Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/rofJJc-nwft1HskY5sCFzdllJdU.roa
File: rofJJc-nwft1HskY5sCFzdllJdU.roa (raw, json)
Hash identifier: 2E8TF9kbk7TMlXj6JEzenDkA91iL5GpEJDo4zYUsFQM=
Subject key identifier: AE:87:C9:25:CF:A7:C1:FB:75:1E:C9:18:E6:C0:85:CD:D9:65:25:D5
Certificate issuer: /CN=dcc2004a1af030ba99fcf451f3bd88efc53846a9
Certificate serial: 018CC5DCC67230C7FB07DECDC763B76703F8
Authority key identifier: DC:C2:00:4A:1A:F0:30:BA:99:FC:F4:51:F3:BD:88:EF:C5:38:46:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MIAShrwMLqZ_PRR872I78U4Rqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/rofJJc-nwft1HskY5sCFzdllJdU.roa
Signing time: Mon 01 Jan 2024 16:30:29 +0000
ROA not before: Mon 01 Jan 2024 16:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14630
IP address blocks: 193.23.124.0/24 maxlen: 24
194.35.33.0/24 maxlen: 24
194.35.35.0/24 maxlen: 24
194.35.32.0/24 maxlen: 24
194.35.34.0/24 maxlen: 24
2a0d:fd40:56::/48 maxlen: 48
2a0d:fd40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/3MIAShrwMLqZ_PRR872I78U4Rqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/3MIAShrwMLqZ_PRR872I78U4Rqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3MIAShrwMLqZ_PRR872I78U4Rqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 10:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:c6:72:30:c7:fb:07:de:cd:c7:63:b7:67:03:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcc2004a1af030ba99fcf451f3bd88efc53846a9
Validity
Not Before: Jan 1 16:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae87c925cfa7c1fb751ec918e6c085cdd96525d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:8f:01:41:b6:5a:3c:6d:a0:7e:31:db:d6:ff:
bc:56:7c:7e:1b:77:73:86:db:5d:9b:89:b1:f1:b1:
85:d1:15:f1:06:db:4e:52:71:79:4a:61:44:99:23:
07:cf:eb:ec:50:38:6c:cc:b9:30:55:2c:a3:79:e9:
bb:98:ef:1f:84:27:71:60:1a:c4:15:a2:1e:30:8c:
ab:3a:8f:e7:5f:1e:4d:d2:12:e5:c2:a2:8e:0f:81:
fc:ea:53:4b:2b:fd:2e:16:56:ae:e5:f0:bf:6d:59:
9a:31:1c:19:57:5c:75:3c:75:61:d8:d9:ff:45:4e:
df:4c:82:e3:58:01:f4:aa:b0:93:35:d5:75:d1:2b:
82:01:17:a0:ca:ca:d1:26:43:0c:1a:3f:b5:1e:6f:
87:ad:56:46:85:a0:b6:82:ab:b1:36:bd:eb:c6:5c:
79:d7:36:c8:2d:a6:6a:24:b6:70:2c:1c:9e:17:35:
ee:ad:66:a6:97:bb:54:41:68:2b:69:54:50:fb:da:
b2:c3:38:4f:a7:18:fe:a1:53:9f:27:c6:0c:2e:f2:
b7:20:4b:5f:e9:eb:ab:fc:78:84:cb:b0:87:e4:ce:
c5:45:93:e8:da:e3:bf:d0:95:66:a8:0a:7c:dc:2f:
87:67:57:9d:9d:f2:9a:14:c1:c1:e1:4f:03:b6:71:
0b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:87:C9:25:CF:A7:C1:FB:75:1E:C9:18:E6:C0:85:CD:D9:65:25:D5
X509v3 Authority Key Identifier:
keyid:DC:C2:00:4A:1A:F0:30:BA:99:FC:F4:51:F3:BD:88:EF:C5:38:46:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MIAShrwMLqZ_PRR872I78U4Rqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/rofJJc-nwft1HskY5sCFzdllJdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/712b40-53ae-4953-aff5-56a33057497b/1/3MIAShrwMLqZ_PRR872I78U4Rqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.124.0/24
