Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/rHjGogDg2TygL360mkC63ylUha4.roa
File: rHjGogDg2TygL360mkC63ylUha4.roa (raw, json)
Hash identifier: xoucKNK8locw2by4flGOrdPsnAx49DhdxB4/lvgmsms=
Subject key identifier: AC:78:C6:A2:00:E0:D9:3C:A0:2F:7E:B4:9A:40:BA:DF:29:54:85:AE
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 018CC348F5FE202AC5759E80F187AA94E1EF
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/rHjGogDg2TygL360mkC63ylUha4.roa
Signing time: Mon 01 Jan 2024 04:29:47 +0000
ROA not before: Mon 01 Jan 2024 04:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42354
IP address blocks: 94.16.23.0/24 maxlen: 24
94.16.27.0/24 maxlen: 32
185.228.148.184/29 maxlen: 32
185.228.148.84/32 maxlen: 32
185.228.149.112/28 maxlen: 32
144.208.213.140/32 maxlen: 32
185.228.150.176/29 maxlen: 32
144.208.213.143/32 maxlen: 32
2a00:11c0:62::/48 maxlen: 128
2a00:11c0:3d::/48 maxlen: 48
2a00:11c0:82:359:217:146:20:72/128 maxlen: 128
2a00:11c0:4b::/48 maxlen: 48
2a00:11c0:e:ffff:1::7/128 maxlen: 128
2a00:11c0:e:ffff:1::6/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f5:fe:20:2a:c5:75:9e:80:f1:87:aa:94:e1:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 1 04:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac78c6a200e0d93ca02f7eb49a40badf295485ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a3:df:1e:0c:4e:7f:1e:3d:bd:61:e4:ee:ba:
78:81:8e:3b:a9:5c:0b:75:ae:88:24:04:20:0d:24:
16:e7:50:fe:ce:2f:e9:92:65:c5:35:84:a1:7b:1b:
2a:7e:77:27:d8:25:c4:88:a3:2c:29:c7:0a:eb:13:
00:86:56:66:4d:a1:89:3a:5c:0e:e1:37:88:85:9f:
f9:26:cf:79:a0:9c:e4:b3:1d:ac:91:b3:3e:ab:95:
63:fa:f0:c4:57:a1:18:ef:ed:98:34:08:a0:77:27:
6e:77:4a:47:1d:b3:73:5d:99:32:42:82:33:d0:57:
11:e4:66:31:30:01:b8:3f:84:34:82:89:8b:63:2f:
ee:46:1a:9f:01:bd:6a:8e:32:88:13:84:72:59:03:
86:e2:a6:f8:ee:0a:8a:90:33:8e:c2:ea:e6:4b:41:
c8:4b:3f:b2:f5:79:e3:31:c6:91:61:e1:32:11:7d:
31:5d:a7:8b:50:9c:29:1c:37:4e:5f:23:05:fb:28:
ca:7d:11:e5:3b:b1:24:a2:19:a4:c6:f0:a6:d0:7e:
59:e5:c8:63:14:35:34:74:3b:dd:87:48:ac:d8:92:
b1:3d:5c:d4:53:04:7a:bc:56:2a:9a:39:97:60:10:
18:d5:81:a9:66:ea:05:1c:04:50:51:3a:88:15:ba:
53:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:78:C6:A2:00:E0:D9:3C:A0:2F:7E:B4:9A:40:BA:DF:29:54:85:AE
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/rHjGogDg2TygL360mkC63ylUha4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.23.0/24
94.16.27.0/24
144.208.213.140/32
144.208.213.143/32
185.228.148.84/32
185.228.148.184/29
185.228.149.112/28
185.228.150.176/29
