Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/1d8251-2825-4730-9f49-8b35b672fa83/1/1O_rRmYDNpCAQPcWR5yHe3LpReY.roa
File: 1O_rRmYDNpCAQPcWR5yHe3LpReY.roa (raw, json)
Hash identifier: MxUMgDOeJnS6EjgI1ommGwj04G7iT4ZNEfrG3mnLyCI=
Subject key identifier: D4:EF:EB:46:66:03:36:90:80:40:F7:16:47:9C:87:7B:72:E9:45:E6
Certificate issuer: /CN=8f5c74bf6cf80099e6415f6dfe183416c0867e22
Certificate serial: 018CC3492BD274265A3DDF5536C16D7D1F34
Authority key identifier: 8F:5C:74:BF:6C:F8:00:99:E6:41:5F:6D:FE:18:34:16:C0:86:7E:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j1x0v2z4AJnmQV9t_hg0FsCGfiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/1d8251-2825-4730-9f49-8b35b672fa83/1/1O_rRmYDNpCAQPcWR5yHe3LpReY.roa
Signing time: Mon 01 Jan 2024 04:30:01 +0000
ROA not before: Mon 01 Jan 2024 04:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204957
IP address blocks: 94.142.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/1d8251-2825-4730-9f49-8b35b672fa83/1/j1x0v2z4AJnmQV9t_hg0FsCGfiI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/1d8251-2825-4730-9f49-8b35b672fa83/1/j1x0v2z4AJnmQV9t_hg0FsCGfiI.mft
rsync://rpki.ripe.net/repository/DEFAULT/j1x0v2z4AJnmQV9t_hg0FsCGfiI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:2b:d2:74:26:5a:3d:df:55:36:c1:6d:7d:1f:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f5c74bf6cf80099e6415f6dfe183416c0867e22
Validity
Not Before: Jan 1 04:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4efeb46660336908040f716479c877b72e945e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:10:3e:4a:78:89:c6:7f:0e:1d:2d:47:78:b4:
09:42:4b:8b:0e:61:8b:a9:ed:4f:a6:5f:91:f4:78:
0a:a7:c2:df:c6:14:87:34:5a:81:0b:44:1d:61:57:
f0:20:a4:4f:bc:2d:54:18:43:c5:45:76:60:cf:93:
2e:5a:1c:5e:6d:39:f7:2c:d3:3b:3d:17:58:f4:dc:
61:eb:d1:2c:b3:df:ce:ac:99:90:ca:30:87:08:60:
a9:1b:1a:25:dc:1b:58:d5:02:b8:7a:c4:57:99:6f:
3b:99:2e:a8:c6:ba:aa:df:09:6c:21:40:81:5b:e9:
54:a5:a9:31:0b:f3:ae:1d:0a:65:d1:b8:9b:ac:6c:
8b:ab:f2:aa:40:f1:4d:24:84:47:ce:07:00:8c:78:
6e:14:cf:27:93:66:bb:5d:2e:8b:3c:cf:9f:97:91:
42:31:b5:18:27:30:3c:c1:50:6e:29:62:bd:c9:39:
e6:e6:52:16:ef:30:40:af:34:d8:46:4b:e6:78:22:
70:9a:01:4f:b7:38:10:39:a3:49:8c:cc:f9:0f:17:
75:ee:55:44:5d:95:45:bb:57:fe:0e:ff:04:2c:2f:
1d:07:ad:ac:2c:45:19:1c:fc:97:97:be:18:c5:e0:
0d:06:67:bc:db:51:e0:99:55:fd:58:0a:a8:3b:ef:
17:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EF:EB:46:66:03:36:90:80:40:F7:16:47:9C:87:7B:72:E9:45:E6
X509v3 Authority Key Identifier:
keyid:8F:5C:74:BF:6C:F8:00:99:E6:41:5F:6D:FE:18:34:16:C0:86:7E:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j1x0v2z4AJnmQV9t_hg0FsCGfiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/1d8251-2825-4730-9f49-8b35b672fa83/1/1O_rRmYDNpCAQPcWR5yHe3LpReY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/1d8251-2825-4730-9f49-8b35b672fa83/1/j1x0v2z4AJnmQV9t_hg0FsCGfiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:7a:96:1a:44:e3:57:e6:d0:d2:32:52:57:c6:c9:77:f0:c5:
98:92:ea:00:0f:fa:4a:3d:37:32:29:18:2e:ab:b6:3b:2c:72:
42:4d:52:20:1f:b3:2b:fb:33:ef:07:97:23:86:a5:fd:9d:f6:
6a:ea:02:cb:03:6b:16:fb:7b:88:bb:e6:03:3a:b9:92:ab:ce:
cc:b3:7a:07:d5:4e:31:73:86:a4:d5:4a:6f:2b:fd:17:bf:74:
1b:0c:93:46:b3:5e:2f:22:e4:7b:0b:7c:47:5a:b8:bf:2e:c4:
88:b9:b1:6a:eb:32:30:2f:f3:59:cf:0e:00:f7:3d:9d:9b:f5:
4e:d9:23:cb:7f:9d:34:d1:90:72:fb:ca:00:06:68:bf:20:ff:
a7:4a:21:95:38:09:c2:4c:72:3b:45:e4:01:22:49:1d:55:f8:
fc:48:ec:41:f8:64:06:0c:97:86:d1:87:4a:9c:cf:28:08:b4:
37:e2:43:ce:16:b8:f9:67:78:3d:a5:51:d3:dd:e7:b5:d8:0c:
c1:8b:f3:4d:79:6f:d4:e3:f4:d4:bc:70:83:b5:df:a0:c5:11:
6a:d8:00:4a:56:de:39:84:99:22:a2:7e:50:33:3e:06:60:dd:
f6:d3:25:4b:fe:f1:ca:28:04:a5:bf:2a:4f:10:75:dd:cf:ca:
94:98:b9:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSSvSdCZaPd9VNsFtfR80MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNWM3NGJmNmNmODAwOTllNjQxNWY2ZGZlMTgzNDE2YzA4
NjdlMjIwHhcNMjQwMTAxMDQzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGVmZWI0NjY2MDMzNjkwODA0MGY3MTY0NzljODc3YjcyZTk0NWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRA+SniJxn8OHS1HeLQJQkuLDmGL
qe1Ppl+R9HgKp8LfxhSHNFqBC0QdYVfwIKRPvC1UGEPFRXZgz5MuWhxebTn3LNM7
PRdY9Nxh69Ess9/OrJmQyjCHCGCpGxol3BtY1QK4esRXmW87mS6oxrqq3wlsIUCB
W+lUpakxC/OuHQpl0bibrGyLq/KqQPFNJIRHzgcAjHhuFM8nk2a7XS6LPM+fl5FC
MbUYJzA8wVBuKWK9yTnm5lIW7zBArzTYRkvmeCJwmgFPtzgQOaNJjMz5Dxd17lVE
XZVFu1f+Dv8ELC8dB62sLEUZHPyXl74YxeANBme821HgmVX9WAqoO+8XBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNTv60ZmAzaQgED3Fkech3ty6UXmMB8GA1UdIwQY
MBaAFI9cdL9s+ACZ5kFfbf4YNBbAhn4iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajF4MHYyejRBSm5tUVY5dF9oZzBGc0NHZmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi8xZDgyNTEtMjgyNS00NzMwLTlmNDkt
OGIzNWI2NzJmYTgzLzEvMU9fclJtWUROcENBUVBjV1I1eUhlM0xwUmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi8xZDgyNTEtMjgyNS00NzMwLTlmNDktOGIzNWI2NzJmYTgz
LzEvajF4MHYyejRBSm5tUVY5dF9oZzBGc0NHZmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXo7/MA0G
CSqGSIb3DQEBCwUAA4IBAQBvepYaRONX5tDSMlJXxsl38MWYkuoAD/pKPTcyKRgu
q7Y7LHJCTVIgH7Mr+zPvB5cjhqX9nfZq6gLLA2sW+3uIu+YDOrmSq87Ms3oH1U4x
c4ak1UpvK/0Xv3QbDJNGs14vIuR7C3xHWri/LsSIubFq6zIwL/NZzw4A9z2dm/VO
2SPLf5000ZBy+8oABmi/IP+nSiGVOAnCTHI7ReQBIkkdVfj8SOxB+GQGDJeG0YdK
nM8oCLQ34kPOFrj5Z3g9pVHT3ee12AzBi/NNeW/U4/TUvHCDtd+gxRFq2ABKVt45
hJkion5QMz4GYN320yVL/vHKKASlvypPEHXdz8qUmLlM
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:33:30 2024 by rpki-client on console-fra.rpki-client.org