Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/4VGHY14sekgCQKxiLrIwVvUGmwE.roa
File: 4VGHY14sekgCQKxiLrIwVvUGmwE.roa (raw, json)
Hash identifier: IeNRuyBHdi0Y/5YjOxsBfqtS9havIlPrEmyCEl7F2NM=
Subject key identifier: E1:51:87:63:5E:2C:7A:48:02:40:AC:62:2E:B2:30:56:F5:06:9B:01
Certificate issuer: /CN=075e993e76f9d7fa404d69a6cb60d4bf98f2ba1e
Certificate serial: 018CC2DABFC8337D00A25310C363C501AA47
Authority key identifier: 07:5E:99:3E:76:F9:D7:FA:40:4D:69:A6:CB:60:D4:BF:98:F2:BA:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B16ZPnb51_pATWmmy2DUv5jyuh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/4VGHY14sekgCQKxiLrIwVvUGmwE.roa
Signing time: Mon 01 Jan 2024 02:29:24 +0000
ROA not before: Mon 01 Jan 2024 02:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 194.11.156.0/22 maxlen: 22
2001:67c:5d8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/B16ZPnb51_pATWmmy2DUv5jyuh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/B16ZPnb51_pATWmmy2DUv5jyuh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/B16ZPnb51_pATWmmy2DUv5jyuh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 19:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:bf:c8:33:7d:00:a2:53:10:c3:63:c5:01:aa:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=075e993e76f9d7fa404d69a6cb60d4bf98f2ba1e
Validity
Not Before: Jan 1 02:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e15187635e2c7a480240ac622eb23056f5069b01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fd:53:03:4a:32:57:8a:71:5e:fa:68:91:a8:
bc:f6:74:84:c4:9d:e3:c8:c6:e0:b5:9a:2e:93:53:
f1:f3:ac:49:a8:ca:74:a5:8a:db:b5:da:ce:9d:0e:
4d:54:29:7f:35:10:69:8a:2a:b7:18:e4:46:03:a2:
d3:e2:68:4f:15:32:c0:29:e4:de:18:88:be:ad:9f:
a1:01:19:e3:34:89:cd:f7:17:ea:6d:dd:96:f4:c8:
0b:93:2f:92:04:21:87:2b:9a:8f:b4:95:86:40:e4:
63:e6:d6:ce:ba:ae:ee:92:69:d5:9f:3f:80:3b:d2:
b2:79:56:e2:f6:28:23:ed:e9:c2:8d:e9:f4:8c:4a:
47:2f:b4:f2:88:83:f8:2c:ec:84:3b:a5:d8:a8:9f:
c5:3c:22:2b:3f:f9:ff:38:30:d2:b8:21:cb:37:5d:
23:c2:b5:16:b8:4c:a0:c0:af:20:08:34:bb:7c:e8:
f8:83:62:fe:f1:c5:b0:90:b2:76:32:44:e5:c9:d3:
41:d8:bf:c6:8d:99:29:5a:a4:9e:a5:68:63:21:d1:
95:8f:db:a3:fa:00:10:d7:29:82:d0:8e:ea:79:f9:
38:b7:27:e2:c2:d5:9c:98:e5:80:64:a9:7f:6b:67:
9a:6f:0f:4e:ba:21:c0:ae:ef:3d:b4:db:29:07:a9:
99:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:51:87:63:5E:2C:7A:48:02:40:AC:62:2E:B2:30:56:F5:06:9B:01
X509v3 Authority Key Identifier:
keyid:07:5E:99:3E:76:F9:D7:FA:40:4D:69:A6:CB:60:D4:BF:98:F2:BA:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B16ZPnb51_pATWmmy2DUv5jyuh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/4VGHY14sekgCQKxiLrIwVvUGmwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/b4566b-bcc8-4df5-ba2f-e15e666ad6c2/1/B16ZPnb51_pATWmmy2DUv5jyuh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.156.0/22