IPv6:
2a00:11c0:e:ffff:1:0:0:6/127
2a00:11c0:3d::/48
2a00:11c0:4b::/48
2a00:11c0:62::/48
2a00:11c0:82:359:217:146:20:72/128
Signature Algorithm: sha256WithRSAEncryption
1f:17:aa:90:17:cb:1f:c0:03:e7:2d:86:0b:76:73:31:0a:ac:
bf:e9:bc:42:e5:74:72:24:a7:71:dc:14:d6:df:cb:e4:aa:fb:
61:e6:a5:74:c5:9e:ea:5c:d3:1c:71:a2:87:61:a1:37:ac:7f:
4a:12:77:7c:19:b9:7a:f5:0b:d8:d5:7a:5c:65:1c:b1:e9:9d:
26:fb:93:68:be:b8:0a:b9:51:c2:7f:85:5c:49:66:f0:02:14:
99:80:ce:74:eb:f2:43:77:b8:46:c1:32:56:c4:d8:a5:2c:52:
f9:db:a6:fb:a8:83:69:53:5b:df:82:ba:74:a3:e8:b2:b4:3f:
d3:50:5b:1e:34:b4:27:39:e1:83:b4:1a:22:3e:f2:9d:89:2e:
08:15:45:a1:1a:8a:2e:6e:da:60:e6:d5:ef:3b:3d:6c:3d:b3:
a8:7e:64:95:44:e5:fe:5f:6b:30:a6:d0:67:aa:ad:a7:8a:87:
4e:95:19:33:c1:0a:b4:d6:93:1e:12:31:eb:a1:3a:eb:a2:42:
2f:8f:26:3a:5b:89:64:b9:12:1a:d5:b0:4d:f6:19:65:83:2d:
a8:5d:64:1e:c2:54:32:03:82:7b:16:a3:00:fc:a1:5b:94:cd:
9c:65:97:6e:fa:23:e1:dd:f2:4e:58:95:9c:21:1f:b4:4e:17:
2a:da:2a:5e
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYzDSPX+ICrFdZ6A8YeqlOHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjQwMTAxMDQyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc4YzZhMjAwZTBkOTNjYTAyZjdlYjQ5YTQwYmFkZjI5NTQ4NWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqPfHgxOfx49vWHk7rp4gY47qVwL
da6IJAQgDSQW51D+zi/pkmXFNYShexsqfncn2CXEiKMsKccK6xMAhlZmTaGJOlwO
4TeIhZ/5Js95oJzksx2skbM+q5Vj+vDEV6EY7+2YNAigdydud0pHHbNzXZkyQoIz
0FcR5GYxMAG4P4Q0gomLYy/uRhqfAb1qjjKIE4RyWQOG4qb47gqKkDOOwurmS0HI
Sz+y9XnjMcaRYeEyEX0xXaeLUJwpHDdOXyMF+yjKfRHlO7EkohmkxvCm0H5Z5chj
FDU0dDvdh0is2JKxPVzUUwR6vFYqmjmXYBAY1YGpZuoFHARQUTqIFbpTEQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKx4xqIA4Nk8oC9+tJpAut8pVIWuMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvckhqR29nRGcyVHlnTDM2MG1rQzYzeWxVaGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzA8BAIAATA2AwQAXhAX
AwQAXhAbAwUAkNDVjAMFAJDQ1Y8DBQC55JRUAwUDueSUuAMFBLnklXADBQO55Jaw
MEcEAgACMEEDEQEqABHAAA7//wABAAAAAAAGAwcAKgARwAA9AwcAKgARwABLAwcA
KgARwABiAxEAKgARwACCA1kCFwFGACAAcjANBgkqhkiG9w0BAQsFAAOCAQEAHxeq
kBfLH8AD5y2GC3ZzMQqsv+m8QuV0ciSncdwU1t/L5Kr7YealdMWe6lzTHHGih2Gh
N6x/ShJ3fBm5evUL2NV6XGUcsemdJvuTaL64CrlRwn+FXElm8AIUmYDOdOvyQ3e4
RsEyVsTYpSxS+dum+6iDaVNb34K6dKPosrQ/01BbHjS0Jznhg7QaIj7ynYkuCBVF
oRqKLm7aYObV7zs9bD2zqH5klUTl/l9rMKbQZ6qtp4qHTpUZM8EKtNaTHhIx66E6
66JCL48mOluJZLkSGtWwTfYZZYMtqF1kHsJUMgOCexajAPyhW5TNnGWXbvoj4d3y
TliVnCEftE4XKtoqXg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:32:07 2024 by rpki-client on console-fra.rpki-client.org