Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/folF8wM0AHSTQdYKm-pM3uv6JZM.roa
File: folF8wM0AHSTQdYKm-pM3uv6JZM.roa (raw, json)
Hash identifier: LkxTFtqM1rHDb0lrY15ifqxnVx7ArLz9RW4J/1CNByM=
Subject key identifier: 7E:89:45:F3:03:34:00:74:93:41:D6:0A:9B:EA:4C:DE:EB:FA:25:93
Certificate issuer: /CN=906426f483c36aacda8732324ab88ad5800c9a2d
Certificate serial: 018CCA2B55B61203BB1839141098A711293F
Authority key identifier: 90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/folF8wM0AHSTQdYKm-pM3uv6JZM.roa
Signing time: Tue 02 Jan 2024 12:34:46 +0000
ROA not before: Tue 02 Jan 2024 12:34:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20900
IP address blocks: 194.4.7.0/24 maxlen: 24
194.4.10.0/24 maxlen: 24
194.4.13.0/24 maxlen: 24
194.4.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.mft
rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:55:b6:12:03:bb:18:39:14:10:98:a7:11:29:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=906426f483c36aacda8732324ab88ad5800c9a2d
Validity
Not Before: Jan 2 12:34:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e8945f3033400749341d60a9bea4cdeebfa2593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b6:9f:ed:43:99:2c:a0:30:57:93:72:d8:62:
d6:8d:28:2a:e7:6c:87:de:29:9b:81:22:24:a3:5d:
43:d6:47:c2:2f:63:1c:93:f1:da:7f:8c:00:51:87:
4b:fa:75:94:da:55:c7:24:d9:41:b4:49:1d:5a:94:
8e:e2:95:00:5e:db:ec:d8:20:ac:f1:c3:79:3d:7e:
8b:a7:9d:b2:7e:5b:c3:f5:ba:57:e9:48:dd:2e:58:
c6:08:d2:33:7f:c3:8c:00:32:7a:65:ea:b8:8e:a0:
4d:7a:f3:f1:81:5b:ba:ef:cb:77:6a:29:eb:6c:bf:
74:7b:f0:26:30:ea:f6:dd:25:99:a1:5b:56:8c:de:
dc:e4:0c:be:ea:ad:33:ef:47:75:1b:2f:4d:37:7a:
86:63:a3:b2:86:a1:49:18:a8:72:2b:cb:77:55:3f:
41:6c:eb:6b:b9:15:1d:6a:15:0a:7f:8e:c8:f8:70:
12:c7:f0:b2:35:53:3c:39:6a:a7:58:3a:ad:1b:ac:
c1:83:c6:d6:d4:c4:af:7b:c2:6e:95:a2:a9:65:f5:
6c:d5:bd:51:fe:88:7a:a8:e5:c2:da:5f:8d:8a:be:
24:0f:35:ff:b9:2f:9f:b6:9b:f2:27:a6:08:b1:91:
dd:6d:a4:56:bf:34:24:4d:a9:5c:61:53:d5:bd:9d:
37:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:89:45:F3:03:34:00:74:93:41:D6:0A:9B:EA:4C:DE:EB:FA:25:93
X509v3 Authority Key Identifier:
keyid:90:64:26:F4:83:C3:6A:AC:DA:87:32:32:4A:B8:8A:D5:80:0C:9A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kGQm9IPDaqzahzIySriK1YAMmi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/folF8wM0AHSTQdYKm-pM3uv6JZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/94d441-d987-4062-89c1-94c5ad17a7a0/1/kGQm9IPDaqzahzIySriK1YAMmi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.4.7.0/24
