Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/chQ-4lXNB4HUYUWLy_idJsBFix8.roa
File: chQ-4lXNB4HUYUWLy_idJsBFix8.roa (raw, json)
Hash identifier: I9A1XVjZQ7s03BQrEOe5x3+LBw6AmSPx5rNhDSYxfBM=
Subject key identifier: 72:14:3E:E2:55:CD:07:81:D4:61:45:8B:CB:F8:9D:26:C0:45:8B:1F
Certificate issuer: /CN=cdff5b3cdaf2ead1bc3309411bf9492cd987afba
Certificate serial: 0191460E950022A792D29EE15ECC40018E4E
Authority key identifier: CD:FF:5B:3C:DA:F2:EA:D1:BC:33:09:41:1B:F9:49:2C:D9:87:AF:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zf9bPNry6tG8MwlBG_lJLNmHr7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/chQ-4lXNB4HUYUWLy_idJsBFix8.roa
Signing time: Mon 12 Aug 2024 10:07:26 +0000
ROA not before: Mon 12 Aug 2024 10:07:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 193.247.117.0/24 maxlen: 24
193.247.118.0/23 maxlen: 23
193.247.118.0/24 maxlen: 24
193.247.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/zf9bPNry6tG8MwlBG_lJLNmHr7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:46:0e:95:00:22:a7:92:d2:9e:e1:5e:cc:40:01:8e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdff5b3cdaf2ead1bc3309411bf9492cd987afba
Validity
Not Before: Aug 12 10:07:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72143ee255cd0781d461458bcbf89d26c0458b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d8:d5:83:9b:2d:c6:3e:95:58:75:8b:95:57:
bf:34:08:dc:8e:cb:8d:4a:b2:30:83:4d:a6:bc:5f:
e2:f8:dc:98:69:ae:d5:2e:ea:09:6f:07:e5:32:a1:
42:16:dc:05:65:bb:ca:49:62:ce:3f:ab:5c:2d:12:
21:0e:f8:9d:fe:8a:d4:bc:f6:ce:64:1b:b3:79:10:
27:e7:92:f7:b4:c1:38:ee:36:48:13:48:e5:0c:14:
c2:6e:85:ca:b8:02:6e:fe:9d:16:ec:28:6c:6a:8a:
46:bd:61:e2:90:ae:7c:b6:a5:f0:5d:01:29:55:f7:
6b:f0:5b:5d:9c:02:b5:57:1b:b2:36:a0:b2:ed:25:
40:39:9a:6b:9a:49:5d:e3:1c:2e:49:43:93:4b:78:
c0:08:fc:d0:9c:15:48:ef:57:8b:91:a9:ca:37:47:
86:c0:a5:4a:e3:de:24:a9:a0:89:dc:67:3f:36:d3:
ed:09:9e:b8:cf:94:b7:78:fc:fa:44:7c:66:b9:19:
63:3c:91:fa:ec:0d:d6:0d:65:00:c7:2c:cf:a2:07:
48:fe:18:26:88:f1:92:8c:2e:d5:e0:dc:56:82:99:
0a:c0:9e:3b:05:89:6d:ff:da:86:6d:35:b5:4e:bf:
50:38:40:df:3a:81:e8:ae:fd:05:2c:11:11:20:31:
19:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:14:3E:E2:55:CD:07:81:D4:61:45:8B:CB:F8:9D:26:C0:45:8B:1F
X509v3 Authority Key Identifier:
keyid:CD:FF:5B:3C:DA:F2:EA:D1:BC:33:09:41:1B:F9:49:2C:D9:87:AF:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zf9bPNry6tG8MwlBG_lJLNmHr7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/chQ-4lXNB4HUYUWLy_idJsBFix8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.117.0-193.247.119.255
