Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/x4Qoke6Qq6rPzL59tkEGtqitDb8.roa
File: x4Qoke6Qq6rPzL59tkEGtqitDb8.roa (raw, json)
Hash identifier: t2nwz2TTuuaruKkTaCYaHSEbCn+/EEEkH3I6q/OoPqQ=
Subject key identifier: C7:84:28:91:EE:90:AB:AA:CF:CC:BE:7D:B6:41:06:B6:A8:AD:0D:BF
Certificate issuer: /CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Certificate serial: 018CC8DE33E975DBD02D574BDCEE65B1F085
Authority key identifier: D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/x4Qoke6Qq6rPzL59tkEGtqitDb8.roa
Signing time: Tue 02 Jan 2024 06:30:54 +0000
ROA not before: Tue 02 Jan 2024 06:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208976
IP address blocks: 194.147.211.0/24 maxlen: 24
2a12:66c6::/32 maxlen: 32
2a12:66c7::/48 maxlen: 48
2a12:66c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.mft
rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 02:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:33:e9:75:db:d0:2d:57:4b:dc:ee:65:b1:f0:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d447813ce52a823ea1efc9a0f4933c5d3353ee2b
Validity
Not Before: Jan 2 06:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7842891ee90abaacfccbe7db64106b6a8ad0dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:25:ae:84:b4:19:50:3f:ea:86:7e:5e:4e:fd:
c6:8e:78:91:17:65:9c:a1:f3:e4:08:49:5c:e1:ae:
ab:31:38:ea:41:1c:4d:45:40:df:4d:a2:4b:09:b4:
1a:12:64:95:46:e2:2b:88:df:05:99:cc:01:34:14:
a4:4b:20:19:77:77:55:93:69:a1:47:4c:3f:33:dc:
5a:df:6b:10:ec:3d:a6:68:24:ac:02:ff:78:65:e5:
1f:7b:f7:3c:eb:ab:ee:90:f9:7f:44:05:50:c5:23:
31:5a:98:e0:fa:e8:cb:1c:3e:2c:a0:0e:e9:17:e9:
94:9e:92:d6:83:e2:27:11:be:43:3d:a6:31:e1:34:
d3:3d:65:07:47:94:13:22:7d:cb:8d:cc:ba:00:e5:
4e:68:31:97:bc:ec:f7:bf:1b:0d:fb:c6:bf:80:70:
c9:33:fd:f0:2e:5c:89:35:3c:33:ab:79:ea:d4:74:
0c:45:bc:46:c0:be:cf:c9:97:af:cc:55:d9:45:bb:
8c:43:52:82:2a:3c:6c:22:0f:eb:5f:ca:ec:d0:6a:
50:fe:4c:a2:a4:b2:83:e7:30:90:6b:0a:f0:ee:de:
94:78:d9:b4:16:2c:44:51:8c:6f:be:d4:7b:0a:91:
e2:54:1d:64:ea:af:93:4d:f2:1e:36:09:58:1c:89:
0d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:84:28:91:EE:90:AB:AA:CF:CC:BE:7D:B6:41:06:B6:A8:AD:0D:BF
X509v3 Authority Key Identifier:
keyid:D4:47:81:3C:E5:2A:82:3E:A1:EF:C9:A0:F4:93:3C:5D:33:53:EE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1EeBPOUqgj6h78mg9JM8XTNT7is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/x4Qoke6Qq6rPzL59tkEGtqitDb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/fa77d3-cedb-459d-95cf-dc7e126ca234/1/1EeBPOUqgj6h78mg9JM8XTNT7is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.211.0/24
