Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/vEbk4ZcCPEY97zgF_QtDTLrij5I.roa
File: vEbk4ZcCPEY97zgF_QtDTLrij5I.roa (raw, json)
Hash identifier: uth1JJY3gauWIA/9Z6lzjtePFYmIM05ralciqYzWTSo=
Subject key identifier: BC:46:E4:E1:97:02:3C:46:3D:EF:38:05:FD:0B:43:4C:BA:E2:8F:92
Certificate issuer: /CN=9c1394768c9a39a6112674d7375972a6696b4680
Certificate serial: 018CC801A22F0E50BF5BA19A9288CC4250DA
Authority key identifier: 9C:13:94:76:8C:9A:39:A6:11:26:74:D7:37:59:72:A6:69:6B:46:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nBOUdoyaOaYRJnTXN1lypmlrRoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/vEbk4ZcCPEY97zgF_QtDTLrij5I.roa
Signing time: Tue 02 Jan 2024 02:29:59 +0000
ROA not before: Tue 02 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207083
IP address blocks: 194.146.104.0/24 maxlen: 24
194.146.114.0/24 maxlen: 24
194.146.116.0/24 maxlen: 24
194.146.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/nBOUdoyaOaYRJnTXN1lypmlrRoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/nBOUdoyaOaYRJnTXN1lypmlrRoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nBOUdoyaOaYRJnTXN1lypmlrRoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Jun 2024 04:03:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a2:2f:0e:50:bf:5b:a1:9a:92:88:cc:42:50:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c1394768c9a39a6112674d7375972a6696b4680
Validity
Not Before: Jan 2 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bc46e4e197023c463def3805fd0b434cbae28f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:67:09:ec:c3:b7:56:95:72:a1:9e:02:af:b2:
83:dd:41:c4:ac:92:d3:94:2a:d9:ab:5b:a8:40:9f:
36:2f:02:20:b0:cc:2c:82:82:c6:f6:a7:f1:ab:a9:
cc:a1:37:0e:b5:c3:88:0c:de:84:c4:83:2d:55:8c:
19:e1:2e:85:f7:c6:3d:5e:59:32:07:bc:26:26:3d:
15:2e:e9:99:cb:76:91:59:e6:25:7a:c2:47:5d:28:
9b:b7:bf:63:ab:30:9d:7c:f9:31:ec:2d:1e:88:cd:
b9:f3:c8:dc:07:86:71:4f:ab:d5:0a:a4:07:76:dc:
c3:f4:f0:9b:2d:aa:9c:21:c6:68:0c:8f:a8:a5:07:
c2:00:18:ea:52:e3:dd:dd:ce:7b:d2:be:cf:a5:be:
12:7f:fc:23:5b:82:19:1b:6e:5f:22:c4:4a:08:2b:
32:dd:35:6e:5d:01:34:40:88:d2:67:48:54:6d:87:
ec:7f:07:b5:58:53:3b:c3:df:bd:1a:4c:c6:f6:90:
ab:7f:d5:61:2e:3d:a9:2f:37:c5:b1:22:30:58:73:
0d:2e:4d:88:93:f4:82:6e:49:c3:f6:51:a1:49:f9:
17:88:b0:87:fc:de:37:90:42:5d:bb:6e:99:1c:40:
e3:4a:15:84:b7:77:e2:48:a5:9e:1b:c7:00:cd:16:
dd:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:46:E4:E1:97:02:3C:46:3D:EF:38:05:FD:0B:43:4C:BA:E2:8F:92
X509v3 Authority Key Identifier:
keyid:9C:13:94:76:8C:9A:39:A6:11:26:74:D7:37:59:72:A6:69:6B:46:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nBOUdoyaOaYRJnTXN1lypmlrRoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/vEbk4ZcCPEY97zgF_QtDTLrij5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/3e7210-0528-4456-b68e-a713a1915c90/1/nBOUdoyaOaYRJnTXN1lypmlrRoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.104.0/24
