Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/DPhrUM1TbIB6GmoUneMVJxfY4Rc.roa
File: DPhrUM1TbIB6GmoUneMVJxfY4Rc.roa (raw, json)
Hash identifier: epTRwkyF270C9lvVTe1iu8D4nlc7KWCgYDMpInUn8oU=
Subject key identifier: 0C:F8:6B:50:CD:53:6C:80:7A:1A:6A:14:9D:E3:15:27:17:D8:E1:17
Certificate issuer: /CN=c340909aec320a8c2ee1cabce1302cbb7d4e0486
Certificate serial: 018CC6B8CDD6E0DEC0B6D87F1F4E29181850
Authority key identifier: C3:40:90:9A:EC:32:0A:8C:2E:E1:CA:BC:E1:30:2C:BB:7D:4E:04:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w0CQmuwyCowu4cq84TAsu31OBIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/DPhrUM1TbIB6GmoUneMVJxfY4Rc.roa
Signing time: Mon 01 Jan 2024 20:30:49 +0000
ROA not before: Mon 01 Jan 2024 20:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8220
IP address blocks: 194.0.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/w0CQmuwyCowu4cq84TAsu31OBIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/w0CQmuwyCowu4cq84TAsu31OBIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/w0CQmuwyCowu4cq84TAsu31OBIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:cd:d6:e0:de:c0:b6:d8:7f:1f:4e:29:18:18:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c340909aec320a8c2ee1cabce1302cbb7d4e0486
Validity
Not Before: Jan 1 20:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cf86b50cd536c807a1a6a149de3152717d8e117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1b:ab:f6:b1:7f:ab:d5:58:ec:97:d9:33:a2:
63:a9:fa:7c:74:17:29:55:59:a7:d1:1a:f3:a2:ac:
20:be:82:32:03:60:70:16:11:8f:0d:23:15:98:3d:
37:e0:5e:c7:23:03:15:53:66:4f:bf:e8:7c:b9:4c:
37:83:f9:ec:90:ea:c1:76:81:50:36:26:5b:62:25:
f9:92:06:32:03:76:4f:66:31:d0:5c:ec:f9:12:55:
43:55:8e:13:ac:17:55:ae:17:95:2d:6c:f5:a0:48:
ab:f8:84:7e:54:a1:27:ff:6d:dc:d1:e1:71:a3:44:
87:c9:21:6a:88:ca:ca:76:c1:34:c5:12:6c:da:c4:
78:ae:2c:04:b8:21:21:2b:21:fe:dc:4b:84:4f:d0:
32:85:7a:37:3f:b9:08:c8:9e:33:3c:ce:3e:24:6e:
48:cd:89:ea:1f:f9:30:f9:d7:35:fc:36:29:11:0c:
35:1f:9c:2d:01:03:40:e9:62:77:a2:ea:6e:19:2c:
a6:36:d3:ad:40:40:5e:4c:e1:90:34:cc:65:d3:e9:
a8:1d:ff:31:df:84:d6:dd:b0:b3:77:26:2d:bb:60:
b9:f9:1b:f9:07:26:31:9f:e1:a9:46:dd:e6:c6:0e:
9d:d5:71:8d:77:20:6b:f1:8b:15:b6:49:81:7d:c7:
72:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F8:6B:50:CD:53:6C:80:7A:1A:6A:14:9D:E3:15:27:17:D8:E1:17
X509v3 Authority Key Identifier:
keyid:C3:40:90:9A:EC:32:0A:8C:2E:E1:CA:BC:E1:30:2C:BB:7D:4E:04:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w0CQmuwyCowu4cq84TAsu31OBIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/DPhrUM1TbIB6GmoUneMVJxfY4Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/50b205-8f21-46f5-a3f6-bca0a8f2f78c/1/w0CQmuwyCowu4cq84TAsu31OBIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.195.0/24
