Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/THVMXz0o8mM_32frlRODB0s2Aik.roa
File: THVMXz0o8mM_32frlRODB0s2Aik.roa (raw, json)
Hash identifier: OhvPtbreTqPm5jfkF2g7hQR1u76j4dr029qtPqyMrvk=
Subject key identifier: 4C:75:4C:5F:3D:28:F2:63:3F:DF:67:EB:95:13:83:07:4B:36:02:29
Certificate issuer: /CN=4927124d9803a7de54883164a376ea72e3c63eaf
Certificate serial: 018CC3B6735770806AD81CF354D785DE8AD4
Authority key identifier: 49:27:12:4D:98:03:A7:DE:54:88:31:64:A3:76:EA:72:E3:C6:3E:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/THVMXz0o8mM_32frlRODB0s2Aik.roa
Signing time: Mon 01 Jan 2024 06:29:23 +0000
ROA not before: Mon 01 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48053
IP address blocks: 194.0.4.0/24 maxlen: 24
2001:678:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/SScSTZgDp95UiDFko3bqcuPGPq8.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/SScSTZgDp95UiDFko3bqcuPGPq8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:73:57:70:80:6a:d8:1c:f3:54:d7:85:de:8a:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4927124d9803a7de54883164a376ea72e3c63eaf
Validity
Not Before: Jan 1 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c754c5f3d28f2633fdf67eb951383074b360229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6f:6c:8c:e7:21:50:4a:5f:6b:8d:35:19:e9:
00:27:74:06:ad:68:d2:23:33:d6:81:df:f7:4a:52:
ee:90:0f:b8:a1:c6:e3:b0:eb:b7:ab:88:91:5a:f8:
6c:7c:2b:d0:88:0b:02:1b:c8:b3:12:68:07:0f:09:
7c:9d:d5:03:83:85:1a:af:c0:3a:55:30:f2:aa:f3:
d4:42:14:08:80:7b:79:a8:03:55:08:10:3e:19:db:
cb:46:e6:4b:47:27:2b:0a:61:3c:95:7c:d1:2d:84:
73:ef:b6:f2:01:ae:47:5e:3b:76:ad:2f:f6:18:9a:
ba:b2:19:5a:7e:2f:7c:61:5f:d0:f5:14:e5:2e:09:
b4:5d:25:ff:a7:8d:33:96:88:71:e2:48:1b:20:48:
5b:37:e9:3c:bb:ae:0b:5e:f2:be:d1:7f:8d:9c:88:
a2:48:27:9e:e0:38:79:2a:f5:f3:59:72:45:cc:bc:
4e:d9:09:44:84:5a:8b:dc:bd:60:93:49:96:7a:d9:
22:3a:47:b0:4a:73:6b:c5:bf:cd:00:d1:07:3e:3a:
f4:ff:77:af:d4:1a:be:23:01:3f:f5:15:d6:5c:2c:
a5:d4:b5:fe:5e:34:24:d4:41:b4:0b:72:fb:24:07:
fb:84:b3:82:49:bd:28:44:35:fe:6f:1a:ab:b5:ee:
07:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:75:4C:5F:3D:28:F2:63:3F:DF:67:EB:95:13:83:07:4B:36:02:29
X509v3 Authority Key Identifier:
keyid:49:27:12:4D:98:03:A7:DE:54:88:31:64:A3:76:EA:72:E3:C6:3E:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SScSTZgDp95UiDFko3bqcuPGPq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/THVMXz0o8mM_32frlRODB0s2Aik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/3e2c38-f96f-40df-aeac-f0150c81acf5/1/SScSTZgDp95UiDFko3bqcuPGPq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.4.0/24
