Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/sX3t04XQh4WQ4mGT9ge8qnq9HMI.roa
File: sX3t04XQh4WQ4mGT9ge8qnq9HMI.roa (raw, json)
Hash identifier: GBrHl+oXjdm/bJDrCgfvUExXMODnZCwi+Rc4IGo2XGs=
Subject key identifier: B1:7D:ED:D3:85:D0:87:85:90:E2:61:93:F6:07:BC:AA:7A:BD:1C:C2
Certificate issuer: /CN=b1e59db1bdaf213cad21025f778fac9618fd4e91
Certificate serial: 018D6467BC1C1EA227AF2DAD86F8B749B75C
Authority key identifier: B1:E5:9D:B1:BD:AF:21:3C:AD:21:02:5F:77:8F:AC:96:18:FD:4E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/seWdsb2vITytIQJfd4-slhj9TpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/sX3t04XQh4WQ4mGT9ge8qnq9HMI.roa
Signing time: Thu 01 Feb 2024 11:22:16 +0000
ROA not before: Thu 01 Feb 2024 11:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35444
IP address blocks: 194.35.250.0/24 maxlen: 24
194.35.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/seWdsb2vITytIQJfd4-slhj9TpE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/seWdsb2vITytIQJfd4-slhj9TpE.mft
rsync://rpki.ripe.net/repository/DEFAULT/seWdsb2vITytIQJfd4-slhj9TpE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:64:67:bc:1c:1e:a2:27:af:2d:ad:86:f8:b7:49:b7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1e59db1bdaf213cad21025f778fac9618fd4e91
Validity
Not Before: Feb 1 11:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b17dedd385d0878590e26193f607bcaa7abd1cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:50:83:07:d7:dc:0b:52:f9:ca:db:42:c9:b3:
96:75:2a:a8:57:1f:bb:b6:12:0c:4d:27:2f:c2:54:
96:73:15:d4:bf:dd:e4:82:4e:e0:9e:db:43:3a:52:
82:d9:b2:9d:f0:8f:a8:5d:2e:fe:9e:b0:17:e3:47:
db:16:b0:5a:35:fb:60:f5:52:ce:19:98:2f:42:36:
c1:33:d7:fb:03:df:a2:ae:e7:3b:88:89:25:61:db:
06:48:49:40:22:f2:fe:36:f2:31:3e:5a:4d:3b:ca:
a7:0d:32:09:80:f8:fa:ad:72:c2:01:1d:f6:5d:41:
41:71:18:7e:57:dd:24:bf:b8:fa:86:43:27:20:b3:
d1:b2:1b:7c:7d:1d:6b:58:53:33:d4:4f:7f:04:98:
08:5a:03:44:73:be:10:ed:32:7a:eb:89:e2:11:65:
71:fc:eb:a7:dd:8e:38:41:c7:93:75:ee:10:97:92:
ac:63:5d:4d:1e:70:8e:db:a3:19:aa:27:bf:a1:2b:
db:5d:31:b5:26:82:09:e6:1d:6d:4b:b7:d1:27:ed:
7b:76:49:4a:a6:2c:c2:f4:d6:3e:6d:ae:da:31:d2:
59:6b:63:0d:e3:46:72:ec:2b:70:db:bd:40:5a:49:
c9:cc:83:e5:39:7c:70:26:1c:97:c2:68:2d:08:4c:
36:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7D:ED:D3:85:D0:87:85:90:E2:61:93:F6:07:BC:AA:7A:BD:1C:C2
X509v3 Authority Key Identifier:
keyid:B1:E5:9D:B1:BD:AF:21:3C:AD:21:02:5F:77:8F:AC:96:18:FD:4E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/seWdsb2vITytIQJfd4-slhj9TpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/sX3t04XQh4WQ4mGT9ge8qnq9HMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6725f8-9ab9-4102-83d3-bc49291b4aaa/1/seWdsb2vITytIQJfd4-slhj9TpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.250.0/23