Signature Algorithm: sha256WithRSAEncryption
b3:48:ad:3b:82:c8:1b:de:8e:76:58:48:4d:ab:8d:de:bf:25:
9d:e2:83:2a:ac:ef:a2:88:4a:7f:91:d4:aa:4e:a6:14:bd:5b:
68:2c:92:1a:17:6d:f3:e5:f3:bd:a2:e9:96:81:c6:86:26:cb:
be:7b:35:30:ae:5e:9f:b4:2a:c8:ea:bd:85:e8:9c:8f:15:e8:
28:cc:ca:ca:d6:1e:8a:29:fe:8f:ca:15:4d:ca:d6:b6:67:62:
6c:a5:c9:05:b1:b4:9b:77:be:f1:ef:7e:7b:14:36:da:e9:3b:
95:71:26:c2:76:d0:0c:8a:2f:d0:94:ef:dc:72:f0:8a:b2:e4:
4c:ae:cc:54:e3:79:67:32:07:7b:5e:e3:00:39:4f:22:d2:7b:
6e:66:3b:50:5e:83:68:b0:7f:8f:b9:c1:04:f1:7d:c2:4b:64:
49:5c:28:9e:ad:8a:15:d6:0d:85:87:f6:d0:95:4d:72:90:c6:
62:6c:52:35:bc:b4:d3:93:1f:39:91:97:8b:44:88:ea:09:98:
18:01:f5:83:9d:a3:0c:98:db:81:ff:5e:87:02:8f:c9:ef:1e:
94:65:99:56:d5:3f:06:0f:6a:cb:e7:84:12:7c:7a:29:4e:d3:
53:39:68:2b:12:f4:09:b1:b6:bb:fd:d9:98:68:6d:1d:32:e8:
1f:b0:98:6e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZFGDpUAIqeS0p7hXsxAAY5OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZmY1YjNjZGFmMmVhZDFiYzMzMDk0MTFiZjk0OTJjZDk4
N2FmYmEwHhcNMjQwODEyMTAwNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE0M2VlMjU1Y2QwNzgxZDQ2MTQ1OGJjYmY4OWQyNmMwNDU4YjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdjVg5stxj6VWHWLlVe/NAjcjsuN
SrIwg02mvF/i+NyYaa7VLuoJbwflMqFCFtwFZbvKSWLOP6tcLRIhDvid/orUvPbO
ZBuzeRAn55L3tME47jZIE0jlDBTCboXKuAJu/p0W7ChsaopGvWHikK58tqXwXQEp
Vfdr8FtdnAK1VxuyNqCy7SVAOZprmkld4xwuSUOTS3jACPzQnBVI71eLkanKN0eG
wKVK494kqaCJ3Gc/NtPtCZ64z5S3ePz6RHxmuRljPJH67A3WDWUAxyzPogdI/hgm
iPGSjC7V4NxWgpkKwJ47BYlt/9qGbTW1Tr9QOEDfOoHorv0FLBERIDEZ1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHIUPuJVzQeB1GFFi8v4nSbARYsfMB8GA1UdIwQY
MBaAFM3/Wzza8urRvDMJQRv5SSzZh6+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemY5YlBOcnk2dEc4TXdsQkdfbEpMTm1IcjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iNzZkMzQtNWYwNy00MmQ4LWExMzEt
YTg3ODFhZGQyNDIzLzEvY2hRLTRsWE5CNEhVWVVXTHlfaWRKc0JGaXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9iNzZkMzQtNWYwNy00MmQ4LWExMzEtYTg3ODFhZGQyNDIz
LzEvemY5YlBOcnk2dEc4TXdsQkdfbEpMTm1IcjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADB93UD
BAPB93AwDQYJKoZIhvcNAQELBQADggEBALNIrTuCyBvejnZYSE2rjd6/JZ3igyqs
76KISn+R1KpOphS9W2gskhoXbfPl872i6ZaBxoYmy757NTCuXp+0KsjqvYXonI8V
6CjMysrWHoop/o/KFU3K1rZnYmylyQWxtJt3vvHvfnsUNtrpO5VxJsJ20AyKL9CU
79xy8Iqy5EyuzFTjeWcyB3te4wA5TyLSe25mO1Beg2iwf4+5wQTxfcJLZElcKJ6t
ihXWDYWH9tCVTXKQxmJsUjW8tNOTHzmRl4tEiOoJmBgB9YOdowyY24H/XocCj8nv
HpRlmVbVPwYPasvnhBJ8eilO01M5aCsS9Amxtrv92ZhobR0y6B+wmG4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:14:08 2024 by rpki-client on console-ams.rpki-client.org