Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/12c3e8-9c01-455b-b181-f4d7fdebf04d/1/CtiNoVfqo9h1d6qIFzfB-Xo2rto.roa
File: CtiNoVfqo9h1d6qIFzfB-Xo2rto.roa (raw, json)
Hash identifier: 7OhJI2Vcrdnj9O/F+NsoXlQxM92wKVG8J0oa5BG0TPQ=
Subject key identifier: 0A:D8:8D:A1:57:EA:A3:D8:75:77:AA:88:17:37:C1:F9:7A:36:AE:DA
Certificate issuer: /CN=a4eb8eb7b4b62ed1254f00564e03c4067abfbfc9
Certificate serial: 0191E5530448EC9A17BAD5EA0B6FFA262123
Authority key identifier: A4:EB:8E:B7:B4:B6:2E:D1:25:4F:00:56:4E:03:C4:06:7A:BF:BF:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOuOt7S2LtElTwBWTgPEBnq_v8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/12c3e8-9c01-455b-b181-f4d7fdebf04d/1/CtiNoVfqo9h1d6qIFzfB-Xo2rto.roa
Signing time: Thu 12 Sep 2024 08:21:48 +0000
ROA not before: Thu 12 Sep 2024 08:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31671
IP address blocks: 194.150.240.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/12c3e8-9c01-455b-b181-f4d7fdebf04d/1/pOuOt7S2LtElTwBWTgPEBnq_v8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/12c3e8-9c01-455b-b181-f4d7fdebf04d/1/pOuOt7S2LtElTwBWTgPEBnq_v8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/pOuOt7S2LtElTwBWTgPEBnq_v8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e5:53:04:48:ec:9a:17:ba:d5:ea:0b:6f:fa:26:21:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4eb8eb7b4b62ed1254f00564e03c4067abfbfc9
Validity
Not Before: Sep 12 08:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ad88da157eaa3d87577aa881737c1f97a36aeda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8c:1d:8e:96:65:f9:fc:0b:9b:d4:2f:dd:37:
71:3f:67:3e:bc:ad:a0:1e:90:f7:97:cf:26:1b:f5:
67:5e:5c:92:54:25:ae:da:05:70:43:44:ee:53:5e:
0b:2b:fd:fe:61:fa:ad:cf:74:42:1b:f8:b5:73:0a:
13:e4:88:7d:51:31:2d:d9:17:f5:d5:d8:77:98:87:
18:c4:a2:37:20:62:76:5a:ef:57:e4:38:d5:5a:89:
1c:e8:a2:71:ad:8b:97:0a:16:79:32:cd:14:9a:19:
3f:80:84:05:82:f8:e1:87:68:f8:2d:b8:21:72:c2:
5b:a2:a6:0c:b3:c4:7b:c7:09:c2:cd:25:ec:04:a3:
c6:44:67:1f:55:c6:9f:5e:6f:59:d1:d6:3d:19:7e:
33:ab:b2:b3:ed:35:c3:64:36:84:cb:a9:d5:c5:f2:
7b:fe:e9:1c:99:fb:43:d0:40:6e:f3:2f:50:34:21:
34:2e:5a:3a:93:e8:59:51:db:35:58:50:6d:c0:ce:
4e:aa:6c:c9:ba:f3:04:ce:d2:1d:45:df:35:8a:a5:
a2:a5:19:1b:3d:7f:13:63:64:aa:3c:fb:44:6e:5a:
98:23:2b:59:2c:1d:9d:80:7a:6e:a9:3a:f2:82:a8:
bf:dc:a5:f0:24:66:22:9e:a2:4c:ba:e5:e2:bb:98:
0a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:D8:8D:A1:57:EA:A3:D8:75:77:AA:88:17:37:C1:F9:7A:36:AE:DA
X509v3 Authority Key Identifier:
keyid:A4:EB:8E:B7:B4:B6:2E:D1:25:4F:00:56:4E:03:C4:06:7A:BF:BF:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOuOt7S2LtElTwBWTgPEBnq_v8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/12c3e8-9c01-455b-b181-f4d7fdebf04d/1/CtiNoVfqo9h1d6qIFzfB-Xo2rto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/12c3e8-9c01-455b-b181-f4d7fdebf04d/1/pOuOt7S2LtElTwBWTgPEBnq_v8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.240.0/23
