Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/TRcvsNSSYh4uBCoWSUMJhaK_xhU.roa
File: TRcvsNSSYh4uBCoWSUMJhaK_xhU.roa (raw, json)
Hash identifier: wiSmcj3GLcwx1SfTwNbnh9xvSBv06jVfk4M05y4WlmM=
Subject key identifier: 4D:17:2F:B0:D4:92:62:1E:2E:04:2A:16:49:43:09:85:A2:BF:C6:15
Certificate issuer: /CN=18f003fba37b00d5f9ce7ec84a3e0668bcd02824
Certificate serial: 018CCA2A18FEA8143B09AB74940079AB71B0
Authority key identifier: 18:F0:03:FB:A3:7B:00:D5:F9:CE:7E:C8:4A:3E:06:68:BC:D0:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/TRcvsNSSYh4uBCoWSUMJhaK_xhU.roa
Signing time: Tue 02 Jan 2024 12:33:25 +0000
ROA not before: Tue 02 Jan 2024 12:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48685
IP address blocks: 94.250.244.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:18:fe:a8:14:3b:09:ab:74:94:00:79:ab:71:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f003fba37b00d5f9ce7ec84a3e0668bcd02824
Validity
Not Before: Jan 2 12:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d172fb0d492621e2e042a1649430985a2bfc615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:be:bc:9b:3d:04:5c:43:63:74:9b:ce:1c:bf:
1c:b7:04:6d:35:5d:38:ea:8b:35:f0:88:d3:7e:99:
7d:ef:4b:84:b8:bf:89:3c:fe:4e:2a:cc:54:c1:8d:
cd:a9:6c:52:d2:22:6d:25:08:f5:e2:ed:1d:6e:52:
18:fc:dd:68:80:00:fd:04:64:82:d5:a2:95:35:ef:
44:e2:d9:64:ea:8b:02:e9:a1:e7:2c:c1:e5:2d:f3:
02:11:ac:0b:af:6d:43:0c:bb:1d:d2:8c:b2:84:de:
37:31:1b:0f:99:be:52:fe:6f:5f:b5:3b:87:06:fe:
69:ec:53:9b:49:3f:67:ec:46:94:93:0f:9c:95:31:
2f:e6:91:9a:8a:1b:44:ee:d6:74:d4:0d:72:da:e3:
1b:03:de:fe:bb:09:1d:02:7e:31:ac:3b:c2:96:27:
45:c3:bb:f1:02:e9:f6:b9:41:45:29:fe:f5:a2:ad:
97:be:51:0c:a8:ec:f1:04:e6:02:99:16:15:fb:6d:
e1:58:16:69:89:04:d0:86:db:36:4a:97:ec:69:27:
9c:51:e4:6b:1d:7b:43:a1:da:f0:b7:d7:54:20:3b:
06:1c:a1:05:4f:a0:a3:cc:1a:e9:73:e6:2f:d4:78:
b9:1e:58:a4:da:cf:b0:07:62:79:ed:5f:1d:37:a8:
5c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:17:2F:B0:D4:92:62:1E:2E:04:2A:16:49:43:09:85:A2:BF:C6:15
X509v3 Authority Key Identifier:
keyid:18:F0:03:FB:A3:7B:00:D5:F9:CE:7E:C8:4A:3E:06:68:BC:D0:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/TRcvsNSSYh4uBCoWSUMJhaK_xhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.244.0/23
Signature Algorithm: sha256WithRSAEncryption
74:5e:af:c7:66:c0:b8:4b:ac:70:de:69:5b:29:15:56:c2:fa:
a9:56:b8:5a:57:ad:41:f6:64:36:4f:34:e1:36:af:4d:92:a3:
