Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/h7KFWNjT07gwReGJ-UIT6KdGM9w.roa
File: h7KFWNjT07gwReGJ-UIT6KdGM9w.roa (raw, json)
Hash identifier: 6tUDWPirv44VxYu4sCPsUuiGs7RWSYiYx24T58ZksSo=
Subject key identifier: 87:B2:85:58:D8:D3:D3:B8:30:45:E1:89:F9:42:13:E8:A7:46:33:DC
Certificate issuer: /CN=1651d3ddc6add483b761ac0476269533fe7ea717
Certificate serial: 018CC4248EF1DD686F6C399FF0FFB3661213
Authority key identifier: 16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/h7KFWNjT07gwReGJ-UIT6KdGM9w.roa
Signing time: Mon 01 Jan 2024 08:29:39 +0000
ROA not before: Mon 01 Jan 2024 08:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206104
IP address blocks: 194.126.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/FlHT3cat1IO3YawEdiaVM_5-pxc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/FlHT3cat1IO3YawEdiaVM_5-pxc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:8e:f1:dd:68:6f:6c:39:9f:f0:ff:b3:66:12:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1651d3ddc6add483b761ac0476269533fe7ea717
Validity
Not Before: Jan 1 08:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87b28558d8d3d3b83045e189f94213e8a74633dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b1:05:c8:61:15:64:eb:36:9d:1f:7b:a8:cf:
4a:2e:c3:60:7a:af:1c:35:c0:e9:25:93:eb:e2:1b:
28:5b:ad:4f:17:e2:1d:69:a8:d3:58:1b:35:c8:3c:
51:bc:53:0d:6a:bf:f0:77:4c:ef:ff:4c:28:95:3d:
6c:95:37:9c:cb:9b:a6:44:ba:bf:c5:e2:17:2c:ee:
5e:7f:2d:63:13:f6:2c:ba:df:14:f8:f4:17:90:e0:
96:bb:2d:3d:8b:0a:14:96:d0:d7:09:50:7f:ff:25:
89:a0:0a:06:fe:2b:3d:8e:c6:24:70:51:e0:df:92:
2f:a1:ff:b8:4b:82:50:54:97:d8:88:8c:43:60:51:
b2:f9:20:0e:ba:25:87:f6:8b:6c:bb:cf:42:86:60:
f1:f9:41:e4:bd:f1:5f:3c:db:a5:e7:25:6c:3b:30:
97:2e:67:27:fb:e8:87:9a:31:e6:86:d8:7f:1e:c9:
59:fd:df:50:80:68:1d:09:66:3d:08:8b:9d:d7:fa:
f9:11:7d:0e:86:e6:88:50:49:d4:d1:a9:a4:86:16:
9e:0d:36:d5:ec:91:83:cd:b8:67:ef:8b:0e:17:64:
6e:c7:65:af:26:eb:09:b8:34:d4:1c:02:ca:70:c7:
67:7f:70:7e:ae:6b:e9:8d:72:95:f7:94:20:64:d5:
98:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:B2:85:58:D8:D3:D3:B8:30:45:E1:89:F9:42:13:E8:A7:46:33:DC
X509v3 Authority Key Identifier:
keyid:16:51:D3:DD:C6:AD:D4:83:B7:61:AC:04:76:26:95:33:FE:7E:A7:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FlHT3cat1IO3YawEdiaVM_5-pxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/h7KFWNjT07gwReGJ-UIT6KdGM9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/321f74-092d-4dff-b335-2054f6e61922/1/FlHT3cat1IO3YawEdiaVM_5-pxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:6a:1f:54:af:58:35:42:3f:4e:c6:d3:13:f3:b0:cd:08:b1:
