Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/1m4ekupBDw2diSy5kBH7FH4ykiM.roa
File: 1m4ekupBDw2diSy5kBH7FH4ykiM.roa (raw, json)
Hash identifier: KhsSFWNiOxPpZz9x0iSKSy3MkwGEXCHLB+e6DJQfQO8=
Subject key identifier: D6:6E:1E:92:EA:41:0F:0D:9D:89:2C:B9:90:11:FB:14:7E:32:92:23
Certificate issuer: /CN=d027c609faf4a6c22adf1f8c4a70a07ae7cf2e81
Certificate serial: 018D5F77BF57773E7BFE768B58EBF5C13CE8
Authority key identifier: D0:27:C6:09:FA:F4:A6:C2:2A:DF:1F:8C:4A:70:A0:7A:E7:CF:2E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0CfGCfr0psIq3x-MSnCgeufPLoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/1m4ekupBDw2diSy5kBH7FH4ykiM.roa
Signing time: Wed 31 Jan 2024 12:21:39 +0000
ROA not before: Wed 31 Jan 2024 12:21:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15699
IP address blocks: 194.36.122.0/23 maxlen: 32
194.36.138.0/23 maxlen: 32
195.162.18.0/23 maxlen: 32
2a0a:1680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/0CfGCfr0psIq3x-MSnCgeufPLoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/0CfGCfr0psIq3x-MSnCgeufPLoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/0CfGCfr0psIq3x-MSnCgeufPLoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:77:bf:57:77:3e:7b:fe:76:8b:58:eb:f5:c1:3c:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d027c609faf4a6c22adf1f8c4a70a07ae7cf2e81
Validity
Not Before: Jan 31 12:21:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d66e1e92ea410f0d9d892cb99011fb147e329223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:55:34:b1:ba:27:c5:e2:9f:9c:93:7f:8e:a6:
6b:d4:00:e3:f4:43:dc:5a:61:23:19:f2:80:c4:8a:
7f:71:5f:42:34:c5:cf:3b:d6:da:4c:cf:3c:61:53:
43:ef:ea:0d:a9:ea:fa:88:f7:33:7a:2a:8a:76:3c:
ea:7f:e5:d2:d1:d2:87:d0:55:87:70:e7:2a:3a:3e:
dc:b5:72:4d:8a:35:6e:5c:74:35:51:c8:23:1c:3c:
04:2f:7e:e2:14:ee:e7:9f:50:49:ec:8f:2b:31:8e:
17:5a:14:75:95:cc:54:32:b4:59:f4:ef:a3:ac:bd:
5e:09:dd:61:b2:29:ae:6d:74:67:a7:fd:26:e8:c8:
0b:b2:28:91:62:79:e0:d5:08:f8:db:f6:2a:d4:57:
3f:41:ef:52:0b:ed:cf:f0:a9:47:e4:7a:ec:d4:c1:
15:96:50:06:79:23:c3:8f:d9:0c:0e:53:81:d2:f5:
c9:f7:45:00:a4:14:a2:17:34:56:eb:ed:ff:da:0e:
2e:59:38:3c:e2:1a:2f:fe:cf:23:e3:1f:67:6e:5c:
83:3a:9a:24:c7:30:33:de:79:94:d0:dc:fe:d9:00:
bd:d4:71:77:88:75:d6:9e:df:73:af:42:0c:e9:a1:
92:0d:5a:ae:34:a7:4a:0b:8e:31:ff:06:bc:f3:04:
5b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:6E:1E:92:EA:41:0F:0D:9D:89:2C:B9:90:11:FB:14:7E:32:92:23
X509v3 Authority Key Identifier:
keyid:D0:27:C6:09:FA:F4:A6:C2:2A:DF:1F:8C:4A:70:A0:7A:E7:CF:2E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0CfGCfr0psIq3x-MSnCgeufPLoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/1m4ekupBDw2diSy5kBH7FH4ykiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/0CfGCfr0psIq3x-MSnCgeufPLoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.36.122.0/23
