Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/hE3uFp3ZCgmD7HF1v-8t-L-MR6k.roa
File: hE3uFp3ZCgmD7HF1v-8t-L-MR6k.roa (raw, json)
Hash identifier: z8d5QX39ptAmB/5EoZfbRx8mqAjI/LmFmoxj9AqsIoE=
Subject key identifier: 84:4D:EE:16:9D:D9:0A:09:83:EC:71:75:BF:EF:2D:F8:BF:8C:47:A9
Certificate issuer: /CN=1a753613b4220f68f2b546d092a230bed6edacb8
Certificate serial: 018CC9BB2681BC83EB1F721A30BB3B1B85EC
Authority key identifier: 1A:75:36:13:B4:22:0F:68:F2:B5:46:D0:92:A2:30:BE:D6:ED:AC:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GnU2E7QiD2jytUbQkqIwvtbtrLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/hE3uFp3ZCgmD7HF1v-8t-L-MR6k.roa
Signing time: Tue 02 Jan 2024 10:32:14 +0000
ROA not before: Tue 02 Jan 2024 10:32:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57247
IP address blocks: 194.116.230.0/24 maxlen: 24
2a02:4680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/GnU2E7QiD2jytUbQkqIwvtbtrLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/GnU2E7QiD2jytUbQkqIwvtbtrLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/GnU2E7QiD2jytUbQkqIwvtbtrLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 17:36:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:26:81:bc:83:eb:1f:72:1a:30:bb:3b:1b:85:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a753613b4220f68f2b546d092a230bed6edacb8
Validity
Not Before: Jan 2 10:32:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=844dee169dd90a0983ec7175bfef2df8bf8c47a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:71:66:83:b1:3c:05:55:68:d5:47:f0:a6:23:
ae:73:f6:89:9b:51:ec:76:e3:83:3e:a4:83:5f:2b:
15:56:56:3c:70:df:89:8d:a4:8d:4c:b0:f9:72:5d:
9c:76:6b:4e:fb:68:c5:65:0f:fa:3e:0a:b4:63:e5:
13:89:2e:16:17:e2:a3:82:e8:d5:69:18:0e:2c:76:
ed:ae:d9:e9:3c:13:dc:54:84:29:38:79:df:ae:d4:
3f:f5:ee:b4:61:58:90:bd:30:69:20:24:b0:7f:0b:
04:90:92:5e:7c:41:c0:13:2d:bb:50:e5:f9:04:dd:
cc:5b:fd:1c:df:24:52:b2:cf:35:00:5c:62:b5:87:
9f:e8:3d:13:79:ea:bb:f0:03:72:3f:d0:a5:f3:38:
9f:15:b8:21:64:de:3c:bf:4e:e3:b7:66:40:6e:31:
48:7e:d5:e9:bc:77:46:04:65:58:3e:45:40:74:67:
6e:eb:ac:7e:9f:8a:3f:8c:9e:59:1b:8b:7a:b9:f2:
2d:00:1a:7c:26:d3:7c:6b:e9:4a:23:89:06:56:2e:
27:7f:14:33:84:70:44:b2:ef:d3:52:ae:45:d7:7d:
84:08:b2:05:dd:fd:8d:68:e9:3f:13:c8:cf:cf:9c:
f0:04:76:c4:26:b4:6c:79:09:38:f5:96:c5:f5:89:
bb:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4D:EE:16:9D:D9:0A:09:83:EC:71:75:BF:EF:2D:F8:BF:8C:47:A9
X509v3 Authority Key Identifier:
keyid:1A:75:36:13:B4:22:0F:68:F2:B5:46:D0:92:A2:30:BE:D6:ED:AC:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GnU2E7QiD2jytUbQkqIwvtbtrLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/hE3uFp3ZCgmD7HF1v-8t-L-MR6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/73c3e3-81e6-4eb4-a946-609fa4e54067/1/GnU2E7QiD2jytUbQkqIwvtbtrLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.116.230.0/24
