Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1nAL2JHVHCe-eOUtqD74VArnpbI.roa
File: 1nAL2JHVHCe-eOUtqD74VArnpbI.roa (raw, json)
Hash identifier: kHTRyTTNDbLrEm9bZVrcGoHYr7C0pHcdjZItwrIS0XY=
Subject key identifier: D6:70:0B:D8:91:D5:1C:27:BE:78:E5:2D:A8:3E:F8:54:0A:E7:A5:B2
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E3D6C33C4D19ED48F0A2F1A6DE234566C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1nAL2JHVHCe-eOUtqD74VArnpbI.roa
Signing time: Thu 14 Mar 2024 14:44:45 +0000
ROA not before: Thu 14 Mar 2024 14:44:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42849
IP address blocks: 193.200.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 09:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:6c:33:c4:d1:9e:d4:8f:0a:2f:1a:6d:e2:34:56:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 14 14:44:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6700bd891d51c27be78e52da83ef8540ae7a5b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a3:2c:72:0c:4c:49:54:77:b1:b3:1c:cf:3a:
f4:d2:07:1f:d3:1c:36:e8:6d:53:fd:66:b9:db:2c:
a2:4e:cf:82:e4:62:b7:68:2a:8c:8f:16:ec:a2:27:
f2:5a:a6:54:ab:5e:d3:bc:b4:8e:ff:22:21:90:c4:
85:7f:05:dd:8a:65:16:9b:c0:b5:ef:cb:9d:02:3b:
ec:60:cb:4c:2b:7e:ff:88:e5:97:c9:06:88:b9:c5:
5e:c1:e2:1e:4c:4b:87:20:ba:d6:33:f9:95:95:53:
7e:ce:2b:54:49:92:e5:0d:2f:22:af:3a:0a:c6:20:
eb:6a:72:c3:73:0b:d0:cf:54:c4:e2:bf:37:d7:a0:
76:dc:03:ed:69:d9:46:d7:70:c4:f5:e7:08:fe:f9:
3b:32:e9:b9:25:77:b6:c7:88:4a:4a:4b:ea:24:ec:
cb:c2:01:f1:5b:3a:80:8c:94:ed:a0:4d:f9:f3:22:
b0:1f:fc:7d:5e:a1:f8:8d:87:40:16:6e:d2:42:80:
12:6a:83:8c:02:77:40:80:1e:f4:60:ff:e6:d9:64:
70:ad:b8:29:03:07:fb:2a:45:b2:9f:c2:ae:f8:a7:
b4:c0:3e:a7:5a:d3:a1:59:a7:39:c3:f2:26:f4:81:
7c:f3:38:92:82:4a:8e:71:05:49:54:0d:9b:90:4e:
a3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:70:0B:D8:91:D5:1C:27:BE:78:E5:2D:A8:3E:F8:54:0A:E7:A5:B2
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/1nAL2JHVHCe-eOUtqD74VArnpbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.131.0/24
Signature Algorithm: sha256WithRSAEncryption
60:8d:cc:65:15:95:b9:e4:e9:f8:7c:05:e2:0b:44:8c:91:74:
77:ca:9b:8d:c1:4a:19:16:89:d0:ea:b4:59:86:c8:fe:fd:1f:
8d:de:62:ac:2b:4e:da:9f:a9:24:ce:71:eb:8f:d2:c4:15:2f:
40:6b:f4:91:6b:ca:91:46:c8:36:af:6e:43:a9:36:25:a7:21:
5d:92:41:cb:9e:80:2b:a4:25:1f:1f:1d:40:34:18:ab:86:f7:
68:3e:29:cf:e1:f0:2a:84:fc:aa:90:3a:28:70:3b:b7:70:a4:
3d:60:49:6b:8d:8f:c2:2b:a7:ea:17:01:96:b6:66:6b:cf:cb:
c3:6e:06:0b:64:45:88:fb:94:aa:d7:7f:9a:3a:45:ed:eb:f5:
9e:44:b2:50:90:14:95:b7:9e:b1:a8:37:41:b6:d8:02:bd:15:
29:0a:53:01:0f:be:3d:48:9d:43:6e:8d:c1:69:bf:44:c9:1e:
01:31:bb:20:58:f3:b4:de:fd:72:44:68:d8:15:65:28:f0:ae:
f5:26:55:fe:31:a8:3b:71:8e:b8:17:9d:16:cb:45:ca:d2:f9:
b3:46:6a:fa:6d:bf:36:24:e9:e8:93:32:f6:90:bd:12:5e:00:
c9:ae:fd:61:db:f8:ef:80:6e:da:37:e3:3d:2d:b3:04:7a:0c:
34:31:d3:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY49bDPE0Z7UjwovGm3iNFZsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwMzE0MTQ0NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjcwMGJkODkxZDUxYzI3YmU3OGU1MmRhODNlZjg1NDBhZTdhNWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqMscgxMSVR3sbMczzr00gcf0xw2
6G1T/Wa52yyiTs+C5GK3aCqMjxbsoifyWqZUq17TvLSO/yIhkMSFfwXdimUWm8C1
78udAjvsYMtMK37/iOWXyQaIucVeweIeTEuHILrWM/mVlVN+zitUSZLlDS8irzoK
xiDranLDcwvQz1TE4r8316B23APtadlG13DE9ecI/vk7Mum5JXe2x4hKSkvqJOzL
wgHxWzqAjJTtoE358yKwH/x9XqH4jYdAFm7SQoASaoOMAndAgB70YP/m2WRwrbgp
Awf7KkWyn8Ku+Ke0wD6nWtOhWac5w/Im9IF88ziSgkqOcQVJVA2bkE6jIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZwC9iR1RwnvnjlLag++FQK56WyMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMW5BTDJKSFZIQ2UtZU9VdHFENzRWQXJucGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwciDMA0G
CSqGSIb3DQEBCwUAA4IBAQBgjcxlFZW55On4fAXiC0SMkXR3ypuNwUoZFonQ6rRZ
hsj+/R+N3mKsK07an6kkznHrj9LEFS9Aa/SRa8qRRsg2r25DqTYlpyFdkkHLnoAr
pCUfHx1ANBirhvdoPinP4fAqhPyqkDoocDu3cKQ9YElrjY/CK6fqFwGWtmZrz8vD
bgYLZEWI+5Sq13+aOkXt6/WeRLJQkBSVt56xqDdBttgCvRUpClMBD749SJ1Dbo3B
ab9EyR4BMbsgWPO03v1yRGjYFWUo8K71JlX+Mag7cY64F50Wy0XK0vmzRmr6bb82
JOnokzL2kL0SXgDJrv1h2/jvgG7aN+M9LbMEegw0MdOb
-----END CERTIFICATE-----
Generated at Wed May 1 18:30:38 2024 by rpki-client on console-ams.rpki-client.org