IPv6:
2a12:66c0::/32
2a12:66c6::-2a12:66c7:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:c0:29:bb:08:83:8e:99:01:4d:77:8d:01:de:72:6d:ad:94:
1f:44:0b:99:87:b4:f2:2d:96:b6:43:41:b8:30:0d:ff:74:1e:
31:b7:f0:5f:6e:35:a1:e3:e5:06:6b:05:3b:9b:a2:74:1f:98:
78:5e:b5:7b:a5:2f:d3:d7:3c:2f:58:c9:cb:f3:fd:53:c9:66:
b5:ba:99:18:0d:18:6c:ad:ec:e4:89:98:65:c5:33:85:af:1c:
14:75:ba:cb:91:cc:4f:c1:76:6d:87:1b:18:68:9d:c2:e6:75:
c9:ed:a9:30:5c:3a:a9:06:f9:0d:ee:f6:14:2e:10:63:46:8d:
71:4c:be:ea:86:b2:4d:fa:e0:ca:ea:23:c4:3c:a5:8c:37:5f:
a3:aa:e9:bf:8f:b2:40:ae:90:7a:7b:bc:bb:d1:f6:ad:56:33:
6f:d1:3e:4f:a9:bd:93:7d:00:8b:b8:d4:63:92:18:1f:cb:0e:
a1:90:42:5d:f1:6b:c8:8f:ab:1c:b4:45:a4:d9:51:d3:94:f3:
ae:74:cf:35:67:83:8f:49:0a:bb:d9:94:d4:bf:f4:42:52:04:
0b:d6:de:2e:86:61:c8:6d:fc:df:db:96:be:26:9a:ff:5e:d5:
c7:21:98:e2:c5:91:68:52:99:88:73:d3:72:29:64:df:48:8a:
a7:89:e8:99
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzI3jPpddvQLVdL3O5lsfCFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NDc4MTNjZTUyYTgyM2VhMWVmYzlhMGY0OTMzYzVkMzM1
M2VlMmIwHhcNMjQwMTAyMDYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzg0Mjg5MWVlOTBhYmFhY2ZjY2JlN2RiNjQxMDZiNmE4YWQwZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiWuhLQZUD/qhn5eTv3GjniRF2Wc
ofPkCElc4a6rMTjqQRxNRUDfTaJLCbQaEmSVRuIriN8FmcwBNBSkSyAZd3dVk2mh
R0w/M9xa32sQ7D2maCSsAv94ZeUfe/c866vukPl/RAVQxSMxWpjg+ujLHD4soA7p
F+mUnpLWg+InEb5DPaYx4TTTPWUHR5QTIn3Ljcy6AOVOaDGXvOz3vxsN+8a/gHDJ
M/3wLlyJNTwzq3nq1HQMRbxGwL7PyZevzFXZRbuMQ1KCKjxsIg/rX8rs0GpQ/kyi
pLKD5zCQawrw7t6UeNm0FixEUYxvvtR7CpHiVB1k6q+TTfIeNglYHIkNCwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMeEKJHukKuqz8y+fbZBBraorQ2/MB8GA1UdIwQY
MBaAFNRHgTzlKoI+oe/JoPSTPF0zU+4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2Yt
ZGM3ZTEyNmNhMjM0LzEveDRRb2tlNlFxNnJQekw1OXRrRUd0cWl0RGI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9mYTc3ZDMtY2VkYi00NTlkLTk1Y2YtZGM3ZTEyNmNhMjM0
LzEvMUVlQlBPVXFnajZoNzhtZzlKTThYVE5UN2lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAwpPTMB8E
AgACMBkDBQAqEmbAMBADBQEqEmbGAwcAKhJmxwAAMA0GCSqGSIb3DQEBCwUAA4IB
AQBjwCm7CIOOmQFNd40B3nJtrZQfRAuZh7TyLZa2Q0G4MA3/dB4xt/BfbjWh4+UG
awU7m6J0H5h4XrV7pS/T1zwvWMnL8/1TyWa1upkYDRhsrezkiZhlxTOFrxwUdbrL
kcxPwXZthxsYaJ3C5nXJ7akwXDqpBvkN7vYULhBjRo1xTL7qhrJN+uDK6iPEPKWM
N1+jqum/j7JArpB6e7y70fatVjNv0T5Pqb2TfQCLuNRjkhgfyw6hkEJd8WvIj6sc
tEWk2VHTlPOudM81Z4OPSQq72ZTUv/RCUgQL1t4uhmHIbfzf25a+Jpr/XtXHIZji
xZFoUpmIc9NyKWTfSIqnieiZ
-----END CERTIFICATE-----
Generated at Mon Jun 17 08:39:32 2024 by rpki-client on console-fra.rpki-client.org