Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/xt15D8PFXfvljIQZHc-0jvFV1pk.roa
File: xt15D8PFXfvljIQZHc-0jvFV1pk.roa (raw, json)
Hash identifier: zS8eYvdk7HNyeg+txADB+i+G10Up4HyCF5SH+TBWu0I=
Subject key identifier: C6:DD:79:0F:C3:C5:5D:FB:E5:8C:84:19:1D:CF:B4:8E:F1:55:D6:99
Certificate issuer: /CN=14bf39139b710c4f7237edfd88518655af39c323
Certificate serial: 018CC3B73728AE5A3AE1340450FCFDFDC132
Authority key identifier: 14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/xt15D8PFXfvljIQZHc-0jvFV1pk.roa
Signing time: Mon 01 Jan 2024 06:30:13 +0000
ROA not before: Mon 01 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 94.199.4.0/24 maxlen: 24
2a13:3d84::/30 maxlen: 30
2a13:3d82::/32 maxlen: 32
2a13:3d80::/29 maxlen: 29
2a13:3d80:8000::/33 maxlen: 33
2a13:3d80::/48 maxlen: 48
2a13:3d83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:37:28:ae:5a:3a:e1:34:04:50:fc:fd:fd:c1:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bf39139b710c4f7237edfd88518655af39c323
Validity
Not Before: Jan 1 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6dd790fc3c55dfbe58c84191dcfb48ef155d699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4f:54:d9:d1:f4:b4:6c:a7:9e:ec:11:61:13:
75:bc:eb:61:4e:02:69:62:3d:c5:40:f8:fa:a6:b1:
fa:f6:32:b6:0c:ef:03:5a:9d:9a:08:6d:b8:0f:71:
56:19:78:b0:3a:02:f7:b7:db:8e:57:1e:f1:0f:a9:
ae:ae:8d:98:4f:92:c9:76:7b:f0:94:d4:7e:c3:25:
49:b3:aa:83:c4:d2:1b:83:fd:b6:e5:3f:2c:23:14:
c0:59:31:b8:0f:36:40:c9:85:af:3c:10:57:01:d4:
45:51:bf:79:b5:cf:7c:2d:9b:15:07:a9:11:78:37:
a0:15:63:c8:69:74:b3:bb:f4:e7:cf:66:dc:73:ce:
9c:d2:5b:76:d4:5e:ae:2a:39:23:f9:19:0e:b8:49:
7a:97:8e:ef:94:78:02:ad:73:5e:8c:55:15:62:e7:
de:b1:20:23:71:08:86:e4:fc:6d:b1:16:42:9d:f0:
94:68:7e:3d:3c:96:59:23:ca:57:99:46:f4:6b:ac:
54:8f:ff:cf:3d:4b:4c:35:77:46:81:22:0a:d8:54:
54:ec:c0:f1:d9:d1:74:10:98:3b:2c:19:07:21:ec:
58:19:2e:ae:2d:fc:91:3a:c0:d7:39:02:f9:c8:e7:
77:17:6c:99:8b:00:7d:de:8d:37:20:a1:d1:40:9e:
cc:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DD:79:0F:C3:C5:5D:FB:E5:8C:84:19:1D:CF:B4:8E:F1:55:D6:99
X509v3 Authority Key Identifier:
keyid:14:BF:39:13:9B:71:0C:4F:72:37:ED:FD:88:51:86:55:AF:39:C3:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL85E5txDE9yN-39iFGGVa85wyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/xt15D8PFXfvljIQZHc-0jvFV1pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b96259-33b8-454a-8c5f-a862b88593a0/1/FL85E5txDE9yN-39iFGGVa85wyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.4.0/24
