Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/RhLlNCw6qtpA4ux3xjQBOcMl7rc.roa
File: RhLlNCw6qtpA4ux3xjQBOcMl7rc.roa (raw, json)
Hash identifier: 6gKAvupDMRAyfbro1TkW10sjIg2UaJNJ9gnashg98fs=
Subject key identifier: 46:12:E5:34:2C:3A:AA:DA:40:E2:EC:77:C6:34:01:39:C3:25:EE:B7
Certificate issuer: /CN=23a42497970d65541ddb159658e3b0a6e2f516b7
Certificate serial: 018CC9BBB00D19D3F6AE56810EFEA634112F
Authority key identifier: 23:A4:24:97:97:0D:65:54:1D:DB:15:96:58:E3:B0:A6:E2:F5:16:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/RhLlNCw6qtpA4ux3xjQBOcMl7rc.roa
Signing time: Tue 02 Jan 2024 10:32:49 +0000
ROA not before: Tue 02 Jan 2024 10:32:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50134
IP address blocks: 194.246.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.mft
rsync://rpki.ripe.net/repository/DEFAULT/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:b0:0d:19:d3:f6:ae:56:81:0e:fe:a6:34:11:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23a42497970d65541ddb159658e3b0a6e2f516b7
Validity
Not Before: Jan 2 10:32:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4612e5342c3aaada40e2ec77c6340139c325eeb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d8:2f:75:d8:7f:6b:e0:70:32:7b:d0:c4:53:
e2:c3:c0:62:80:a7:1b:0a:7d:6a:f8:4d:e9:97:de:
2b:b8:8b:87:68:ca:80:2d:35:f4:91:16:07:b5:0c:
34:eb:6f:75:24:4c:5a:2c:a1:04:be:30:a9:c3:85:
65:20:3e:2d:f7:12:d2:52:b8:24:c2:d6:73:c3:b7:
88:ff:cf:11:19:9d:31:8e:80:7d:6d:ff:b9:e2:0b:
a9:29:b3:b7:f0:26:a0:43:51:21:fc:ff:54:38:d8:
91:0c:19:f8:c9:8e:0e:1d:27:e9:b7:33:1d:66:66:
94:69:aa:79:62:a4:4a:22:04:3b:45:e2:cf:d2:26:
60:d8:0b:aa:76:11:a4:c7:46:64:16:81:ac:d0:60:
c5:53:e7:3d:d7:24:45:a5:96:cc:13:c7:0d:f9:c4:
9c:df:00:db:cf:2e:d0:ea:e0:23:11:63:1c:61:cf:
f0:46:8b:bf:1b:e8:82:f6:48:1d:fd:7f:b1:db:16:
f4:34:14:e3:7b:cc:f0:75:c9:8c:20:49:0a:8f:7f:
1e:af:1a:f2:de:a8:87:78:0f:4d:c0:33:71:7f:71:
37:91:3c:80:3a:38:ee:f0:6e:c9:64:91:b6:d1:98:
f2:65:8d:dc:07:dd:76:36:32:26:2f:c1:8b:32:01:
54:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:12:E5:34:2C:3A:AA:DA:40:E2:EC:77:C6:34:01:39:C3:25:EE:B7
X509v3 Authority Key Identifier:
keyid:23:A4:24:97:97:0D:65:54:1D:DB:15:96:58:E3:B0:A6:E2:F5:16:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/RhLlNCw6qtpA4ux3xjQBOcMl7rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ba2857-c098-44d2-9c01-e720feb10103/1/I6Qkl5cNZVQd2xWWWOOwpuL1Frc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.76.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:97:41:38:c1:8b:f9:72:58:bb:20:83:90:6c:64:d9:4a:e1:
00:ed:60:a5:b3:fd:cc:b6:d0:dc:6b:82:ef:ec:f9:28:8d:80:
da:6c:76:e7:74:17:3b:8a:49:75:9c:a8:80:69:46:ab:1e:1c:
fa:63:b9:56:04:8b:14:59:12:a7:d3:19:a4:ac:d6:e7:28:fc:
df:e3:c0:4f:7e:13:fd:c8:9a:1b:20:85:6c:fb:1a:78:8a:06:
f1:4d:e5:ad:fe:f2:5f:86:bb:fa:c4:df:e5:56:3a:33:8f:19:
44:3e:92:30:2e:e2:75:c2:db:2b:d9:63:06:a0:33:b5:ff:04:
f0:f0:5a:dd:70:aa:1e:17:cb:86:86:e2:7c:e1:e3:55:47:df:
c6:e3:e3:44:55:da:0d:94:23:e4:80:d2:4d:52:37:85:52:19:
5f:cd:cc:42:34:14:4b:3c:a4:e7:f6:7c:8c:69:6e:37:64:79:
64:69:eb:b1:fa:e8:3f:29:55:a3:92:4a:26:5f:c4:62:59:2b:
57:42:1f:56:75:26:3d:ea:00:2d:f3:17:00:9e:bf:dd:7d:8b:
c6:3a:3e:b4:56:40:a0:f0:2a:95:47:a0:7c:14:a6:e1:80:c4:
62:ec:aa:41:d5:5f:f9:01:2e:d9:93:58:8f:d9:f3:c0:65:56:
ef:35:cc:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJu7ANGdP2rlaBDv6mNBEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzYTQyNDk3OTcwZDY1NTQxZGRiMTU5NjU4ZTNiMGE2ZTJm
NTE2YjcwHhcNMjQwMTAyMTAzMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjEyZTUzNDJjM2FhYWRhNDBlMmVjNzdjNjM0MDEzOWMzMjVlZWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9gvddh/a+BwMnvQxFPiw8BigKcb
Cn1q+E3pl94ruIuHaMqALTX0kRYHtQw06291JExaLKEEvjCpw4VlID4t9xLSUrgk
wtZzw7eI/88RGZ0xjoB9bf+54gupKbO38CagQ1Eh/P9UONiRDBn4yY4OHSfptzMd
ZmaUaap5YqRKIgQ7ReLP0iZg2AuqdhGkx0ZkFoGs0GDFU+c91yRFpZbME8cN+cSc
3wDbzy7Q6uAjEWMcYc/wRou/G+iC9kgd/X+x2xb0NBTje8zwdcmMIEkKj38erxry
3qiHeA9NwDNxf3E3kTyAOjju8G7JZJG20ZjyZY3cB912NjImL8GLMgFUDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEYS5TQsOqraQOLsd8Y0ATnDJe63MB8GA1UdIwQY
MBaAFCOkJJeXDWVUHdsVlljjsKbi9Ra3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTZRa2w1Y05aVlFkMnhXV1dPT3dwdUwxRnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9iYTI4NTctYzA5OC00NGQyLTljMDEt
ZTcyMGZlYjEwMTAzLzEvUmhMbE5DdzZxdHBBNHV4M3hqUUJPY01sN3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9iYTI4NTctYzA5OC00NGQyLTljMDEtZTcyMGZlYjEwMTAz
LzEvSTZRa2w1Y05aVlFkMnhXV1dPT3dwdUwxRnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwvZMMA0G
CSqGSIb3DQEBCwUAA4IBAQB7l0E4wYv5cli7IIOQbGTZSuEA7WCls/3MttDca4Lv
7PkojYDabHbndBc7ikl1nKiAaUarHhz6Y7lWBIsUWRKn0xmkrNbnKPzf48BPfhP9
yJobIIVs+xp4igbxTeWt/vJfhrv6xN/lVjozjxlEPpIwLuJ1wtsr2WMGoDO1/wTw
8FrdcKoeF8uGhuJ84eNVR9/G4+NEVdoNlCPkgNJNUjeFUhlfzcxCNBRLPKTn9nyM
aW43ZHlkaeux+ug/KVWjkkomX8RiWStXQh9WdSY96gAt8xcAnr/dfYvGOj60VkCg
8CqVR6B8FKbhgMRi7KpB1V/5AS7Zk1iP2fPAZVbvNcyu
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:39:46 2024 by rpki-client on console-fra.rpki-client.org