Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/6414f1-d468-4d97-b299-d768a77d57f4/1/2h6TQGJDG48pSJd4LQ5wRmeGsfk.roa
File: 2h6TQGJDG48pSJd4LQ5wRmeGsfk.roa (raw, json)
Hash identifier: xAgRxDHDqw3hMGQxRaTu8YWnOZj75MJjZkgZeMiP6ks=
Subject key identifier: DA:1E:93:40:62:43:1B:8F:29:48:97:78:2D:0E:70:46:67:86:B1:F9
Certificate issuer: /CN=ce5581d2748afcf779667977f7b6739ee4f9fc0d
Certificate serial: 018CC79530C291CDBA01952FDE4ECC6B57B9
Authority key identifier: CE:55:81:D2:74:8A:FC:F7:79:66:79:77:F7:B6:73:9E:E4:F9:FC:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlWB0nSK_Pd5Znl397ZznuT5_A0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/6414f1-d468-4d97-b299-d768a77d57f4/1/2h6TQGJDG48pSJd4LQ5wRmeGsfk.roa
Signing time: Tue 02 Jan 2024 00:31:32 +0000
ROA not before: Tue 02 Jan 2024 00:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31457
IP address blocks: 193.16.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/6414f1-d468-4d97-b299-d768a77d57f4/1/zlWB0nSK_Pd5Znl397ZznuT5_A0.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/6414f1-d468-4d97-b299-d768a77d57f4/1/zlWB0nSK_Pd5Znl397ZznuT5_A0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zlWB0nSK_Pd5Znl397ZznuT5_A0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:30:c2:91:cd:ba:01:95:2f:de:4e:cc:6b:57:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce5581d2748afcf779667977f7b6739ee4f9fc0d
Validity
Not Before: Jan 2 00:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da1e934062431b8f294897782d0e70466786b1f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5b:0b:48:3e:7d:86:f8:75:7d:df:45:89:77:
e3:4c:ec:4e:02:49:98:be:a6:31:1a:69:21:e9:8f:
ef:cd:4f:1e:51:6b:bc:dd:87:d8:ba:35:18:3a:a0:
c5:59:97:e6:72:40:5e:3e:d4:ac:59:f6:49:60:24:
43:47:58:fa:33:d3:7e:4d:21:2e:7c:35:46:08:a7:
bc:a6:3a:36:1c:bf:b0:6e:16:da:87:3b:21:5f:ca:
48:1d:47:7b:41:73:0b:46:04:e6:bd:ac:29:e8:a0:
1e:f3:9f:7e:56:2b:80:01:d3:34:5c:61:6f:0a:53:
ee:50:00:79:c0:75:d0:68:6b:a3:25:b3:51:14:5e:
46:ad:6f:42:f7:4b:24:16:6a:4b:9e:8d:c7:a9:29:
60:9f:53:26:6d:89:d8:bc:f5:ce:ff:2e:2d:3b:5d:
aa:0f:6a:8a:6e:8a:2d:85:12:25:be:67:6a:b8:46:
7e:76:ae:89:c1:a4:f5:6c:83:72:de:83:a7:a1:26:
84:53:b7:6b:d4:ca:93:4c:93:b1:8a:aa:a9:b4:ec:
c4:e8:d9:31:f3:f5:8a:ce:60:b7:8b:e8:66:5c:3c:
fb:e5:d6:79:c4:e1:15:9f:d5:bc:c0:fe:7c:4e:7a:
a5:c7:46:28:f6:78:21:9a:32:5a:89:f5:73:d6:81:
92:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:1E:93:40:62:43:1B:8F:29:48:97:78:2D:0E:70:46:67:86:B1:F9
X509v3 Authority Key Identifier:
keyid:CE:55:81:D2:74:8A:FC:F7:79:66:79:77:F7:B6:73:9E:E4:F9:FC:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlWB0nSK_Pd5Znl397ZznuT5_A0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/6414f1-d468-4d97-b299-d768a77d57f4/1/2h6TQGJDG48pSJd4LQ5wRmeGsfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/6414f1-d468-4d97-b299-d768a77d57f4/1/zlWB0nSK_Pd5Znl397ZznuT5_A0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.244.0/24
