Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/dee7e1-cf51-43cb-ad36-7fae065b646a/1/D4bxiFs7fnTR6fWYIQ4hWqZyCQA.roa
File: D4bxiFs7fnTR6fWYIQ4hWqZyCQA.roa (raw, json)
Hash identifier: 86vNCDxLDp6s5us+c6YHA/x3ZmsX7HOLQlhxMvKiQyY=
Subject key identifier: 0F:86:F1:88:5B:3B:7E:74:D1:E9:F5:98:21:0E:21:5A:A6:72:09:00
Certificate issuer: /CN=32f047a34212872b0b1ff804ee022b02af75ffed
Certificate serial: 018EBCD5D6544787B47F81FFF70C6865A6B8
Authority key identifier: 32:F0:47:A3:42:12:87:2B:0B:1F:F8:04:EE:02:2B:02:AF:75:FF:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MvBHo0IShysLH_gE7gIrAq91_-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/dee7e1-cf51-43cb-ad36-7fae065b646a/1/D4bxiFs7fnTR6fWYIQ4hWqZyCQA.roa
Signing time: Mon 08 Apr 2024 08:31:54 +0000
ROA not before: Mon 08 Apr 2024 08:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11269
IP address blocks: 194.15.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/dee7e1-cf51-43cb-ad36-7fae065b646a/1/MvBHo0IShysLH_gE7gIrAq91_-0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/dee7e1-cf51-43cb-ad36-7fae065b646a/1/MvBHo0IShysLH_gE7gIrAq91_-0.mft
rsync://rpki.ripe.net/repository/DEFAULT/MvBHo0IShysLH_gE7gIrAq91_-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bc:d5:d6:54:47:87:b4:7f:81:ff:f7:0c:68:65:a6:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32f047a34212872b0b1ff804ee022b02af75ffed
Validity
Not Before: Apr 8 08:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f86f1885b3b7e74d1e9f598210e215aa6720900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f6:c7:5f:93:9e:67:70:f8:51:fe:de:ea:03:
af:ff:1e:5e:58:57:10:76:24:14:d6:ee:1a:b0:8c:
ce:0f:52:d9:ed:16:93:5b:b9:eb:03:42:f8:0a:7f:
34:bc:0c:34:29:d6:b8:b1:fd:a5:af:2e:79:de:21:
2e:6d:94:81:6f:f2:d5:6c:d1:21:51:aa:ac:24:5e:
8a:54:e7:40:81:6d:a7:26:7b:58:9b:1a:b1:fe:60:
65:4d:16:4c:e5:57:80:3d:c3:67:97:59:f0:7e:6d:
e4:5f:29:76:de:de:a9:d0:92:c8:41:28:88:4a:2b:
ff:f9:df:7a:1b:39:d4:3d:a6:f4:7e:19:1c:fe:59:
5c:63:90:fe:30:d5:5d:b2:56:96:e4:2a:62:a1:c0:
4d:44:d1:87:50:6d:38:bf:54:b6:0e:ba:3b:59:b1:
bb:60:aa:24:3b:56:98:37:a1:07:53:bc:b5:c7:c8:
22:b4:7a:54:74:c3:52:c3:ad:5e:0b:53:33:ab:01:
6b:23:ac:30:c9:23:45:a8:f1:51:ba:e8:77:1c:ad:
c1:97:82:34:13:f3:c3:49:51:1a:c9:61:7e:86:7b:
b8:21:bb:df:ef:04:c2:4f:0d:d6:65:1b:66:e7:c3:
ec:62:d9:9e:cc:bd:b0:1e:9d:3a:ad:41:94:d9:d3:
f0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:86:F1:88:5B:3B:7E:74:D1:E9:F5:98:21:0E:21:5A:A6:72:09:00
X509v3 Authority Key Identifier:
keyid:32:F0:47:A3:42:12:87:2B:0B:1F:F8:04:EE:02:2B:02:AF:75:FF:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MvBHo0IShysLH_gE7gIrAq91_-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/dee7e1-cf51-43cb-ad36-7fae065b646a/1/D4bxiFs7fnTR6fWYIQ4hWqZyCQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/dee7e1-cf51-43cb-ad36-7fae065b646a/1/MvBHo0IShysLH_gE7gIrAq91_-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.241.0/24
