Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/DqwslfxNxkJf3D6Iz33UZe9WvGU.roa
File: DqwslfxNxkJf3D6Iz33UZe9WvGU.roa (raw, json)
Hash identifier: AeVzZIbXNRbxbFA5orZKt4/2eKp7JTNT9axy4N1vS1M=
Subject key identifier: 0E:AC:2C:95:FC:4D:C6:42:5F:DC:3E:88:CF:7D:D4:65:EF:56:BC:65
Certificate issuer: /CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
Certificate serial: 018D277BA72E711F09E4B91EB9ACDE872867
Authority key identifier: DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/DqwslfxNxkJf3D6Iz33UZe9WvGU.roa
Signing time: Sat 20 Jan 2024 15:27:11 +0000
ROA not before: Sat 20 Jan 2024 15:27:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215756
IP address blocks: 194.1.176.0/24 maxlen: 24
2001:678:8cc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/3l5sIzCRG8HcjIPUEe9rEgizu9Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/3l5sIzCRG8HcjIPUEe9rEgizu9Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:27:7b:a7:2e:71:1f:09:e4:b9:1e:b9:ac:de:87:28:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de5e6c2330911bc1dc8c83d411ef6b1208b3bbd6
Validity
Not Before: Jan 20 15:27:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0eac2c95fc4dc6425fdc3e88cf7dd465ef56bc65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:4a:8c:a3:24:05:11:b1:f4:6d:4f:5d:f8:74:
fa:1d:6e:cd:86:7a:f6:d2:a3:20:64:8b:dc:ce:03:
33:1b:b8:4a:1d:b9:93:73:04:60:85:66:c3:fb:c2:
cb:4e:55:b3:1b:07:56:6e:4f:1d:3d:fd:17:76:a0:
38:f3:68:03:af:cb:50:9e:8d:36:d2:c3:fc:79:fc:
99:69:81:f7:c8:f5:2d:c3:de:41:94:c5:b0:cc:89:
ea:69:fd:f8:61:30:2f:5b:e3:39:ce:fc:3d:32:90:
4d:3f:6c:6a:49:b6:d2:82:36:e2:c3:2c:73:d2:d3:
e1:9f:74:66:84:49:52:f4:2b:21:7a:71:87:a4:b6:
3b:4a:39:04:ae:40:99:f6:70:4e:d9:47:31:ae:84:
88:d5:eb:67:90:d0:9c:0b:65:13:b4:b2:0d:5a:06:
90:c0:2c:c1:61:d7:04:17:3a:60:43:b8:0e:8a:7b:
68:13:3e:f7:be:0a:82:6e:33:ee:94:5c:09:e7:89:
c4:d2:1c:91:49:5b:bf:ca:d2:c1:f9:21:86:bc:7a:
64:b0:b0:72:c6:05:a0:5b:66:0b:4a:9c:64:ba:1b:
ff:a9:6d:22:47:ca:36:a9:34:69:1d:28:07:3c:0a:
5f:ab:6a:bd:53:e0:5b:dc:8d:e6:66:f1:96:82:3a:
cd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AC:2C:95:FC:4D:C6:42:5F:DC:3E:88:CF:7D:D4:65:EF:56:BC:65
X509v3 Authority Key Identifier:
keyid:DE:5E:6C:23:30:91:1B:C1:DC:8C:83:D4:11:EF:6B:12:08:B3:BB:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3l5sIzCRG8HcjIPUEe9rEgizu9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/DqwslfxNxkJf3D6Iz33UZe9WvGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/de9d72-fcd4-4c7c-89ca-de4ba786f872/1/3l5sIzCRG8HcjIPUEe9rEgizu9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.1.176.0/24
IPv6:
2001:678:8cc::/48
Signature Algorithm: sha256WithRSAEncryption
a8:77:9e:b8:43:f6:2d:1f:90:29:d9:da:49:cf:a9:f3:2d:f5:
db:c9:b8:77:b5:58:7d:bc:ea:41:3a:6a:43:1e:ac:c6:23:77:
20:e0:ca:27:d8:a0:41:6a:a9:4c:e8:c9:52:9c:4d:f5:35:e5:
6c:52:8a:48:52:fa:3e:d7:fc:93:29:0a:e3:a3:4b:e4:37:9b:
2a:1f:9e:07:17:c9:20:cc:d0:33:71:aa:2d:6a:20:e2:98:26:
50:9f:b3:ba:cd:f0:f7:df:a5:23:59:f8:1b:3e:e7:20:25:f5:
36:44:7e:77:74:d3:44:4b:77:e2:4e:94:93:49:eb:1d:13:56:
3d:5c:43:c5:ad:db:05:98:4e:40:b0:37:b1:53:34:c9:d6:ed:
f4:01:ee:ed:ee:11:db:10:99:31:47:50:ef:5f:f9:4e:f0:8f:
c7:71:86:8f:d1:c3:96:af:7a:48:83:56:1d:49:58:6c:4d:69:
6e:3f:10:41:9e:9b:1f:ee:01:41:3e:57:85:4d:07:74:e2:03:
a9:8b:25:e1:f2:d8:56:43:ac:4b:89:2d:f3:a4:3f:a3:f9:e5:
f4:bc:69:32:86:c7:7f:4c:bd:c6:f4:5f:53:37:99:fb:19:01:
61:83:47:de:13:bb:44:06:07:9e:33:0d:18:69:8b:f1:c7:72:
63:90:60:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0ne6cucR8J5LkeuazehyhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNWU2YzIzMzA5MTFiYzFkYzhjODNkNDExZWY2YjEyMDhi
M2JiZDYwHhcNMjQwMTIwMTUyNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWFjMmM5NWZjNGRjNjQyNWZkYzNlODhjZjdkZDQ2NWVmNTZiYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30qMoyQFEbH0bU9d+HT6HW7Nhnr2
0qMgZIvczgMzG7hKHbmTcwRghWbD+8LLTlWzGwdWbk8dPf0XdqA482gDr8tQno02
0sP8efyZaYH3yPUtw95BlMWwzInqaf34YTAvW+M5zvw9MpBNP2xqSbbSgjbiwyxz
0tPhn3RmhElS9CshenGHpLY7SjkErkCZ9nBO2UcxroSI1etnkNCcC2UTtLINWgaQ
wCzBYdcEFzpgQ7gOintoEz73vgqCbjPulFwJ54nE0hyRSVu/ytLB+SGGvHpksLBy
xgWgW2YLSpxkuhv/qW0iR8o2qTRpHSgHPApfq2q9U+Bb3I3mZvGWgjrNzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA6sLJX8TcZCX9w+iM991GXvVrxlMB8GA1UdIwQY
MBaAFN5ebCMwkRvB3IyD1BHvaxIIs7vWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2w1c0l6Q1JHOEhjaklQVUVlOXJFZ2l6dTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9kZTlkNzItZmNkNC00YzdjLTg5Y2Et
ZGU0YmE3ODZmODcyLzEvRHF3c2xmeE54a0pmM0Q2SXozM1VaZTlXdkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9kZTlkNzItZmNkNC00YzdjLTg5Y2EtZGU0YmE3ODZmODcy
LzEvM2w1c0l6Q1JHOEhjaklQVUVlOXJFZ2l6dTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgGwMA8E
AgACMAkDBwAgAQZ4CMwwDQYJKoZIhvcNAQELBQADggEBAKh3nrhD9i0fkCnZ2knP
qfMt9dvJuHe1WH286kE6akMerMYjdyDgyifYoEFqqUzoyVKcTfU15WxSikhS+j7X
/JMpCuOjS+Q3myofngcXySDM0DNxqi1qIOKYJlCfs7rN8PffpSNZ+Bs+5yAl9TZE
fnd000RLd+JOlJNJ6x0TVj1cQ8Wt2wWYTkCwN7FTNMnW7fQB7u3uEdsQmTFHUO9f
+U7wj8dxho/Rw5avekiDVh1JWGxNaW4/EEGemx/uAUE+V4VNB3TiA6mLJeHy2FZD
rEuJLfOkP6P55fS8aTKGx39Mvcb0X1M3mfsZAWGDR94Tu0QGB54zDRhpi/HHcmOQ
YJ4=
-----END CERTIFICATE-----
Generated at Sun May 19 20:29:51 2024 by rpki-client on console-fra.rpki-client.org