Signature Algorithm: sha256WithRSAEncryption
93:27:04:62:25:da:6e:01:13:71:37:db:5c:43:33:34:15:ba:
74:c9:1a:39:50:2f:da:e5:77:5a:f4:ae:1f:83:c3:95:13:a2:
30:d6:b5:52:81:9d:9e:5b:e0:af:34:c3:90:9c:91:69:f0:80:
c2:f4:70:7b:4a:6f:7f:22:e4:46:34:50:2f:91:8b:fd:a0:6a:
f1:07:3c:b5:e2:ba:7a:8d:99:a0:7a:f7:9c:45:3a:e4:bc:3a:
bc:8d:f1:9c:17:6d:26:2d:32:18:a8:b8:76:a0:a3:5c:94:87:
23:af:1d:0a:f6:60:f0:a1:ac:1e:ab:5c:37:ed:07:3b:8f:b6:
72:ad:c5:13:c9:01:65:4b:4d:1d:0d:94:08:72:66:9c:ec:3d:
59:e0:59:72:5b:f1:c3:02:f8:ca:c4:f1:ef:14:de:63:ef:24:
d7:37:47:c8:8a:37:25:84:a4:72:82:47:6d:30:ea:50:7f:d6:
33:c4:c1:a3:d2:d6:89:41:29:52:ed:03:80:69:8f:3a:1a:20:
14:3b:bd:87:c0:0e:72:9f:0e:66:f4:e0:6c:3b:51:b7:af:13:
40:ea:99:2f:ab:44:8b:94:fc:43:b4:47:33:b5:55:9e:d0:f0:
07:3e:6e:99:c6:50:fb:02:9c:4d:9e:43:89:d9:1d:be:4e:fb:
21:6f:40:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1kZ7wcHqInry2thvi3SbdcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZTU5ZGIxYmRhZjIxM2NhZDIxMDI1Zjc3OGZhYzk2MThm
ZDRlOTEwHhcNMjQwMjAxMTEyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTdkZWRkMzg1ZDA4Nzg1OTBlMjYxOTNmNjA3YmNhYTdhYmQxY2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1CDB9fcC1L5yttCybOWdSqoVx+7
thIMTScvwlSWcxXUv93kgk7gnttDOlKC2bKd8I+oXS7+nrAX40fbFrBaNftg9VLO
GZgvQjbBM9f7A9+iruc7iIklYdsGSElAIvL+NvIxPlpNO8qnDTIJgPj6rXLCAR32
XUFBcRh+V90kv7j6hkMnILPRsht8fR1rWFMz1E9/BJgIWgNEc74Q7TJ664niEWVx
/Oun3Y44QceTde4Ql5KsY11NHnCO26MZqie/oSvbXTG1JoIJ5h1tS7fRJ+17dklK
pizC9NY+ba7aMdJZa2MN40Zy7Ctw271AWknJzIPlOXxwJhyXwmgtCEw2+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLF97dOF0IeFkOJhk/YHvKp6vRzCMB8GA1UdIwQY
MBaAFLHlnbG9ryE8rSECX3ePrJYY/U6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2VXZHNiMnZJVHl0SVFKZmQ0LXNsaGo5VHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82NzI1ZjgtOWFiOS00MTAyLTgzZDMt
YmM0OTI5MWI0YWFhLzEvc1gzdDA0WFFoNFdRNG1HVDlnZThxbnE5SE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS82NzI1ZjgtOWFiOS00MTAyLTgzZDMtYmM0OTI5MWI0YWFh
LzEvc2VXZHNiMnZJVHl0SVFKZmQ0LXNsaGo5VHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiP6MA0G
CSqGSIb3DQEBCwUAA4IBAQCTJwRiJdpuARNxN9tcQzM0Fbp0yRo5UC/a5Xda9K4f
g8OVE6Iw1rVSgZ2eW+CvNMOQnJFp8IDC9HB7Sm9/IuRGNFAvkYv9oGrxBzy14rp6
jZmgevecRTrkvDq8jfGcF20mLTIYqLh2oKNclIcjrx0K9mDwoaweq1w37Qc7j7Zy
rcUTyQFlS00dDZQIcmac7D1Z4FlyW/HDAvjKxPHvFN5j7yTXN0fIijclhKRygkdt
MOpQf9YzxMGj0taJQSlS7QOAaY86GiAUO72HwA5ynw5m9OBsO1G3rxNA6pkvq0SL
lPxDtEcztVWe0PAHPm6ZxlD7ApxNnkOJ2R2+Tvshb0D/
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:42:20 2024 by rpki-client on console-ams.rpki-client.org