Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/g4ot4ivotgh6joubaGEqHMUNqeA.roa
File: g4ot4ivotgh6joubaGEqHMUNqeA.roa (raw, json)
Hash identifier: wavW+7m6zcBrZxIZnToDZylg0t8L0LzYUToFBMdL6Ik=
Subject key identifier: 83:8A:2D:E2:2B:E8:B6:08:7A:8E:8B:9B:68:61:2A:1C:C5:0D:A9:E0
Certificate issuer: /CN=4d136295f7f32e64be78fb399eb6d15ae3e92632
Certificate serial: 018CC7946EDA44551EA7258F5868B7DD0A06
Authority key identifier: 4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/g4ot4ivotgh6joubaGEqHMUNqeA.roa
Signing time: Tue 02 Jan 2024 00:30:42 +0000
ROA not before: Tue 02 Jan 2024 00:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202269
IP address blocks: 194.5.175.0/24 maxlen: 24
194.5.188.0/24 maxlen: 24
194.5.195.0/24 maxlen: 24
194.5.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 12:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:6e:da:44:55:1e:a7:25:8f:58:68:b7:dd:0a:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d136295f7f32e64be78fb399eb6d15ae3e92632
Validity
Not Before: Jan 2 00:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=838a2de22be8b6087a8e8b9b68612a1cc50da9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c8:5d:e6:66:ad:52:31:41:95:8b:43:4a:49:
5d:69:21:03:7e:f5:61:4b:fd:22:30:60:2d:75:99:
a9:25:b2:8b:98:f2:1d:f3:7d:ae:cc:70:96:5a:b8:
35:04:37:4a:80:f9:35:dd:17:23:6e:94:c4:11:56:
34:20:ff:45:e6:36:a2:1b:54:8e:ea:14:d5:a5:b8:
d2:6b:33:f7:13:09:9a:40:ca:e0:46:20:99:cb:19:
a0:ca:f4:dd:81:64:60:9d:92:ee:50:4f:d4:b3:7c:
35:df:13:13:ca:15:dc:dd:05:fd:43:b6:9d:36:1c:
06:0f:81:8f:d6:3e:e9:75:de:f7:21:f3:11:cf:a9:
6f:ef:6b:88:2a:9b:e9:77:9e:e2:0e:29:0b:29:46:
88:97:1b:2e:78:ce:f7:32:15:74:e5:26:ca:4b:9f:
13:39:6f:35:d6:0c:fe:0d:8e:05:f3:c4:26:01:7e:
98:a2:05:9a:14:b5:4c:93:52:76:91:be:60:01:af:
e9:e7:0c:b4:07:93:b6:a2:5b:a6:d4:07:56:93:27:
8e:0f:8e:1f:5e:80:42:79:0c:78:d4:41:bf:8d:de:
13:d6:ba:bf:c2:5d:49:47:73:50:d3:95:1f:10:a2:
28:b4:8e:7b:fa:11:e9:a3:ce:14:e0:88:c1:97:08:
2d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8A:2D:E2:2B:E8:B6:08:7A:8E:8B:9B:68:61:2A:1C:C5:0D:A9:E0
X509v3 Authority Key Identifier:
keyid:4D:13:62:95:F7:F3:2E:64:BE:78:FB:39:9E:B6:D1:5A:E3:E9:26:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TRNilffzLmS-ePs5nrbRWuPpJjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/g4ot4ivotgh6joubaGEqHMUNqeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b44330-5d3b-4479-8b10-2bb7fdd5f728/1/TRNilffzLmS-ePs5nrbRWuPpJjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.175.0/24
194.5.188.0/24
194.5.195.0/24
194.5.205.0/24
