Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/9Eo4-htnPfS7dNVkeOLY-wBoQ_0.roa
File: 9Eo4-htnPfS7dNVkeOLY-wBoQ_0.roa (raw, json)
Hash identifier: eSWxi1EjExFl1QWAN3TP2i6cXhg3A0sxo1DpPcld5Eg=
Subject key identifier: F4:4A:38:FA:1B:67:3D:F4:BB:74:D5:64:78:E2:D8:FB:00:68:43:FD
Certificate issuer: /CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Certificate serial: 018CC7948519AF9984BF1E1ECC11171913CC
Authority key identifier: 7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/9Eo4-htnPfS7dNVkeOLY-wBoQ_0.roa
Signing time: Tue 02 Jan 2024 00:30:48 +0000
ROA not before: Tue 02 Jan 2024 00:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25354
IP address blocks: 194.69.254.0/24 maxlen: 24
194.0.34.0/24 maxlen: 24
194.0.33.0/24 maxlen: 24
2001:678:40::/48 maxlen: 48
2001:67c:21cc::/48 maxlen: 48
2001:678:44::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.mft
rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:85:19:af:99:84:bf:1e:1e:cc:11:17:19:13:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Validity
Not Before: Jan 2 00:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f44a38fa1b673df4bb74d56478e2d8fb006843fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e2:b9:48:31:4e:43:a5:c5:f0:65:3d:50:01:
74:8c:49:22:53:f3:e3:b9:8a:90:2c:da:26:94:39:
14:b1:21:2f:66:06:cc:c8:7a:4d:56:01:20:cf:68:
20:3e:4f:e1:b1:03:74:e9:2a:f5:d4:4c:5f:2d:6d:
04:f1:41:41:5d:68:54:16:14:f8:fb:10:d0:9f:9e:
05:9a:2f:da:4a:6e:86:31:68:74:3b:d3:11:b9:6b:
a8:84:a8:13:54:c9:09:d8:2d:39:aa:f4:78:39:a2:
29:d0:b6:db:a5:42:ea:dd:54:4a:0f:55:0a:d8:db:
d7:2e:fd:b0:d6:9a:48:d7:00:b7:3f:54:10:2a:75:
60:94:8d:43:71:4b:65:00:a2:41:72:43:59:0b:a4:
94:b9:33:9a:aa:f8:22:3e:dd:1d:c7:4c:fc:09:d7:
b4:b5:91:94:d0:2f:85:cd:63:36:60:45:55:af:f1:
01:a4:c5:19:bc:21:fc:da:cc:1e:66:35:11:48:71:
68:4e:7d:fb:91:ac:32:71:06:21:b4:bd:86:91:27:
1f:75:5f:37:5c:46:a5:a2:bc:d0:29:4c:34:ad:83:
02:66:67:7d:e4:0b:65:e0:c8:c9:9d:95:78:37:ea:
af:7e:23:64:02:e8:a1:85:bf:a1:8f:45:ec:ff:1b:
a7:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:4A:38:FA:1B:67:3D:F4:BB:74:D5:64:78:E2:D8:FB:00:68:43:FD
X509v3 Authority Key Identifier:
keyid:7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/9Eo4-htnPfS7dNVkeOLY-wBoQ_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.33.0-194.0.34.255
194.69.254.0/24
IPv6:
2001:678:40::/48
2001:678:44::/48
2001:67c:21cc::/48
Signature Algorithm: sha256WithRSAEncryption