Signature Algorithm: sha256WithRSAEncryption
04:77:fc:f7:27:fb:99:8e:cc:8b:c7:94:1d:a4:03:9d:91:93:
fb:78:b2:94:1e:41:be:8e:0a:11:74:82:7c:b3:ec:a8:99:42:
f3:f3:3c:99:24:69:db:e1:55:aa:6d:90:13:ca:c1:85:b4:67:
13:4f:af:6a:66:af:3f:87:e0:8d:ca:5c:47:5a:4e:80:5e:20:
42:8a:a7:d0:d2:4d:97:f9:ff:4e:85:0f:3e:c9:b4:9f:5d:08:
2b:d1:89:f1:5f:cd:91:71:67:e7:43:9f:5f:9c:82:07:1e:5b:
73:30:07:e8:00:71:20:2b:e8:63:2b:73:ac:26:66:23:9f:e2:
d6:2b:00:0a:e1:7f:02:c4:82:1a:fb:be:de:dd:ae:ae:bb:fa:
59:41:45:b7:06:bb:10:9a:5d:a8:13:b9:ae:f8:b3:55:97:9b:
37:2e:a7:a2:d5:91:cd:ce:06:ed:9f:34:a8:20:48:b1:d6:0d:
bf:cd:93:24:d3:6d:9d:fb:01:88:1e:6f:e2:81:79:dd:0a:1f:
9e:e0:69:64:fc:5c:99:16:bd:d0:38:0a:f4:b9:5f:45:65:dc:
2a:63:6f:4f:e3:2b:1c:9e:1b:39:6e:ad:6a:e1:7e:2f:44:ed:
15:84:96:0d:63:e3:79:ac:74:f4:f0:86:84:42:3f:51:43:34:
a4:21:91:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHlUwRI7JoXutXqC2/6JiEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZWI4ZWI3YjRiNjJlZDEyNTRmMDA1NjRlMDNjNDA2N2Fi
ZmJmYzkwHhcNMjQwOTEyMDgyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWQ4OGRhMTU3ZWFhM2Q4NzU3N2FhODgxNzM3YzFmOTdhMzZhZWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YwdjpZl+fwLm9Qv3TdxP2c+vK2g
HpD3l88mG/VnXlySVCWu2gVwQ0TuU14LK/3+Yfqtz3RCG/i1cwoT5Ih9UTEt2Rf1
1dh3mIcYxKI3IGJ2Wu9X5DjVWokc6KJxrYuXChZ5Ms0Umhk/gIQFgvjhh2j4Lbgh
csJboqYMs8R7xwnCzSXsBKPGRGcfVcafXm9Z0dY9GX4zq7Kz7TXDZDaEy6nVxfJ7
/ukcmftD0EBu8y9QNCE0Llo6k+hZUds1WFBtwM5OqmzJuvMEztIdRd81iqWipRkb
PX8TY2SqPPtEblqYIytZLB2dgHpuqTrygqi/3KXwJGYinqJMuuXiu5gK0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArYjaFX6qPYdXeqiBc3wfl6Nq7aMB8GA1UdIwQY
MBaAFKTrjre0ti7RJU8AVk4DxAZ6v7/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE91T3Q3UzJMdEVsVHdCV1RnUEVCbnFfdjhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMmMzZTgtOWMwMS00NTViLWIxODEt
ZjRkN2ZkZWJmMDRkLzEvQ3RpTm9WZnFvOWgxZDZxSUZ6ZkItWG8ycnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8xMmMzZTgtOWMwMS00NTViLWIxODEtZjRkN2ZkZWJmMDRk
LzEvcE91T3Q3UzJMdEVsVHdCV1RnUEVCbnFfdjhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpbwMA0G
CSqGSIb3DQEBCwUAA4IBAQAEd/z3J/uZjsyLx5QdpAOdkZP7eLKUHkG+jgoRdIJ8
s+yomULz8zyZJGnb4VWqbZATysGFtGcTT69qZq8/h+CNylxHWk6AXiBCiqfQ0k2X
+f9OhQ8+ybSfXQgr0YnxX82RcWfnQ59fnIIHHltzMAfoAHEgK+hjK3OsJmYjn+LW
KwAK4X8CxIIa+77e3a6uu/pZQUW3BrsQml2oE7mu+LNVl5s3Lqei1ZHNzgbtnzSo
IEix1g2/zZMk022d+wGIHm/igXndCh+e4Glk/FyZFr3QOAr0uV9FZdwqY29P4ysc
nhs5bq1q4X4vRO0VhJYNY+N5rHT08IaEQj9RQzSkIZEr
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:16:23 2024 by rpki-client on console-fra.rpki-client.org