35:a5:4a:a4:30:14:05:2c:84:5e:34:d1:e2:c0:50:04:94:90:
47:b0:66:cc:ca:a9:59:15:ae:89:09:0a:e2:cf:54:77:b8:0d:
0b:3b:31:23:9d:e2:c5:8f:ee:79:f9:cb:89:f7:b9:76:45:66:
cf:fe:87:de:30:55:1f:2e:81:18:4d:96:23:8a:4e:52:65:8b:
28:28:ef:3f:52:7b:d9:04:84:e8:a4:fe:b8:69:b0:02:09:6b:
47:61:79:f6:b8:37:ec:75:4a:6a:9d:eb:0e:cf:c1:a6:58:ff:
0d:98:ef:85:a4:70:c0:6a:f2:97:8c:c7:10:9d:59:79:e6:00:
f3:1d:3c:7e:98:cd:0b:56:2c:9a:97:70:84:52:96:87:6b:27:
f9:89:db:55:76:f8:e8:f4:a0:22:50:28:0d:5e:4e:d1:d8:46:
31:58:15:cb:1b:c5:45:12:7f:b4:2a:7c:c7:67:4f:40:75:0e:
99:9e:8c:f5:76:e3:ac:24:3d:9e:73:52:93:6a:7f:de:f3:ef:
ff:24:7d:76:6b:91:25:f6:f1:76:b5:a1:d4:d9:2a:51:0f:3d:
a2:34:11:16:05:59:1c:4f:cc:93:3c:5c:35:43:f2:89:73:29:
81:46:55:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJI7x3WhvbDmf8P+zZhITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NTFkM2RkYzZhZGQ0ODNiNzYxYWMwNDc2MjY5NTMzZmU3
ZWE3MTcwHhcNMjQwMTAxMDgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2IyODU1OGQ4ZDNkM2I4MzA0NWUxODlmOTQyMTNlOGE3NDYzM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7EFyGEVZOs2nR97qM9KLsNgeq8c
NcDpJZPr4hsoW61PF+IdaajTWBs1yDxRvFMNar/wd0zv/0wolT1slTecy5umRLq/
xeIXLO5efy1jE/Ysut8U+PQXkOCWuy09iwoUltDXCVB//yWJoAoG/is9jsYkcFHg
35Ivof+4S4JQVJfYiIxDYFGy+SAOuiWH9otsu89ChmDx+UHkvfFfPNul5yVsOzCX
Lmcn++iHmjHmhth/HslZ/d9QgGgdCWY9CIud1/r5EX0OhuaIUEnU0amkhhaeDTbV
7JGDzbhn74sOF2Rux2WvJusJuDTUHALKcMdnf3B+rmvpjXKV95QgZNWYbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIeyhVjY09O4MEXhiflCE+inRjPcMB8GA1UdIwQY
MBaAFBZR093GrdSDt2GsBHYmlTP+fqcXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUt
MjA1NGY2ZTYxOTIyLzEvaDdLRldOalQwN2d3UmVHSi1VSVQ2S2RHTTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8zMjFmNzQtMDkyZC00ZGZmLWIzMzUtMjA1NGY2ZTYxOTIy
LzEvRmxIVDNjYXQxSU8zWWF3RWRpYVZNXzUtcHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwn75MA0G
CSqGSIb3DQEBCwUAA4IBAQAuah9Ur1g1Qj9OxtMT87DNCLE1pUqkMBQFLIReNNHi
wFAElJBHsGbMyqlZFa6JCQriz1R3uA0LOzEjneLFj+55+cuJ97l2RWbP/ofeMFUf
LoEYTZYjik5SZYsoKO8/UnvZBITopP64abACCWtHYXn2uDfsdUpqnesOz8GmWP8N
mO+FpHDAavKXjMcQnVl55gDzHTx+mM0LViyal3CEUpaHayf5idtVdvjo9KAiUCgN
Xk7R2EYxWBXLG8VFEn+0KnzHZ09AdQ6Znoz1duOsJD2ec1KTan/e8+//JH12a5El
9vF2taHU2SpRDz2iNBEWBVkcT8yTPFw1Q/KJcymBRlUl
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:54:53 2024 by rpki-client on console-fra.rpki-client.org