Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a0c816-765e-4d1a-866b-b3f0942e69ec/1/k4lstnfpxCS4e6kdO4nChy4JlN8.roa
File: k4lstnfpxCS4e6kdO4nChy4JlN8.roa (raw, json)
Hash identifier: KJesOG+SSYOuyxNTLoDaGa2FzBC9oY4O/Y/AR0r4q34=
Subject key identifier: 93:89:6C:B6:77:E9:C4:24:B8:7B:A9:1D:3B:89:C2:87:2E:09:94:DF
Certificate issuer: /CN=fa7468dccae43c239f8530e8235e3a2d4fcd3e73
Certificate serial: 018CC794FDCDBE703A5DC82A5C3AAF9FD985
Authority key identifier: FA:74:68:DC:CA:E4:3C:23:9F:85:30:E8:23:5E:3A:2D:4F:CD:3E:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-nRo3MrkPCOfhTDoI146LU_NPnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a0c816-765e-4d1a-866b-b3f0942e69ec/1/k4lstnfpxCS4e6kdO4nChy4JlN8.roa
Signing time: Tue 02 Jan 2024 00:31:19 +0000
ROA not before: Tue 02 Jan 2024 00:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208873
IP address blocks: 94.127.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a0c816-765e-4d1a-866b-b3f0942e69ec/1/1-nRo3MrkPCOfhTDoI146LU_NPnM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a0c816-765e-4d1a-866b-b3f0942e69ec/1/1-nRo3MrkPCOfhTDoI146LU_NPnM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-nRo3MrkPCOfhTDoI146LU_NPnM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:fd:cd:be:70:3a:5d:c8:2a:5c:3a:af:9f:d9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa7468dccae43c239f8530e8235e3a2d4fcd3e73
Validity
Not Before: Jan 2 00:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93896cb677e9c424b87ba91d3b89c2872e0994df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:30:5a:0a:1e:d7:03:fa:da:c0:f7:1b:75:c0:
1d:01:0d:3d:45:52:95:cb:57:02:df:63:c7:56:7e:
04:1f:fd:55:6b:0e:8e:ce:79:a3:bf:d6:a5:42:5e:
e7:d2:36:fd:8d:49:1c:80:9d:b7:b6:1e:82:83:7a:
85:58:56:c0:df:7e:71:6d:39:f3:77:0a:65:5b:e1:
4e:fe:67:8d:7c:97:14:c2:7d:af:9c:7b:aa:99:10:
33:10:de:5e:ae:f2:bc:e1:2e:0a:e0:20:19:fc:b9:
d3:42:d7:8e:67:27:88:7f:f3:80:3a:ba:89:fc:0d:
91:22:df:70:e2:31:ed:77:d4:71:2c:70:26:5a:49:
b3:2d:01:90:7d:b4:de:23:bd:ed:d5:41:dd:bb:c8:
96:50:4e:85:a8:7c:3f:c8:7b:36:ec:3c:2e:82:7e:
d7:b5:91:64:16:50:58:83:4f:87:16:65:5b:9b:9c:
7f:19:b7:99:ba:4f:e1:bb:47:00:3a:8b:6a:41:1b:
cc:44:ba:88:38:a4:1c:94:93:77:ec:d9:3a:7b:e9:
35:69:3e:b2:40:d1:68:90:5f:60:f2:75:29:14:7a:
68:ec:2d:b2:2f:1e:23:13:7d:5d:99:c7:45:b1:8c:
c4:fe:02:2a:15:e7:c7:1f:45:f8:6a:c8:f8:25:5e:
1d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:89:6C:B6:77:E9:C4:24:B8:7B:A9:1D:3B:89:C2:87:2E:09:94:DF
X509v3 Authority Key Identifier:
keyid:FA:74:68:DC:CA:E4:3C:23:9F:85:30:E8:23:5E:3A:2D:4F:CD:3E:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-nRo3MrkPCOfhTDoI146LU_NPnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a0c816-765e-4d1a-866b-b3f0942e69ec/1/k4lstnfpxCS4e6kdO4nChy4JlN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a0c816-765e-4d1a-866b-b3f0942e69ec/1/1-nRo3MrkPCOfhTDoI146LU_NPnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.236.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:36:85:5d:6b:7d:75:93:9a:08:5e:6f:8c:31:30:1a:19:5c:
c5:7b:5b:61:65:77:0f:3f:ab:5a:92:a3:c7:03:1b:fd:3b:20:
6e:43:72:91:bb:c2:bb:b1:0e:09:f7:bc:be:e3:96:c3:64:05:
19:32:28:3f:a9:3c:10:bd:7f:0a:e7:11:fe:3d:fd:f9:57:3a:
18:df:c6:51:99:92:b7:c3:88:78:0a:ee:d5:05:6a:9e:e0:e1:
36:06:cf:3d:77:11:ab:73:8c:47:6a:51:bb:b5:c5:ab:c6:95:
79:3c:73:0e:4f:c8:a7:5b:33:4a:23:c4:90:72:02:a2:0a:65:
aa:5e:dd:90:ae:98:28:d5:59:c8:bc:f7:db:d6:63:92:db:d5:
b5:55:f4:d7:99:d4:14:16:de:98:df:9c:76:69:b9:0a:2e:7d:
b0:7b:70:65:ac:19:e0:dc:db:f8:72:5a:c8:0b:3e:9f:1e:f4:
72:99:28:72:ed:e3:e8:62:b8:5b:6e:19:0b:96:ca:0d:67:75:
6f:32:5d:77:7b:b1:63:27:7b:85:34:9a:e0:92:b0:29:6e:a1:
f6:39:46:54:8c:b8:3c:26:e2:87:5d:19:70:a3:b7:20:3c:b0:
73:21:57:83:0c:5d:db:15:3c:33:b9:92:3a:d1:d2:82:c8:bc:
cd:40:47:85
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlP3NvnA6XcgqXDqvn9mFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNzQ2OGRjY2FlNDNjMjM5Zjg1MzBlODIzNWUzYTJkNGZj
ZDNlNzMwHhcNMjQwMTAyMDAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzg5NmNiNjc3ZTljNDI0Yjg3YmE5MWQzYjg5YzI4NzJlMDk5NGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojBaCh7XA/rawPcbdcAdAQ09RVKV
y1cC32PHVn4EH/1Vaw6Oznmjv9alQl7n0jb9jUkcgJ23th6Cg3qFWFbA335xbTnz
dwplW+FO/meNfJcUwn2vnHuqmRAzEN5ervK84S4K4CAZ/LnTQteOZyeIf/OAOrqJ
/A2RIt9w4jHtd9RxLHAmWkmzLQGQfbTeI73t1UHdu8iWUE6FqHw/yHs27Dwugn7X
tZFkFlBYg0+HFmVbm5x/GbeZuk/hu0cAOotqQRvMRLqIOKQclJN37Nk6e+k1aT6y
QNFokF9g8nUpFHpo7C2yLx4jE31dmcdFsYzE/gIqFefHH0X4asj4JV4dUQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJOJbLZ36cQkuHupHTuJwocuCZTfMB8GA1UdIwQY
MBaAFPp0aNzK5Dwjn4Uw6CNeOi1PzT5zMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1uUm8zTXJrUENPZmhURG9JMTQ2TFVfTlBuTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYvYTBjODE2LTc2NWUtNGQxYS04NjZi
LWIzZjA5NDJlNjllYy8xL2s0bHN0bmZweENTNGU2a2RPNG5DaHk0SmxOOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTYvYTBjODE2LTc2NWUtNGQxYS04NjZiLWIzZjA5NDJlNjll
Yy8xLzEtblJvM01ya1BDT2ZoVERvSTE0NkxVX05Qbk0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABef+ww
DQYJKoZIhvcNAQELBQADggEBALg2hV1rfXWTmgheb4wxMBoZXMV7W2Fldw8/q1qS
o8cDG/07IG5DcpG7wruxDgn3vL7jlsNkBRkyKD+pPBC9fwrnEf49/flXOhjfxlGZ
krfDiHgK7tUFap7g4TYGzz13EatzjEdqUbu1xavGlXk8cw5PyKdbM0ojxJByAqIK
Zape3ZCumCjVWci899vWY5Lb1bVV9NeZ1BQW3pjfnHZpuQoufbB7cGWsGeDc2/hy
WsgLPp8e9HKZKHLt4+hiuFtuGQuWyg1ndW8yXXd7sWMne4U0muCSsCluofY5RlSM
uDwm4oddGXCjtyA8sHMhV4MMXdsVPDO5kjrR0oLIvM1AR4U=
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:59:21 2024 by rpki-client on console-ams.rpki-client.org