IPv6:
2001:67c:5d8::/48
Signature Algorithm: sha256WithRSAEncryption
56:a4:6e:21:54:e2:26:b2:24:a4:df:7e:36:7e:9b:41:42:6f:
24:e2:cf:15:6b:80:4a:0b:a6:c1:37:20:2f:ec:cb:71:db:4e:
7f:de:37:4f:2c:6c:a8:69:0c:a7:b6:d1:b2:5c:d8:f4:a7:63:
23:41:78:91:82:99:82:34:13:45:09:fc:97:29:16:01:f1:dd:
9f:86:89:25:ab:00:b4:a6:6d:d9:32:64:15:5f:a1:3b:84:df:
f1:6f:b8:bd:4f:5a:ef:93:97:f3:9a:67:f9:17:db:ab:4a:f5:
51:f8:e0:e1:ba:0c:f3:27:c0:84:1e:00:b5:86:fe:a9:30:04:
96:10:98:b0:84:0d:ab:77:99:ac:9d:0f:74:26:9e:83:25:79:
60:ff:08:25:64:44:00:61:a3:34:09:e0:df:cb:d8:6b:bf:57:
77:57:8c:7f:e1:6e:9a:79:82:0b:32:8e:c6:ac:30:d8:17:b3:
80:28:2a:53:53:8f:83:bb:ad:48:20:7c:cb:a2:ad:df:76:89:
f2:41:02:4d:3c:7b:fd:31:1c:25:e7:3b:af:c3:4a:92:b0:d9:
67:5c:c4:0c:a7:8d:c1:a3:d5:7b:8e:b5:6a:f1:f2:d4:27:6b:
e5:85:ae:13:95:28:69:2b:32:3e:d0:aa:cf:17:8f:6c:0c:25:
51:a8:9b:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC2r/IM30AolMQw2PFAapHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NWU5OTNlNzZmOWQ3ZmE0MDRkNjlhNmNiNjBkNGJmOThm
MmJhMWUwHhcNMjQwMTAxMDIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTUxODc2MzVlMmM3YTQ4MDI0MGFjNjIyZWIyMzA1NmY1MDY5YjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP1TA0oyV4pxXvpokai89nSExJ3j
yMbgtZouk1Px86xJqMp0pYrbtdrOnQ5NVCl/NRBpiiq3GORGA6LT4mhPFTLAKeTe
GIi+rZ+hARnjNInN9xfqbd2W9MgLky+SBCGHK5qPtJWGQORj5tbOuq7ukmnVnz+A
O9KyeVbi9igj7enCjen0jEpHL7TyiIP4LOyEO6XYqJ/FPCIrP/n/ODDSuCHLN10j
wrUWuEygwK8gCDS7fOj4g2L+8cWwkLJ2MkTlydNB2L/GjZkpWqSepWhjIdGVj9uj
+gAQ1ymC0I7qefk4tyfiwtWcmOWAZKl/a2eabw9OuiHAru89tNspB6mZ3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOFRh2NeLHpIAkCsYi6yMFb1BpsBMB8GA1UdIwQY
MBaAFAdemT52+df6QE1ppstg1L+Y8roeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjE2WlBuYjUxX3BBVFdtbXkyRFV2NWp5dWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9iNDU2NmItYmNjOC00ZGY1LWJhMmYt
ZTE1ZTY2NmFkNmMyLzEvNFZHSFkxNHNla2dDUUt4aUxySXdWdlVHbXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9iNDU2NmItYmNjOC00ZGY1LWJhMmYtZTE1ZTY2NmFkNmMy
LzEvQjE2WlBuYjUxX3BBVFdtbXkyRFV2NWp5dWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwgucMA8E
AgACMAkDBwAgAQZ8BdgwDQYJKoZIhvcNAQELBQADggEBAFakbiFU4iayJKTffjZ+
m0FCbyTizxVrgEoLpsE3IC/sy3HbTn/eN08sbKhpDKe20bJc2PSnYyNBeJGCmYI0
E0UJ/JcpFgHx3Z+GiSWrALSmbdkyZBVfoTuE3/FvuL1PWu+Tl/OaZ/kX26tK9VH4
4OG6DPMnwIQeALWG/qkwBJYQmLCEDat3maydD3QmnoMleWD/CCVkRABhozQJ4N/L
2Gu/V3dXjH/hbpp5ggsyjsasMNgXs4AoKlNTj4O7rUggfMuird92ifJBAk08e/0x
HCXnO6/DSpKw2WdcxAynjcGj1XuOtWrx8tQna+WFrhOVKGkrMj7Qqs8Xj2wMJVGo
m/s=
-----END CERTIFICATE-----
Generated at Fri May 24 23:27:23 2024 by rpki-client on console-fra.rpki-client.org