Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/H4CRwTeLla254FAPcXCFofxqVnw.roa
File: H4CRwTeLla254FAPcXCFofxqVnw.roa (raw, json)
Hash identifier: G/j73AVRwzxDaVslCN0bErw46/RxitGTVi5ZF52ARtU=
Subject key identifier: 1F:80:91:C1:37:8B:95:AD:B9:E0:50:0F:71:70:85:A1:FC:6A:56:7C
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 018CC6B940943A5803899D8DE757277EFDDC
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/H4CRwTeLla254FAPcXCFofxqVnw.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210244
IP address blocks: 212.108.238.0/24 maxlen: 24
195.184.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.mft
rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:40:94:3a:58:03:89:9d:8d:e7:57:27:7e:fd:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f8091c1378b95adb9e0500f717085a1fc6a567c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:69:ce:0b:c5:2b:37:7e:d8:5c:46:ee:91:cb:
ea:36:ea:54:b7:4d:dc:b9:72:f4:cf:3a:8f:e8:23:
60:17:09:4b:1e:cb:a8:59:2c:38:2d:4b:15:de:4f:
10:d1:2b:55:a3:4f:64:4a:54:af:de:40:bc:e5:cd:
5b:61:3a:8b:7f:06:94:20:db:72:80:c5:49:20:3e:
be:2a:ca:ae:2a:b0:e9:62:6e:7f:06:7d:db:0b:8d:
86:d5:d4:72:a0:40:83:70:07:f4:91:04:f3:be:ec:
f0:65:e7:e1:5f:c6:7a:34:74:78:39:6c:57:9a:03:
d4:86:8d:25:c3:23:a8:3c:1d:44:ec:83:2a:73:dc:
94:9e:aa:53:af:4e:b3:65:a3:7b:8d:1d:82:24:11:
dc:bb:8d:f3:91:b7:2f:f8:e0:cc:ab:b1:a7:cf:11:
81:53:37:78:94:7f:d7:91:2b:00:7b:70:82:fd:45:
23:0a:d6:1d:dd:8b:ae:cb:b1:73:6d:48:ff:74:f4:
5c:f4:d5:d7:70:5e:98:21:96:ff:45:51:78:4b:f1:
7f:2d:ed:c6:02:69:48:36:19:b2:e3:d4:f8:74:d5:
e9:7d:17:b2:4d:b8:1f:0b:3f:bc:8f:e5:16:91:cb:
b4:54:c9:5f:4a:6d:10:48:15:f0:89:24:62:95:e8:
00:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:80:91:C1:37:8B:95:AD:B9:E0:50:0F:71:70:85:A1:FC:6A:56:7C
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/H4CRwTeLla254FAPcXCFofxqVnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.184.6.0/24
212.108.238.0/24
Signature Algorithm: sha256WithRSAEncryption
57:b2:cf:e6:7e:ab:fb:2e:85:ad:d6:48:9a:ec:a2:18:0c:ed:
a1:5b:e2:09:22:9c:92:7e:99:c6:20:37:8c:3c:81:69:ec:2d:
58:ea:0d:12:72:a5:c2:7e:b5:97:89:e6:11:ca:0a:41:84:81:
b9:6f:d6:ff:1b:db:83:ad:02:d3:e3:70:85:a3:5e:3f:83:ff:
c9:5c:8c:53:d2:9f:c9:1e:38:9f:ae:f9:db:09:0c:8e:b9:d1:
4e:3f:5e:96:b3:2e:30:63:fe:8f:93:9d:bb:c5:10:31:a3:79:
b7:40:38:24:b8:43:e9:ee:c2:3d:52:af:74:4b:7d:ca:a8:5a:
7e:79:1b:f6:d9:e4:4f:1e:ce:15:e6:e8:8f:15:bc:e9:2a:0f:
76:20:d6:81:7f:43:98:46:5b:cb:cf:93:2e:b0:a9:1a:14:56:
c9:c3:50:3a:30:12:fc:26:2b:57:69:3c:06:c5:70:57:33:88:
ff:71:49:b5:fd:03:d3:88:e0:6b:41:13:7d:6f:71:ab:0d:f3:
01:68:19:67:c8:2a:ee:ed:7f:ad:4b:e7:75:79:18:6c:86:7a:
f9:79:8b:05:14:a7:33:e2:15:c9:c6:01:e1:21:26:20:b4:54:
e3:18:c3:cb:27:cc:86:e9:bb:bc:d4:fc:4c:56:bd:f0:28:f7:
66:cb:af:f3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuUCUOlgDiZ2N51cnfv3cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjgwOTFjMTM3OGI5NWFkYjllMDUwMGY3MTcwODVhMWZjNmE1NjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGnOC8UrN37YXEbukcvqNupUt03c
uXL0zzqP6CNgFwlLHsuoWSw4LUsV3k8Q0StVo09kSlSv3kC85c1bYTqLfwaUINty
gMVJID6+KsquKrDpYm5/Bn3bC42G1dRyoECDcAf0kQTzvuzwZefhX8Z6NHR4OWxX
mgPUho0lwyOoPB1E7IMqc9yUnqpTr06zZaN7jR2CJBHcu43zkbcv+ODMq7GnzxGB
Uzd4lH/XkSsAe3CC/UUjCtYd3Yuuy7FzbUj/dPRc9NXXcF6YIZb/RVF4S/F/Le3G
AmlINhmy49T4dNXpfReyTbgfCz+8j+UWkcu0VMlfSm0QSBXwiSRilegAYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB+AkcE3i5WtueBQD3FwhaH8alZ8MB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvSDRDUndUZUxsYTI1NEZBUGNYQ0ZvZnhxVm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw7gGAwQA
1GzuMA0GCSqGSIb3DQEBCwUAA4IBAQBXss/mfqv7LoWt1kia7KIYDO2hW+IJIpyS
fpnGIDeMPIFp7C1Y6g0ScqXCfrWXieYRygpBhIG5b9b/G9uDrQLT43CFo14/g//J
XIxT0p/JHjifrvnbCQyOudFOP16Wsy4wY/6Pk527xRAxo3m3QDgkuEPp7sI9Uq90
S33KqFp+eRv22eRPHs4V5uiPFbzpKg92INaBf0OYRlvLz5MusKkaFFbJw1A6MBL8
JitXaTwGxXBXM4j/cUm1/QPTiOBrQRN9b3GrDfMBaBlnyCru7X+tS+d1eRhshnr5
eYsFFKcz4hXJxgHhISYgtFTjGMPLJ8yG6bu81PxMVr3wKPdmy6/z
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:39 2024 by rpki-client on console-fra.rpki-client.org