IPv6:
2a02:4680::/29
Signature Algorithm: sha256WithRSAEncryption
4c:41:74:b0:0a:f1:98:80:72:66:f0:7a:19:bd:af:09:b5:df:
60:ed:67:e1:18:36:d2:9b:a7:17:4c:e4:d4:18:bb:92:a8:b5:
05:37:b7:92:56:a2:b3:0d:0d:24:de:b0:7a:66:3d:b7:4c:87:
3d:62:6e:fd:3b:8b:bf:d9:23:5c:d2:3b:e2:30:7d:66:fe:d8:
c6:cc:4c:21:a6:70:d9:2e:9c:31:a3:10:ee:49:be:22:3d:d0:
0e:ba:c1:3b:f4:2e:6c:59:09:3d:10:85:d6:3f:9f:b2:3e:38:
d1:2a:56:9c:20:d3:9e:f0:79:e3:9b:26:d5:8d:bb:67:d7:e4:
53:bf:1b:3b:2e:59:ba:75:36:9f:95:84:e7:dd:fa:74:22:bc:
f4:e9:b7:db:6e:5a:7d:7b:fa:5f:04:57:cd:11:df:a3:6e:67:
56:a5:0b:ad:54:4e:ec:ee:b2:2e:15:d5:84:95:5e:1a:a5:52:
68:4f:4d:a8:ad:d6:c8:03:f4:f7:e3:dd:d7:fb:f3:8b:bb:7b:
d1:67:76:1e:2f:90:48:72:2e:8b:1a:2d:d4:dc:7d:3b:e5:28:
8f:47:1d:6c:28:23:2d:39:c9:4c:15:22:7d:4c:0f:df:68:85:
7f:d0:7f:92:99:5e:fc:12:f2:83:58:c3:b1:7b:30:87:e0:85:
d7:f7:61:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJuyaBvIPrH3IaMLs7G4XsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNzUzNjEzYjQyMjBmNjhmMmI1NDZkMDkyYTIzMGJlZDZl
ZGFjYjgwHhcNMjQwMTAyMTAzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDRkZWUxNjlkZDkwYTA5ODNlYzcxNzViZmVmMmRmOGJmOGM0N2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHFmg7E8BVVo1UfwpiOuc/aJm1Hs
duODPqSDXysVVlY8cN+JjaSNTLD5cl2cdmtO+2jFZQ/6Pgq0Y+UTiS4WF+KjgujV
aRgOLHbtrtnpPBPcVIQpOHnfrtQ/9e60YViQvTBpICSwfwsEkJJefEHAEy27UOX5
BN3MW/0c3yRSss81AFxitYef6D0Teeq78ANyP9Cl8zifFbghZN48v07jt2ZAbjFI
ftXpvHdGBGVYPkVAdGdu66x+n4o/jJ5ZG4t6ufItABp8JtN8a+lKI4kGVi4nfxQz
hHBEsu/TUq5F132ECLIF3f2NaOk/E8jPz5zwBHbEJrRseQk49ZbF9Ym7gQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIRN7had2QoJg+xxdb/vLfi/jEepMB8GA1UdIwQY
MBaAFBp1NhO0Ig9o8rVG0JKiML7W7ay4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR25VMkU3UWlEMmp5dFViUWtxSXd2dGJ0ckxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83M2MzZTMtODFlNi00ZWI0LWE5NDYt
NjA5ZmE0ZTU0MDY3LzEvaEUzdUZwM1pDZ21EN0hGMXYtOHQtTC1NUjZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83M2MzZTMtODFlNi00ZWI0LWE5NDYtNjA5ZmE0ZTU0MDY3
LzEvR25VMkU3UWlEMmp5dFViUWtxSXd2dGJ0ckxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwnTmMA0E
AgACMAcDBQMqAkaAMA0GCSqGSIb3DQEBCwUAA4IBAQBMQXSwCvGYgHJm8HoZva8J
td9g7WfhGDbSm6cXTOTUGLuSqLUFN7eSVqKzDQ0k3rB6Zj23TIc9Ym79O4u/2SNc
0jviMH1m/tjGzEwhpnDZLpwxoxDuSb4iPdAOusE79C5sWQk9EIXWP5+yPjjRKlac
INOe8HnjmybVjbtn1+RTvxs7Llm6dTaflYTn3fp0Irz06bfbblp9e/pfBFfNEd+j
bmdWpQutVE7s7rIuFdWElV4apVJoT02ordbIA/T3493X+/OLu3vRZ3YeL5BIci6L
Gi3U3H075SiPRx1sKCMtOclMFSJ9TA/faIV/0H+SmV78EvKDWMOxezCH4IXX92Eu
-----END CERTIFICATE-----
Generated at Wed May 22 02:01:05 2024 by rpki-client on console-fra.rpki-client.org