Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/F1zmsppR_Ns6ZBGciHERruKiqwY.roa
File: F1zmsppR_Ns6ZBGciHERruKiqwY.roa (raw, json)
Hash identifier: EXyflOWJvPeaRMI81GEA3DRaBQ/1SZh5wfFM2Jr0dw0=
Subject key identifier: 17:5C:E6:B2:9A:51:FC:DB:3A:64:11:9C:88:71:11:AE:E2:A2:AB:06
Certificate issuer: /CN=4ed037d4ee3e5d27065ad80356582a2fdc2b488d
Certificate serial: 018CC9BC1F7D149C14C78639680A8ACDB6D4
Authority key identifier: 4E:D0:37:D4:EE:3E:5D:27:06:5A:D8:03:56:58:2A:2F:DC:2B:48:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TtA31O4-XScGWtgDVlgqL9wrSI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/F1zmsppR_Ns6ZBGciHERruKiqwY.roa
Signing time: Tue 02 Jan 2024 10:33:18 +0000
ROA not before: Tue 02 Jan 2024 10:33:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35108
IP address blocks: 194.8.32.0/21 maxlen: 24
194.8.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/TtA31O4-XScGWtgDVlgqL9wrSI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/TtA31O4-XScGWtgDVlgqL9wrSI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/TtA31O4-XScGWtgDVlgqL9wrSI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:1f:7d:14:9c:14:c7:86:39:68:0a:8a:cd:b6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ed037d4ee3e5d27065ad80356582a2fdc2b488d
Validity
Not Before: Jan 2 10:33:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=175ce6b29a51fcdb3a64119c887111aee2a2ab06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a6:fb:12:ef:90:8f:37:90:83:05:bf:d5:9d:
4f:e1:29:a0:04:5f:8a:26:7e:9c:28:ef:eb:b6:f3:
b2:28:b1:a1:9b:04:22:31:3d:8e:a1:61:2b:af:5a:
84:a6:dd:d9:7e:a8:f8:dd:f5:7c:3f:b0:6e:9a:60:
52:79:70:40:bd:7c:c2:eb:e0:ba:dc:de:33:a7:33:
79:76:bf:51:1a:60:3b:d3:0b:5a:44:1f:c1:0c:d5:
86:0f:e5:25:3a:ef:4a:85:5a:11:80:3e:8d:78:23:
b9:16:e9:b6:58:4d:09:cc:ec:c4:f8:0a:18:38:c3:
97:07:c7:3b:57:18:00:aa:4c:00:af:f5:6e:00:b5:
ee:1d:04:57:7f:ac:af:ad:39:b1:86:8f:4b:2d:4f:
7b:9b:4a:40:1d:02:0d:c6:76:e6:b7:14:27:5b:f6:
be:e5:18:dc:32:54:75:da:32:68:a7:fb:48:9f:58:
e2:88:fa:96:5a:29:e3:98:78:2f:d6:5d:ff:88:b9:
49:52:70:1d:48:3a:54:ed:57:92:9a:e3:33:e4:bc:
03:e9:0d:10:c8:64:33:8d:23:4c:54:ae:99:93:c8:
c7:23:41:66:ed:d2:52:98:ab:d3:ad:13:3a:42:a7:
a5:36:da:53:8a:22:5b:d7:4a:4e:c8:d9:c2:4b:f1:
6e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:5C:E6:B2:9A:51:FC:DB:3A:64:11:9C:88:71:11:AE:E2:A2:AB:06
X509v3 Authority Key Identifier:
keyid:4E:D0:37:D4:EE:3E:5D:27:06:5A:D8:03:56:58:2A:2F:DC:2B:48:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TtA31O4-XScGWtgDVlgqL9wrSI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/F1zmsppR_Ns6ZBGciHERruKiqwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/74b996-80ee-4c39-8e74-350e681b99d1/1/TtA31O4-XScGWtgDVlgqL9wrSI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.32.0-194.8.43.255
