Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/_DAKcqp0QaHt3VNRXnW-f6X1XCg.roa
File: _DAKcqp0QaHt3VNRXnW-f6X1XCg.roa (raw, json)
Hash identifier: kp17IW7Zaofd4p7ubYp6dkCxUpcz9QTvZE1Kx3KV1H0=
Subject key identifier: FC:30:0A:72:AA:74:41:A1:ED:DD:53:51:5E:75:BE:7F:A5:F5:5C:28
Certificate issuer: /CN=659a6b975eafd2ce51468723814355f56c55bafb
Certificate serial: 018CC94CD57229ED60D5A94545F4D67AD6AC
Authority key identifier: 65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/_DAKcqp0QaHt3VNRXnW-f6X1XCg.roa
Signing time: Tue 02 Jan 2024 08:31:44 +0000
ROA not before: Tue 02 Jan 2024 08:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15642
IP address blocks: 194.125.232.0/24 maxlen: 24
194.125.232.0/22 maxlen: 24
194.242.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/ZZprl16v0s5RRocjgUNV9WxVuvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/ZZprl16v0s5RRocjgUNV9WxVuvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:d5:72:29:ed:60:d5:a9:45:45:f4:d6:7a:d6:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659a6b975eafd2ce51468723814355f56c55bafb
Validity
Not Before: Jan 2 08:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc300a72aa7441a1eddd53515e75be7fa5f55c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fe:4f:9e:af:ac:ea:37:4b:e5:02:ad:9a:7d:
9e:df:31:80:af:a9:ef:be:80:ff:a3:7d:a5:ab:a2:
47:c0:8b:58:f4:64:bd:43:fa:2a:8d:88:f5:89:73:
86:29:4f:96:cf:a5:c3:f2:d8:a2:b1:53:79:ed:b7:
5c:ba:71:53:16:7d:bf:af:b7:3e:83:7e:33:be:9f:
f1:82:f9:a6:0e:b3:e1:c5:ec:c3:e4:65:85:1a:31:
2d:85:af:93:66:05:9c:75:dc:f4:92:cc:f3:07:f7:
6f:7d:d4:d1:1a:d7:ee:32:86:81:fc:09:79:bc:52:
32:98:80:91:f8:51:08:94:76:f5:9a:fe:d3:0c:57:
5b:e1:d9:a7:ca:fb:48:c0:b7:09:3f:ff:46:4b:0b:
ed:a6:bf:d4:bb:c5:b0:60:7e:da:76:e6:83:d9:8f:
99:58:a3:02:5f:9c:50:24:76:ff:91:3c:b5:63:7f:
56:56:44:9f:19:fc:cd:ed:ac:4e:32:89:f2:d7:42:
48:aa:8c:1a:42:45:73:ed:42:38:8d:fa:9c:23:78:
ca:4b:5d:c9:9a:75:28:a2:21:5e:42:88:47:98:d4:
89:4c:2e:7a:a0:23:29:a2:d8:72:e8:73:94:a7:52:
c7:dc:78:9a:1a:0a:b9:72:d1:17:9b:ec:1c:fb:d1:
02:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:30:0A:72:AA:74:41:A1:ED:DD:53:51:5E:75:BE:7F:A5:F5:5C:28
X509v3 Authority Key Identifier:
keyid:65:9A:6B:97:5E:AF:D2:CE:51:46:87:23:81:43:55:F5:6C:55:BA:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZprl16v0s5RRocjgUNV9WxVuvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/_DAKcqp0QaHt3VNRXnW-f6X1XCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/170422-39ad-499c-bbfd-eff3cdcbd00a/1/ZZprl16v0s5RRocjgUNV9WxVuvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.125.232.0/22
