Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/RycV49rX90Et0Y2iDDfrXugVtL0.roa
File: RycV49rX90Et0Y2iDDfrXugVtL0.roa (raw, json)
Hash identifier: E/yq0WYOr+P4EEe4vQVRf1WSYaREKrp0ptgB4tc1NzY=
Subject key identifier: 47:27:15:E3:DA:D7:F7:41:2D:D1:8D:A2:0C:37:EB:5E:E8:15:B4:BD
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018CC2DAE83DD0EC355CBBC0C44AC0ACD84F
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/RycV49rX90Et0Y2iDDfrXugVtL0.roa
Signing time: Mon 01 Jan 2024 02:29:35 +0000
ROA not before: Mon 01 Jan 2024 02:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216136
IP address blocks: 194.31.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e8:3d:d0:ec:35:5c:bb:c0:c4:4a:c0:ac:d8:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Jan 1 02:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=472715e3dad7f7412dd18da20c37eb5ee815b4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e3:46:23:47:2e:09:7c:3b:07:82:ed:e0:0b:
40:a3:ff:ac:57:e0:d0:7b:7e:b4:32:50:b6:cc:75:
9e:24:be:7b:01:64:3e:de:0c:18:7a:a6:c8:b7:69:
27:18:da:96:b9:25:47:ff:12:37:af:3a:0e:8f:96:
76:40:1f:45:f7:b8:99:db:0a:a9:07:a8:21:ab:c0:
92:6f:6e:ad:a1:ff:3a:2f:bc:45:3c:78:f7:11:2d:
c0:cd:f9:e2:bb:5e:5a:aa:28:8f:23:b4:20:4e:b3:
4d:e3:8d:99:71:bd:30:0a:17:cd:54:20:73:75:04:
7d:90:1c:4d:42:a9:2c:d3:e0:4a:0b:05:ad:c0:e8:
85:df:16:70:32:1d:a0:24:6b:a7:30:b0:87:ab:c1:
ea:8e:bb:e0:28:6b:c0:e0:4b:27:e6:d3:a9:45:8d:
2c:b2:98:3f:87:50:fa:f8:8a:98:dd:3f:f0:7a:9f:
bf:de:2c:4c:65:44:5e:cc:6c:d9:79:9f:87:b5:6e:
a2:8f:d0:86:28:ba:e0:12:7f:5c:d0:48:f0:67:71:
2d:fd:d5:3a:44:f9:62:f9:b2:75:af:2f:62:15:bb:
11:22:54:a7:08:b5:47:f2:79:47:5c:46:7e:81:90:
cc:f0:46:01:15:fe:37:ed:48:c1:28:3c:f5:fc:5a:
ba:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:27:15:E3:DA:D7:F7:41:2D:D1:8D:A2:0C:37:EB:5E:E8:15:B4:BD
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/RycV49rX90Et0Y2iDDfrXugVtL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.134.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:a9:84:30:60:43:26:06:37:85:65:33:b1:04:11:b4:80:a3:
4d:da:37:8f:d8:70:29:da:7a:df:62:67:1d:f2:9d:2b:1a:a7:
5e:b1:c0:8b:63:29:2a:63:f7:db:2b:48:ff:33:14:40:a6:48:
0c:89:95:0c:6c:1b:55:e0:9e:9a:dd:d0:2a:27:48:7b:e1:75:
00:ae:d9:2d:a9:dd:4c:78:05:17:63:42:9f:5d:80:3d:cd:e9:
c2:da:4e:31:46:93:25:7e:25:d0:cb:47:35:5e:56:e6:cc:e4:
3a:6d:cc:9e:dc:92:74:50:42:6e:88:57:b2:7e:89:63:51:c4:
af:4c:70:2c:ee:2d:8e:cd:d9:66:65:bc:e3:93:8a:8f:b1:80:
64:57:0c:ba:09:d9:26:bd:14:f2:de:de:92:a9:e8:e5:87:a2:
32:cc:4d:ba:e0:a9:8c:bb:ca:ff:14:85:cb:85:fa:22:8f:87:
c7:99:82:8c:23:4f:66:5c:9a:39:24:d4:e3:31:d9:f4:a2:fc:
cd:75:d8:da:db:35:93:ba:f9:24:07:aa:e6:72:9f:86:35:52:
1d:51:fc:e9:19:59:da:c7:64:7e:f8:9f:ee:30:ad:38:f1:1a:
00:59:fd:72:72:c6:ba:89:2e:72:97:07:e6:8e:38:de:8e:0a:
80:c1:1e:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2ug90Ow1XLvAxErArNhPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjQwMTAxMDIyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzI3MTVlM2RhZDdmNzQxMmRkMThkYTIwYzM3ZWI1ZWU4MTViNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluNGI0cuCXw7B4Lt4AtAo/+sV+DQ
e360MlC2zHWeJL57AWQ+3gwYeqbIt2knGNqWuSVH/xI3rzoOj5Z2QB9F97iZ2wqp
B6ghq8CSb26tof86L7xFPHj3ES3Azfniu15aqiiPI7QgTrNN442Zcb0wChfNVCBz
dQR9kBxNQqks0+BKCwWtwOiF3xZwMh2gJGunMLCHq8HqjrvgKGvA4Esn5tOpRY0s
spg/h1D6+IqY3T/wep+/3ixMZURezGzZeZ+HtW6ij9CGKLrgEn9c0EjwZ3Et/dU6
RPli+bJ1ry9iFbsRIlSnCLVH8nlHXEZ+gZDM8EYBFf437UjBKDz1/Fq6eQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcnFePa1/dBLdGNogw3617oFbS9MB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvUnljVjQ5clg5MEV0MFkyaUREZnJYdWdWdEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+GMA0G
CSqGSIb3DQEBCwUAA4IBAQBvqYQwYEMmBjeFZTOxBBG0gKNN2jeP2HAp2nrfYmcd
8p0rGqdescCLYykqY/fbK0j/MxRApkgMiZUMbBtV4J6a3dAqJ0h74XUArtktqd1M
eAUXY0KfXYA9zenC2k4xRpMlfiXQy0c1XlbmzOQ6bcye3JJ0UEJuiFeyfoljUcSv
THAs7i2OzdlmZbzjk4qPsYBkVwy6CdkmvRTy3t6Sqejlh6IyzE264KmMu8r/FIXL
hfoij4fHmYKMI09mXJo5JNTjMdn0ovzNddja2zWTuvkkB6rmcp+GNVIdUfzpGVna
x2R++J/uMK048RoAWf1ycsa6iS5ylwfmjjjejgqAwR44
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:15:06 2024 by rpki-client on console-ams.rpki-client.org