Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/q6YwftgUAvWJn9Q5GVwpYJtLidc.roa
File: q6YwftgUAvWJn9Q5GVwpYJtLidc.roa (raw, json)
Hash identifier: aHBcM4HUFOI4DEpV8lYOjLB7DMOOMiAqlkmJj21edaU=
Subject key identifier: AB:A6:30:7E:D8:14:02:F5:89:9F:D4:39:19:5C:29:60:9B:4B:89:D7
Certificate issuer: /CN=bf1d5974b4e599ca72dcc4dac066d7714202efc9
Certificate serial: 018CC4937C01AEDBA980715149BCBD343856
Authority key identifier: BF:1D:59:74:B4:E5:99:CA:72:DC:C4:DA:C0:66:D7:71:42:02:EF:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vx1ZdLTlmcpy3MTawGbXcUIC78k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/q6YwftgUAvWJn9Q5GVwpYJtLidc.roa
Signing time: Mon 01 Jan 2024 10:30:48 +0000
ROA not before: Mon 01 Jan 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12843
IP address blocks: 194.180.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/vx1ZdLTlmcpy3MTawGbXcUIC78k.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/vx1ZdLTlmcpy3MTawGbXcUIC78k.mft
rsync://rpki.ripe.net/repository/DEFAULT/vx1ZdLTlmcpy3MTawGbXcUIC78k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:7c:01:ae:db:a9:80:71:51:49:bc:bd:34:38:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf1d5974b4e599ca72dcc4dac066d7714202efc9
Validity
Not Before: Jan 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aba6307ed81402f5899fd439195c29609b4b89d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ff:ec:c2:f6:62:b0:fd:0e:46:d6:94:bb:2f:
db:b6:6c:c1:d9:d5:73:a3:a4:d7:a5:e5:de:8c:6b:
a7:26:4c:00:9c:b9:e4:b9:ec:85:14:45:38:5f:63:
b8:47:d4:b8:a7:66:78:79:5e:92:4b:3d:bd:03:de:
fe:1b:bb:cb:89:17:e1:90:1f:dc:82:01:df:10:ec:
11:b1:b1:21:9b:5e:54:41:15:b0:e9:34:c0:aa:82:
77:5f:20:99:34:fa:7d:c5:82:7d:7b:7f:4a:f0:38:
17:b0:cd:46:38:9c:bd:65:fb:7d:ea:dc:5d:3e:04:
12:b1:ce:0f:3d:27:6b:69:66:12:07:c5:48:5f:95:
c6:f1:d2:9d:4e:7d:b5:25:57:46:c7:6e:aa:45:b1:
8b:d9:c3:6f:e4:9a:37:59:b4:da:15:af:77:ea:22:
13:b7:2e:6f:64:8f:e6:29:96:d1:15:fd:04:22:6b:
82:27:01:25:78:09:41:38:da:4f:1f:e9:bd:7f:6c:
15:7e:9c:a1:ca:9e:47:bb:9d:11:e9:1e:b9:0a:64:
ca:d6:84:b3:b9:a9:b4:5d:67:fe:2a:a0:fe:75:76:
cc:ac:9f:ae:b5:64:99:fb:c9:d9:4d:29:81:ba:7e:
c9:98:8b:7f:79:ce:ae:47:ce:d4:7c:72:96:9d:e1:
a4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A6:30:7E:D8:14:02:F5:89:9F:D4:39:19:5C:29:60:9B:4B:89:D7
X509v3 Authority Key Identifier:
keyid:BF:1D:59:74:B4:E5:99:CA:72:DC:C4:DA:C0:66:D7:71:42:02:EF:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1ZdLTlmcpy3MTawGbXcUIC78k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/q6YwftgUAvWJn9Q5GVwpYJtLidc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/94a062-8510-44d5-9e4b-c32a9a085ae0/1/vx1ZdLTlmcpy3MTawGbXcUIC78k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.204.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a4:3b:f7:29:6b:5e:40:64:ed:3c:6e:f7:68:ad:b4:45:8a:
a3:e8:fe:2e:b8:2f:99:70:f3:41:a6:75:84:5b:d0:cc:49:9d:
66:09:19:ed:fd:8b:fd:89:6c:be:26:5d:0e:3c:e0:27:1d:b8:
fa:71:70:8f:ad:86:6c:e4:2d:66:7f:85:5e:0a:a7:44:ac:21:
08:a1:85:48:a5:ab:9d:6a:ee:57:75:ca:57:5c:c8:1b:b3:04:
62:e1:cc:dd:cf:50:4a:a0:d4:99:e9:09:50:06:d0:a6:40:c0:
85:8c:db:23:6b:12:01:a0:e9:6c:d6:2e:22:36:65:6d:61:80:
98:d1:cd:a0:92:53:47:98:fc:9b:7c:d7:32:24:1a:0d:e8:37:
07:13:1c:dd:dd:71:3f:0b:70:63:91:b8:24:45:d9:49:d2:76:
2c:7f:4e:e9:57:86:cc:85:c0:a1:85:7c:9f:1b:55:3e:a1:ab:
bb:e3:38:3d:d0:6e:ef:35:10:dc:8f:2d:79:5a:01:e9:34:44:
88:81:d6:1e:1c:af:84:77:22:b3:50:6f:70:9a:6d:76:67:bd:
01:da:2d:8f:cb:bd:de:f3:c2:64:ce:4b:aa:23:8f:2f:a0:50:
0e:85:32:67:38:cb:4c:a8:91:bc:22:ff:f3:2c:32:26:59:77:
aa:d7:05:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk3wBrtupgHFRSby9NDhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1OTc0YjRlNTk5Y2E3MmRjYzRkYWMwNjZkNzcxNDIw
MmVmYzkwHhcNMjQwMTAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmE2MzA3ZWQ4MTQwMmY1ODk5ZmQ0MzkxOTVjMjk2MDliNGI4OWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv/swvZisP0ORtaUuy/btmzB2dVz
o6TXpeXejGunJkwAnLnkueyFFEU4X2O4R9S4p2Z4eV6SSz29A97+G7vLiRfhkB/c
ggHfEOwRsbEhm15UQRWw6TTAqoJ3XyCZNPp9xYJ9e39K8DgXsM1GOJy9Zft96txd
PgQSsc4PPSdraWYSB8VIX5XG8dKdTn21JVdGx26qRbGL2cNv5Jo3WbTaFa936iIT
ty5vZI/mKZbRFf0EImuCJwEleAlBONpPH+m9f2wVfpyhyp5Hu50R6R65CmTK1oSz
uam0XWf+KqD+dXbMrJ+utWSZ+8nZTSmBun7JmIt/ec6uR87UfHKWneGkdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKumMH7YFAL1iZ/UORlcKWCbS4nXMB8GA1UdIwQY
MBaAFL8dWXS05ZnKctzE2sBm13FCAu/JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxWmRMVGxtY3B5M01UYXdHYlhjVUlDNzhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85NGEwNjItODUxMC00NGQ1LTllNGIt
YzMyYTlhMDg1YWUwLzEvcTZZd2Z0Z1VBdldKbjlRNUdWd3BZSnRMaWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85NGEwNjItODUxMC00NGQ1LTllNGItYzMyYTlhMDg1YWUw
LzEvdngxWmRMVGxtY3B5M01UYXdHYlhjVUlDNzhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrTMMA0G
CSqGSIb3DQEBCwUAA4IBAQA8pDv3KWteQGTtPG73aK20RYqj6P4uuC+ZcPNBpnWE
W9DMSZ1mCRnt/Yv9iWy+Jl0OPOAnHbj6cXCPrYZs5C1mf4VeCqdErCEIoYVIpaud
au5XdcpXXMgbswRi4czdz1BKoNSZ6QlQBtCmQMCFjNsjaxIBoOls1i4iNmVtYYCY
0c2gklNHmPybfNcyJBoN6DcHExzd3XE/C3BjkbgkRdlJ0nYsf07pV4bMhcChhXyf
G1U+oau74zg90G7vNRDcjy15WgHpNESIgdYeHK+EdyKzUG9wmm12Z70B2i2Py73e
88JkzkuqI48voFAOhTJnOMtMqJG8Iv/zLDImWXeq1wWj
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:22:51 2024 by rpki-client on console-ams.rpki-client.org