7b:d2:2a:fd:4a:94:58:73:ee:ca:02:9f:2c:2b:17:54:d0:54:
e6:21:91:5c:18:a4:39:2c:6e:45:13:74:11:ec:6b:86:d7:b3:
4a:73:96:88:8e:77:2c:7c:71:bd:3e:8e:9e:c8:e0:c0:61:e4:
b7:5c:60:e0:26:6a:10:1a:45:c6:17:19:2f:9e:63:15:5c:82:
7a:d7:54:fa:37:cd:66:b6:6c:30:7a:1c:44:91:4c:dd:10:40:
5e:d7:c3:de:c1:d2:f1:5c:16:a1:bc:eb:c1:88:c0:8e:3a:0f:
09:da:59:be:7d:3d:f0:ad:4d:fa:31:7a:e0:80:53:5b:d2:47:
e6:40:e4:3b:4c:8b:75:f3:d2:a9:c3:ad:21:2e:92:b4:c0:5f:
a7:02:69:34:87:53:a3:d4:99:73:4d:7a:35:ec:8e:7a:29:56:
ca:1c:ab:55:68:f3:60:4e:e2:f3:b0:3a:74:f7:13:30:02:93:
e3:2f:ac:69:3e:aa:ad:4b:50:a3:3c:61:5a:11:12:04:cc:ac:
30:b7:9f:8b:bd:3b:3e:ee:f3:57:e6:e1:1c:d3:8b:28:1a:57:
ea:cb:68:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKhj+qBQ7Cat0lAB5q3GwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjAwM2ZiYTM3YjAwZDVmOWNlN2VjODRhM2UwNjY4YmNk
MDI4MjQwHhcNMjQwMTAyMTIzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE3MmZiMGQ0OTI2MjFlMmUwNDJhMTY0OTQzMDk4NWEyYmZjNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr68mz0EXENjdJvOHL8ctwRtNV04
6os18IjTfpl970uEuL+JPP5OKsxUwY3NqWxS0iJtJQj14u0dblIY/N1ogAD9BGSC
1aKVNe9E4tlk6osC6aHnLMHlLfMCEawLr21DDLsd0oyyhN43MRsPmb5S/m9ftTuH
Bv5p7FObST9n7EaUkw+clTEv5pGaihtE7tZ01A1y2uMbA97+uwkdAn4xrDvClidF
w7vxAun2uUFFKf71oq2XvlEMqOzxBOYCmRYV+23hWBZpiQTQhts2SpfsaSecUeRr
HXtDodrwt9dUIDsGHKEFT6CjzBrpc+Yv1Hi5Hlik2s+wB2J57V8dN6hc3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0XL7DUkmIeLgQqFklDCYWiv8YVMB8GA1UdIwQY
MBaAFBjwA/ujewDV+c5+yEo+Bmi80CgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BBRC02TjdBTlg1em43SVNqNEdhTHpRS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kMjBmZDItMDcyZS00NzUyLWFmYTQt
MDMzNGVlMWVmM2ZmLzEvVFJjdnNOU1NZaDR1QkNvV1NVTUpoYUtfeGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kMjBmZDItMDcyZS00NzUyLWFmYTQtMDMzNGVlMWVmM2Zm
LzEvR1BBRC02TjdBTlg1em43SVNqNEdhTHpRS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXvr0MA0G
CSqGSIb3DQEBCwUAA4IBAQB0Xq/HZsC4S6xw3mlbKRVWwvqpVrhaV61B9mQ2TzTh
Nq9NkqN70ir9SpRYc+7KAp8sKxdU0FTmIZFcGKQ5LG5FE3QR7GuG17NKc5aIjncs
fHG9Po6eyODAYeS3XGDgJmoQGkXGFxkvnmMVXIJ611T6N81mtmwwehxEkUzdEEBe
18PewdLxXBahvOvBiMCOOg8J2lm+fT3wrU36MXrggFNb0kfmQOQ7TIt189Kpw60h
LpK0wF+nAmk0h1Oj1JlzTXo17I56KVbKHKtVaPNgTuLzsDp09xMwApPjL6xpPqqt
S1CjPGFaERIEzKwwt5+LvTs+7vNX5uEc04soGlfqy2iS
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:44 2024 by rpki-client on console-ams.rpki-client.org