IPv6:
2001:678:7::/48
Signature Algorithm: sha256WithRSAEncryption
0b:b0:58:42:e8:df:29:11:f2:bf:bd:54:5f:16:0e:5d:ce:79:
d2:1e:3b:8e:89:92:89:59:1d:12:af:5e:c3:3e:36:20:70:84:
6e:7c:e5:65:22:00:fd:5e:d6:bf:ca:93:5a:71:16:97:b9:47:
8c:b7:57:37:6a:23:a2:9e:92:5e:e0:4e:36:bb:a2:99:dc:ca:
3e:96:32:eb:6e:32:93:6e:22:6b:98:f4:0c:7e:94:82:07:80:
a8:6e:f2:c5:28:0d:6b:80:9f:44:79:6e:33:e2:92:cb:6d:a3:
c8:6b:08:3d:ab:5a:70:c7:72:3a:8e:94:01:e4:f7:7b:3d:cd:
92:40:2d:58:71:0c:28:c9:2e:16:c7:7c:9c:fb:a5:fa:fb:e9:
39:e9:d8:9f:ec:3a:64:ef:22:bc:bc:ce:33:e7:aa:34:b8:bb:
ea:ad:ab:3b:be:20:df:c3:01:fe:b5:8b:86:72:f8:43:8e:26:
cb:75:7b:18:1e:3a:20:16:0d:ea:c4:69:93:30:c3:04:a7:5d:
0b:b7:d0:03:ed:2e:ab:2c:2a:bf:04:de:a3:a3:57:6f:5b:ea:
b8:91:aa:24:6a:67:a7:29:a8:8a:20:fb:a3:c6:2d:79:7c:11:
00:42:f4:24:73:70:f0:24:f2:f2:2d:61:37:59:02:aa:11:94:
ab:b5:bc:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzDtnNXcIBq2BzzVNeF3orUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjcxMjRkOTgwM2E3ZGU1NDg4MzE2NGEzNzZlYTcyZTNj
NjNlYWYwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzc1NGM1ZjNkMjhmMjYzM2ZkZjY3ZWI5NTEzODMwNzRiMzYwMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg29sjOchUEpfa401GekAJ3QGrWjS
IzPWgd/3SlLukA+4ocbjsOu3q4iRWvhsfCvQiAsCG8izEmgHDwl8ndUDg4Uar8A6
VTDyqvPUQhQIgHt5qANVCBA+GdvLRuZLRycrCmE8lXzRLYRz77byAa5HXjt2rS/2
GJq6shlafi98YV/Q9RTlLgm0XSX/p40zlohx4kgbIEhbN+k8u64LXvK+0X+NnIii
SCee4Dh5KvXzWXJFzLxO2QlEhFqL3L1gk0mWetkiOkewSnNrxb/NANEHPjr0/3ev
1Bq+IwE/9RXWXCyl1LX+XjQk1EG0C3L7JAf7hLOCSb0oRDX+bxqrte4H/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEx1TF89KPJjP99n65UTgwdLNgIpMB8GA1UdIwQY
MBaAFEknEk2YA6feVIgxZKN26nLjxj6vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NjU1RaZ0RwOTVVaURGa28zYnFjdVBHUHE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8zZTJjMzgtZjk2Zi00MGRmLWFlYWMt
ZjAxNTBjODFhY2Y1LzEvVEhWTVh6MG84bU1fMzJmcmxST0RCMHMyQWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8zZTJjMzgtZjk2Zi00MGRmLWFlYWMtZjAxNTBjODFhY2Y1
LzEvU1NjU1RaZ0RwOTVVaURGa28zYnFjdVBHUHE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAEMA8E
AgACMAkDBwAgAQZ4AAcwDQYJKoZIhvcNAQELBQADggEBAAuwWELo3ykR8r+9VF8W
Dl3OedIeO46JkolZHRKvXsM+NiBwhG585WUiAP1e1r/Kk1pxFpe5R4y3VzdqI6Ke
kl7gTja7opncyj6WMutuMpNuImuY9Ax+lIIHgKhu8sUoDWuAn0R5bjPikstto8hr
CD2rWnDHcjqOlAHk93s9zZJALVhxDCjJLhbHfJz7pfr76Tnp2J/sOmTvIry8zjPn
qjS4u+qtqzu+IN/DAf61i4Zy+EOOJst1exgeOiAWDerEaZMwwwSnXQu30APtLqss
Kr8E3qOjV29b6riRqiRqZ6cpqIog+6PGLXl8EQBC9CRzcPAk8vItYTdZAqoRlKu1
vKQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:29:48 2024 by rpki-client on console-ams.rpki-client.org