Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/n5eXbGkH_aw5CuhL68ZyMaGN1lk.roa
File: n5eXbGkH_aw5CuhL68ZyMaGN1lk.roa (raw, json)
Hash identifier: WLq282Jqhc+uAPUDeMFGUJGmnhv3DngBSxbKUoUKzj8=
Subject key identifier: 9F:97:97:6C:69:07:FD:AC:39:0A:E8:4B:EB:C6:72:31:A1:8D:D6:59
Certificate issuer: /CN=f4b9dd9e34fe66d75138903708f8ce1fbd342d64
Certificate serial: 018CC86EFB2303D11F229D9CD25B7473EDCD
Authority key identifier: F4:B9:DD:9E:34:FE:66:D7:51:38:90:37:08:F8:CE:1F:BD:34:2D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LndnjT-ZtdROJA3CPjOH700LWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/n5eXbGkH_aw5CuhL68ZyMaGN1lk.roa
Signing time: Tue 02 Jan 2024 04:29:25 +0000
ROA not before: Tue 02 Jan 2024 04:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35008
IP address blocks: 194.246.109.0/24 maxlen: 24
2001:67c:760::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/9LndnjT-ZtdROJA3CPjOH700LWQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/9LndnjT-ZtdROJA3CPjOH700LWQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LndnjT-ZtdROJA3CPjOH700LWQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:fb:23:03:d1:1f:22:9d:9c:d2:5b:74:73:ed:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9dd9e34fe66d75138903708f8ce1fbd342d64
Validity
Not Before: Jan 2 04:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9f97976c6907fdac390ae84bebc67231a18dd659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:96:f0:68:29:ce:24:0e:49:95:2b:eb:ce:f7:
3d:57:2b:20:c8:4e:02:86:e7:2b:f0:7d:c9:e1:d1:
d7:ab:4a:e8:ee:c3:a0:de:7d:a1:c1:e4:a5:38:51:
29:c7:86:1f:4e:c1:bd:b4:3a:6d:7d:a7:73:61:f5:
72:0e:64:1e:3d:35:97:fa:04:32:70:5e:6d:28:5d:
28:5f:62:c7:ad:fb:1f:e1:54:ba:32:c8:7a:95:f9:
8b:32:e7:db:37:0b:ab:81:2c:76:3e:c3:57:51:86:
7a:2d:e1:86:97:c8:d8:13:62:ad:24:b3:45:b8:b0:
0d:ca:d6:ae:9f:e9:3d:af:b4:83:c4:2e:91:8d:9b:
6f:83:77:fb:e2:16:f1:b6:04:3a:5d:42:5d:3b:df:
01:ff:e4:96:e2:c4:b0:b8:22:bd:11:a9:99:cf:3d:
87:50:a4:e2:06:fe:b9:bd:89:68:10:2f:00:a1:02:
22:0f:5d:f9:13:1e:ee:a3:43:e8:72:c6:cb:1c:14:
3f:4c:07:de:b7:25:c9:32:18:2b:47:c4:ff:ac:80:
8f:9d:8f:24:3c:ef:0a:68:57:5a:fc:f3:0c:b9:27:
0c:ce:51:2d:14:c9:11:db:22:79:5b:24:93:05:98:
ea:a9:3a:55:a7:66:31:f2:ba:89:90:e0:03:9f:ec:
0e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:97:97:6C:69:07:FD:AC:39:0A:E8:4B:EB:C6:72:31:A1:8D:D6:59
X509v3 Authority Key Identifier:
keyid:F4:B9:DD:9E:34:FE:66:D7:51:38:90:37:08:F8:CE:1F:BD:34:2D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LndnjT-ZtdROJA3CPjOH700LWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/n5eXbGkH_aw5CuhL68ZyMaGN1lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ecaf44-08cc-41bb-81d3-262bec717b17/1/9LndnjT-ZtdROJA3CPjOH700LWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.109.0/24
