Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/dG6Jr8HrIWtkghFpG4hSQOEmweI.roa
File: dG6Jr8HrIWtkghFpG4hSQOEmweI.roa (raw, json)
Hash identifier: CAyuHZjM2s//51/8hRx73yZrM4eYNj60qh336Ot5BIc=
Subject key identifier: 74:6E:89:AF:C1:EB:21:6B:64:82:11:69:1B:88:52:40:E1:26:C1:E2
Certificate issuer: /CN=08d5eb6a96864dfa2c51b2e256c5180ab92229cd
Certificate serial: 01929959CBBFB366A7FBF6740DA2FF518E34
Authority key identifier: 08:D5:EB:6A:96:86:4D:FA:2C:51:B2:E2:56:C5:18:0A:B9:22:29:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNXrapaGTfosUbLiVsUYCrkiKc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/dG6Jr8HrIWtkghFpG4hSQOEmweI.roa
Signing time: Thu 17 Oct 2024 07:20:51 +0000
ROA not before: Thu 17 Oct 2024 07:20:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30722
IP address blocks: 194.55.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CNXrapaGTfosUbLiVsUYCrkiKc0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:59:cb:bf:b3:66:a7:fb:f6:74:0d:a2:ff:51:8e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d5eb6a96864dfa2c51b2e256c5180ab92229cd
Validity
Not Before: Oct 17 07:20:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=746e89afc1eb216b648211691b885240e126c1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:89:a8:b2:88:8f:c9:3c:4e:42:b7:bc:1b:
1b:ac:3c:fd:75:9f:8f:f5:0a:de:b5:e8:29:7c:51:
ca:f2:98:e7:81:c1:f7:77:12:f8:ae:6c:55:a0:11:
89:3f:b0:36:ef:9d:6a:5b:d6:3a:44:03:da:87:2c:
30:98:4c:97:59:0a:08:9f:71:c4:f9:b8:cf:3f:2b:
40:e1:ec:14:39:f4:ba:39:66:17:5b:62:e8:7c:0e:
f6:be:c5:97:92:02:61:47:34:20:2d:f1:96:59:8b:
75:f3:d4:e0:ef:03:2f:10:7f:f4:3d:92:fd:e5:25:
41:8b:28:8a:b4:00:b8:57:13:15:f2:bc:61:1c:9e:
b3:2d:bc:cf:5d:7d:97:64:80:63:90:f7:29:f9:a9:
7d:fc:45:07:9b:82:d9:64:f1:10:23:b9:67:e2:e8:
f4:ce:08:8e:0d:9c:c9:b2:9a:e2:3c:ef:de:a0:d1:
07:f4:6f:15:b7:5a:37:50:2e:45:f5:3c:83:28:16:
81:52:c8:5d:1d:0e:7c:7b:6c:81:65:a4:1d:61:20:
fb:03:41:2b:ab:33:08:3f:c4:e5:90:a9:91:36:00:
7f:1b:30:b6:b4:89:35:d0:c2:59:73:1c:c5:94:7a:
e1:0a:63:cb:f2:97:44:df:14:aa:8c:96:8c:8e:b6:
84:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6E:89:AF:C1:EB:21:6B:64:82:11:69:1B:88:52:40:E1:26:C1:E2
X509v3 Authority Key Identifier:
keyid:08:D5:EB:6A:96:86:4D:FA:2C:51:B2:E2:56:C5:18:0A:B9:22:29:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNXrapaGTfosUbLiVsUYCrkiKc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/dG6Jr8HrIWtkghFpG4hSQOEmweI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.44.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:22:76:17:e0:af:fe:ae:ac:ac:38:6e:8f:d9:b2:5c:d6:85:
a9:da:03:30:43:34:ac:35:d7:5f:86:49:e4:95:e3:51:43:52:
90:7a:69:3f:9c:c8:85:84:09:01:11:55:1b:99:81:45:05:ba:
12:6f:0c:d4:23:ae:18:1e:a0:21:53:fd:82:fe:02:28:2a:cd:
3e:ee:5f:eb:86:ea:4e:07:56:92:96:9e:66:8e:2a:f6:b9:b5:
fa:e1:5d:8a:f2:c8:02:32:0c:a1:37:ee:a3:fc:ae:a7:be:42:
6a:fe:62:90:fe:55:9e:41:82:b5:16:cc:00:c1:38:4c:9c:07:
36:88:d1:3f:fd:41:16:f3:af:3c:18:70:b0:f3:5e:21:6f:60:
7f:31:d0:8d:20:2d:ae:ff:8d:66:76:b8:a5:89:4f:94:e4:76:
71:38:91:dc:13:9d:26:06:e8:eb:dd:29:bd:72:0c:13:37:4d:
2c:a8:d0:ee:49:4f:64:59:a6:a0:27:00:fd:47:ec:64:74:77:
b5:1b:54:a2:72:7c:0f:0f:cd:da:72:5d:ac:e2:c7:69:1e:5d:
7e:d7:df:8b:1c:2c:a9:91:1e:a0:d9:cb:dc:60:50:40:ac:fd:
57:63:23:7b:76:a7:1c:e9:be:c6:0b:a3:60:53:c7:ff:f2:a4:
14:16:af:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKZWcu/s2an+/Z0DaL/UY40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDVlYjZhOTY4NjRkZmEyYzUxYjJlMjU2YzUxODBhYjky
MjI5Y2QwHhcNMjQxMDE3MDcyMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDZlODlhZmMxZWIyMTZiNjQ4MjExNjkxYjg4NTI0MGUxMjZjMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r6JqLKIj8k8TkK3vBsbrDz9dZ+P
9QretegpfFHK8pjngcH3dxL4rmxVoBGJP7A2751qW9Y6RAPahywwmEyXWQoIn3HE
+bjPPytA4ewUOfS6OWYXW2LofA72vsWXkgJhRzQgLfGWWYt189Tg7wMvEH/0PZL9
5SVBiyiKtAC4VxMV8rxhHJ6zLbzPXX2XZIBjkPcp+al9/EUHm4LZZPEQI7ln4uj0
zgiODZzJspriPO/eoNEH9G8Vt1o3UC5F9TyDKBaBUshdHQ58e2yBZaQdYSD7A0Er
qzMIP8TlkKmRNgB/GzC2tIk10MJZcxzFlHrhCmPL8pdE3xSqjJaMjraEUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHRuia/B6yFrZIIRaRuIUkDhJsHiMB8GA1UdIwQY
MBaAFAjV62qWhk36LFGy4lbFGAq5IinNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05YcmFwYUdUZm9zVWJMaVZzVVlDcmtpS2MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80YTU4YmMtMjQwMy00MTQ0LWJiNWUt
YmI2ODI5MzYwY2VlLzEvZEc2SnI4SHJJV3RrZ2hGcEc0aFNRT0Vtd2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80YTU4YmMtMjQwMy00MTQ0LWJiNWUtYmI2ODI5MzYwY2Vl
LzEvQ05YcmFwYUdUZm9zVWJMaVZzVVlDcmtpS2MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjcsMA0G
CSqGSIb3DQEBCwUAA4IBAQBaInYX4K/+rqysOG6P2bJc1oWp2gMwQzSsNddfhknk
leNRQ1KQemk/nMiFhAkBEVUbmYFFBboSbwzUI64YHqAhU/2C/gIoKs0+7l/rhupO
B1aSlp5mjir2ubX64V2K8sgCMgyhN+6j/K6nvkJq/mKQ/lWeQYK1FswAwThMnAc2
iNE//UEW8688GHCw814hb2B/MdCNIC2u/41mdriliU+U5HZxOJHcE50mBujr3Sm9
cgwTN00sqNDuSU9kWaagJwD9R+xkdHe1G1SicnwPD83acl2s4sdpHl1+19+LHCyp
kR6g2cvcYFBArP1XYyN7dqcc6b7GC6NgU8f/8qQUFq+v
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:40:07 2024 by rpki-client on console-fra.rpki-client.org