Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/TIqTAJrwAO6MFnJtDW8OSaM43LQ.roa
File: TIqTAJrwAO6MFnJtDW8OSaM43LQ.roa (raw, json)
Hash identifier: zFWAavwWd5bFoGK3yWk926XIvEhPkpgWNZDN9ebNGto=
Subject key identifier: 4C:8A:93:00:9A:F0:00:EE:8C:16:72:6D:0D:6F:0E:49:A3:38:DC:B4
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018CC94CA7735E9159939D752C2298FA178E
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/TIqTAJrwAO6MFnJtDW8OSaM43LQ.roa
Signing time: Tue 02 Jan 2024 08:31:33 +0000
ROA not before: Tue 02 Jan 2024 08:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 188.191.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 20:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:a7:73:5e:91:59:93:9d:75:2c:22:98:fa:17:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 2 08:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c8a93009af000ee8c16726d0d6f0e49a338dcb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dc:cd:11:c0:39:36:05:ff:f7:38:38:5b:7b:
c0:d1:9b:c7:35:9e:e1:0a:79:b6:9f:8d:d2:cf:01:
e8:09:41:24:80:e6:29:dd:01:37:bc:e4:da:70:c0:
a2:eb:8c:e8:f6:6a:63:29:67:be:ca:20:5b:5f:f4:
f9:97:6c:26:92:80:6f:9a:49:99:e7:33:85:b3:8b:
20:76:a1:75:b9:43:80:78:ab:42:95:b7:0d:b7:11:
07:92:7c:4f:dd:df:f1:bd:38:71:c1:27:2f:bc:11:
fd:fd:da:53:26:27:a8:13:43:3d:4a:e5:86:7f:08:
c8:dd:34:fb:89:ed:cd:ce:c1:e5:d9:a1:c2:b1:54:
84:12:5d:1f:92:a9:23:f3:a1:e0:ed:23:1b:e0:e5:
1f:a6:d8:1a:7d:a4:bb:54:66:5b:4d:ce:54:bf:1f:
81:28:9c:09:0c:d7:b6:a6:c8:34:3b:e5:a6:9c:cd:
3a:6f:c2:2f:3f:0b:07:68:37:9a:55:4e:1e:88:cb:
f0:ff:7e:c4:19:1d:fe:fa:db:62:0e:f9:7d:18:ed:
42:c6:4b:f2:f3:2d:82:b1:86:95:18:f8:6a:2f:2a:
b6:61:bc:93:04:48:73:fc:c1:b4:b2:3c:dc:04:49:
47:1f:54:3e:40:b5:a1:e4:86:a9:7f:4b:97:92:89:
e1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8A:93:00:9A:F0:00:EE:8C:16:72:6D:0D:6F:0E:49:A3:38:DC:B4
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/TIqTAJrwAO6MFnJtDW8OSaM43LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.102.0/24
Signature Algorithm: sha256WithRSAEncryption
27:6c:92:ea:55:39:d5:a1:23:4b:f0:61:7a:cc:01:1f:e4:d5:
b7:6f:f1:7a:cc:5e:ae:5e:d4:2a:25:72:f7:12:75:0a:a2:e3:
ad:1a:14:8c:7f:4f:96:f7:9f:27:a5:71:3e:ed:68:9e:48:4f:
95:df:78:c1:77:4e:ff:5a:34:21:72:4e:3a:e8:9a:0c:fd:8a:
93:c8:97:f0:56:4b:dc:03:79:3d:a0:cc:f8:1e:41:71:7b:d7:
c7:05:97:47:63:20:45:81:8c:30:11:e7:af:d3:7d:c2:e9:af:
cc:0d:95:02:02:00:19:91:da:8f:42:22:f7:05:cf:53:f4:d0:
bc:6e:6d:c3:74:6b:a8:39:8a:32:31:83:f4:02:52:e6:40:96:
8e:aa:ea:46:02:42:d9:0f:db:2b:c5:b9:19:f5:4b:6b:df:cd:
15:8c:12:f6:61:e2:c9:12:21:6d:a6:41:3e:86:e3:11:93:d0:
b2:a2:1f:2b:16:f5:54:51:e8:72:d5:5d:cc:af:9d:76:90:46:
2a:42:47:5e:8d:22:26:02:66:2b:b2:2c:45:b9:e7:13:96:44:
87:f3:e7:13:fc:24:7f:f6:ff:be:a9:56:1d:5b:87:8b:e9:c1:
25:a3:3c:3e:d8:d4:d0:61:17:30:2a:54:92:40:40:b4:51:4c:
70:3e:ac:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTKdzXpFZk511LCKY+heOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwMTAyMDgzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhhOTMwMDlhZjAwMGVlOGMxNjcyNmQwZDZmMGU0OWEzMzhkY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldzNEcA5NgX/9zg4W3vA0ZvHNZ7h
Cnm2n43SzwHoCUEkgOYp3QE3vOTacMCi64zo9mpjKWe+yiBbX/T5l2wmkoBvmkmZ
5zOFs4sgdqF1uUOAeKtClbcNtxEHknxP3d/xvThxwScvvBH9/dpTJieoE0M9SuWG
fwjI3TT7ie3NzsHl2aHCsVSEEl0fkqkj86Hg7SMb4OUfptgafaS7VGZbTc5Uvx+B
KJwJDNe2psg0O+WmnM06b8IvPwsHaDeaVU4eiMvw/37EGR3++ttiDvl9GO1Cxkvy
8y2CsYaVGPhqLyq2YbyTBEhz/MG0sjzcBElHH1Q+QLWh5Iapf0uXkonhbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyKkwCa8ADujBZybQ1vDkmjONy0MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvVElxVEFKcndBTzZNRm5KdERXOE9TYU00M0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9mMA0G
CSqGSIb3DQEBCwUAA4IBAQAnbJLqVTnVoSNL8GF6zAEf5NW3b/F6zF6uXtQqJXL3
EnUKouOtGhSMf0+W958npXE+7WieSE+V33jBd07/WjQhck466JoM/YqTyJfwVkvc
A3k9oMz4HkFxe9fHBZdHYyBFgYwwEeev033C6a/MDZUCAgAZkdqPQiL3Bc9T9NC8
bm3DdGuoOYoyMYP0AlLmQJaOqupGAkLZD9srxbkZ9Utr380VjBL2YeLJEiFtpkE+
huMRk9Cyoh8rFvVUUehy1V3Mr512kEYqQkdejSImAmYrsixFuecTlkSH8+cT/CR/
9v++qVYdW4eL6cElozw+2NTQYRcwKlSSQEC0UUxwPqxl
-----END CERTIFICATE-----
Generated at Wed Dec 11 05:23:41 2024 by rpki-client on console-fra.rpki-client.org