Signature Algorithm: sha256WithRSAEncryption
33:aa:94:3e:bd:2f:f8:31:83:43:50:9a:4f:6d:fc:3f:00:28:
b7:39:6f:9a:52:1d:65:54:2a:12:df:dd:f3:3c:d3:56:1d:04:
20:cd:8f:83:5a:7f:10:82:bd:1c:64:9d:11:a0:78:76:c7:73:
c7:c6:8a:03:fe:16:20:3b:a2:c8:67:34:e9:c9:b4:42:a5:0a:
3a:a1:a9:e3:16:f4:bc:9a:47:a7:60:71:0c:ef:96:77:14:39:
d5:5c:a4:44:f3:e5:40:40:6e:aa:6e:f4:a3:1e:ba:41:ce:30:
73:b2:10:48:17:d0:06:b5:2c:43:5c:d9:e8:c9:5b:9b:3b:66:
84:bf:c9:10:8c:8d:66:f5:cb:a3:24:fc:56:3c:a7:40:ec:4f:
68:09:ca:bd:f1:26:47:f9:65:5e:c0:0c:24:fe:72:bb:ab:31:
cf:07:e5:e7:a4:19:95:0d:8b:62:d8:55:77:a6:ef:b7:05:a0:
e8:65:28:ff:c4:f1:18:93:f0:ab:7e:65:83:7f:4a:22:6e:b8:
88:88:51:58:62:7f:11:fb:ae:05:78:35:aa:97:d5:1a:eb:b0:
f4:81:4b:ac:1b:3a:2a:bd:1f:36:97:64:ef:52:8d:eb:d1:13:
2e:ed:a8:46:99:a6:ce:20:f9:bf:77:4d:95:e5:c0:fa:65:b1:
dd:60:22:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY681dZUR4e0f4H/9wxoZaa4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZjA0N2EzNDIxMjg3MmIwYjFmZjgwNGVlMDIyYjAyYWY3
NWZmZWQwHhcNMjQwNDA4MDgzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjg2ZjE4ODViM2I3ZTc0ZDFlOWY1OTgyMTBlMjE1YWE2NzIwOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPbHX5OeZ3D4Uf7e6gOv/x5eWFcQ
diQU1u4asIzOD1LZ7RaTW7nrA0L4Cn80vAw0Kda4sf2lry553iEubZSBb/LVbNEh
UaqsJF6KVOdAgW2nJntYmxqx/mBlTRZM5VeAPcNnl1nwfm3kXyl23t6p0JLIQSiI
Siv/+d96GznUPab0fhkc/llcY5D+MNVdslaW5CpiocBNRNGHUG04v1S2Dro7WbG7
YKokO1aYN6EHU7y1x8gitHpUdMNSw61eC1MzqwFrI6wwySNFqPFRuuh3HK3Bl4I0
E/PDSVEayWF+hnu4Ibvf7wTCTw3WZRtm58PsYtmezL2wHp06rUGU2dPwKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA+G8YhbO3500en1mCEOIVqmcgkAMB8GA1UdIwQY
MBaAFDLwR6NCEocrCx/4BO4CKwKvdf/tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXZCSG8wSVNoeXNMSF9nRTdnSXJBcTkxXy0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9kZWU3ZTEtY2Y1MS00M2NiLWFkMzYt
N2ZhZTA2NWI2NDZhLzEvRDRieGlGczdmblRSNmZXWUlRNGhXcVp5Q1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9kZWU3ZTEtY2Y1MS00M2NiLWFkMzYtN2ZhZTA2NWI2NDZh
LzEvTXZCSG8wSVNoeXNMSF9nRTdnSXJBcTkxXy0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg/xMA0G
CSqGSIb3DQEBCwUAA4IBAQAzqpQ+vS/4MYNDUJpPbfw/ACi3OW+aUh1lVCoS393z
PNNWHQQgzY+DWn8Qgr0cZJ0RoHh2x3PHxooD/hYgO6LIZzTpybRCpQo6oanjFvS8
mkenYHEM75Z3FDnVXKRE8+VAQG6qbvSjHrpBzjBzshBIF9AGtSxDXNnoyVubO2aE
v8kQjI1m9cujJPxWPKdA7E9oCcq98SZH+WVewAwk/nK7qzHPB+XnpBmVDYti2FV3
pu+3BaDoZSj/xPEYk/CrfmWDf0oibriIiFFYYn8R+64FeDWql9Ua67D0gUusGzoq
vR82l2TvUo3r0RMu7ahGmabOIPm/d02V5cD6ZbHdYCId
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:43:50 2024 by rpki-client on console-fra.rpki-client.org