80:e0:e1:53:8e:ed:a6:1b:2b:34:19:a2:7a:fd:0e:86:2f:b0:
a6:4d:bf:34:d9:b4:a9:4a:f0:56:24:61:82:bf:31:1c:47:11:
01:55:a5:d5:46:21:6a:d2:09:15:6d:f2:7c:97:2c:48:93:b1:
8b:18:11:b1:30:49:ab:1f:54:ff:ba:5f:c3:19:59:5c:24:d9:
5d:7a:d3:ab:e6:6c:cd:f0:32:9c:b2:58:b8:19:2e:3a:28:87:
03:dd:2a:f7:ba:28:a4:dc:e8:9a:95:57:fa:19:01:85:af:4a:
b6:c7:4b:8c:fb:3d:be:f7:69:59:3e:48:a9:e0:aa:b4:a4:eb:
10:06:a8:54:c3:09:89:31:ab:3f:10:90:9a:19:12:8f:68:87:
56:fb:88:d2:d0:66:da:6a:3d:f8:7a:15:66:d4:32:55:41:24:
b8:6a:28:34:ab:16:8f:ee:0b:80:48:63:40:b9:4c:71:58:1c:
cb:a7:0e:11:bf:3b:d2:f8:ef:38:f6:5a:b7:44:01:9f:33:a3:
bb:ad:a9:d7:1a:84:31:c4:ce:fc:d7:2b:a2:56:d4:dd:15:8d:
21:31:43:1b:4c:cd:59:4d:af:a0:92:b3:96:d3:73:73:fc:00:
19:65:24:c1:65:e0:79:98:e4:65:f8:70:f6:90:4d:8f:f1:d8:
b4:3c:c8:37
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYzHlIUZr5mEvx4ezBEXGRPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTAwNzdkMmRkOGE2N2ExYWU4YjZhYmQ2YmJiMzQ4OTAy
OGE1YmIwHhcNMjQwMTAyMDAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDRhMzhmYTFiNjczZGY0YmI3NGQ1NjQ3OGUyZDhmYjAwNjg0M2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+K5SDFOQ6XF8GU9UAF0jEkiU/Pj
uYqQLNomlDkUsSEvZgbMyHpNVgEgz2ggPk/hsQN06Sr11ExfLW0E8UFBXWhUFhT4
+xDQn54Fmi/aSm6GMWh0O9MRuWuohKgTVMkJ2C05qvR4OaIp0LbbpULq3VRKD1UK
2NvXLv2w1ppI1wC3P1QQKnVglI1DcUtlAKJBckNZC6SUuTOaqvgiPt0dx0z8Cde0
tZGU0C+FzWM2YEVVr/EBpMUZvCH82sweZjURSHFoTn37kawycQYhtL2GkScfdV83
XEalorzQKUw0rYMCZmd95Atl4MjJnZV4N+qvfiNkAuihhb+hj0Xs/xunRQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPRKOPobZz30u3TVZHji2PsAaEP9MB8GA1UdIwQY
MBaAFH9QB30t2KZ6Gui2q9a7s0iQKKW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2Mt
M2U3Y2FkZDg4YzcwLzEvOUVvNC1odG5QZlM3ZE5Wa2VPTFktd0JvUV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2MtM2U3Y2FkZDg4Yzcw
LzEvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAaBAIAATAUMAwDBADCACED
BADCACIDBADCRf4wIQQCAAIwGwMHACABBngAQAMHACABBngARAMHACABBnwhzDAN
BgkqhkiG9w0BAQsFAAOCAQEAgODhU47tphsrNBmiev0Ohi+wpk2/NNm0qUrwViRh
gr8xHEcRAVWl1UYhatIJFW3yfJcsSJOxixgRsTBJqx9U/7pfwxlZXCTZXXrTq+Zs
zfAynLJYuBkuOiiHA90q97oopNzompVX+hkBha9KtsdLjPs9vvdpWT5IqeCqtKTr
EAaoVMMJiTGrPxCQmhkSj2iHVvuI0tBm2mo9+HoVZtQyVUEkuGooNKsWj+4LgEhj
QLlMcVgcy6cOEb870vjvOPZat0QBnzOju62p1xqEMcTO/NcrolbU3RWNITFDG0zN
WU2voJKzltNzc/wAGWUkwWXgeZjkZfhw9pBNj/HYtDzINw==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:04:42 2024 by rpki-client on console-fra.rpki-client.org