194.35.32.0/22
IPv6:
2a0d:fd40::/29
Signature Algorithm: sha256WithRSAEncryption
7d:72:46:9d:22:62:0c:81:d7:a2:e2:ef:a3:8b:4c:b5:6b:b0:
1e:ff:bc:30:48:b4:38:7c:36:ba:1c:7c:50:1d:b5:33:67:ba:
ed:9f:26:ae:45:6e:3a:f2:42:b2:de:87:0f:a1:31:04:8f:b2:
7b:b0:8e:b3:ea:dc:d5:f3:6c:fb:8c:b8:71:97:40:63:04:2c:
07:04:06:ab:db:ca:d5:29:37:63:33:ba:d8:9e:53:a5:20:21:
45:c3:e5:50:0a:49:14:e1:9c:a8:81:57:74:a1:b4:81:41:fb:
f5:1e:01:9f:a1:f0:04:91:2b:0d:10:c9:b4:83:f8:fa:61:cf:
90:4b:2c:a5:47:a4:41:77:f2:b7:d8:b9:f5:bf:49:b3:51:91:
49:d8:9a:d0:2a:80:f3:c3:19:13:b7:c6:9e:6d:98:c2:a2:1a:
94:33:b0:7f:cf:87:81:c6:8b:aa:e6:fc:83:dd:65:6f:e6:40:
45:26:5e:80:f8:e6:03:30:1f:59:5f:f3:7c:54:7b:49:1b:86:
52:08:f6:e7:4f:e8:ea:db:11:90:7b:7c:26:9e:8f:66:c7:15:
d8:ea:b2:8c:1d:fd:cc:6b:1e:92:9d:56:74:fc:d7:5d:ac:38:
e7:1e:ae:44:e1:7c:43:65:35:a4:85:19:9a:1d:4c:85:38:d6:
b4:01:ab:85
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3MZyMMf7B97Nx2O3ZwP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYzIwMDRhMWFmMDMwYmE5OWZjZjQ1MWYzYmQ4OGVmYzUz
ODQ2YTkwHhcNMjQwMTAxMTYzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTg3YzkyNWNmYTdjMWZiNzUxZWM5MThlNmMwODVjZGQ5NjUyNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgI8BQbZaPG2gfjHb1v+8Vnx+G3dz
httdm4mx8bGF0RXxBttOUnF5SmFEmSMHz+vsUDhszLkwVSyjeem7mO8fhCdxYBrE
FaIeMIyrOo/nXx5N0hLlwqKOD4H86lNLK/0uFlau5fC/bVmaMRwZV1x1PHVh2Nn/
RU7fTILjWAH0qrCTNdV10SuCARegysrRJkMMGj+1Hm+HrVZGhaC2gquxNr3rxlx5
1zbILaZqJLZwLByeFzXurWaml7tUQWgraVRQ+9qywzhPpxj+oVOfJ8YMLvK3IEtf
6eur/HiEy7CH5M7FRZPo2uO/0JVmqAp83C+HZ1ednfKaFMHB4U8DtnELXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK6HySXPp8H7dR7JGObAhc3ZZSXVMB8GA1UdIwQY
MBaAFNzCAEoa8DC6mfz0UfO9iO/FOEapMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01JQVNocndNTHFaX1BSUjg3Mkk3OFU0UnFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MTJiNDAtNTNhZS00OTUzLWFmZjUt
NTZhMzMwNTc0OTdiLzEvcm9mSkpjLW53ZnQxSHNrWTVzQ0Z6ZGxsSmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MTJiNDAtNTNhZS00OTUzLWFmZjUtNTZhMzMwNTc0OTdi
LzEvM01JQVNocndNTHFaX1BSUjg3Mkk3OFU0UnFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwRd8AwQC
wiMgMA0EAgACMAcDBQMqDf1AMA0GCSqGSIb3DQEBCwUAA4IBAQB9ckadImIMgdei
4u+ji0y1a7Ae/7wwSLQ4fDa6HHxQHbUzZ7rtnyauRW468kKy3ocPoTEEj7J7sI6z
6tzV82z7jLhxl0BjBCwHBAar28rVKTdjM7rYnlOlICFFw+VQCkkU4ZyogVd0obSB
Qfv1HgGfofAEkSsNEMm0g/j6Yc+QSyylR6RBd/K32Ln1v0mzUZFJ2JrQKoDzwxkT
t8aebZjCohqUM7B/z4eBxouq5vyD3WVv5kBFJl6A+OYDMB9ZX/N8VHtJG4ZSCPbn
T+jq2xGQe3wmno9mxxXY6rKMHf3Max6SnVZ0/NddrDjnHq5E4XxDZTWkhRmaHUyF
ONa0AauF
-----END CERTIFICATE-----
Generated at Wed May 22 17:23:59 2024 by rpki-client on console-ams.rpki-client.org