Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/a4vHoYhrnppx-RRSbaDhU9a3Xlg.roa
File: a4vHoYhrnppx-RRSbaDhU9a3Xlg.roa (raw, json)
Hash identifier: Gx6DgUJQ+Q9B3BRrvlbCYauakJUPUwBONlfH4lMfXuE=
Subject key identifier: 6B:8B:C7:A1:88:6B:9E:9A:71:F9:14:52:6D:A0:E1:53:D6:B7:5E:58
Certificate issuer: /CN=0b4cfabe47e9285f65f1f2d686baaf15b8b41773
Certificate serial: 018CC9BC3A819165F663D412D3039E6C15B9
Authority key identifier: 0B:4C:FA:BE:47:E9:28:5F:65:F1:F2:D6:86:BA:AF:15:B8:B4:17:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/a4vHoYhrnppx-RRSbaDhU9a3Xlg.roa
Signing time: Tue 02 Jan 2024 10:33:25 +0000
ROA not before: Tue 02 Jan 2024 10:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44919
IP address blocks: 188.92.144.0/21 maxlen: 24
193.46.73.0/24 maxlen: 24
2a02:d58::/29 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/C0z6vkfpKF9l8fLWhrqvFbi0F3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/C0z6vkfpKF9l8fLWhrqvFbi0F3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:3a:81:91:65:f6:63:d4:12:d3:03:9e:6c:15:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4cfabe47e9285f65f1f2d686baaf15b8b41773
Validity
Not Before: Jan 2 10:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b8bc7a1886b9e9a71f914526da0e153d6b75e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0f:56:9b:58:60:23:dc:c1:cb:a8:8e:86:ca:
f1:31:50:31:58:1c:d8:c1:63:7c:61:41:5f:7a:72:
71:9f:0e:dc:84:c7:76:a9:2e:49:c1:5a:00:2c:b1:
98:a0:55:69:8c:e1:53:79:e6:a6:a6:93:5e:27:b6:
ec:73:2c:35:8c:43:1f:2e:cc:32:c5:84:fc:9b:3e:
f3:9f:e0:60:ba:49:22:6e:45:df:26:b1:7f:56:d7:
db:92:46:67:64:27:50:d2:81:e2:a3:df:f5:12:72:
44:c6:d7:a1:3d:2d:8d:21:23:11:c1:22:ae:02:b4:
9f:33:a9:e5:63:15:b5:36:26:1a:16:dd:b0:fb:64:
80:61:25:4f:cf:09:de:ae:57:83:3e:c1:ff:83:15:
c1:f5:f0:17:db:a4:5e:82:0c:9a:ba:f4:e4:a1:22:
87:f4:00:93:d7:ab:c8:a0:45:5b:42:ab:89:20:ea:
9f:0f:94:02:4f:e8:dc:43:6a:56:c8:2e:d6:5c:dd:
92:9c:54:f4:80:ae:fe:64:0e:c0:6e:80:1d:45:6c:
e0:a6:25:76:da:1a:5f:90:59:af:38:48:17:20:c6:
14:0e:75:08:73:70:fe:6e:45:6a:14:67:5f:67:23:
3c:fa:2a:15:a7:9d:ba:ae:97:64:3a:35:b5:d8:a7:
63:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:8B:C7:A1:88:6B:9E:9A:71:F9:14:52:6D:A0:E1:53:D6:B7:5E:58
X509v3 Authority Key Identifier:
keyid:0B:4C:FA:BE:47:E9:28:5F:65:F1:F2:D6:86:BA:AF:15:B8:B4:17:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C0z6vkfpKF9l8fLWhrqvFbi0F3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/a4vHoYhrnppx-RRSbaDhU9a3Xlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/1abe8a-45a2-4156-98d7-6806e3d4ce4f/1/C0z6vkfpKF9l8fLWhrqvFbi0F3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.144.0/21