Signature Algorithm: sha256WithRSAEncryption
2c:07:79:7b:e7:48:b3:b5:96:98:ac:9b:7c:02:d6:8c:7d:dc:
41:57:bc:07:f7:c4:04:fd:16:22:08:d3:73:1c:17:65:c3:03:
2e:26:51:7c:72:6c:ab:a2:b3:04:10:ac:6b:18:74:4d:73:c0:
57:36:a0:9a:66:cc:7e:5b:a9:ff:eb:18:0b:7e:4f:f1:57:c1:
1c:08:aa:d5:4e:40:ee:34:e6:2e:50:b3:80:57:17:c4:f9:27:
cd:b6:5d:68:41:85:03:78:1b:af:70:c9:c5:7c:e0:f2:d8:0f:
e7:b9:fb:ce:8d:40:40:dd:b2:1f:73:19:2b:4f:1d:b2:45:25:
65:d9:91:04:02:ce:11:64:a6:0b:7c:4f:72:10:3e:3a:bd:29:
18:53:3c:ab:62:bd:8e:79:41:df:ef:d1:87:76:49:0c:ec:c1:
23:83:44:a2:b2:73:1d:c9:c6:1d:ee:3f:eb:32:78:ae:db:c8:
b2:fa:36:7a:83:ba:05:f8:de:9a:32:f3:1e:e1:00:78:ee:29:
2c:99:59:34:95:e5:ac:e7:43:ee:ee:67:2f:67:47:34:17:de:
4b:9d:6a:33:0b:60:bc:b2:6c:82:9d:94:d2:9c:ad:e9:a9:af:
ac:ab:e4:59:b0:6d:79:2b:e8:c5:02:fd:06:d1:e1:fd:33:21:
b5:52:49:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJvB99FJwUx4Y5aAqKzbbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZDAzN2Q0ZWUzZTVkMjcwNjVhZDgwMzU2NTgyYTJmZGMy
YjQ4OGQwHhcNMjQwMTAyMTAzMzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzVjZTZiMjlhNTFmY2RiM2E2NDExOWM4ODcxMTFhZWUyYTJhYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqb7Eu+QjzeQgwW/1Z1P4SmgBF+K
Jn6cKO/rtvOyKLGhmwQiMT2OoWErr1qEpt3Zfqj43fV8P7BummBSeXBAvXzC6+C6
3N4zpzN5dr9RGmA70wtaRB/BDNWGD+UlOu9KhVoRgD6NeCO5Fum2WE0JzOzE+AoY
OMOXB8c7VxgAqkwAr/VuALXuHQRXf6yvrTmxho9LLU97m0pAHQINxnbmtxQnW/a+
5RjcMlR12jJop/tIn1jiiPqWWinjmHgv1l3/iLlJUnAdSDpU7VeSmuMz5LwD6Q0Q
yGQzjSNMVK6Zk8jHI0Fm7dJSmKvTrRM6QqelNtpTiiJb10pOyNnCS/FuUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBdc5rKaUfzbOmQRnIhxEa7ioqsGMB8GA1UdIwQY
MBaAFE7QN9TuPl0nBlrYA1ZYKi/cK0iNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHRBMzFPNC1YU2NHV3RnRFZsZ3FMOXdyU0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83NGI5OTYtODBlZS00YzM5LThlNzQt
MzUwZTY4MWI5OWQxLzEvRjF6bXNwcFJfTnM2WkJHY2lIRVJydUtpcXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83NGI5OTYtODBlZS00YzM5LThlNzQtMzUwZTY4MWI5OWQx
LzEvVHRBMzFPNC1YU2NHV3RnRFZsZ3FMOXdyU0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXCCCAD
BALCCCgwDQYJKoZIhvcNAQELBQADggEBACwHeXvnSLO1lpism3wC1ox93EFXvAf3
xAT9FiII03McF2XDAy4mUXxybKuiswQQrGsYdE1zwFc2oJpmzH5bqf/rGAt+T/FX
wRwIqtVOQO405i5Qs4BXF8T5J822XWhBhQN4G69wycV84PLYD+e5+86NQEDdsh9z
GStPHbJFJWXZkQQCzhFkpgt8T3IQPjq9KRhTPKtivY55Qd/v0Yd2SQzswSODRKKy
cx3Jxh3uP+syeK7byLL6NnqDugX43poy8x7hAHjuKSyZWTSV5aznQ+7uZy9nRzQX
3kudajMLYLyybIKdlNKcrempr6yr5FmwbXkr6MUC/QbR4f0zIbVSSeA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:07:23 2024 by rpki-client on console-ams.rpki-client.org