Signature Algorithm: sha256WithRSAEncryption
30:8a:91:81:44:ab:a7:c4:22:49:f9:d7:a2:fd:0d:f0:7e:cd:
6f:07:91:cf:19:d3:1e:95:c2:d4:da:be:85:e7:e9:70:4b:f8:
15:64:23:5b:c0:a6:dc:16:82:0f:15:a9:ee:21:e6:62:36:53:
47:c7:92:44:ad:7b:75:7e:69:24:93:df:66:67:62:6a:0e:0d:
8c:f2:a2:6e:68:67:bb:3d:d9:75:fc:4b:64:6c:13:d7:fb:43:
dc:e7:be:02:8d:86:3d:7d:11:65:41:0f:8a:ed:2f:d4:34:1e:
04:33:7d:41:1d:eb:a5:c2:57:51:9d:13:b2:2a:b1:ca:e2:10:
37:01:bc:84:d3:fa:bc:68:ef:b0:c4:8c:ef:88:50:49:b9:58:
9b:89:54:64:aa:59:2a:05:84:26:a8:9e:2d:ea:b3:77:5c:35:
80:9a:cd:ab:db:e5:9a:3d:65:62:88:e0:52:69:f1:17:9a:4d:
d4:9d:9f:09:31:c9:91:45:b5:e6:88:21:93:46:38:5e:ae:f3:
e2:cf:fe:bc:51:9e:f2:b7:2b:16:75:81:d0:05:c0:fb:81:88:
61:cf:60:6d:97:35:62:cc:58:30:12:35:49:e9:6b:57:d2:09:
55:82:01:f5:6d:55:61:4b:b4:2a:79:65:3f:6e:13:61:cf:cd:
22:fd:64:97
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlG7aRFUepyWPWGi33QoGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMTM2Mjk1ZjdmMzJlNjRiZTc4ZmIzOTllYjZkMTVhZTNl
OTI2MzIwHhcNMjQwMTAyMDAzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhhMmRlMjJiZThiNjA4N2E4ZThiOWI2ODYxMmExY2M1MGRhOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuchd5matUjFBlYtDSkldaSEDfvVh
S/0iMGAtdZmpJbKLmPId832uzHCWWrg1BDdKgPk13RcjbpTEEVY0IP9F5jaiG1SO
6hTVpbjSazP3EwmaQMrgRiCZyxmgyvTdgWRgnZLuUE/Us3w13xMTyhXc3QX9Q7ad
NhwGD4GP1j7pdd73IfMRz6lv72uIKpvpd57iDikLKUaIlxsueM73MhV05SbKS58T
OW811gz+DY4F88QmAX6YogWaFLVMk1J2kb5gAa/p5wy0B5O2olum1AdWkyeOD44f
XoBCeQx41EG/jd4T1rq/wl1JR3NQ05UfEKIotI57+hHpo84U4IjBlwgt2QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIOKLeIr6LYIeo6Lm2hhKhzFDangMB8GA1UdIwQY
MBaAFE0TYpX38y5kvnj7OZ620Vrj6SYyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFJOaWxmZnpMbVMtZVBzNW5yYlJXdVBwSmpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iNDQzMzAtNWQzYi00NDc5LThiMTAt
MmJiN2ZkZDVmNzI4LzEvZzRvdDRpdm90Z2g2am91YmFHRXFITVVOcWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iNDQzMzAtNWQzYi00NDc5LThiMTAtMmJiN2ZkZDVmNzI4
LzEvVFJOaWxmZnpMbVMtZVBzNW5yYlJXdVBwSmpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwgWvAwQA
wgW8AwQAwgXDAwQAwgXNMA0GCSqGSIb3DQEBCwUAA4IBAQAwipGBRKunxCJJ+dei
/Q3wfs1vB5HPGdMelcLU2r6F5+lwS/gVZCNbwKbcFoIPFanuIeZiNlNHx5JErXt1
fmkkk99mZ2JqDg2M8qJuaGe7Pdl1/EtkbBPX+0Pc574CjYY9fRFlQQ+K7S/UNB4E
M31BHeulwldRnROyKrHK4hA3AbyE0/q8aO+wxIzviFBJuVibiVRkqlkqBYQmqJ4t
6rN3XDWAms2r2+WaPWViiOBSafEXmk3UnZ8JMcmRRbXmiCGTRjhervPiz/68UZ7y
tysWdYHQBcD7gYhhz2BtlzVizFgwEjVJ6WtX0glVggH1bVVhS7QqeWU/bhNhz80i
/WSX
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:32:52 2024 by rpki-client on console-ams.rpki-client.org