193.46.73.0/24
IPv6:
2a02:d58::/29
Signature Algorithm: sha256WithRSAEncryption
70:bb:13:aa:de:30:06:42:3f:4d:34:c8:0e:5a:30:f3:f9:f2:
c2:68:c8:79:14:80:bc:df:04:15:85:85:0d:06:aa:a6:f9:a6:
ce:6d:83:47:d0:81:fe:06:b6:f1:52:eb:fb:be:69:a8:fc:26:
58:08:35:9a:33:9b:81:c0:cc:22:5b:4c:e7:fa:fa:d2:46:d6:
5a:e1:73:3f:46:7f:f0:e1:a6:3c:6c:5d:72:a5:5c:07:45:b1:
bb:23:e3:00:5f:f8:48:bf:f5:8d:d2:49:c7:f8:41:cb:6e:d8:
60:af:1d:f4:43:f3:33:10:66:62:44:e3:c0:f9:11:59:21:1b:
08:c0:03:fc:da:0e:f4:28:76:19:09:51:d9:ba:cd:c4:f0:94:
37:f4:ee:87:b5:f1:cc:4a:d2:bf:7a:ec:eb:e5:6d:e8:c4:f5:
aa:f8:4b:c2:50:c5:b9:74:87:6d:18:11:d3:dd:f6:af:7b:06:
03:0c:91:84:8e:ec:2b:ab:1b:dd:21:7e:fc:d1:90:a0:52:f3:
e4:25:47:46:b6:3c:c0:ee:49:e1:5d:32:a6:a5:f8:9f:f5:8f:
3c:6f:61:33:67:d0:b3:22:b2:66:c9:c7:e0:d0:b6:53:9d:e2:
c6:e7:1a:f3:6e:04:c0:83:6c:dd:57:73:27:b1:43:65:dd:42:
57:ee:ca:39
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvDqBkWX2Y9QS0wOebBW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGNmYWJlNDdlOTI4NWY2NWYxZjJkNjg2YmFhZjE1Yjhi
NDE3NzMwHhcNMjQwMTAyMTAzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjhiYzdhMTg4NmI5ZTlhNzFmOTE0NTI2ZGEwZTE1M2Q2Yjc1ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArA9Wm1hgI9zBy6iOhsrxMVAxWBzY
wWN8YUFfenJxnw7chMd2qS5JwVoALLGYoFVpjOFTeeamppNeJ7bscyw1jEMfLswy
xYT8mz7zn+BgukkibkXfJrF/VtfbkkZnZCdQ0oHio9/1EnJExtehPS2NISMRwSKu
ArSfM6nlYxW1NiYaFt2w+2SAYSVPzwnerleDPsH/gxXB9fAX26ReggyauvTkoSKH
9ACT16vIoEVbQquJIOqfD5QCT+jcQ2pWyC7WXN2SnFT0gK7+ZA7AboAdRWzgpiV2
2hpfkFmvOEgXIMYUDnUIc3D+bkVqFGdfZyM8+ioVp526rpdkOjW12KdjeQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGuLx6GIa56acfkUUm2g4VPWt15YMB8GA1UdIwQY
MBaAFAtM+r5H6ShfZfHy1oa6rxW4tBdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzB6NnZrZnBLRjlsOGZMV2hycXZGYmkwRjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8xYWJlOGEtNDVhMi00MTU2LTk4ZDct
NjgwNmUzZDRjZTRmLzEvYTR2SG9ZaHJucHB4LVJSU2JhRGhVOWEzWGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8xYWJlOGEtNDVhMi00MTU2LTk4ZDctNjgwNmUzZDRjZTRm
LzEvQzB6NnZrZnBLRjlsOGZMV2hycXZGYmkwRjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDvFyQAwQA
wS5JMA0EAgACMAcDBQMqAg1YMA0GCSqGSIb3DQEBCwUAA4IBAQBwuxOq3jAGQj9N
NMgOWjDz+fLCaMh5FIC83wQVhYUNBqqm+abObYNH0IH+BrbxUuv7vmmo/CZYCDWa
M5uBwMwiW0zn+vrSRtZa4XM/Rn/w4aY8bF1ypVwHRbG7I+MAX/hIv/WN0knH+EHL
bthgrx30Q/MzEGZiROPA+RFZIRsIwAP82g70KHYZCVHZus3E8JQ39O6HtfHMStK/
euzr5W3oxPWq+EvCUMW5dIdtGBHT3favewYDDJGEjuwrqxvdIX780ZCgUvPkJUdG
tjzA7knhXTKmpfif9Y88b2EzZ9CzIrJmycfg0LZTneLG5xrzbgTAg2zdV3MnsUNl
3UJX7so5
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:24 2024 by rpki-client on console-fra.rpki-client.org