Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/RnlUFNsp3iHdgl83ri8seFtX_uQ.roa
File: RnlUFNsp3iHdgl83ri8seFtX_uQ.roa (raw, json)
Hash identifier: oQ3pVie+MhHT9zi8GuDVZmTpLAOvwtDfvJ6uRqnH++Y=
Subject key identifier: 46:79:54:14:DB:29:DE:21:DD:82:5F:37:AE:2F:2C:78:5B:57:FE:E4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802D6AFF5BAF8CAE2A9F515CF711E57
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/RnlUFNsp3iHdgl83ri8seFtX_uQ.roa
Signing time: Tue 02 Jan 2024 02:31:18 +0000
ROA not before: Tue 02 Jan 2024 02:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1653
IP address blocks: 194.14.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:d6:af:f5:ba:f8:ca:e2:a9:f5:15:cf:71:1e:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46795414db29de21dd825f37ae2f2c785b57fee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3f:63:41:1a:3b:21:3d:0a:5a:e0:8c:fa:cb:
4b:40:b0:6a:3e:0d:83:f7:b1:e7:43:eb:62:87:24:
fd:a4:ee:31:a0:f7:0a:45:96:2d:69:21:b4:b9:21:
25:a7:2e:b2:97:e8:ce:43:d1:f5:69:46:fa:73:60:
1e:ab:cd:9f:aa:7f:ea:0d:6e:56:5e:05:f6:79:6a:
d2:8c:9d:da:ae:c7:c6:e8:66:ef:f9:e0:a6:ba:0d:
20:30:be:cd:2d:9f:19:37:dc:a6:20:a3:9b:66:7d:
a1:99:28:6a:c2:b5:a7:bb:12:3a:dc:be:67:7f:f7:
f2:f5:af:a4:e3:b5:4d:22:0e:9f:4a:c5:48:60:da:
47:5c:41:63:17:3d:ac:f8:f9:3b:68:a6:b4:c3:59:
f8:4b:4b:40:93:0a:09:cb:49:bb:a5:50:2a:18:98:
a6:6e:ba:41:52:9c:4b:0e:64:a2:ef:ed:bb:db:ff:
87:e0:8a:93:a6:f0:c9:e1:ce:00:5b:00:f8:c1:3e:
45:c6:bd:78:96:69:04:7b:23:67:be:bc:a0:f4:49:
43:7d:69:67:3f:8d:fa:3e:00:12:95:ac:1d:19:58:
04:3a:81:2a:a4:3e:70:62:3c:9d:c0:09:82:06:e3:
e9:2c:39:0c:5d:58:40:e5:48:1d:6e:82:20:56:6b:
f7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:79:54:14:DB:29:DE:21:DD:82:5F:37:AE:2F:2C:78:5B:57:FE:E4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/RnlUFNsp3iHdgl83ri8seFtX_uQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.14.45.0/24
Signature Algorithm: sha256WithRSAEncryption
38:93:cd:b0:82:01:01:a1:e4:22:6c:17:d4:41:a6:70:34:7f:
09:42:e9:4f:aa:ee:0b:7c:f7:6f:63:cb:df:c3:2f:1c:79:97:
a7:13:4b:9a:7d:6a:86:ca:6c:46:be:0e:49:59:42:d6:c6:d8:
61:65:f0:b7:66:62:4f:05:77:8f:90:13:7c:a4:2c:bd:e9:dd:
6e:02:3e:86:b5:12:79:3d:25:d3:6a:0f:42:ce:64:e3:a6:92:
f2:11:3c:ce:0e:ae:14:ab:58:bc:b6:ca:19:5b:bc:71:8a:15:
f6:d4:05:97:32:7c:5c:85:70:fc:f8:43:3f:f6:dc:40:88:ed:
76:d5:a6:09:0a:99:f4:3e:20:44:e2:da:4f:40:50:58:b8:fd:
4f:3c:98:d0:c8:1c:ff:84:0c:2d:86:f1:03:ef:8d:f0:ec:c6:
02:ae:0b:4f:82:e8:52:6c:b4:f9:1a:98:24:06:58:98:ba:bd:
91:bd:05:9a:3c:76:02:6a:38:76:36:ca:d0:0c:5b:ed:a5:c9:
fe:39:0b:6c:71:ec:55:84:b8:6b:e5:5a:06:75:6c:2e:5e:a1:
22:ec:b0:1b:f2:84:82:c2:20:9b:79:50:6c:e2:c3:03:c8:80:
d2:ab:eb:0d:15:cb:7f:29:d0:9a:76:75:4c:89:fd:84:22:a9:
65:ad:ae:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAtav9br4yuKp9RXPcR5XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njc5NTQxNGRiMjlkZTIxZGQ4MjVmMzdhZTJmMmM3ODViNTdmZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj9jQRo7IT0KWuCM+stLQLBqPg2D
97HnQ+tihyT9pO4xoPcKRZYtaSG0uSElpy6yl+jOQ9H1aUb6c2Aeq82fqn/qDW5W
XgX2eWrSjJ3arsfG6Gbv+eCmug0gML7NLZ8ZN9ymIKObZn2hmShqwrWnuxI63L5n
f/fy9a+k47VNIg6fSsVIYNpHXEFjFz2s+Pk7aKa0w1n4S0tAkwoJy0m7pVAqGJim
brpBUpxLDmSi7+272/+H4IqTpvDJ4c4AWwD4wT5Fxr14lmkEeyNnvryg9ElDfWln
P436PgASlawdGVgEOoEqpD5wYjydwAmCBuPpLDkMXVhA5UgdboIgVmv3bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEZ5VBTbKd4h3YJfN64vLHhbV/7kMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvUm5sVUZOc3AzaUhkZ2w4M3JpOHNlRnRYX3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg4tMA0G
CSqGSIb3DQEBCwUAA4IBAQA4k82wggEBoeQibBfUQaZwNH8JQulPqu4LfPdvY8vf
wy8ceZenE0uafWqGymxGvg5JWULWxthhZfC3ZmJPBXePkBN8pCy96d1uAj6GtRJ5
PSXTag9CzmTjppLyETzODq4Uq1i8tsoZW7xxihX21AWXMnxchXD8+EM/9txAiO12
1aYJCpn0PiBE4tpPQFBYuP1PPJjQyBz/hAwthvED743w7MYCrgtPguhSbLT5Gpgk
BliYur2RvQWaPHYCajh2NsrQDFvtpcn+OQtscexVhLhr5VoGdWwuXqEi7LAb8oSC
wiCbeVBs4sMDyIDSq+sNFct/KdCadnVMif2EIqllra7h
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:10:30 2024 by rpki-client on console-fra.rpki-client.org