Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/afd611-9ac0-414e-be44-523e445f90dc/1/T6gnUEs6UhVHAPB7rsoUU3_4Yz8.roa
File: T6gnUEs6UhVHAPB7rsoUU3_4Yz8.roa (raw, json)
Hash identifier: W5bJO4pYExYHRhomF6M1BWczjmPpSw0n0uYEOU5DpLY=
Subject key identifier: 4F:A8:27:50:4B:3A:52:15:47:00:F0:7B:AE:CA:14:53:7F:F8:63:3F
Certificate issuer: /CN=edc3df046e1e1d5bf0522bb913f2957287a49b4b
Certificate serial: 018CC6B87B17E0BC967AE5D795B3137A0B2D
Authority key identifier: ED:C3:DF:04:6E:1E:1D:5B:F0:52:2B:B9:13:F2:95:72:87:A4:9B:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7cPfBG4eHVvwUiu5E_KVcoekm0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/afd611-9ac0-414e-be44-523e445f90dc/1/T6gnUEs6UhVHAPB7rsoUU3_4Yz8.roa
Signing time: Mon 01 Jan 2024 20:30:28 +0000
ROA not before: Mon 01 Jan 2024 20:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200916
IP address blocks: 193.100.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/afd611-9ac0-414e-be44-523e445f90dc/1/7cPfBG4eHVvwUiu5E_KVcoekm0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/afd611-9ac0-414e-be44-523e445f90dc/1/7cPfBG4eHVvwUiu5E_KVcoekm0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/7cPfBG4eHVvwUiu5E_KVcoekm0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:7b:17:e0:bc:96:7a:e5:d7:95:b3:13:7a:0b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edc3df046e1e1d5bf0522bb913f2957287a49b4b
Validity
Not Before: Jan 1 20:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fa827504b3a52154700f07baeca14537ff8633f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c8:81:f1:5c:33:af:50:9f:9d:50:3d:f0:97:
e1:9f:3b:d9:e9:e0:ea:67:2a:2c:92:0f:de:cf:a5:
da:ed:0e:33:75:8b:83:52:b6:bd:5a:1d:58:c1:1e:
e2:06:49:57:db:02:ef:46:01:a7:73:75:a3:0b:b1:
70:d3:6b:96:e7:b5:4c:1f:07:86:0a:35:84:7d:34:
db:12:aa:78:d9:95:0b:e9:2c:08:50:46:2b:62:bb:
6b:6e:64:11:3c:65:58:a0:51:0d:85:1f:48:ca:af:
c7:d1:1f:92:2f:1a:c6:f9:81:fc:c1:1b:92:5b:53:
b1:2f:15:b3:12:48:55:94:67:8f:d1:22:40:13:80:
ba:63:f3:d9:9d:0c:b8:8a:72:1e:67:e8:19:13:88:
df:72:9a:46:82:08:ec:8f:9f:ec:5b:31:a1:74:7a:
2f:78:08:f8:2a:60:67:c1:11:b3:a9:1b:df:a5:50:
ec:7d:e0:07:d2:1c:a8:b1:f9:9c:90:55:d9:24:df:
28:5f:63:4a:5c:36:8e:cf:b5:d1:30:9c:f5:b4:39:
a2:e2:fb:51:06:3d:60:09:4c:21:20:04:59:46:ef:
37:a1:49:c4:e3:da:5f:d0:b3:59:94:bf:72:82:c4:
37:0a:45:8c:06:75:b5:d7:f1:3c:04:b7:d3:f9:b2:
31:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:A8:27:50:4B:3A:52:15:47:00:F0:7B:AE:CA:14:53:7F:F8:63:3F
X509v3 Authority Key Identifier:
keyid:ED:C3:DF:04:6E:1E:1D:5B:F0:52:2B:B9:13:F2:95:72:87:A4:9B:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7cPfBG4eHVvwUiu5E_KVcoekm0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/afd611-9ac0-414e-be44-523e445f90dc/1/T6gnUEs6UhVHAPB7rsoUU3_4Yz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/afd611-9ac0-414e-be44-523e445f90dc/1/7cPfBG4eHVvwUiu5E_KVcoekm0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.100.167.0/24
