vbh6hjX_EYh-MJ4Ywutz4Fw.roa
Signing time: Sat 06 Jul 2024 16:52:18 +0000
ROA not before: Sat 06 Jul 2024 16:52:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399471
IP address blocks: 194.85.250.0/24 maxlen: 24
212.192.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 17:32:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:88:f5:f5:38:81:5f:d7:3e:cf:3a:4c:57:20:ca:af:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 6 16:52:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4516ba55b87a8635ff11887e309e18c2eb73e05c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:93:4b:e6:7c:18:a8:b8:a0:4e:cd:9b:c8:
8d:ca:80:a5:0c:6c:38:2a:4a:60:a7:e2:4a:f0:b2:
b7:9e:b3:6f:75:b1:44:16:13:0b:89:83:07:bd:13:
24:e8:dc:4b:17:0b:cf:99:17:81:3f:ee:cb:33:aa:
d0:ae:25:73:58:73:30:ee:94:4e:5b:af:1d:96:78:
b2:9a:4c:53:f9:af:b9:9e:3e:e4:2c:aa:76:96:ac:
b7:8a:06:d4:c3:15:72:79:0d:29:ca:63:00:86:d3:
ae:6f:d5:a0:8c:70:1e:53:9f:6d:3a:72:06:b7:31:
c7:ed:63:60:ad:91:d3:c1:2c:ab:20:07:26:ea:12:
44:34:58:d4:a2:35:01:4a:41:c3:b0:0e:df:eb:b2:
9b:87:5b:0a:c6:78:dc:5e:92:2a:22:6d:7f:9f:bf:
57:bd:25:34:c5:fc:da:a9:ac:6d:70:00:ed:6c:b5:
52:67:3c:f9:ae:11:e3:d7:c7:3e:ef:db:3b:c8:ec:
1d:46:fc:66:8f:e6:9a:3d:e7:4d:07:54:9a:19:7f:
b9:da:9c:88:90:a7:fa:dd:ff:86:fe:8e:fb:8e:e6:
56:48:21:e7:51:52:0d:fe:6b:9b:2b:c6:f9:ef:4c:
dd:55:ef:5e:a6:2f:71:1f:f4:a7:85:75:08:e2:ad:
ad:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:16:BA:55:B8:7A:86:35:FF:11:88:7E:30:9E:18:C2:EB:73:E0:5C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/RRa6Vbh6hjX_EYh-MJ4Ywutz4Fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.85.250.0/24
212.192.245.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:84:29:4c:3f:4f:0f:9c:db:b5:3a:bd:41:15:2b:39:03:89:
ac:66:be:51:c8:19:b9:f3:09:c3:ad:61:b4:73:d3:c6:4c:d0:
43:59:ee:93:02:82:0e:74:5d:91:97:b6:a8:c7:bc:29:f6:68:
e1:bc:11:01:9e:21:3b:e9:bb:a9:8b:03:f7:95:49:4e:d9:28:
b6:0b:ab:39:36:ac:b6:51:b9:b8:24:14:f6:e8:3d:35:6e:66:
41:59:3d:52:c2:27:2c:51:b5:0c:87:20:cf:de:ff:c8:5e:9b:
57:48:df:aa:34:d6:34:24:e7:54:e9:bd:44:60:91:4c:c1:02:
a5:c5:a0:a2:8b:4e:42:93:e0:e8:23:b4:a0:ef:fd:2a:01:fe:
30:f5:7f:11:c8:d3:1b:79:f7:c7:1e:9c:ed:0e:d6:48:84:2c:
82:b3:e1:07:43:bd:b2:7a:b8:98:a0:1d:15:4c:c6:57:69:5f:
b7:e1:a7:3e:f8:f9:16:c9:23:79:db:64:da:f9:34:e5:67:a8:
dd:e0:3c:6c:06:2a:3e:ee:bb:2b:cf:7e:70:d3:e4:05:ae:24:
1a:66:2c:5f:0c:40:f3:3e:30:c6:b7:c4:aa:da:45:ce:e7:73:
74:35:29:86:73:28:b3:d0:67:ee:a5:94:b3:74:c4:5a:a7:bc:
3f:d9:b9:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCI9fU4gV/XPs86TFcgyq+wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzA2MTY1MjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTE2YmE1NWI4N2E4NjM1ZmYxMTg4N2UzMDllMThjMmViNzNlMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7STS+Z8GKi4oE7Nm8iNyoClDGw4
Kkpgp+JK8LK3nrNvdbFEFhMLiYMHvRMk6NxLFwvPmReBP+7LM6rQriVzWHMw7pRO
W68dlniymkxT+a+5nj7kLKp2lqy3igbUwxVyeQ0pymMAhtOub9WgjHAeU59tOnIG
tzHH7WNgrZHTwSyrIAcm6hJENFjUojUBSkHDsA7f67Kbh1sKxnjcXpIqIm1/n79X
vSU0xfzaqaxtcADtbLVSZzz5rhHj18c+79s7yOwdRvxmj+aaPedNB1SaGX+52pyI
kKf63f+G/o77juZWSCHnUVIN/mubK8b570zdVe9epi9xH/SnhXUI4q2tCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEUWulW4eoY1/xGIfjCeGMLrc+BcMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUlJhNlZiaDZoalhfRVloLU1KNFl3dXR6NEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwlX6AwQA
1MD1MA0GCSqGSIb3DQEBCwUAA4IBAQAshClMP08PnNu1Or1BFSs5A4msZr5RyBm5
8wnDrWG0c9PGTNBDWe6TAoIOdF2Rl7aox7wp9mjhvBEBniE76bupiwP3lUlO2Si2
C6s5Nqy2Ubm4JBT26D01bmZBWT1SwicsUbUMhyDP3v/IXptXSN+qNNY0JOdU6b1E
YJFMwQKlxaCii05Ck+DoI7Sg7/0qAf4w9X8RyNMbeffHHpztDtZIhCyCs+EHQ72y
eriYoB0VTMZXaV+34ac++PkWySN522Ta+TTlZ6jd4DxsBio+7rsrz35w0+QFriQa
ZixfDEDzPjDGt8Sq2kXO53N0NSmGcyiz0GfupZSzdMRap7w/2bn6
-----END CERTIFICATE-----
Generated at Tue Oct 15 02:01:41 2024 by rpki-client on console-ams.rpki-client.org