Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/kc8ZX9_eEbSg733RFQ0i9pwoS68.roa
File: kc8ZX9_eEbSg733RFQ0i9pwoS68.roa (raw, json)
Hash identifier: sHWCNkdTepXYxZS8F5SUMdvEL6iETPAy6F9OGRCJ4wg=
Subject key identifier: 91:CF:19:5F:DF:DE:11:B4:A0:EF:7D:D1:15:0D:22:F6:9C:28:4B:AF
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 018CC425500CA546DD71561C047A56B3FA1D
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/kc8ZX9_eEbSg733RFQ0i9pwoS68.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49488
IP address blocks: 194.0.10.0/24 maxlen: 24
2001:678:d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:50:0c:a5:46:dd:71:56:1c:04:7a:56:b3:fa:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91cf195fdfde11b4a0ef7dd1150d22f69c284baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:33:db:a3:7b:9b:15:05:8a:4c:ca:a9:54:b7:
aa:b2:59:ad:97:b9:9b:23:1a:7f:3c:be:99:be:36:
ed:cb:da:15:98:a1:00:df:b6:a4:5d:26:26:ba:49:
ed:b4:21:ff:64:c1:50:8a:67:35:dc:e9:36:eb:b9:
7b:0e:94:21:95:73:e8:ff:8f:b9:70:9a:f3:8d:36:
06:11:9a:2a:17:2f:db:25:64:25:86:17:f1:e6:2b:
65:06:78:f1:55:ab:d5:0b:cb:7b:5e:4c:4a:10:8c:
95:f9:cb:36:db:51:3b:dc:59:69:7e:d0:6d:99:1d:
7b:6a:c1:87:06:35:59:64:37:13:6c:3d:e5:fd:0c:
36:61:33:21:ef:bf:f3:62:fe:a7:7e:8a:9a:8d:67:
95:8d:c6:89:b6:b3:09:57:81:19:b4:81:77:05:24:
e4:49:73:eb:b9:17:54:29:65:27:23:65:74:51:2f:
cc:de:54:bb:16:14:c2:b6:be:24:1f:05:cd:0b:b7:
59:f7:de:7e:7f:ef:01:5e:52:b4:cb:a8:8b:e3:3d:
53:df:4c:48:33:d1:c9:e5:89:fe:d7:24:ad:e3:bb:
c0:12:ca:b9:d6:a2:cc:c3:6c:27:03:3a:4c:54:ad:
db:e3:ee:b6:4d:e8:65:af:ba:b3:88:6c:39:4d:a5:
53:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CF:19:5F:DF:DE:11:B4:A0:EF:7D:D1:15:0D:22:F6:9C:28:4B:AF
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/kc8ZX9_eEbSg733RFQ0i9pwoS68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.10.0/24
IPv6:
2001:678:d::/48
Signature Algorithm: sha256WithRSAEncryption
3e:d1:cb:66:aa:03:10:04:31:53:65:0c:0f:c3:40:82:e2:c8:
fe:6c:cd:6d:6b:1d:c1:d1:4d:d9:ad:02:81:e9:f2:0f:e8:7e:
c2:ad:c1:13:03:ca:a8:6f:b4:b4:0d:c7:54:ef:a5:b4:57:96:
d5:de:72:dc:d1:0b:81:f4:f8:ef:f3:38:20:3a:2b:09:b0:04:
d9:e1:69:a3:1a:6f:97:e7:e0:fd:43:ce:55:33:7d:10:5a:21:
b9:5c:4d:3c:02:0b:90:69:fe:cd:a3:93:7a:54:51:1b:f8:5a:
b3:2c:64:d0:4e:c7:a8:da:29:37:2f:2b:ce:10:c1:53:29:1a:
9c:27:e0:8a:4c:09:11:6a:88:db:54:0b:f5:19:df:59:dc:80:
06:ad:3f:07:ce:6b:55:82:5c:75:d6:6e:83:90:21:83:a5:0b:
62:51:2f:cc:d9:19:7e:f7:3f:22:45:fd:48:d5:d8:e7:6c:55:
fd:bf:74:fe:72:c9:c9:cb:23:b9:48:53:73:0f:4e:a5:f5:42:
a9:14:d6:f4:b9:df:b3:eb:4e:22:43:6e:13:b9:4a:3e:d8:fc:
06:8c:0f:f1:39:83:a8:7b:ea:c8:12:16:2b:41:18:58:49:87:
c8:8d:66:b7:4d:71:9c:64:59:7f:fe:92:39:9b:4e:10:7b:04:
c0:96:bd:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJVAMpUbdcVYcBHpWs/odMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWNmMTk1ZmRmZGUxMWI0YTBlZjdkZDExNTBkMjJmNjljMjg0YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjPbo3ubFQWKTMqpVLeqslmtl7mb
Ixp/PL6Zvjbty9oVmKEA37akXSYmuknttCH/ZMFQimc13Ok267l7DpQhlXPo/4+5
cJrzjTYGEZoqFy/bJWQlhhfx5itlBnjxVavVC8t7XkxKEIyV+cs221E73FlpftBt
mR17asGHBjVZZDcTbD3l/Qw2YTMh77/zYv6nfoqajWeVjcaJtrMJV4EZtIF3BSTk
SXPruRdUKWUnI2V0US/M3lS7FhTCtr4kHwXNC7dZ995+f+8BXlK0y6iL4z1T30xI
M9HJ5Yn+1ySt47vAEsq51qLMw2wnAzpMVK3b4+62Tehlr7qziGw5TaVT/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJHPGV/f3hG0oO990RUNIvacKEuvMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEva2M4Wlg5X2VFYlNnNzMzUkZRMGk5cHdvUzY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAKMA8E
AgACMAkDBwAgAQZ4AA0wDQYJKoZIhvcNAQELBQADggEBAD7Ry2aqAxAEMVNlDA/D
QILiyP5szW1rHcHRTdmtAoHp8g/ofsKtwRMDyqhvtLQNx1TvpbRXltXectzRC4H0
+O/zOCA6KwmwBNnhaaMab5fn4P1DzlUzfRBaIblcTTwCC5Bp/s2jk3pUURv4WrMs
ZNBOx6jaKTcvK84QwVMpGpwn4IpMCRFqiNtUC/UZ31ncgAatPwfOa1WCXHXWboOQ
IYOlC2JRL8zZGX73PyJF/UjV2OdsVf2/dP5yycnLI7lIU3MPTqX1QqkU1vS537Pr
TiJDbhO5Sj7Y/AaMD/E5g6h76sgSFitBGFhJh8iNZrdNcZxkWX/+kjmbThB7BMCW
vfk=
-----END CERTIFICATE-----
Generated at Fri May 17 17:59:31 2024 by rpki-client on console-ams.rpki-client.org