Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/IUx_6LFkWuSLpMHj4cQ_q0X1r6Y.roa
File: IUx_6LFkWuSLpMHj4cQ_q0X1r6Y.roa (raw, json)
Hash identifier: cd0qJPkA9IZstp02JbQpJXxkA7hcZQ0HWdydObcJrpA=
Subject key identifier: 21:4C:7F:E8:B1:64:5A:E4:8B:A4:C1:E3:E1:C4:3F:AB:45:F5:AF:A6
Certificate issuer: /CN=4d136295f7f32e64be78fb399eb6d15ae3e92632
Certificate serial: 018CC7946F4B145077D7E70ECC0B40500B62
Authority key identifier: 4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/IUx_6LFkWuSLpMHj4cQ_q0X1r6Y.roa
Signing time: Tue 02 Jan 2024 00:30:42 +0000
ROA not before: Tue 02 Jan 2024 00:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211505
IP address blocks: 194.5.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 15:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:6f:4b:14:50:77:d7:e7:0e:cc:0b:40:50:0b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d136295f7f32e64be78fb399eb6d15ae3e92632
Validity
Not Before: Jan 2 00:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=214c7fe8b1645ae48ba4c1e3e1c43fab45f5afa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bd:ac:7f:2f:04:32:e5:0a:b1:c3:ba:72:52:
49:87:0c:42:80:52:d9:a9:af:1e:b8:41:3a:70:d5:
fb:cf:7b:af:f8:4e:99:bb:aa:56:e5:0d:28:94:d5:
af:ba:79:b3:b7:12:e4:3f:15:6c:d3:09:35:9d:8b:
29:49:3e:a6:64:98:dd:8b:cc:17:7f:19:c1:99:2a:
fb:2b:0d:3b:c9:3f:e1:c3:51:3f:a7:7c:86:ab:a2:
30:28:33:27:34:0a:45:f7:b7:0e:00:38:3d:1c:ae:
4f:21:88:d5:8c:db:04:c2:ac:a8:df:e9:54:c6:ac:
cf:e7:60:89:5d:cf:e9:7f:de:e6:b5:0b:11:ec:41:
a4:52:78:23:fe:70:fb:4f:b3:93:de:bd:7d:30:9a:
63:d8:4b:31:12:e9:f8:b3:70:32:13:e9:cc:d9:dd:
80:73:c8:77:cd:f9:af:89:58:06:65:d3:1b:d1:53:
d2:1a:76:bd:1f:29:85:da:77:30:64:e8:29:ae:5a:
83:01:8c:8f:86:67:b3:d6:0b:d1:1c:2e:81:4e:23:
97:f4:e1:40:52:9b:38:b6:e6:75:e5:f6:7d:a6:d9:
63:45:23:58:0c:d7:8f:30:5b:33:cd:c3:e8:05:3b:
7c:d8:27:55:f9:99:6a:76:22:fb:ff:50:d0:17:cc:
8f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4C:7F:E8:B1:64:5A:E4:8B:A4:C1:E3:E1:C4:3F:AB:45:F5:AF:A6
X509v3 Authority Key Identifier:
keyid:4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/IUx_6LFkWuSLpMHj4cQ_q0X1r6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.195.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:28:20:f2:3c:f6:55:72:0b:c1:aa:17:bf:7d:82:9d:5d:60:
7b:b7:c6:34:d9:d1:22:e8:de:0e:36:af:49:87:ee:fa:ac:01:
5f:e2:2e:1f:d4:39:02:d0:1a:48:67:96:98:a2:e6:20:9c:97:
d9:33:16:9b:84:95:8e:7f:01:77:49:0a:98:f9:66:a1:19:fb:
12:1d:49:3b:15:47:06:79:bf:03:c2:a7:23:b3:67:8b:e6:d2:
f9:55:be:d5:84:25:4b:a7:e8:71:28:80:48:fa:48:7b:49:4d:
63:56:06:f4:23:0b:23:49:1e:37:e0:d3:8b:07:c7:36:cb:c4:
f0:6a:02:e7:49:d0:9a:67:20:8b:18:89:2d:fb:1b:7b:d8:20:
e4:75:28:40:fd:6c:86:e4:29:77:d8:a2:01:86:fb:9a:46:77:
0c:0e:18:c6:ab:dd:83:e5:11:7f:c2:71:4d:78:b2:d2:74:f7:
2b:3d:4f:69:fd:d4:11:b5:3d:7c:43:40:03:c0:d7:1f:6e:1f:
0a:6f:ae:43:a8:b8:cf:86:56:2b:09:ba:b5:27:60:e7:8f:dd:
d6:cd:78:bc:83:3b:a6:3a:9f:f5:62:d2:79:45:55:99:0b:7d:
9e:ed:7f:5c:45:93:7b:51:fc:63:f3:af:d5:e8:78:48:9f:79:
5e:0d:dc:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlG9LFFB31+cOzAtAUAtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTM2Mjk1ZjdmMzJlNjRiZTc4ZmIzOTllYjZkMTVhZTNl
OTI2MzIwHhcNMjQwMTAyMDAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRjN2ZlOGIxNjQ1YWU0OGJhNGMxZTNlMWM0M2ZhYjQ1ZjVhZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub2sfy8EMuUKscO6clJJhwxCgFLZ
qa8euEE6cNX7z3uv+E6Zu6pW5Q0olNWvunmztxLkPxVs0wk1nYspST6mZJjdi8wX
fxnBmSr7Kw07yT/hw1E/p3yGq6IwKDMnNApF97cOADg9HK5PIYjVjNsEwqyo3+lU
xqzP52CJXc/pf97mtQsR7EGkUngj/nD7T7OT3r19MJpj2EsxEun4s3AyE+nM2d2A
c8h3zfmviVgGZdMb0VPSGna9HymF2ncwZOgprlqDAYyPhmez1gvRHC6BTiOX9OFA
Ups4tuZ15fZ9ptljRSNYDNePMFszzcPoBTt82CdV+ZlqdiL7/1DQF8yPSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFMf+ixZFrki6TB4+HEP6tF9a+mMB8GA1UdIwQY
MBaAFE0TYpX38y5kvnj7OZ620Vrj6SYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJOaWxmZnpMbVMtZVBzNW5yYlJXdVBwSmpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNDQzMzAtNWQzYi00NDc5LThiMTAt
MmJiN2ZkZDVmNzI4LzEvSVV4XzZMRmtXdVNMcE1IajRjUV9xMFgxcjZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iNDQzMzAtNWQzYi00NDc5LThiMTAtMmJiN2ZkZDVmNzI4
LzEvVFJOaWxmZnpMbVMtZVBzNW5yYlJXdVBwSmpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgXDMA0G
CSqGSIb3DQEBCwUAA4IBAQCqKCDyPPZVcgvBqhe/fYKdXWB7t8Y02dEi6N4ONq9J
h+76rAFf4i4f1DkC0BpIZ5aYouYgnJfZMxabhJWOfwF3SQqY+WahGfsSHUk7FUcG
eb8Dwqcjs2eL5tL5Vb7VhCVLp+hxKIBI+kh7SU1jVgb0IwsjSR434NOLB8c2y8Tw
agLnSdCaZyCLGIkt+xt72CDkdShA/WyG5Cl32KIBhvuaRncMDhjGq92D5RF/wnFN
eLLSdPcrPU9p/dQRtT18Q0ADwNcfbh8Kb65DqLjPhlYrCbq1J2Dnj93WzXi8gzum
Op/1YtJ5RVWZC32e7X9cRZN7Ufxj86/V6HhIn3leDdwO
-----END CERTIFICATE-----
Generated at Tue Nov 26 23:16:48 2024 by rpki-client on console-fra.rpki-client.org