Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/5872c2-d53e-48aa-b581-bb44a828cea7/1/hQ-r_UxZdQynEeqMFTmJvBOBrpk.roa
File: hQ-r_UxZdQynEeqMFTmJvBOBrpk.roa (raw, json)
Hash identifier: jgWQp6HyPodhqXlv/9F1CJTsyTmqyMgNdfAdbOMTN9Q=
Subject key identifier: 85:0F:AB:FD:4C:59:75:0C:A7:11:EA:8C:15:39:89:BC:13:81:AE:99
Certificate issuer: /CN=b5e97fbe67d95df6e4a8065e2675e040d6e80efc
Certificate serial: 018CC3B67048ECD72968E1311E378812878D
Authority key identifier: B5:E9:7F:BE:67:D9:5D:F6:E4:A8:06:5E:26:75:E0:40:D6:E8:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tel_vmfZXfbkqAZeJnXgQNboDvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/5872c2-d53e-48aa-b581-bb44a828cea7/1/hQ-r_UxZdQynEeqMFTmJvBOBrpk.roa
Signing time: Mon 01 Jan 2024 06:29:22 +0000
ROA not before: Mon 01 Jan 2024 06:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201593
IP address blocks: 194.49.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/5872c2-d53e-48aa-b581-bb44a828cea7/1/tel_vmfZXfbkqAZeJnXgQNboDvw.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/5872c2-d53e-48aa-b581-bb44a828cea7/1/tel_vmfZXfbkqAZeJnXgQNboDvw.mft
rsync://rpki.ripe.net/repository/DEFAULT/tel_vmfZXfbkqAZeJnXgQNboDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:70:48:ec:d7:29:68:e1:31:1e:37:88:12:87:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5e97fbe67d95df6e4a8065e2675e040d6e80efc
Validity
Not Before: Jan 1 06:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=850fabfd4c59750ca711ea8c153989bc1381ae99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:82:d6:85:4f:c6:98:51:e9:e2:f2:e3:00:09:
2c:0f:43:16:f0:fa:7f:86:f5:f7:78:0c:64:e1:00:
a6:cc:b3:19:2c:a9:93:51:32:80:c7:c4:32:63:c2:
95:81:f2:1a:99:05:1f:df:0a:75:7f:67:d4:c8:f5:
69:e9:6f:e8:8c:4b:1a:10:7f:16:e2:67:b7:ad:c3:
f4:3e:49:a2:af:a2:60:24:80:54:29:54:23:5d:8a:
03:62:66:53:44:59:37:0b:34:32:f1:3b:9c:25:05:
44:46:6c:fb:f4:af:50:f1:20:06:34:7b:ab:28:7c:
65:18:8c:d0:f6:3c:ab:e6:51:06:a8:05:40:23:0d:
37:64:51:c7:f3:44:5f:11:9b:82:c1:8e:1b:57:77:
7a:61:33:d8:68:04:8c:6c:0c:d0:51:90:89:c8:10:
39:de:8a:f5:65:53:47:de:29:9f:7e:b7:7a:6f:0d:
ce:1c:b4:3f:f8:74:22:3c:78:e4:bd:6b:f9:08:2d:
12:77:0f:ec:af:98:f2:aa:d8:b0:4e:01:7a:dc:ca:
de:36:6e:80:3e:6b:75:c3:40:71:b3:72:37:f0:93:
f7:2a:ef:05:2f:b0:b2:66:a6:a1:fb:67:d6:c2:99:
bd:5d:35:42:5c:bb:87:97:ca:ca:18:2a:44:2f:16:
d6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0F:AB:FD:4C:59:75:0C:A7:11:EA:8C:15:39:89:BC:13:81:AE:99
X509v3 Authority Key Identifier:
keyid:B5:E9:7F:BE:67:D9:5D:F6:E4:A8:06:5E:26:75:E0:40:D6:E8:0E:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tel_vmfZXfbkqAZeJnXgQNboDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/5872c2-d53e-48aa-b581-bb44a828cea7/1/hQ-r_UxZdQynEeqMFTmJvBOBrpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/5872c2-d53e-48aa-b581-bb44a828cea7/1/tel_vmfZXfbkqAZeJnXgQNboDvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.127.0/24
