Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/af-0WBEu5EwFIwfa5chxW7RbPG0.roa
File: af-0WBEu5EwFIwfa5chxW7RbPG0.roa (raw, json)
Hash identifier: c5/wt6qXZJKiroNkG+FqekJayKgzCSyvc+VxM5iE/a8=
Subject key identifier: 69:FF:B4:58:11:2E:E4:4C:05:23:07:DA:E5:C8:71:5B:B4:5B:3C:6D
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018F1BB0DEE2E0BD8C40970D471D88D581AC
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/af-0WBEu5EwFIwfa5chxW7RbPG0.roa
Signing time: Fri 26 Apr 2024 18:35:27 +0000
ROA not before: Fri 26 Apr 2024 18:35:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215062
IP address blocks: 146.19.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 23:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:b0:de:e2:e0:bd:8c:40:97:0d:47:1d:88:d5:81:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 26 18:35:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69ffb458112ee44c052307dae5c8715bb45b3c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:38:1e:25:bc:17:b0:63:3f:bd:b5:e1:b9:e9:
8e:19:3c:15:45:56:ce:85:19:6f:ae:bd:ab:bc:ea:
2a:14:07:fa:2d:6c:60:55:bf:e3:1d:a1:51:af:65:
4f:ed:1f:50:8b:a5:6a:ac:22:d2:58:d8:7f:e3:6e:
b4:77:b0:b1:5d:d0:70:6e:77:49:25:32:7d:9d:39:
37:24:a3:7a:19:7d:47:9c:63:71:d1:87:8e:dc:ff:
1d:61:df:f8:5b:73:93:bd:e5:ad:f7:8e:db:39:ad:
0a:7a:ab:c4:a2:f9:2d:b2:3f:8c:dc:f8:bc:ee:dd:
55:cd:75:2d:ea:5f:88:b9:da:81:12:cf:93:18:6b:
a5:42:48:93:e9:09:e1:9f:4e:cc:e8:37:0b:18:59:
ec:a7:c2:85:37:ea:b1:44:7b:cf:25:d8:da:10:24:
f6:23:44:42:43:be:c6:5d:ed:4e:86:b1:59:0f:d2:
1a:a6:6f:9e:be:fe:96:fe:a6:1e:bf:e5:1e:f0:58:
2c:c3:8b:0c:8a:16:43:17:9b:c6:95:47:31:fd:4f:
43:60:6d:6c:98:94:65:88:f2:a5:b2:ab:5d:08:c6:
dd:74:5d:a5:c8:34:a3:09:88:56:b3:88:82:e1:98:
c0:fb:df:df:7c:1c:19:d9:d3:1a:26:f4:87:e4:92:
c4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FF:B4:58:11:2E:E4:4C:05:23:07:DA:E5:C8:71:5B:B4:5B:3C:6D
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/af-0WBEu5EwFIwfa5chxW7RbPG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.93.0/24
Signature Algorithm: sha256WithRSAEncryption
77:91:0d:72:e8:ff:2b:8f:3f:10:e4:58:b9:e3:fc:f8:85:72:
61:c4:9e:1d:35:15:42:c6:8c:59:45:10:4d:49:0b:ce:17:09:
a2:65:7c:db:82:d0:88:3e:ee:c1:04:52:a5:08:7e:f2:57:87:
79:de:28:b9:3c:7a:37:28:af:16:5f:ec:b7:43:67:79:bc:68:
59:7a:23:03:b6:55:c5:64:05:23:41:f4:cb:33:d8:28:73:fb:
1c:bb:31:e3:c5:23:59:87:3b:b0:ee:69:0b:0a:fb:72:75:ea:
03:25:a7:0d:14:a7:d8:e9:2a:5a:71:cf:c4:e5:98:e4:99:5e:
f2:af:e0:54:5d:61:05:20:37:4c:7d:b4:88:58:60:c5:14:8f:
47:5c:9d:1b:a7:41:7b:2f:f1:fb:76:de:9e:c6:e4:53:0a:d9:
a6:db:b8:de:e0:56:bd:55:81:25:a4:9b:dd:85:04:51:91:5b:
67:c9:3e:04:70:ec:ed:68:c2:12:b9:52:02:2c:2d:0a:ba:e0:
11:61:4d:88:83:7c:8c:a9:4b:d5:70:7d:76:64:b6:ee:e3:b5:
66:12:72:a5:74:a7:3d:31:8e:79:23:4d:b9:ee:66:8c:9e:e6:
e3:7c:28:d1:3e:de:81:ea:16:2e:71:b9:0d:af:09:45:61:5f:
ff:c6:44:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8bsN7i4L2MQJcNRx2I1YGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNDI2MTgzNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWZmYjQ1ODExMmVlNDRjMDUyMzA3ZGFlNWM4NzE1YmI0NWIzYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDgeJbwXsGM/vbXhuemOGTwVRVbO
hRlvrr2rvOoqFAf6LWxgVb/jHaFRr2VP7R9Qi6VqrCLSWNh/4260d7CxXdBwbndJ
JTJ9nTk3JKN6GX1HnGNx0YeO3P8dYd/4W3OTveWt947bOa0KeqvEovktsj+M3Pi8
7t1VzXUt6l+IudqBEs+TGGulQkiT6Qnhn07M6DcLGFnsp8KFN+qxRHvPJdjaECT2
I0RCQ77GXe1OhrFZD9Iapm+evv6W/qYev+Ue8Fgsw4sMihZDF5vGlUcx/U9DYG1s
mJRliPKlsqtdCMbddF2lyDSjCYhWs4iC4ZjA+9/ffBwZ2dMaJvSH5JLEowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGn/tFgRLuRMBSMH2uXIcVu0WzxtMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvYWYtMFdCRXU1RXdGSXdmYTVjaHhXN1JiUEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNdMA0G
CSqGSIb3DQEBCwUAA4IBAQB3kQ1y6P8rjz8Q5Fi54/z4hXJhxJ4dNRVCxoxZRRBN
SQvOFwmiZXzbgtCIPu7BBFKlCH7yV4d53ii5PHo3KK8WX+y3Q2d5vGhZeiMDtlXF
ZAUjQfTLM9goc/scuzHjxSNZhzuw7mkLCvtydeoDJacNFKfY6Spacc/E5ZjkmV7y
r+BUXWEFIDdMfbSIWGDFFI9HXJ0bp0F7L/H7dt6exuRTCtmm27je4Fa9VYElpJvd
hQRRkVtnyT4EcOztaMISuVICLC0KuuARYU2Ig3yMqUvVcH12ZLbu47VmEnKldKc9
MY55I0257maMnubjfCjRPt6B6hYucbkNrwlFYV//xkQl
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:29:30 2024 by rpki-client on console-ams.rpki-client.org