Signature Algorithm: sha256WithRSAEncryption
85:57:d6:83:c8:a2:d8:4f:5b:19:73:f2:8d:2e:5d:c3:5f:5b:
4e:cd:09:86:0a:56:25:3c:1b:00:28:48:72:05:f9:3d:6e:ec:
de:2a:9d:b7:b3:0f:22:e4:72:13:fa:48:d3:79:71:a6:0e:d3:
43:6c:6c:8d:76:ea:3d:64:ed:e5:bb:b8:a8:7e:08:79:1b:cf:
b5:9b:ad:c0:56:18:6e:21:b1:bb:b8:b6:64:db:aa:63:5c:2b:
aa:44:ff:d9:ba:37:59:b7:d0:9b:83:08:da:d6:73:7d:c8:d5:
5f:b6:fd:fc:b5:f0:70:53:d3:8c:42:c7:9e:dd:b0:be:95:24:
1e:7c:1d:8a:d4:62:6e:dc:69:4f:c7:24:80:50:91:02:9d:ad:
2a:c1:ed:01:9f:ca:b2:9a:71:89:94:ad:8d:15:8f:cc:6b:29:
b7:21:fb:f6:45:7e:a0:7e:81:ea:40:5f:49:23:10:42:30:f3:
40:26:8f:e8:aa:ee:d7:5e:65:1e:08:4f:aa:23:7e:36:d9:9e:
a3:6f:2e:ca:f6:0f:be:b8:9c:75:67:2d:ab:6e:4b:97:24:09:
af:cf:a2:e8:71:56:e6:1b:dc:65:91:df:a7:f5:e4:f2:aa:75:
62:b2:a3:75:9c:33:9e:2b:47:64:44:9b:93:51:5b:0f:f7:72:
1f:82:07:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuHsX4LyWeuXXlbMTegstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYzNkZjA0NmUxZTFkNWJmMDUyMmJiOTEzZjI5NTcyODdh
NDliNGIwHhcNMjQwMTAxMjAzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmE4Mjc1MDRiM2E1MjE1NDcwMGYwN2JhZWNhMTQ1MzdmZjg2MzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsiB8Vwzr1CfnVA98JfhnzvZ6eDq
Zyoskg/ez6Xa7Q4zdYuDUra9Wh1YwR7iBklX2wLvRgGnc3WjC7Fw02uW57VMHweG
CjWEfTTbEqp42ZUL6SwIUEYrYrtrbmQRPGVYoFENhR9Iyq/H0R+SLxrG+YH8wRuS
W1OxLxWzEkhVlGeP0SJAE4C6Y/PZnQy4inIeZ+gZE4jfcppGggjsj5/sWzGhdHov
eAj4KmBnwRGzqRvfpVDsfeAH0hyosfmckFXZJN8oX2NKXDaOz7XRMJz1tDmi4vtR
Bj1gCUwhIARZRu83oUnE49pf0LNZlL9ygsQ3CkWMBnW11/E8BLfT+bIxWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+oJ1BLOlIVRwDwe67KFFN/+GM/MB8GA1UdIwQY
MBaAFO3D3wRuHh1b8FIruRPylXKHpJtLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2NQZkJHNGVIVnZ3VWl1NUVfS1Zjb2VrbTBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hZmQ2MTEtOWFjMC00MTRlLWJlNDQt
NTIzZTQ0NWY5MGRjLzEvVDZnblVFczZVaFZIQVBCN3Jzb1VVM180WXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hZmQ2MTEtOWFjMC00MTRlLWJlNDQtNTIzZTQ0NWY5MGRj
LzEvN2NQZkJHNGVIVnZ3VWl1NUVfS1Zjb2VrbTBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWSnMA0G
CSqGSIb3DQEBCwUAA4IBAQCFV9aDyKLYT1sZc/KNLl3DX1tOzQmGClYlPBsAKEhy
Bfk9buzeKp23sw8i5HIT+kjTeXGmDtNDbGyNduo9ZO3lu7iofgh5G8+1m63AVhhu
IbG7uLZk26pjXCuqRP/ZujdZt9Cbgwja1nN9yNVftv38tfBwU9OMQsee3bC+lSQe
fB2K1GJu3GlPxySAUJECna0qwe0Bn8qymnGJlK2NFY/Maym3Ifv2RX6gfoHqQF9J
IxBCMPNAJo/oqu7XXmUeCE+qI3422Z6jby7K9g++uJx1Zy2rbkuXJAmvz6LocVbm
G9xlkd+n9eTyqnVisqN1nDOeK0dkRJuTUVsP93IfggcV
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:08:42 2024 by rpki-client on console-ams.rpki-client.org