Signature Algorithm: sha256WithRSAEncryption
61:a2:1b:ff:22:c9:c2:91:54:2c:22:35:c9:20:c3:41:29:7d:
71:73:fc:d3:97:97:7f:50:04:aa:ea:da:fd:21:5b:cb:5e:ef:
ec:0b:24:18:b3:64:1b:ab:ab:6a:82:29:4c:80:b2:fb:ea:c4:
8a:94:ec:92:02:af:36:e0:e8:3c:e5:06:4f:9d:5f:2e:41:06:
eb:4f:c8:25:72:29:6b:c5:81:0b:3e:7a:f1:6e:86:0d:3a:7f:
b5:5c:78:ed:40:ee:c9:34:31:84:2f:3b:ce:ea:37:21:34:ec:
47:04:e1:14:de:58:87:e1:12:d2:1a:8f:c3:b8:95:59:23:37:
0e:13:b6:f6:b0:1c:0a:03:61:2b:a5:6a:24:dc:4f:aa:76:56:
71:a3:21:3e:50:db:f5:eb:7b:3c:32:e9:8e:81:39:57:e4:3b:
cf:f6:90:58:2e:db:61:5c:bc:cd:9d:54:eb:31:07:1f:9c:ab:
7f:f5:8d:f7:61:a6:0f:14:aa:e8:11:27:6c:00:7c:77:73:6a:
cc:91:59:ac:81:89:57:1c:c7:b6:d0:16:a9:3d:a6:0c:d7:5b:
08:7e:bf:06:e4:98:d0:61:0f:8c:22:b5:d6:1b:13:48:32:5b:
12:fd:5f:58:ee:a0:19:52:42:d4:3b:47:6b:23:b1:24:72:23:
87:71:42:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtnBI7NcpaOExHjeIEoeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ZTk3ZmJlNjdkOTVkZjZlNGE4MDY1ZTI2NzVlMDQwZDZl
ODBlZmMwHhcNMjQwMTAxMDYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTBmYWJmZDRjNTk3NTBjYTcxMWVhOGMxNTM5ODliYzEzODFhZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oLWhU/GmFHp4vLjAAksD0MW8Pp/
hvX3eAxk4QCmzLMZLKmTUTKAx8QyY8KVgfIamQUf3wp1f2fUyPVp6W/ojEsaEH8W
4me3rcP0Pkmir6JgJIBUKVQjXYoDYmZTRFk3CzQy8TucJQVERmz79K9Q8SAGNHur
KHxlGIzQ9jyr5lEGqAVAIw03ZFHH80RfEZuCwY4bV3d6YTPYaASMbAzQUZCJyBA5
3or1ZVNH3imffrd6bw3OHLQ/+HQiPHjkvWv5CC0Sdw/sr5jyqtiwTgF63MreNm6A
Pmt1w0Bxs3I38JP3Ku8FL7CyZqah+2fWwpm9XTVCXLuHl8rKGCpELxbWnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUPq/1MWXUMpxHqjBU5ibwTga6ZMB8GA1UdIwQY
MBaAFLXpf75n2V325KgGXiZ14EDW6A78MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGVsX3ZtZlpYZmJrcUFaZUpuWGdRTmJvRHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81ODcyYzItZDUzZS00OGFhLWI1ODEt
YmI0NGE4MjhjZWE3LzEvaFEtcl9VeFpkUXluRWVxTUZUbUp2Qk9CcnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS81ODcyYzItZDUzZS00OGFhLWI1ODEtYmI0NGE4MjhjZWE3
LzEvdGVsX3ZtZlpYZmJrcUFaZUpuWGdRTmJvRHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjF/MA0G
CSqGSIb3DQEBCwUAA4IBAQBhohv/IsnCkVQsIjXJIMNBKX1xc/zTl5d/UASq6tr9
IVvLXu/sCyQYs2Qbq6tqgilMgLL76sSKlOySAq824Og85QZPnV8uQQbrT8glcilr
xYELPnrxboYNOn+1XHjtQO7JNDGELzvO6jchNOxHBOEU3liH4RLSGo/DuJVZIzcO
E7b2sBwKA2ErpWok3E+qdlZxoyE+UNv163s8MumOgTlX5DvP9pBYLtthXLzNnVTr
MQcfnKt/9Y33YaYPFKroESdsAHx3c2rMkVmsgYlXHMe20BapPaYM11sIfr8G5JjQ
YQ+MIrXWGxNIMlsS/V9Y7qAZUkLUO0drI7EkciOHcUJD
-----END CERTIFICATE-----
Generated at Sun Jun 16 06:30:52 2024 by rpki-client on console-ams.rpki-client.org