Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/hNfE-EiGDK8pcxV2aPkDWALGAyA.roa
File: hNfE-EiGDK8pcxV2aPkDWALGAyA.roa (raw, json)
Hash identifier: PfrYUiUHJXlo50KwRIj/jIFhPPNZSC/Vb7rdebqeBms=
Subject key identifier: 84:D7:C4:F8:48:86:0C:AF:29:73:15:76:68:F9:03:58:02:C6:03:20
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 018CC56EBA255A112DF5E3FB51E86447F8FC
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/hNfE-EiGDK8pcxV2aPkDWALGAyA.roa
Signing time: Mon 01 Jan 2024 14:30:17 +0000
ROA not before: Mon 01 Jan 2024 14:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206492
IP address blocks: 194.191.112.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.mft
rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ba:25:5a:11:2d:f5:e3:fb:51:e8:64:47:f8:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jan 1 14:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84d7c4f848860caf2973157668f9035802c60320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:be:51:3d:d2:ed:ad:05:af:56:02:4f:64:46:
e3:89:13:b8:a1:c3:bc:e7:e2:45:e1:96:2a:46:bc:
9f:d6:4d:98:44:31:3e:ee:59:8c:47:78:9d:4d:65:
30:43:29:87:71:74:d4:86:4f:3a:56:7d:10:a9:8d:
57:cd:b0:a3:f1:a7:59:08:19:58:bc:16:d4:c4:aa:
0d:fa:00:69:75:48:15:31:b2:25:b0:4d:21:8d:e2:
ac:cf:24:b1:68:92:df:d2:dc:97:e6:51:b1:f5:07:
c6:e6:a6:ef:9c:35:b0:ee:01:83:1b:7d:59:a9:d3:
0d:8b:0b:f8:f6:cd:c8:ef:56:11:75:2f:a1:0d:b2:
d4:6a:35:aa:8b:3c:55:a4:87:f8:d5:00:6c:a5:9f:
c6:a0:80:cd:c8:b4:b2:df:d1:d9:65:4b:74:ee:48:
53:c8:ca:9f:84:90:f8:dc:a2:e5:59:34:51:92:79:
47:6c:61:09:08:c3:c6:54:c7:e4:8f:84:aa:96:1b:
70:38:ca:a0:03:32:63:92:d4:aa:3f:f2:3a:28:8b:
e5:88:03:3e:54:6b:c8:94:c9:4b:e9:cf:ff:dc:3b:
13:d5:22:70:e6:2f:28:8d:1c:e5:4a:71:5d:7c:02:
2f:c8:62:73:d5:d7:39:14:d8:16:6d:bd:54:18:ec:
25:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D7:C4:F8:48:86:0C:AF:29:73:15:76:68:F9:03:58:02:C6:03:20
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/hNfE-EiGDK8pcxV2aPkDWALGAyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.191.112.0/22
Signature Algorithm: sha256WithRSAEncryption
92:46:31:64:42:75:ce:b4:2f:11:0c:bd:b6:23:b3:77:e0:a2:
6e:4d:e6:69:84:ca:0c:97:f0:ff:fa:30:4d:d0:91:13:ca:c8:
a9:d9:1b:a6:4f:75:65:ae:c8:05:18:df:12:f9:dc:c2:e0:97:
13:68:a1:64:ee:e1:3e:58:c5:5c:11:c4:07:34:32:59:c6:e8:
55:ae:bd:99:ba:84:c5:ab:9a:cd:f3:6d:fd:b1:46:d9:b4:eb:
b4:e7:de:57:61:bc:73:9d:87:9e:c1:9f:09:51:79:f7:75:03:
e2:52:8f:22:26:a8:d3:ec:28:58:01:fe:db:da:7f:73:9e:fc:
8e:e0:88:c3:68:48:7a:9c:97:de:07:c2:8e:a1:8d:0c:7b:87:
7c:42:5a:22:8d:a4:82:7e:06:cf:23:2f:2e:73:48:2d:77:ec:
5c:ae:7d:5c:98:64:28:a8:ed:5d:7c:39:90:8f:d2:b3:d8:00:
ec:25:d5:fa:ff:3b:5f:62:04:11:52:c6:d0:d9:c2:c0:12:17:
8a:5c:1b:bf:b9:06:e2:81:9c:75:66:dc:96:4f:a8:71:30:a6:
4c:8b:b2:43:21:3d:99:f1:bf:85:63:b8:ad:c5:70:b0:29:fa:
30:52:d4:b5:b6:1e:be:d8:a1:62:09:64:d9:f3:4e:2a:b4:5c:
ea:b4:17:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbrolWhEt9eP7UehkR/j8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjQwMTAxMTQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQ3YzRmODQ4ODYwY2FmMjk3MzE1NzY2OGY5MDM1ODAyYzYwMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb5RPdLtrQWvVgJPZEbjiRO4ocO8
5+JF4ZYqRryf1k2YRDE+7lmMR3idTWUwQymHcXTUhk86Vn0QqY1XzbCj8adZCBlY
vBbUxKoN+gBpdUgVMbIlsE0hjeKszySxaJLf0tyX5lGx9QfG5qbvnDWw7gGDG31Z
qdMNiwv49s3I71YRdS+hDbLUajWqizxVpIf41QBspZ/GoIDNyLSy39HZZUt07khT
yMqfhJD43KLlWTRRknlHbGEJCMPGVMfkj4SqlhtwOMqgAzJjktSqP/I6KIvliAM+
VGvIlMlL6c//3DsT1SJw5i8ojRzlSnFdfAIvyGJz1dc5FNgWbb1UGOwl2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITXxPhIhgyvKXMVdmj5A1gCxgMgMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvaE5mRS1FaUdESzhwY3hWMmFQa0RXQUxHQXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwr9wMA0G
CSqGSIb3DQEBCwUAA4IBAQCSRjFkQnXOtC8RDL22I7N34KJuTeZphMoMl/D/+jBN
0JETysip2RumT3VlrsgFGN8S+dzC4JcTaKFk7uE+WMVcEcQHNDJZxuhVrr2ZuoTF
q5rN8239sUbZtOu0595XYbxznYeewZ8JUXn3dQPiUo8iJqjT7ChYAf7b2n9znvyO
4IjDaEh6nJfeB8KOoY0Me4d8QloijaSCfgbPIy8uc0gtd+xcrn1cmGQoqO1dfDmQ
j9Kz2ADsJdX6/ztfYgQRUsbQ2cLAEheKXBu/uQbigZx1ZtyWT6hxMKZMi7JDIT2Z
8b+FY7itxXCwKfowUtS1th6+2KFiCWTZ804qtFzqtBdS
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:41 2024 by rpki-client on console-fra.rpki-client.org