Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d27da2-2754-4d7b-af90-6e02af0a4994/1/DCuTdt8A1mHBSNMOfGk8mRw-xEk.roa
File: DCuTdt8A1mHBSNMOfGk8mRw-xEk.roa (raw, json)
Hash identifier: 0QXIcMu0NZhOofzv9xedwHxaqo5AzoGlMsFOPCSu890=
Subject key identifier: 0C:2B:93:76:DF:00:D6:61:C1:48:D3:0E:7C:69:3C:99:1C:3E:C4:49
Certificate issuer: /CN=a0937525577cb2af1b285c96431dbd600f57cbe8
Certificate serial: 018CC8011507D62909433F469516E5C850F4
Authority key identifier: A0:93:75:25:57:7C:B2:AF:1B:28:5C:96:43:1D:BD:60:0F:57:CB:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJN1JVd8sq8bKFyWQx29YA9Xy-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/d27da2-2754-4d7b-af90-6e02af0a4994/1/DCuTdt8A1mHBSNMOfGk8mRw-xEk.roa
Signing time: Tue 02 Jan 2024 02:29:23 +0000
ROA not before: Tue 02 Jan 2024 02:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24944
IP address blocks: 194.50.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/d27da2-2754-4d7b-af90-6e02af0a4994/1/oJN1JVd8sq8bKFyWQx29YA9Xy-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/d27da2-2754-4d7b-af90-6e02af0a4994/1/oJN1JVd8sq8bKFyWQx29YA9Xy-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/oJN1JVd8sq8bKFyWQx29YA9Xy-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:15:07:d6:29:09:43:3f:46:95:16:e5:c8:50:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0937525577cb2af1b285c96431dbd600f57cbe8
Validity
Not Before: Jan 2 02:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c2b9376df00d661c148d30e7c693c991c3ec449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:32:16:91:c1:54:0e:cb:f9:1c:ff:3c:e5:7c:
dd:67:76:f2:62:12:4a:70:82:b5:6f:10:e7:e5:2b:
01:73:2a:0a:00:d7:63:65:80:4d:26:38:9c:52:02:
7b:a6:25:0d:27:30:db:7b:bc:40:ab:cf:8d:9d:6b:
a1:52:a5:7d:37:e6:67:1a:17:a6:e2:ae:3c:ad:d7:
47:bf:97:50:d5:68:81:3b:8e:77:75:97:e0:65:ad:
dc:4b:27:e3:25:86:ad:72:bf:b2:04:e7:0a:47:d1:
fd:d5:6c:04:a0:92:80:89:12:5f:3d:34:fc:64:3b:
03:a0:c0:09:5a:29:be:9e:88:3b:a7:97:96:56:d8:
92:f4:a7:f1:66:33:e6:2d:00:90:74:ef:64:9e:1e:
9b:f2:2c:6a:e9:28:e3:bd:7a:92:41:d8:7a:36:84:
0b:bd:3b:15:81:50:48:29:5d:68:59:2b:8b:2f:77:
69:bc:d3:eb:9e:6a:c2:25:64:4d:2f:f0:12:2f:01:
23:a0:c7:2a:12:e5:bc:30:ce:63:7b:22:5a:69:f2:
c1:77:7c:73:20:65:06:c9:f5:0c:71:27:d0:28:c1:
27:1b:c2:11:48:12:ce:95:7a:cc:67:0e:86:14:fa:
ce:d0:e4:bc:d4:3b:58:71:a4:9e:20:8c:38:c5:81:
c7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2B:93:76:DF:00:D6:61:C1:48:D3:0E:7C:69:3C:99:1C:3E:C4:49
X509v3 Authority Key Identifier:
