Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/CE410YHTiWjpclgoum6jlenan3w.roa
File: CE410YHTiWjpclgoum6jlenan3w.roa (raw, json)
Hash identifier: X0KYcA07Prq2R9kOClIRDqCiv6ZocQY8cg9oSka7f9Y=
Subject key identifier: 08:4E:35:D1:81:D3:89:68:E9:72:58:28:BA:6E:A3:95:E9:DA:9F:7C
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018D6EA977CC301E35F5001736C168570CE1
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/CE410YHTiWjpclgoum6jlenan3w.roa
Signing time: Sat 03 Feb 2024 11:10:16 +0000
ROA not before: Sat 03 Feb 2024 11:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211120
IP address blocks: 193.3.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6e:a9:77:cc:30:1e:35:f5:00:17:36:c1:68:57:0c:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Feb 3 11:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=084e35d181d38968e9725828ba6ea395e9da9f7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:19:61:fc:1c:96:72:ce:2d:71:61:b5:9c:8f:
68:bc:1b:0d:ac:94:ad:61:a6:0c:11:c1:b2:78:72:
d6:9e:71:83:a0:59:0e:1d:3e:92:45:96:5f:90:7d:
e5:87:ee:06:3f:5a:b0:79:a8:4a:f2:c4:52:d0:46:
9c:64:75:19:34:11:e5:f9:1a:7b:c7:41:80:16:a1:
33:9b:d9:c0:95:64:44:b8:90:5c:81:5b:0c:eb:14:
e3:4e:70:18:21:a6:94:5c:f3:a9:32:ba:fa:be:f4:
f8:b7:22:0a:5e:3b:22:95:a6:7c:60:30:a8:75:ee:
d3:8a:6b:08:32:f5:f0:99:f8:83:45:d3:95:71:6a:
ed:02:57:c6:4c:d5:5a:73:02:73:f9:ac:ab:15:29:
3d:41:0f:f5:bf:3a:b8:a4:83:6e:13:3d:e5:50:19:
07:19:3a:61:49:aa:75:04:e2:14:df:6c:9b:4e:27:
89:2f:4e:2f:50:7f:d2:fe:53:e8:b7:b4:30:44:3c:
21:c8:d8:5f:9c:40:b4:a6:97:33:ab:fd:4a:ed:90:
02:fe:12:6c:dd:38:2d:b2:23:15:46:09:67:32:ce:
e5:50:97:63:d8:23:97:44:eb:99:be:41:9b:03:3f:
55:b8:a2:f4:97:22:f0:9e:83:bf:fd:7a:d3:03:70:
5c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4E:35:D1:81:D3:89:68:E9:72:58:28:BA:6E:A3:95:E9:DA:9F:7C
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/CE410YHTiWjpclgoum6jlenan3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.44.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:c8:92:d6:15:a0:cf:1d:b7:df:7d:05:a4:29:e0:85:6f:a0:
d7:f5:f2:19:7d:80:98:2b:9a:53:ee:4b:19:85:f3:05:9f:c2:
95:af:38:8b:12:80:e7:d6:c7:63:e4:3b:d5:69:9e:70:45:09:
59:be:d2:1c:8b:51:fe:34:6f:ab:34:85:7f:2f:a7:cb:6a:89:
fd:4d:35:13:4e:bb:76:ab:69:48:5c:c8:b5:53:9b:03:30:10:
94:73:a3:93:79:82:21:9b:f5:34:72:1d:3c:87:f1:1c:d7:f0:
d2:36:ef:6e:2c:2b:8a:8b:1a:d7:84:b0:65:a3:25:e7:fe:f0:
8b:02:20:29:36:bb:a9:6d:12:0a:a8:2e:c2:ed:8f:26:43:05:
43:a6:f3:6c:18:8b:06:e3:8a:3d:b2:52:23:4a:cb:b6:5d:f1:
33:b4:17:33:8a:ab:29:08:e7:ce:08:22:3e:15:ed:12:0c:c9:
a4:1b:20:c2:68:27:eb:bc:6e:1a:97:d6:a3:47:d3:b5:3b:23:
e1:f5:5b:3b:03:5c:b1:73:c4:8e:84:20:b7:db:7b:d3:07:df:
a5:18:1b:e3:1a:af:90:91:d7:3e:0b:f8:a0:6a:1a:d0:36:cb:
f6:ef:62:6b:10:12:7e:46:40:49:44:27:63:d7:10:e5:8b:85:
7e:a1:9f:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1uqXfMMB419QAXNsFoVwzhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwMjAzMTExMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRlMzVkMTgxZDM4OTY4ZTk3MjU4MjhiYTZlYTM5NWU5ZGE5ZjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRlh/ByWcs4tcWG1nI9ovBsNrJSt
YaYMEcGyeHLWnnGDoFkOHT6SRZZfkH3lh+4GP1qweahK8sRS0EacZHUZNBHl+Rp7
x0GAFqEzm9nAlWREuJBcgVsM6xTjTnAYIaaUXPOpMrr6vvT4tyIKXjsilaZ8YDCo
de7TimsIMvXwmfiDRdOVcWrtAlfGTNVacwJz+ayrFSk9QQ/1vzq4pINuEz3lUBkH
GTphSap1BOIU32ybTieJL04vUH/S/lPot7QwRDwhyNhfnEC0ppczq/1K7ZAC/hJs
3TgtsiMVRglnMs7lUJdj2COXROuZvkGbAz9VuKL0lyLwnoO//XrTA3BcXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhONdGB04lo6XJYKLpuo5Xp2p98MB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvQ0U0MTBZSFRpV2pwY2xnb3VtNmpsZW5hbjN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCcyJLWFaDPHbfffQWkKeCFb6DX9fIZfYCYK5pT7ksZ
hfMFn8KVrziLEoDn1sdj5DvVaZ5wRQlZvtIci1H+NG+rNIV/L6fLaon9TTUTTrt2
q2lIXMi1U5sDMBCUc6OTeYIhm/U0ch08h/Ec1/DSNu9uLCuKixrXhLBloyXn/vCL
AiApNrupbRIKqC7C7Y8mQwVDpvNsGIsG44o9slIjSsu2XfEztBcziqspCOfOCCI+
Fe0SDMmkGyDCaCfrvG4al9ajR9O1OyPh9Vs7A1yxc8SOhCC323vTB9+lGBvjGq+Q
kdc+C/igahrQNsv272JrEBJ+RkBJRCdj1xDli4V+oZ/r
-----END CERTIFICATE-----
Generated at Thu May 2 18:21:51 2024 by rpki-client on console-fra.rpki-client.org