194.242.32.0/24
Signature Algorithm: sha256WithRSAEncryption
18:cb:89:1d:b8:a0:8f:66:34:e9:b2:08:d6:86:3f:d9:35:c2:
25:8d:72:b3:25:dc:00:4c:10:16:c6:6d:d7:65:36:4b:9d:0d:
56:7e:af:bf:70:d7:e8:9a:1e:f9:b9:9a:85:83:46:43:e6:b0:
de:69:08:49:98:9d:39:db:2b:ae:2d:d4:47:b4:a8:57:f3:cb:
77:cb:cd:c1:dc:91:45:23:1d:9f:81:a3:d5:43:08:89:91:4c:
7f:68:80:44:4d:58:f5:66:0f:7d:24:a5:63:8b:51:98:a7:0d:
40:c3:aa:15:8f:7f:c3:7a:8a:bd:ba:cd:a7:60:cf:a3:a5:cf:
bf:96:c1:26:54:f4:c6:e5:11:3a:90:63:72:3b:a8:2c:fa:a2:
37:d5:d4:6c:25:a6:a3:a0:40:b9:3c:62:ad:37:92:72:0e:57:
82:65:8c:b5:4f:74:b9:bc:30:4b:d0:9d:04:b9:69:68:f1:07:
af:b8:3a:58:b4:ed:7b:19:c0:a8:59:3c:6c:0f:02:c3:42:cb:
66:a1:63:42:e9:b5:10:79:ef:84:e3:86:33:02:fc:68:3b:61:
93:93:7a:f8:94:ee:39:37:e3:48:f7:9a:27:78:e5:1f:ab:2b:
a2:5e:07:0c:ea:21:c9:96:0c:de:03:27:a2:d5:65:7d:69:d6:
08:ae:19:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTNVyKe1g1alFRfTWetasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWE2Yjk3NWVhZmQyY2U1MTQ2ODcyMzgxNDM1NWY1NmM1
NWJhZmIwHhcNMjQwMTAyMDgzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzMwMGE3MmFhNzQ0MWExZWRkZDUzNTE1ZTc1YmU3ZmE1ZjU1YzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/5Pnq+s6jdL5QKtmn2e3zGAr6nv
voD/o32lq6JHwItY9GS9Q/oqjYj1iXOGKU+Wz6XD8tiisVN57bdcunFTFn2/r7c+
g34zvp/xgvmmDrPhxezD5GWFGjEtha+TZgWcddz0kszzB/dvfdTRGtfuMoaB/Al5
vFIymICR+FEIlHb1mv7TDFdb4dmnyvtIwLcJP/9GSwvtpr/Uu8WwYH7aduaD2Y+Z
WKMCX5xQJHb/kTy1Y39WVkSfGfzN7axOMony10JIqowaQkVz7UI4jfqcI3jKS13J
mnUooiFeQohHmNSJTC56oCMpothy6HOUp1LH3HiaGgq5ctEXm+wc+9ECAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPwwCnKqdEGh7d1TUV51vn+l9VwoMB8GA1UdIwQY
MBaAFGWaa5der9LOUUaHI4FDVfVsVbr7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpwcmwxNnYwczVSUm9jamdVTlY5V3hWdXZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xNzA0MjItMzlhZC00OTljLWJiZmQt
ZWZmM2NkY2JkMDBhLzEvX0RBS2NxcDBRYUh0M1ZOUlhuVy1mNlgxWENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xNzA0MjItMzlhZC00OTljLWJiZmQtZWZmM2NkY2JkMDBh
LzEvWlpwcmwxNnYwczVSUm9jamdVTlY5V3hWdXZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwn3oAwQA
wvIgMA0GCSqGSIb3DQEBCwUAA4IBAQAYy4kduKCPZjTpsgjWhj/ZNcIljXKzJdwA
TBAWxm3XZTZLnQ1Wfq+/cNfomh75uZqFg0ZD5rDeaQhJmJ052yuuLdRHtKhX88t3
y83B3JFFIx2fgaPVQwiJkUx/aIBETVj1Zg99JKVji1GYpw1Aw6oVj3/Deoq9us2n
YM+jpc+/lsEmVPTG5RE6kGNyO6gs+qI31dRsJaajoEC5PGKtN5JyDleCZYy1T3S5
vDBL0J0EuWlo8QevuDpYtO17GcCoWTxsDwLDQstmoWNC6bUQee+E44YzAvxoO2GT
k3r4lO45N+NI95oneOUfqyuiXgcM6iHJlgzeAyei1WV9adYIrhk6
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:19:40 2024 by rpki-client on console-ams.rpki-client.org