194.4.10.0/24
194.4.12.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:0c:f9:36:74:61:a8:2a:c1:15:77:5a:e2:7f:41:da:2a:63:
fe:1c:c3:b8:bd:df:d6:91:f7:98:15:c5:b2:45:e7:60:a6:55:
0c:2e:c4:24:4e:e5:53:19:6a:22:46:b4:94:66:d7:04:28:e7:
ce:4f:f3:b4:7c:81:ef:57:b1:e4:b7:fb:aa:3c:a6:33:2c:93:
aa:0f:84:15:5f:b6:bd:78:7e:26:2b:9d:7b:36:45:17:78:3d:
b7:95:b5:1e:9f:10:44:63:01:27:f0:af:05:f8:13:d6:d9:93:
bf:3b:45:69:8f:cd:33:f3:ae:9b:46:01:0f:a9:b5:96:96:88:
a8:4d:16:79:62:20:b9:a1:05:33:d2:eb:30:68:7e:58:fa:72:
6a:1b:2c:40:0d:06:9c:da:1d:ff:7a:4f:82:29:69:64:d9:00:
75:93:c8:91:df:1d:7f:57:b7:37:1c:a7:e1:28:c0:c3:a5:5c:
34:69:27:67:f3:b8:48:ce:52:ad:11:8a:ac:c0:8c:9f:46:5f:
b7:7a:b2:9a:45:80:69:0e:0f:25:f4:8d:91:cc:57:6b:ba:a2:
88:cd:eb:81:11:de:2e:f9:2d:e9:6b:50:ed:46:28:1a:40:c0:
ee:a1:c7:84:c6:51:66:36:40:28:cc:1d:cb:fd:e9:45:2a:ae:
80:54:19:ad
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKK1W2EgO7GDkUEJinESk/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNjQyNmY0ODNjMzZhYWNkYTg3MzIzMjRhYjg4YWQ1ODAw
YzlhMmQwHhcNMjQwMTAyMTIzNDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTg5NDVmMzAzMzQwMDc0OTM0MWQ2MGE5YmVhNGNkZWViZmEyNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1raf7UOZLKAwV5Ny2GLWjSgq52yH
3imbgSIko11D1kfCL2Mck/Haf4wAUYdL+nWU2lXHJNlBtEkdWpSO4pUAXtvs2CCs
8cN5PX6Lp52yflvD9bpX6UjdLljGCNIzf8OMADJ6Zeq4jqBNevPxgVu678t3ainr
bL90e/AmMOr23SWZoVtWjN7c5Ay+6q0z70d1Gy9NN3qGY6OyhqFJGKhyK8t3VT9B
bOtruRUdahUKf47I+HASx/CyNVM8OWqnWDqtG6zBg8bW1MSve8JulaKpZfVs1b1R
/oh6qOXC2l+Nir4kDzX/uS+ftpvyJ6YIsZHdbaRWvzQkTalcYVPVvZ03jQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH6JRfMDNAB0k0HWCpvqTN7r+iWTMB8GA1UdIwQY
MBaAFJBkJvSDw2qs2ocyMkq4itWADJotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEt
OTRjNWFkMTdhN2EwLzEvZm9sRjh3TTBBSFNUUWRZS20tcE0zdXY2SlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85NGQ0NDEtZDk4Ny00MDYyLTg5YzEtOTRjNWFkMTdhN2Ew
LzEva0dRbTlJUERhcXphaHpJeVNyaUsxWUFNbWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwgQHAwQA
wgQKAwQBwgQMMA0GCSqGSIb3DQEBCwUAA4IBAQCcDPk2dGGoKsEVd1rif0HaKmP+
HMO4vd/WkfeYFcWyRedgplUMLsQkTuVTGWoiRrSUZtcEKOfOT/O0fIHvV7Hkt/uq
PKYzLJOqD4QVX7a9eH4mK517NkUXeD23lbUenxBEYwEn8K8F+BPW2ZO/O0Vpj80z
866bRgEPqbWWloioTRZ5YiC5oQUz0uswaH5Y+nJqGyxADQac2h3/ek+CKWlk2QB1
k8iR3x1/V7c3HKfhKMDDpVw0aSdn87hIzlKtEYqswIyfRl+3erKaRYBpDg8l9I2R
zFdruqKIzeuBEd4u+S3pa1DtRigaQMDuoceExlFmNkAozB3L/elFKq6AVBmt
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:25:02 2024 by rpki-client on console-ams.rpki-client.org