Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T2Wk7YEOcR4zxmWU52j5D1zYlNI.roa
File: T2Wk7YEOcR4zxmWU52j5D1zYlNI.roa (raw, json)
Hash identifier: 9omC9xgk0Ml1fW5FnmG1WVdwo0giHikpL2gtT/EnQlc=
Subject key identifier: 4F:65:A4:ED:81:0E:71:1E:33:C6:65:94:E7:68:F9:0F:5C:D8:94:D2
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A81D8D92D6E9615FA6AF462D09381
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T2Wk7YEOcR4zxmWU52j5D1zYlNI.roa
Signing time: Tue 02 Jan 2024 12:33:52 +0000
ROA not before: Tue 02 Jan 2024 12:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200113
IP address blocks: 194.87.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:81:d8:d9:2d:6e:96:15:fa:6a:f4:62:d0:93:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f65a4ed810e711e33c66594e768f90f5cd894d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:99:00:10:5e:25:e4:57:bc:6d:d0:1a:8f:07:
cc:a8:6c:48:ad:c2:24:c5:0c:b4:5e:23:8c:9a:6a:
0d:48:26:d3:b2:a2:64:4d:77:83:39:91:1d:26:e1:
4a:5e:24:fb:f8:ca:48:05:2c:7a:d4:cc:c4:1a:02:
04:23:c8:dc:70:97:02:24:61:c3:c9:a5:90:3e:6d:
f8:ea:d1:3f:82:74:d8:40:22:57:b2:c4:20:a9:b0:
6b:d5:50:51:36:65:bb:1a:ba:0e:d5:3b:a8:1e:b5:
43:4e:21:bf:e7:37:7c:34:78:15:89:2d:09:71:62:
ab:d5:f0:e0:45:98:5d:b5:b5:9c:24:c0:38:dc:e3:
35:dd:7b:a2:cb:77:3c:fa:5e:85:f0:25:f1:3a:13:
13:8d:f9:2f:e0:3a:01:34:b8:8d:0b:00:83:02:f6:
7d:4f:ab:f0:6b:4a:ad:14:37:3e:02:44:90:ed:b6:
05:a8:11:7b:27:b5:42:78:81:f6:c2:89:24:8c:bc:
c8:6a:ce:cc:71:4e:15:3f:5b:8b:97:ba:4f:73:65:
b7:c8:8f:19:13:d1:6d:76:be:be:93:3c:c6:28:d2:
70:4a:b6:1c:b0:22:71:9a:a8:63:5c:cf:c9:1a:52:
96:1a:56:b8:fd:9b:7f:09:f0:f8:1f:58:61:64:c4:
14:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:65:A4:ED:81:0E:71:1E:33:C6:65:94:E7:68:F9:0F:5C:D8:94:D2
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/T2Wk7YEOcR4zxmWU52j5D1zYlNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.251.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:8a:1d:3b:42:28:f3:73:39:14:e2:dd:72:16:db:a7:d4:46:
cc:0d:1a:ea:2f:4c:7c:eb:f1:ff:88:10:4a:d9:0b:9b:26:7b:
06:b6:cf:34:db:0d:54:9c:7c:61:2f:d3:1f:df:99:02:db:02:
2f:83:42:94:22:43:67:9e:8c:66:c3:7b:29:c6:67:82:99:01:
4a:88:12:59:ea:b2:11:bc:f0:42:18:45:40:e6:6e:94:02:05:
da:8d:2b:47:a7:5e:2c:31:23:a5:b0:57:67:af:54:02:b6:20:
d0:c9:17:9e:7e:33:2c:3f:8b:54:40:dc:c9:52:8a:da:7e:58:
f1:fb:d6:b2:75:b8:3c:0d:09:71:af:b9:e4:d4:cc:5d:9e:7a:
01:8d:33:ea:7d:0e:c3:03:a4:60:59:d9:37:97:ed:cf:7d:56:
db:9c:04:c4:b6:5d:9c:bd:33:91:24:2c:08:04:d9:2b:22:76:
89:c3:a3:74:a5:21:a9:d8:51:2d:0c:f1:e0:51:98:4b:44:ba:
d5:48:64:55:1d:2d:63:a9:88:3a:b5:05:e0:7b:c4:20:01:ee:
37:ac:0b:db:ac:fa:c8:d0:fc:b5:05:a6:ab:bd:c1:5a:75:09:
3d:a2:14:63:9c:62:f9:02:4d:e4:f8:67:22:be:d9:13:96:f0:
aa:db:53:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKoHY2S1ulhX6avRi0JOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjY1YTRlZDgxMGU3MTFlMzNjNjY1OTRlNzY4ZjkwZjVjZDg5NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5kAEF4l5Fe8bdAajwfMqGxIrcIk
xQy0XiOMmmoNSCbTsqJkTXeDOZEdJuFKXiT7+MpIBSx61MzEGgIEI8jccJcCJGHD
yaWQPm346tE/gnTYQCJXssQgqbBr1VBRNmW7GroO1TuoHrVDTiG/5zd8NHgViS0J
cWKr1fDgRZhdtbWcJMA43OM13Xuiy3c8+l6F8CXxOhMTjfkv4DoBNLiNCwCDAvZ9
T6vwa0qtFDc+AkSQ7bYFqBF7J7VCeIH2wokkjLzIas7McU4VP1uLl7pPc2W3yI8Z
E9Ftdr6+kzzGKNJwSrYcsCJxmqhjXM/JGlKWGla4/Zt/CfD4H1hhZMQUjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9lpO2BDnEeM8ZllOdo+Q9c2JTSMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVDJXazdZRU9jUjR6eG1XVTUyajVEMXpZbE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlf7MA0G
CSqGSIb3DQEBCwUAA4IBAQAcih07QijzczkU4t1yFtun1EbMDRrqL0x86/H/iBBK
2QubJnsGts802w1UnHxhL9Mf35kC2wIvg0KUIkNnnoxmw3spxmeCmQFKiBJZ6rIR
vPBCGEVA5m6UAgXajStHp14sMSOlsFdnr1QCtiDQyReefjMsP4tUQNzJUorafljx
+9aydbg8DQlxr7nk1MxdnnoBjTPqfQ7DA6RgWdk3l+3PfVbbnATEtl2cvTORJCwI
BNkrInaJw6N0pSGp2FEtDPHgUZhLRLrVSGRVHS1jqYg6tQXge8QgAe43rAvbrPrI
0Py1BaarvcFadQk9ohRjnGL5Ak3k+GcivtkTlvCq21P0
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:25:36 2024 by rpki-client on console-fra.rpki-client.org