Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/P6maaB14uj_2MhPHvoYR5mLgExo.roa
File: P6maaB14uj_2MhPHvoYR5mLgExo.roa (raw, json)
Hash identifier: WsQJToEfp5tWgII+VRVWKNUMeFCQt85a+oCgB+gM/P0=
Subject key identifier: 3F:A9:9A:68:1D:78:BA:3F:F6:32:13:C7:BE:86:11:E6:62:E0:13:1A
Certificate issuer: /CN=f16090c5f6233cbaeaf319dcfae692a956eea102
Certificate serial: 018CC348DB27DF6D4FFBB955AA85AACE131A
Authority key identifier: F1:60:90:C5:F6:23:3C:BA:EA:F3:19:DC:FA:E6:92:A9:56:EE:A1:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8WCQxfYjPLrq8xnc-uaSqVbuoQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/P6maaB14uj_2MhPHvoYR5mLgExo.roa
Signing time: Mon 01 Jan 2024 04:29:40 +0000
ROA not before: Mon 01 Jan 2024 04:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210206
IP address blocks: 194.5.4.0/22 maxlen: 24
2a0d:7ac0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/8WCQxfYjPLrq8xnc-uaSqVbuoQI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/8WCQxfYjPLrq8xnc-uaSqVbuoQI.mft
rsync://rpki.ripe.net/repository/DEFAULT/8WCQxfYjPLrq8xnc-uaSqVbuoQI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:db:27:df:6d:4f:fb:b9:55:aa:85:aa:ce:13:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f16090c5f6233cbaeaf319dcfae692a956eea102
Validity
Not Before: Jan 1 04:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fa99a681d78ba3ff63213c7be8611e662e0131a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:50:df:90:fa:73:a3:fc:35:50:f4:21:df:d4:
0e:01:6c:a8:e9:4f:be:f2:ae:ed:77:89:0c:b0:50:
4b:03:c1:d2:e7:c9:31:eb:6e:95:88:9f:d9:b8:f1:
8b:d4:e4:cf:42:9c:9a:46:e5:0d:b9:61:3e:ec:19:
41:db:05:29:cb:f8:d3:25:8d:bc:de:73:9f:a6:9c:
ca:61:ad:2a:e9:e4:21:79:f8:9c:40:ff:5a:bb:bf:
fe:ba:e7:40:10:e1:b8:ba:a9:ea:24:d4:d9:32:fb:
d5:ad:11:9f:5e:21:f4:0e:0e:86:02:6c:b1:3d:ee:
f7:2c:c0:45:c2:1f:01:26:54:60:6e:ee:62:c5:11:
35:b1:94:ce:d9:e8:23:b2:c0:b7:76:8b:bb:33:88:
9b:61:61:83:84:1a:f0:ee:21:f8:a5:1d:74:0d:50:
af:0e:bd:f4:3b:7e:cd:d7:35:00:08:c9:4f:f0:16:
64:2b:20:52:1e:9a:3a:93:06:a7:a6:ec:69:68:47:
31:18:47:e7:1f:df:f6:d1:d4:7f:c2:51:07:83:8e:
be:18:ba:1e:97:5b:e7:b7:3e:5e:6f:87:b5:7c:f8:
20:80:f1:9a:e2:23:cc:e7:e1:0a:64:34:e4:fe:62:
87:6e:85:59:8a:bd:78:21:77:2a:87:59:af:17:bd:
7f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A9:9A:68:1D:78:BA:3F:F6:32:13:C7:BE:86:11:E6:62:E0:13:1A
X509v3 Authority Key Identifier:
keyid:F1:60:90:C5:F6:23:3C:BA:EA:F3:19:DC:FA:E6:92:A9:56:EE:A1:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8WCQxfYjPLrq8xnc-uaSqVbuoQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/P6maaB14uj_2MhPHvoYR5mLgExo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/cbac08-c11e-4806-a2fd-7c88c4e04f91/1/8WCQxfYjPLrq8xnc-uaSqVbuoQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.4.0/22
