Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Shq6GGnlf1kbVvyhhybk-eOtM7o.roa
File: Shq6GGnlf1kbVvyhhybk-eOtM7o.roa (raw, json)
Hash identifier: JfYqZAepilc0Qh9GgZa2HpZt+PC9ALYFJ8qVgDLm2j8=
Subject key identifier: 4A:1A:BA:18:69:E5:7F:59:1B:56:FC:A1:87:26:E4:F9:E3:AD:33:BA
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018CC80290F0CBA8F9672D8B14CC0B1E195D
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Shq6GGnlf1kbVvyhhybk-eOtM7o.roa
Signing time: Tue 02 Jan 2024 02:31:00 +0000
ROA not before: Tue 02 Jan 2024 02:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210472
IP address blocks: 194.26.172.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:90:f0:cb:a8:f9:67:2d:8b:14:cc:0b:1e:19:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 02:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4a1aba1869e57f591b56fca18726e4f9e3ad33ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:07:09:91:44:1a:bd:f3:6a:12:39:15:96:29:
14:85:9b:a2:6e:c6:37:bc:c1:81:9e:0c:84:f8:35:
47:3a:67:41:ca:49:70:59:d0:11:7a:89:bd:f4:b8:
e3:24:c4:62:d2:c2:7b:e6:01:58:7b:f6:b7:7c:a2:
22:19:6b:ad:ec:ca:5d:87:12:53:2e:34:73:3b:74:
9a:b0:98:97:c9:d7:53:01:9b:c4:52:ea:27:25:26:
f2:82:33:91:21:2c:c5:39:a2:b3:90:77:79:6d:8c:
12:ff:9c:1a:c1:da:cb:cc:da:58:dc:eb:01:7a:43:
6d:a6:2e:ba:73:0f:98:35:58:5f:ca:2f:f5:6a:9b:
9c:c1:cb:69:92:73:33:94:7b:03:a6:98:5f:33:d3:
b2:16:23:1b:0f:53:06:52:b6:28:06:6a:3a:07:b3:
1d:12:0a:7b:c7:94:57:a8:c3:1a:a4:62:d8:86:42:
d4:b0:60:bd:44:a7:e4:fd:6f:4c:6d:eb:47:7b:44:
8a:7e:17:34:d0:6d:c2:89:44:33:a2:21:dd:7f:46:
d3:e1:e6:3c:6a:68:25:36:07:0a:a3:35:5e:e7:9c:
09:7a:83:20:83:fd:18:e7:82:3f:57:b1:f7:2b:02:
06:07:55:fd:3a:12:db:2b:e2:c3:cf:bb:16:a4:16:
2f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:1A:BA:18:69:E5:7F:59:1B:56:FC:A1:87:26:E4:F9:E3:AD:33:BA
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/Shq6GGnlf1kbVvyhhybk-eOtM7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.172.0/23
Signature Algorithm: sha256WithRSAEncryption
48:44:87:05:ad:e6:44:39:9f:98:a7:b9:55:41:ee:0a:ef:4e:
a1:3b:35:10:d1:13:a4:e6:b6:81:68:53:b5:28:36:10:e4:37:
f2:cf:ec:ba:f5:9f:b9:44:30:7c:6f:e0:4f:d5:9b:53:89:4f:
fd:f0:ec:94:25:c0:d0:5b:9d:87:a6:3c:6c:c5:28:bf:e0:fd:
7c:f5:03:a4:5d:2a:61:4f:96:33:af:ef:0e:42:b6:8b:ee:40:
de:91:0f:b2:d6:f9:43:ff:fc:f0:65:db:68:d6:fa:c0:e9:fa:
26:97:5b:53:76:43:ae:de:ce:21:78:bd:62:71:7c:95:ba:4a:
29:2d:d1:aa:2c:22:d3:19:bc:9c:10:07:a9:05:40:4f:d3:d8:
56:95:a1:99:48:85:6c:95:da:d5:3c:c0:ea:73:f7:d3:83:55:
e5:46:df:6c:31:7c:6b:f5:1e:8c:bf:ad:32:9c:63:84:e2:e5:
43:1f:dc:a9:45:71:56:37:0a:0a:a4:82:c0:c7:90:e0:f6:38:
f9:d0:55:78:c8:86:e0:de:09:64:4a:62:5b:4e:6b:13:7f:63:
4c:9e:49:db:27:ed:6a:ea:7e:19:e6:2d:c2:c6:af:65:ea:b1:
e6:cb:f8:51:f5:b9:aa:4c:5f:f2:2a:00:22:fc:9e:95:cb:41:
e4:4d:25:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIApDwy6j5Zy2LFMwLHhldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMTAyMDIzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTFhYmExODY5ZTU3ZjU5MWI1NmZjYTE4NzI2ZTRmOWUzYWQzM2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAcJkUQavfNqEjkVlikUhZuibsY3
vMGBngyE+DVHOmdByklwWdAReom99LjjJMRi0sJ75gFYe/a3fKIiGWut7MpdhxJT
LjRzO3SasJiXyddTAZvEUuonJSbygjORISzFOaKzkHd5bYwS/5wawdrLzNpY3OsB
ekNtpi66cw+YNVhfyi/1apucwctpknMzlHsDpphfM9OyFiMbD1MGUrYoBmo6B7Md
Egp7x5RXqMMapGLYhkLUsGC9RKfk/W9MbetHe0SKfhc00G3CiUQzoiHdf0bT4eY8
amglNgcKozVe55wJeoMgg/0Y54I/V7H3KwIGB1X9OhLbK+LDz7sWpBYv0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEoauhhp5X9ZG1b8oYcm5PnjrTO6MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvU2hxNkdHbmxmMWtiVnZ5aGh5YmstZU90TTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwhqsMA0G
CSqGSIb3DQEBCwUAA4IBAQBIRIcFreZEOZ+Yp7lVQe4K706hOzUQ0ROk5raBaFO1
KDYQ5Dfyz+y69Z+5RDB8b+BP1ZtTiU/98OyUJcDQW52HpjxsxSi/4P189QOkXSph
T5Yzr+8OQraL7kDekQ+y1vlD//zwZdto1vrA6foml1tTdkOu3s4heL1icXyVukop
LdGqLCLTGbycEAepBUBP09hWlaGZSIVsldrVPMDqc/fTg1XlRt9sMXxr9R6Mv60y
nGOE4uVDH9ypRXFWNwoKpILAx5Dg9jj50FV4yIbg3glkSmJbTmsTf2NMnknbJ+1q
6n4Z5i3Cxq9l6rHmy/hR9bmqTF/yKgAi/J6Vy0HkTSWv
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:31 2024 by rpki-client on console-ams.rpki-client.org