Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/pFSML8UpDQZYC5GWogVZ_0cHGWE.roa
File: pFSML8UpDQZYC5GWogVZ_0cHGWE.roa (raw, json)
Hash identifier: A4Ke3Y8YMuiHc8br6ON1LdUlnmQ5C9GcnxZPOrusHuI=
Subject key identifier: A4:54:8C:2F:C5:29:0D:06:58:0B:91:96:A2:05:59:FF:47:07:19:61
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 018F76E933EA436BF2A9D4D243F2FFE2F5B5
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/pFSML8UpDQZYC5GWogVZ_0cHGWE.roa
Signing time: Tue 14 May 2024 11:42:25 +0000
ROA not before: Tue 14 May 2024 11:42:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44436
IP address blocks: 194.59.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:e9:33:ea:43:6b:f2:a9:d4:d2:43:f2:ff:e2:f5:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: May 14 11:42:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4548c2fc5290d06580b9196a20559ff47071961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dd:31:74:9c:02:34:ab:ac:d6:ad:e1:3a:05:
3f:35:c9:11:60:b5:d6:ec:80:e8:12:11:c0:d5:ef:
48:18:fa:8d:e8:13:76:90:c1:2a:1f:4f:a4:98:7e:
dc:9a:be:32:06:ae:36:20:9d:a7:11:e3:b6:73:6c:
a0:1e:02:7a:e8:5f:45:e1:ac:f0:6e:f0:d0:e3:d9:
52:16:76:8e:e5:44:80:c1:d1:de:94:a0:9e:8e:4f:
ce:06:d1:6d:c2:60:c4:00:4f:30:eb:6a:be:75:fc:
70:27:d4:99:65:14:9b:e3:10:ac:cf:f4:b8:5a:49:
18:6d:fd:3f:cb:35:90:eb:c2:df:ef:e4:45:68:73:
0f:f2:27:c2:0e:e3:3a:9e:a6:38:72:95:e1:8d:ea:
2d:e7:fd:69:a3:b9:de:e4:0e:30:a1:1a:ef:35:7b:
30:ec:73:40:15:f9:93:b4:2a:42:45:3d:51:49:bc:
23:6a:90:a6:f0:9d:f5:e6:09:2a:93:bb:b5:61:5d:
16:b2:e1:14:d5:25:74:e0:09:a7:fb:0e:2b:d6:89:
30:71:be:d3:5d:06:77:9e:a7:91:17:17:6d:6a:06:
30:5f:2c:8e:0d:22:ee:c8:fc:75:3b:32:37:a5:6e:
02:11:57:b4:32:b3:34:a5:5b:88:27:8c:ec:1b:3c:
48:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:54:8C:2F:C5:29:0D:06:58:0B:91:96:A2:05:59:FF:47:07:19:61
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/pFSML8UpDQZYC5GWogVZ_0cHGWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.214.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:be:23:b3:42:df:0f:34:fb:af:94:bd:4f:02:84:cf:3e:be:
20:b5:41:fe:73:f3:ef:62:e0:48:57:4d:a1:e3:5e:d3:79:87:
45:5b:12:94:d4:1f:4e:82:77:0a:ec:35:97:d9:93:7b:ea:58:
63:4f:37:38:cf:22:a8:61:08:c2:2f:c7:c1:25:61:12:72:6f:
00:c1:5f:1e:9b:99:38:6a:0f:82:67:2d:65:f6:45:9e:9b:06:
03:5d:6c:46:92:7a:1e:5c:30:27:43:fd:cb:57:dc:10:d1:14:
b7:cc:b6:ed:2f:43:c5:e4:be:47:b4:4c:ed:ff:c5:54:55:c7:
de:80:15:b0:e4:38:b7:23:cb:99:f1:04:2c:83:b5:4a:02:9f:
47:3e:92:5f:e4:f5:8b:56:50:a6:0f:0a:47:b1:0a:6c:15:f0:
44:6a:be:72:4c:ca:83:76:ef:dc:c8:e5:0a:42:26:58:56:bd:
38:46:f9:d9:7f:35:ec:c2:4b:7c:4e:da:8b:8f:3d:d9:16:3a:
b4:34:98:84:94:9f:41:e3:9b:2e:63:38:4c:20:78:b7:73:32:
e4:22:63:d7:bf:b0:cf:c3:e0:fb:1c:d1:4d:50:ba:44:2c:eb:
24:1a:6e:f2:f3:55:70:c8:78:cc:9e:bc:ed:40:69:10:c2:76:
a4:b0:cc:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY926TPqQ2vyqdTSQ/L/4vW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjQwNTE0MTE0MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDU0OGMyZmM1MjkwZDA2NTgwYjkxOTZhMjA1NTlmZjQ3MDcxOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN0xdJwCNKus1q3hOgU/NckRYLXW
7IDoEhHA1e9IGPqN6BN2kMEqH0+kmH7cmr4yBq42IJ2nEeO2c2ygHgJ66F9F4azw
bvDQ49lSFnaO5USAwdHelKCejk/OBtFtwmDEAE8w62q+dfxwJ9SZZRSb4xCsz/S4
WkkYbf0/yzWQ68Lf7+RFaHMP8ifCDuM6nqY4cpXhjeot5/1po7ne5A4woRrvNXsw
7HNAFfmTtCpCRT1RSbwjapCm8J315gkqk7u1YV0WsuEU1SV04Amn+w4r1okwcb7T
XQZ3nqeRFxdtagYwXyyODSLuyPx1OzI3pW4CEVe0MrM0pVuIJ4zsGzxIXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRUjC/FKQ0GWAuRlqIFWf9HBxlhMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvcEZTTUw4VXBEUVpZQzVHV29nVlpfMGNIR1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjvWMA0G
CSqGSIb3DQEBCwUAA4IBAQANviOzQt8PNPuvlL1PAoTPPr4gtUH+c/PvYuBIV02h
417TeYdFWxKU1B9OgncK7DWX2ZN76lhjTzc4zyKoYQjCL8fBJWEScm8AwV8em5k4
ag+CZy1l9kWemwYDXWxGknoeXDAnQ/3LV9wQ0RS3zLbtL0PF5L5HtEzt/8VUVcfe
gBWw5Di3I8uZ8QQsg7VKAp9HPpJf5PWLVlCmDwpHsQpsFfBEar5yTMqDdu/cyOUK
QiZYVr04RvnZfzXswkt8TtqLjz3ZFjq0NJiElJ9B45suYzhMIHi3czLkImPXv7DP
w+D7HNFNULpELOskGm7y81VwyHjMnrztQGkQwnaksMx3
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:03:58 2024 by rpki-client on console-ams.rpki-client.org