194.146.114.0/24
194.146.116.0/24
194.146.124.0/24
Signature Algorithm: sha256WithRSAEncryption
56:db:ce:e7:f8:51:80:d8:16:14:c7:e3:4e:fe:b6:76:2a:f1:
93:31:ad:11:73:84:ea:07:02:24:96:f6:80:0f:20:0a:14:13:
42:2e:ce:fe:da:05:40:d4:81:62:e4:4f:ae:2d:46:d7:ee:2a:
c2:93:5c:b5:f1:08:9d:15:cb:8d:de:0f:f8:30:a5:d5:7d:e6:
d6:3c:fd:6d:9e:2f:11:14:8c:aa:27:88:88:41:67:6e:97:12:
0a:46:7a:89:7c:b5:0e:bd:10:4e:e2:aa:f2:4b:9c:d1:14:17:
03:0c:50:d6:d5:cc:81:d4:c5:2f:42:69:26:92:e8:3d:0a:e3:
a2:cd:ca:b9:3a:c7:2b:86:b2:7b:0a:8d:a0:76:59:7d:6f:b6:
96:54:7c:a4:6a:da:96:30:37:e9:f5:0f:aa:c7:65:86:36:5e:
e6:c2:22:eb:0d:f3:35:08:97:8d:23:45:2f:65:f5:9d:88:39:
49:5f:28:0f:fd:ce:b1:cd:fc:c6:16:d6:05:1a:36:29:21:e7:
d9:bf:56:8e:fc:3f:f3:f3:e0:5f:5b:f1:f9:39:34:ff:a1:b1:
57:ba:b1:ac:06:25:83:73:cf:b5:65:28:70:4a:a5:d5:8b:5b:
c7:d0:60:7d:0a:40:f4:dd:09:22:aa:8f:2c:b8:96:26:3f:aa:
03:0b:b2:4b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAaIvDlC/W6GakojMQlDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMTM5NDc2OGM5YTM5YTYxMTI2NzRkNzM3NTk3MmE2Njk2
YjQ2ODAwHhcNMjQwMTAyMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzQ2ZTRlMTk3MDIzYzQ2M2RlZjM4MDVmZDBiNDM0Y2JhZTI4ZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmcJ7MO3VpVyoZ4Cr7KD3UHErJLT
lCrZq1uoQJ82LwIgsMwsgoLG9qfxq6nMoTcOtcOIDN6ExIMtVYwZ4S6F98Y9Xlky
B7wmJj0VLumZy3aRWeYlesJHXSibt79jqzCdfPkx7C0eiM2588jcB4ZxT6vVCqQH
dtzD9PCbLaqcIcZoDI+opQfCABjqUuPd3c570r7Ppb4Sf/wjW4IZG25fIsRKCCsy
3TVuXQE0QIjSZ0hUbYfsfwe1WFM7w9+9GkzG9pCrf9VhLj2pLzfFsSIwWHMNLk2I
k/SCbknD9lGhSfkXiLCH/N43kEJdu26ZHEDjShWEt3fiSKWeG8cAzRbdhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLxG5OGXAjxGPe84Bf0LQ0y64o+SMB8GA1UdIwQY
MBaAFJwTlHaMmjmmESZ01zdZcqZpa0aAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkJPVWRveWFPYVlSSm5UWE4xbHlwbWxyUm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zZTcyMTAtMDUyOC00NDU2LWI2OGUt
YTcxM2ExOTE1YzkwLzEvdkViazRaY0NQRVk5N3pnRl9RdERUTHJpajVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zZTcyMTAtMDUyOC00NDU2LWI2OGUtYTcxM2ExOTE1Yzkw
LzEvbkJPVWRveWFPYVlSSm5UWE4xbHlwbWxyUm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwpJoAwQA
wpJyAwQAwpJ0AwQAwpJ8MA0GCSqGSIb3DQEBCwUAA4IBAQBW287n+FGA2BYUx+NO
/rZ2KvGTMa0Rc4TqBwIklvaADyAKFBNCLs7+2gVA1IFi5E+uLUbX7irCk1y18Qid
FcuN3g/4MKXVfebWPP1tni8RFIyqJ4iIQWdulxIKRnqJfLUOvRBO4qryS5zRFBcD
DFDW1cyB1MUvQmkmkug9CuOizcq5OscrhrJ7Co2gdll9b7aWVHykatqWMDfp9Q+q
x2WGNl7mwiLrDfM1CJeNI0UvZfWdiDlJXygP/c6xzfzGFtYFGjYpIefZv1aO/D/z
8+BfW/H5OTT/obFXurGsBiWDc8+1ZShwSqXVi1vH0GB9CkD03Qkiqo8suJYmP6oD
C7JL
-----END CERTIFICATE-----
Generated at Mon Jun 3 10:18:24 2024 by rpki-client on console-ams.rpki-client.org