Signature Algorithm: sha256WithRSAEncryption
86:d8:dc:9c:02:75:dd:94:ac:8b:e7:f2:d0:da:e4:7c:1e:1e:
51:59:57:0c:1b:91:75:56:5e:04:b7:2f:81:e2:cb:88:f8:71:
70:83:b0:a4:13:a4:9a:5b:a6:9b:8f:6e:5e:6b:a7:54:68:7d:
be:b0:95:31:c6:11:52:d7:51:4d:d1:48:31:a7:84:77:e1:10:
e3:08:54:6d:77:a6:18:a2:16:3a:49:4f:bf:9f:22:cb:79:70:
76:d7:5e:22:0f:c7:53:d1:2c:36:a9:6f:b4:52:2f:1d:f0:a0:
b5:0b:7a:58:cc:4c:8e:a6:3d:4e:bc:c8:a5:4a:1f:74:25:79:
67:e3:c0:31:e9:58:97:37:98:ca:49:c1:06:7a:f6:88:8d:05:
5f:07:dc:2b:06:81:d2:a2:12:62:0d:01:db:1c:96:3d:af:1e:
53:ec:c1:fe:7f:89:f5:96:68:ca:60:d5:2e:80:1d:f2:86:63:
d8:ae:9a:b2:e3:72:89:6d:ec:64:51:fb:58:0b:26:ee:4c:91:
3a:32:8e:1d:f0:e9:cf:92:05:cc:ce:6b:a0:74:14:f2:67:13:
5c:3e:0f:5a:bf:3d:68:ce:24:c7:e9:4a:83:88:55:13:6d:6f:
41:a2:78:d2:3d:2f:b6:42:4f:97:b4:c0:8f:e9:80:4a:33:7c:
5c:25:cb:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuM3W4N7Atth/H04pGBhQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNDA5MDlhZWMzMjBhOGMyZWUxY2FiY2UxMzAyY2JiN2Q0
ZTA0ODYwHhcNMjQwMTAxMjAzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2Y4NmI1MGNkNTM2YzgwN2ExYTZhMTQ5ZGUzMTUyNzE3ZDhlMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBur9rF/q9VY7JfZM6Jjqfp8dBcp
VVmn0RrzoqwgvoIyA2BwFhGPDSMVmD034F7HIwMVU2ZPv+h8uUw3g/nskOrBdoFQ
NiZbYiX5kgYyA3ZPZjHQXOz5ElVDVY4TrBdVrheVLWz1oEir+IR+VKEn/23c0eFx
o0SHySFqiMrKdsE0xRJs2sR4riwEuCEhKyH+3EuET9AyhXo3P7kIyJ4zPM4+JG5I
zYnqH/kw+dc1/DYpEQw1H5wtAQNA6WJ3oupuGSymNtOtQEBeTOGQNMxl0+moHf8x
34TW3bCzdyYtu2C5+Rv5ByYxn+GpRt3mxg6d1XGNdyBr8YsVtkmBfcdyzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAz4a1DNU2yAehpqFJ3jFScX2OEXMB8GA1UdIwQY
MBaAFMNAkJrsMgqMLuHKvOEwLLt9TgSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzBDUW11d3lDb3d1NGNxODRUQXN1MzFPQklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MGIyMDUtOGYyMS00NmY1LWEzZjYt
YmNhMGE4ZjJmNzhjLzEvRFBoclVNMVRiSUI2R21vVW5lTVZKeGZZNFJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MGIyMDUtOGYyMS00NmY1LWEzZjYtYmNhMGE4ZjJmNzhj
LzEvdzBDUW11d3lDb3d1NGNxODRUQXN1MzFPQklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDDMA0G
CSqGSIb3DQEBCwUAA4IBAQCG2NycAnXdlKyL5/LQ2uR8Hh5RWVcMG5F1Vl4Ety+B
4suI+HFwg7CkE6SaW6abj25ea6dUaH2+sJUxxhFS11FN0Ugxp4R34RDjCFRtd6YY
ohY6SU+/nyLLeXB2114iD8dT0Sw2qW+0Ui8d8KC1C3pYzEyOpj1OvMilSh90JXln
48Ax6ViXN5jKScEGevaIjQVfB9wrBoHSohJiDQHbHJY9rx5T7MH+f4n1lmjKYNUu
gB3yhmPYrpqy43KJbexkUftYCybuTJE6Mo4d8OnPkgXMzmugdBTyZxNcPg9avz1o
ziTH6UqDiFUTbW9BonjSPS+2Qk+XtMCP6YBKM3xcJcuY
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:20:46 2024 by rpki-client on console-ams.rpki-client.org