Signature Algorithm: sha256WithRSAEncryption
69:d1:c4:5b:8d:9a:54:dd:32:11:1e:d5:c7:49:1b:d6:58:b9:
d1:c3:4c:1b:68:d8:07:6c:23:1b:fc:7a:c7:3a:2b:b9:0f:76:
19:ca:09:8b:c2:a0:98:57:0b:fd:1d:54:31:c6:27:c6:e5:5a:
c4:c4:8a:be:45:33:a7:6e:bd:d8:aa:ca:c9:5f:62:30:a2:6b:
be:d2:9d:bf:83:0a:2d:2f:de:62:cf:a7:07:75:2a:d6:11:c5:
9c:16:b2:cb:8a:f5:05:e2:98:fc:03:40:4c:97:3e:39:20:fe:
21:ba:0f:d3:69:2b:4c:d3:7f:e1:5c:11:e8:86:db:90:76:68:
9b:88:07:15:61:d8:25:48:56:24:b6:cd:14:e0:5f:d5:df:35:
55:57:30:d5:96:f2:a7:26:34:fb:06:5f:4b:ac:55:4e:0f:09:
f6:16:d8:91:fa:f6:98:65:9b:48:54:f8:e0:14:78:46:a2:ef:
89:83:6b:fd:58:dc:b5:ec:20:26:e4:75:bf:b9:96:4f:de:e4:
de:1a:99:cb:1c:1c:72:1c:f8:be:e6:f7:b1:20:8c:0c:d7:96:
83:ab:2a:b2:d7:4e:06:7a:be:c2:5e:ea:11:d5:df:ee:0e:35:
f3:52:f0:43:36:5d:43:c8:34:07:1a:ad:d5:74:e4:99:e4:2b:
3e:4c:f2:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlTDCkc26AZUv3k7Ma1e5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNTU4MWQyNzQ4YWZjZjc3OTY2Nzk3N2Y3YjY3MzllZTRm
OWZjMGQwHhcNMjQwMTAyMDAzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTFlOTM0MDYyNDMxYjhmMjk0ODk3NzgyZDBlNzA0NjY3ODZiMWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlsLSD59hvh1fd9FiXfjTOxOAkmY
vqYxGmkh6Y/vzU8eUWu83YfYujUYOqDFWZfmckBePtSsWfZJYCRDR1j6M9N+TSEu
fDVGCKe8pjo2HL+wbhbahzshX8pIHUd7QXMLRgTmvawp6KAe859+ViuAAdM0XGFv
ClPuUAB5wHXQaGujJbNRFF5GrW9C90skFmpLno3HqSlgn1MmbYnYvPXO/y4tO12q
D2qKboothRIlvmdquEZ+dq6JwaT1bINy3oOnoSaEU7dr1MqTTJOxiqqptOzE6Nkx
8/WKzmC3i+hmXDz75dZ5xOEVn9W8wP58Tnqlx0Yo9nghmjJaifVz1oGSsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNoek0BiQxuPKUiXeC0OcEZnhrH5MB8GA1UdIwQY
MBaAFM5VgdJ0ivz3eWZ5d/e2c57k+fwNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemxXQjBuU0tfUGQ1Wm5sMzk3WnpudVQ1X0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NDE0ZjEtZDQ2OC00ZDk3LWIyOTkt
ZDc2OGE3N2Q1N2Y0LzEvMmg2VFFHSkRHNDhwU0pkNExRNXdSbWVHc2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NDE0ZjEtZDQ2OC00ZDk3LWIyOTktZDc2OGE3N2Q1N2Y0
LzEvemxXQjBuU0tfUGQ1Wm5sMzk3WnpudVQ1X0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRD0MA0G
CSqGSIb3DQEBCwUAA4IBAQBp0cRbjZpU3TIRHtXHSRvWWLnRw0wbaNgHbCMb/HrH
Oiu5D3YZygmLwqCYVwv9HVQxxifG5VrExIq+RTOnbr3YqsrJX2Iwomu+0p2/gwot
L95iz6cHdSrWEcWcFrLLivUF4pj8A0BMlz45IP4hug/TaStM03/hXBHohtuQdmib
iAcVYdglSFYkts0U4F/V3zVVVzDVlvKnJjT7Bl9LrFVODwn2FtiR+vaYZZtIVPjg
FHhGou+Jg2v9WNy17CAm5HW/uZZP3uTeGpnLHBxyHPi+5vexIIwM15aDqyqy104G
er7CXuoR1d/uDjXzUvBDNl1DyDQHGq3VdOSZ5Cs+TPJT
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:51 2024 by rpki-client on console-ams.rpki-client.org