IPv6:
2001:67c:760::/48
Signature Algorithm: sha256WithRSAEncryption
a7:95:6d:48:44:78:f5:05:0f:94:80:65:47:cd:40:48:00:3c:
0c:fa:dc:18:2b:b4:78:d4:74:61:35:fb:a2:d7:20:3e:1a:88:
e5:82:34:a1:fa:75:3b:7d:79:3e:0f:5e:6f:b3:6e:3f:8a:56:
4a:f6:60:44:20:3a:3d:fa:aa:41:e8:e6:c9:b1:30:02:5c:4e:
98:37:07:e2:87:39:22:00:02:30:e8:28:c6:76:87:5c:e7:cc:
cf:4c:aa:ec:d9:d3:63:be:fb:e0:e8:89:4b:b5:46:ff:ee:58:
df:ac:c6:2a:10:39:8c:15:79:51:b3:4e:56:5c:fa:97:17:fb:
81:8b:34:fb:61:4b:e6:11:24:2c:ae:f5:e9:39:22:1e:68:61:
03:f0:6e:30:cb:5a:c0:b1:61:46:a1:fe:6e:04:c7:c3:90:23:
32:64:35:37:08:75:24:6e:a1:4c:d4:ac:cb:d0:b1:f1:e9:4d:
b6:f8:99:8e:be:52:1a:1b:04:52:e0:e5:1b:44:0a:b8:6c:7f:
0b:55:20:9c:34:43:46:de:6f:fb:0b:79:c9:1c:1c:a8:6e:37:
80:da:15:ab:d3:33:d7:95:75:f0:fc:dd:d4:17:7c:d9:3e:cf:
b6:4a:78:04:99:2d:4a:8a:65:61:f0:86:c9:b8:90:8b:e0:32:
d0:49:14:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIbvsjA9EfIp2c0lt0c+3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjlkZDllMzRmZTY2ZDc1MTM4OTAzNzA4ZjhjZTFmYmQz
NDJkNjQwHhcNMjQwMTAyMDQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjk3OTc2YzY5MDdmZGFjMzkwYWU4NGJlYmM2NzIzMWExOGRkNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppbwaCnOJA5JlSvrzvc9VysgyE4C
hucr8H3J4dHXq0ro7sOg3n2hweSlOFEpx4YfTsG9tDptfadzYfVyDmQePTWX+gQy
cF5tKF0oX2LHrfsf4VS6Msh6lfmLMufbNwurgSx2PsNXUYZ6LeGGl8jYE2KtJLNF
uLANytaun+k9r7SDxC6RjZtvg3f74hbxtgQ6XUJdO98B/+SW4sSwuCK9EamZzz2H
UKTiBv65vYloEC8AoQIiD135Ex7uo0PocsbLHBQ/TAfetyXJMhgrR8T/rICPnY8k
PO8KaFda/PMMuScMzlEtFMkR2yJ5WySTBZjqqTpVp2Yx8rqJkOADn+wOrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ+Xl2xpB/2sOQroS+vGcjGhjdZZMB8GA1UdIwQY
MBaAFPS53Z40/mbXUTiQNwj4zh+9NC1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxuZG5qVC1adGRST0pBM0NQak9INzAwTFdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lY2FmNDQtMDhjYy00MWJiLTgxZDMt
MjYyYmVjNzE3YjE3LzEvbjVlWGJHa0hfYXc1Q3VoTDY4WnlNYUdOMWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lY2FmNDQtMDhjYy00MWJiLTgxZDMtMjYyYmVjNzE3YjE3
LzEvOUxuZG5qVC1adGRST0pBM0NQak9INzAwTFdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwvZtMA8E
AgACMAkDBwAgAQZ8B2AwDQYJKoZIhvcNAQELBQADggEBAKeVbUhEePUFD5SAZUfN
QEgAPAz63BgrtHjUdGE1+6LXID4aiOWCNKH6dTt9eT4PXm+zbj+KVkr2YEQgOj36
qkHo5smxMAJcTpg3B+KHOSIAAjDoKMZ2h1znzM9MquzZ02O+++DoiUu1Rv/uWN+s
xioQOYwVeVGzTlZc+pcX+4GLNPthS+YRJCyu9ek5Ih5oYQPwbjDLWsCxYUah/m4E
x8OQIzJkNTcIdSRuoUzUrMvQsfHpTbb4mY6+UhobBFLg5RtECrhsfwtVIJw0Q0be
b/sLeckcHKhuN4DaFavTM9eVdfD83dQXfNk+z7ZKeASZLUqKZWHwhsm4kIvgMtBJ
FIQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:16 2024 by rpki-client on console-fra.rpki-client.org