IPv6:
2a0d:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:74:3c:15:f9:b5:af:48:cd:40:b4:b2:33:a5:b6:07:a3:a4:
be:87:bf:8d:79:92:b2:5f:7c:8b:75:2c:50:78:d5:08:c3:6c:
21:1e:21:b7:e9:bb:26:6a:0f:e1:f7:10:7b:3b:4a:63:0a:53:
11:df:25:b4:a7:8e:6b:74:8e:40:a0:42:46:52:46:7c:42:85:
8b:1d:8d:18:7c:b7:43:f8:9d:ac:32:b4:22:59:09:09:6d:e9:
4e:5a:e6:53:6c:68:56:16:1e:81:81:99:23:93:01:a4:6c:e0:
81:c5:d1:21:49:9b:67:9e:7e:b9:e3:0a:0e:b0:c8:c1:a7:8e:
14:77:7d:69:e4:0f:b8:78:66:fa:53:0f:7d:a2:1b:87:c5:d0:
ff:2a:52:85:01:c5:ef:c2:71:41:d5:d8:e5:3d:6b:fd:9e:f4:
87:cc:f0:49:c5:53:5e:58:f3:ef:7a:9f:63:a4:d8:d3:75:b6:
d1:9f:4a:f8:c0:04:e7:68:2e:39:32:96:46:fe:10:84:e9:42:
76:4c:23:5a:ad:4e:f7:80:dd:cd:e4:04:14:47:4c:bd:74:f4:
e1:65:42:0e:53:d2:73:f6:61:1f:59:e7:c1:59:51:59:ef:1c:
68:f3:09:de:39:7f:e9:9b:6c:94:71:b8:6a:bd:3b:65:c6:93:
7d:4d:3d:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSNsn321P+7lVqoWqzhMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNjA5MGM1ZjYyMzNjYmFlYWYzMTlkY2ZhZTY5MmE5NTZl
ZWExMDIwHhcNMjQwMTAxMDQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmE5OWE2ODFkNzhiYTNmZjYzMjEzYzdiZTg2MTFlNjYyZTAxMzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplDfkPpzo/w1UPQh39QOAWyo6U++
8q7td4kMsFBLA8HS58kx626ViJ/ZuPGL1OTPQpyaRuUNuWE+7BlB2wUpy/jTJY28
3nOfppzKYa0q6eQheficQP9au7/+uudAEOG4uqnqJNTZMvvVrRGfXiH0Dg6GAmyx
Pe73LMBFwh8BJlRgbu5ixRE1sZTO2egjssC3dou7M4ibYWGDhBrw7iH4pR10DVCv
Dr30O37N1zUACMlP8BZkKyBSHpo6kwanpuxpaEcxGEfnH9/20dR/wlEHg46+GLoe
l1vntz5eb4e1fPgggPGa4iPM5+EKZDTk/mKHboVZir14IXcqh1mvF71/cwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD+pmmgdeLo/9jITx76GEeZi4BMaMB8GA1UdIwQY
MBaAFPFgkMX2Izy66vMZ3PrmkqlW7qECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFdDUXhmWWpQTHJxOHhuYy11YVNxVmJ1b1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jYmFjMDgtYzExZS00ODA2LWEyZmQt
N2M4OGM0ZTA0ZjkxLzEvUDZtYWFCMTR1al8yTWhQSHZvWVI1bUxnRXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jYmFjMDgtYzExZS00ODA2LWEyZmQtN2M4OGM0ZTA0Zjkx
LzEvOFdDUXhmWWpQTHJxOHhuYy11YVNxVmJ1b1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwgUEMA0E
AgACMAcDBQMqDXrAMA0GCSqGSIb3DQEBCwUAA4IBAQC3dDwV+bWvSM1AtLIzpbYH
o6S+h7+NeZKyX3yLdSxQeNUIw2whHiG36bsmag/h9xB7O0pjClMR3yW0p45rdI5A
oEJGUkZ8QoWLHY0YfLdD+J2sMrQiWQkJbelOWuZTbGhWFh6BgZkjkwGkbOCBxdEh
SZtnnn654woOsMjBp44Ud31p5A+4eGb6Uw99ohuHxdD/KlKFAcXvwnFB1djlPWv9
nvSHzPBJxVNeWPPvep9jpNjTdbbRn0r4wATnaC45MpZG/hCE6UJ2TCNarU73gN3N
5AQUR0y9dPThZUIOU9Jz9mEfWefBWVFZ7xxo8wneOX/pm2yUcbhqvTtlxpN9TT1q
-----END CERTIFICATE-----
Generated at Thu May 23 07:44:38 2024 by rpki-client on console-ams.rpki-client.org