194.36.138.0/23
195.162.18.0/23
IPv6:
2a0a:1680::/29
Signature Algorithm: sha256WithRSAEncryption
53:1f:93:86:e1:61:47:b7:ad:7f:61:27:a1:b6:4a:09:e4:b3:
d5:7c:4d:c5:a9:ed:88:c6:18:ee:c0:5e:d4:3f:57:9e:8e:57:
67:f2:ce:8d:04:69:ed:3a:fc:06:3c:e4:2b:7e:b1:b4:c8:fc:
a8:a6:66:14:4d:55:38:2c:ab:7a:2d:e0:68:0e:11:8d:ba:29:
46:32:0f:c1:68:b2:47:5f:1c:07:22:ed:94:08:92:20:85:07:
a0:bc:80:65:18:63:57:2b:d2:ef:d0:aa:38:38:2e:b4:a2:fa:
ce:58:55:fc:c9:9e:49:b5:92:a5:9c:26:4d:ba:3f:52:59:09:
a0:6a:13:16:c9:35:81:83:32:8e:b3:39:a4:88:89:1b:d5:ca:
3a:a7:0b:5f:a3:de:61:de:58:e4:aa:c8:2a:fa:f2:55:fb:ae:
04:6f:40:3d:a1:8d:5c:e0:dd:9c:fc:0e:74:a8:5e:df:57:79:
2b:41:08:47:11:d9:dc:82:7d:3f:14:1d:b8:c6:bd:83:12:b9:
58:e7:09:95:c7:90:99:15:07:1b:65:87:cf:d2:74:bc:28:8b:
9b:29:97:2f:bd:60:4d:c9:da:f8:e0:58:a4:3f:75:ef:54:37:
9d:a9:72:23:70:33:6d:4d:a9:ad:bf:65:4f:19:51:33:7c:64:
78:7a:d3:f6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY1fd79Xdz57/naLWOv1wTzoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjdjNjA5ZmFmNGE2YzIyYWRmMWY4YzRhNzBhMDdhZTdj
ZjJlODEwHhcNMjQwMTMxMTIyMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjZlMWU5MmVhNDEwZjBkOWQ4OTJjYjk5MDExZmIxNDdlMzI5MjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1U0sbonxeKfnJN/jqZr1ADj9EPc
WmEjGfKAxIp/cV9CNMXPO9baTM88YVND7+oNqer6iPczeiqKdjzqf+XS0dKH0FWH
cOcqOj7ctXJNijVuXHQ1UcgjHDwEL37iFO7nn1BJ7I8rMY4XWhR1lcxUMrRZ9O+j
rL1eCd1hsimubXRnp/0m6MgLsiiRYnng1Qj42/Yq1Fc/Qe9SC+3P8KlH5Hrs1MEV
llAGeSPDj9kMDlOB0vXJ90UApBSiFzRW6+3/2g4uWTg84hov/s8j4x9nblyDOpok
xzAz3nmU0Nz+2QC91HF3iHXWnt9zr0IM6aGSDVquNKdKC44x/wa88wRbUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNZuHpLqQQ8NnYksuZAR+xR+MpIjMB8GA1UdIwQY
MBaAFNAnxgn69KbCKt8fjEpwoHrnzy6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENmR0NmcjBwc0lxM3gtTVNuQ2dldWZQTG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mNzFkNmYtN2VhNy00NWZjLWIxYjUt
M2FjYjgxNDkwNGEwLzEvMW00ZWt1cEJEdzJkaVN5NWtCSDdGSDR5a2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mNzFkNmYtN2VhNy00NWZjLWIxYjUtM2FjYjgxNDkwNGEw
LzEvMENmR0NmcjBwc0lxM3gtTVNuQ2dldWZQTG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwiR6AwQB
wiSKAwQBw6ISMA0EAgACMAcDBQMqChaAMA0GCSqGSIb3DQEBCwUAA4IBAQBTH5OG
4WFHt61/YSehtkoJ5LPVfE3Fqe2IxhjuwF7UP1eejldn8s6NBGntOvwGPOQrfrG0
yPyopmYUTVU4LKt6LeBoDhGNuilGMg/BaLJHXxwHIu2UCJIghQegvIBlGGNXK9Lv
0Ko4OC60ovrOWFX8yZ5JtZKlnCZNuj9SWQmgahMWyTWBgzKOszmkiIkb1co6pwtf
o95h3ljkqsgq+vJV+64Eb0A9oY1c4N2c/A50qF7fV3krQQhHEdncgn0/FB24xr2D
ErlY5wmVx5CZFQcbZYfP0nS8KIubKZcvvWBNydr44FikP3XvVDedqXIjcDNtTamt
v2VPGVEzfGR4etP2
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:34 2024 by rpki-client on console-fra.rpki-client.org