keyid:A0:93:75:25:57:7C:B2:AF:1B:28:5C:96:43:1D:BD:60:0F:57:CB:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJN1JVd8sq8bKFyWQx29YA9Xy-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d27da2-2754-4d7b-af90-6e02af0a4994/1/DCuTdt8A1mHBSNMOfGk8mRw-xEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d27da2-2754-4d7b-af90-6e02af0a4994/1/oJN1JVd8sq8bKFyWQx29YA9Xy-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.84.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:82:1e:f0:47:cc:e9:de:35:d8:2f:19:80:e7:92:21:b9:56:
87:d3:32:ef:76:c4:d2:95:1c:5e:0a:e7:9e:d2:ca:a4:0b:56:
0f:30:55:1d:65:15:eb:b8:a9:cf:5c:3d:e1:4b:4d:0e:1d:77:
f9:9d:df:a7:bc:67:a2:a1:48:03:b2:c8:d6:0c:ba:36:84:c3:
4e:66:9f:1b:3a:d6:43:5d:29:0e:06:4a:5e:ec:89:97:2d:84:
8e:f0:01:38:16:59:29:45:22:ee:e8:2a:6e:7e:a5:5f:00:13:
22:b6:be:9d:c1:d2:f8:a6:0f:91:0f:2f:11:bd:4b:13:08:f7:
38:aa:9c:c4:be:0b:aa:eb:52:ec:e4:9b:9d:99:a1:8a:a9:b6:
38:a5:0b:1b:ff:a5:83:04:74:25:b2:67:46:9c:50:a1:ef:30:
b1:01:6f:f3:b0:41:34:0c:2a:dd:83:2c:83:4d:1f:b6:f4:76:
50:71:48:09:df:50:ea:96:d8:b5:56:62:d8:6b:08:f3:ef:d2:
8b:2b:ca:20:67:34:d2:98:36:3d:e0:28:1a:de:9d:b8:52:97:
ab:8f:0f:2d:0d:00:7d:e5:4a:12:8f:8a:ed:f0:2f:60:ef:b7:
87:7f:56:ff:7c:36:b5:1a:9e:56:5e:37:bb:74:fa:69:24:17:
21:e8:02:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIARUH1ikJQz9GlRblyFD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwOTM3NTI1NTc3Y2IyYWYxYjI4NWM5NjQzMWRiZDYwMGY1
N2NiZTgwHhcNMjQwMTAyMDIyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJiOTM3NmRmMDBkNjYxYzE0OGQzMGU3YzY5M2M5OTFjM2VjNDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzIWkcFUDsv5HP885XzdZ3byYhJK
cIK1bxDn5SsBcyoKANdjZYBNJjicUgJ7piUNJzDbe7xAq8+NnWuhUqV9N+ZnGhem
4q48rddHv5dQ1WiBO453dZfgZa3cSyfjJYatcr+yBOcKR9H91WwEoJKAiRJfPTT8
ZDsDoMAJWim+nog7p5eWVtiS9KfxZjPmLQCQdO9knh6b8ixq6SjjvXqSQdh6NoQL
vTsVgVBIKV1oWSuLL3dpvNPrnmrCJWRNL/ASLwEjoMcqEuW8MM5jeyJaafLBd3xz
IGUGyfUMcSfQKMEnG8IRSBLOlXrMZw6GFPrO0OS81DtYcaSeIIw4xYHHzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwrk3bfANZhwUjTDnxpPJkcPsRJMB8GA1UdIwQY
MBaAFKCTdSVXfLKvGyhclkMdvWAPV8voMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0pOMUpWZDhzcThiS0Z5V1F4MjlZQTlYeS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kMjdkYTItMjc1NC00ZDdiLWFmOTAt
NmUwMmFmMGE0OTk0LzEvREN1VGR0OEExbUhCU05NT2ZHazhtUncteEVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kMjdkYTItMjc1NC00ZDdiLWFmOTAtNmUwMmFmMGE0OTk0
LzEvb0pOMUpWZDhzcThiS0Z5V1F4MjlZQTlYeS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjJUMA0G
CSqGSIb3DQEBCwUAA4IBAQB6gh7wR8zp3jXYLxmA55IhuVaH0zLvdsTSlRxeCuee
0sqkC1YPMFUdZRXruKnPXD3hS00OHXf5nd+nvGeioUgDssjWDLo2hMNOZp8bOtZD
XSkOBkpe7ImXLYSO8AE4FlkpRSLu6CpufqVfABMitr6dwdL4pg+RDy8RvUsTCPc4
qpzEvguq61Ls5JudmaGKqbY4pQsb/6WDBHQlsmdGnFCh7zCxAW/zsEE0DCrdgyyD
TR+29HZQcUgJ31Dqlti1VmLYawjz79KLK8ogZzTSmDY94Cga3p24Uperjw8tDQB9
5UoSj4rt8C9g77eHf1b/fDa1Gp5WXje7dPppJBch6AJB
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:05 2024 by rpki-client on console-ams.rpki-client.org