IPv6:
2a13:3d80::/29
Signature Algorithm: sha256WithRSAEncryption
75:ef:5e:44:a7:b1:66:84:93:bb:ed:64:ec:95:82:72:45:f5:
d3:f7:f7:db:6b:d4:73:f0:9c:2a:5c:ac:3c:96:26:9f:6a:78:
5d:af:fd:16:73:39:f1:0c:e0:b5:12:a1:4a:67:c8:b2:4b:15:
e3:4e:44:8f:2c:dc:9d:34:ac:e6:68:b5:f2:8f:5c:76:57:fb:
6f:c0:8e:fa:a3:d3:70:5b:1f:50:f6:dd:a4:3e:0d:15:95:f9:
73:19:bd:28:9e:90:d5:b8:76:56:c2:3d:dd:e1:50:8e:3a:6a:
a4:cb:62:d8:ad:59:83:1b:cb:78:ee:74:9b:04:6a:36:e7:d4:
e8:38:19:e1:cb:96:18:ce:46:85:6c:a5:45:14:78:14:9e:3e:
b0:d5:1c:ca:b5:34:e5:44:f3:bc:e4:42:66:25:ce:43:0f:f0:
c2:9f:52:84:1e:81:5a:71:77:40:99:be:e1:41:90:2f:db:14:
4f:23:2a:68:50:70:1b:8d:50:61:76:12:c2:0a:12:5f:f1:07:
e3:3b:45:84:d8:89:a0:ae:22:25:f7:4e:2b:de:fa:e6:79:55:
99:8c:cf:40:7f:ee:12:ab:84:55:3f:88:c1:d4:f7:b6:b6:bb:
9e:5b:8c:b0:f9:53:43:aa:6d:74:ee:24:b7:5f:40:0d:c5:1a:
6c:6c:93:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtzcorlo64TQEUPz9/cEyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmYzOTEzOWI3MTBjNGY3MjM3ZWRmZDg4NTE4NjU1YWYz
OWMzMjMwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRkNzkwZmMzYzU1ZGZiZTU4Yzg0MTkxZGNmYjQ4ZWYxNTVkNjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE9U2dH0tGynnuwRYRN1vOthTgJp
Yj3FQPj6prH69jK2DO8DWp2aCG24D3FWGXiwOgL3t9uOVx7xD6muro2YT5LJdnvw
lNR+wyVJs6qDxNIbg/225T8sIxTAWTG4DzZAyYWvPBBXAdRFUb95tc98LZsVB6kR
eDegFWPIaXSzu/Tnz2bcc86c0lt21F6uKjkj+RkOuEl6l47vlHgCrXNejFUVYufe
sSAjcQiG5PxtsRZCnfCUaH49PJZZI8pXmUb0a6xUj//PPUtMNXdGgSIK2FRU7MDx
2dF0EJg7LBkHIexYGS6uLfyROsDXOQL5yOd3F2yZiwB93o03IKHRQJ7MCQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMbdeQ/DxV375YyEGR3PtI7xVdaZMB8GA1UdIwQY
MBaAFBS/ORObcQxPcjft/YhRhlWvOcMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYt
YTg2MmI4ODU5M2EwLzEveHQxNUQ4UEZYZnZsaklRWkhjLTBqdkZWMXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iOTYyNTktMzNiOC00NTRhLThjNWYtYTg2MmI4ODU5M2Ew
LzEvRkw4NUU1dHhERTl5Ti0zOWlGR0dWYTg1d3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXscEMA0E
AgACMAcDBQMqEz2AMA0GCSqGSIb3DQEBCwUAA4IBAQB1715Ep7FmhJO77WTslYJy
RfXT9/fba9Rz8JwqXKw8liafanhdr/0WcznxDOC1EqFKZ8iySxXjTkSPLNydNKzm
aLXyj1x2V/tvwI76o9NwWx9Q9t2kPg0VlflzGb0onpDVuHZWwj3d4VCOOmqky2LY
rVmDG8t47nSbBGo259ToOBnhy5YYzkaFbKVFFHgUnj6w1RzKtTTlRPO85EJmJc5D
D/DCn1KEHoFacXdAmb7hQZAv2xRPIypoUHAbjVBhdhLCChJf8QfjO0WE2ImgriIl
904r3vrmeVWZjM9Af+4Sq4RVP4jB1Pe2trueW4yw+VNDqm107iS3X0ANxRpsbJNN
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:26:44 2024 by rpki-client on console-fra.rpki-client.org