Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/tDGIFF97E8q7Mz9WgtcOMfAgfgc.roa
File: tDGIFF97E8q7Mz9WgtcOMfAgfgc.roa (raw, json)
Hash identifier: 1YAt6RikgSiz6FdlI+Q9Or4ItaWB07z9ZGuF+uNZxXM=
Subject key identifier: B4:31:88:14:5F:7B:13:CA:BB:33:3F:56:82:D7:0E:31:F0:20:7E:07
Certificate issuer: /CN=587d8b0e7546351176cc0c6e51ed4520abe04ef1
Certificate serial: 018CC42501EAFF18F5F6CE449ED6895A79C3
Authority key identifier: 58:7D:8B:0E:75:46:35:11:76:CC:0C:6E:51:ED:45:20:AB:E0:4E:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WH2LDnVGNRF2zAxuUe1FIKvgTvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/tDGIFF97E8q7Mz9WgtcOMfAgfgc.roa
Signing time: Mon 01 Jan 2024 08:30:08 +0000
ROA not before: Mon 01 Jan 2024 08:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211895
IP address blocks: 193.111.32.0/24 maxlen: 24
2a0f:8cc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/WH2LDnVGNRF2zAxuUe1FIKvgTvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/WH2LDnVGNRF2zAxuUe1FIKvgTvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/WH2LDnVGNRF2zAxuUe1FIKvgTvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:01:ea:ff:18:f5:f6:ce:44:9e:d6:89:5a:79:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=587d8b0e7546351176cc0c6e51ed4520abe04ef1
Validity
Not Before: Jan 1 08:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b43188145f7b13cabb333f5682d70e31f0207e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b9:c6:b3:7b:49:4b:0c:7b:16:8c:b0:f8:ad:
e4:b3:c5:c1:2e:6c:6c:4f:cd:4f:a6:96:05:45:34:
ca:6a:ee:a3:3b:12:7f:ad:c4:3f:a6:01:15:3c:7e:
92:51:94:68:6a:41:28:de:9a:22:15:5b:b4:f1:0f:
32:57:b6:48:9b:68:f9:6e:f6:1e:4e:00:6c:14:bb:
6b:67:19:06:78:63:ea:1e:ff:ca:95:bb:a2:c2:b6:
02:8b:65:a8:bb:ab:ef:3d:81:4f:0c:da:70:cd:a6:
7f:26:ca:16:1b:84:9b:5f:79:c8:d8:0f:2d:29:b9:
3e:9a:bb:ab:97:ce:fe:cc:bf:7f:ad:2a:d7:b8:0b:
44:53:15:03:e2:ce:0a:25:17:1e:69:e1:30:ea:96:
d4:61:9b:22:86:c1:c9:ac:93:9f:21:58:33:06:ff:
e6:bb:90:9a:ba:d8:bf:fb:e3:02:4a:7a:f2:f9:bc:
bc:98:a1:8a:5d:31:ae:51:91:20:4b:e0:e3:5b:c8:
dc:fa:f7:95:8c:7a:6a:ed:9c:59:24:07:2a:35:42:
eb:d2:9b:0c:cc:35:82:38:49:9b:2c:44:fe:92:15:
92:fd:e9:6e:80:26:17:ce:42:7c:60:55:e1:28:b9:
3d:0d:bb:c5:48:d3:f5:c8:06:cd:06:aa:35:fe:72:
74:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:31:88:14:5F:7B:13:CA:BB:33:3F:56:82:D7:0E:31:F0:20:7E:07
X509v3 Authority Key Identifier:
keyid:58:7D:8B:0E:75:46:35:11:76:CC:0C:6E:51:ED:45:20:AB:E0:4E:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WH2LDnVGNRF2zAxuUe1FIKvgTvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/tDGIFF97E8q7Mz9WgtcOMfAgfgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/81dc62-b3cc-4f99-aa42-c10f782fb07f/1/WH2LDnVGNRF2zAxuUe1FIKvgTvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.32.0/24
IPv6:
2a0f:8cc0::/48
Signature Algorithm: sha256WithRSAEncryption
a4:ad:07:c1:da:14:1b:ce:32:3c:22:57:6c:64:a9:11:0e:98:
b9:39:9d:c7:49:52:a1:a7:02:e1:e9:32:c5:e5:2f:52:1e:97:
c7:12:49:fd:e1:80:df:d5:bd:09:11:02:92:42:70:b7:3b:94:
c9:ba:bd:68:d7:53:21:0d:80:e6:3d:98:ea:a3:ca:e4:76:e2:
07:c9:d0:51:06:a1:1d:bc:48:62:b4:69:9f:d2:53:19:27:57:
e9:05:b4:2d:38:e6:f6:e1:13:20:fe:de:e3:a4:f3:3c:70:72:
41:8e:b3:ed:5e:9c:76:25:fe:58:0d:4f:60:c5:06:4a:76:62:
38:d4:f3:6d:cf:39:4a:8c:d7:87:be:93:7d:3a:ef:ee:f2:ab:
ee:06:3b:d3:5b:33:63:61:b1:f0:40:dd:09:8f:3f:50:f9:70:
d1:21:0d:6b:fc:6e:d0:df:12:14:42:dd:74:58:10:71:9e:ec:
f2:89:41:ab:a8:27:53:69:98:9c:da:27:f5:bd:d9:b8:1c:0e:
f3:25:fc:56:9f:ea:94:72:95:48:51:57:34:79:56:fe:2a:a8:
a6:67:97:de:92:2a:61:a9:4d:60:d4:24:24:93:13:4d:3f:6a:
36:fc:28:3e:f8:83:8f:b9:a5:13:f1:50:ce:e6:b2:4e:3d:7d:
a5:c6:51:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEJQHq/xj19s5EntaJWnnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4N2Q4YjBlNzU0NjM1MTE3NmNjMGM2ZTUxZWQ0NTIwYWJl
MDRlZjEwHhcNMjQwMTAxMDgzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDMxODgxNDVmN2IxM2NhYmIzMzNmNTY4MmQ3MGUzMWYwMjA3ZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7nGs3tJSwx7Foyw+K3ks8XBLmxs
T81PppYFRTTKau6jOxJ/rcQ/pgEVPH6SUZRoakEo3poiFVu08Q8yV7ZIm2j5bvYe
TgBsFLtrZxkGeGPqHv/KlbuiwrYCi2Wou6vvPYFPDNpwzaZ/JsoWG4SbX3nI2A8t
Kbk+mrurl87+zL9/rSrXuAtEUxUD4s4KJRceaeEw6pbUYZsihsHJrJOfIVgzBv/m
u5Cauti/++MCSnry+by8mKGKXTGuUZEgS+DjW8jc+veVjHpq7ZxZJAcqNULr0psM
zDWCOEmbLET+khWS/elugCYXzkJ8YFXhKLk9DbvFSNP1yAbNBqo1/nJ0XQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLQxiBRfexPKuzM/VoLXDjHwIH4HMB8GA1UdIwQY
MBaAFFh9iw51RjURdswMblHtRSCr4E7xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0gyTERuVkdOUkYyekF4dVVlMUZJS3ZnVHZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84MWRjNjItYjNjYy00Zjk5LWFhNDIt
YzEwZjc4MmZiMDdmLzEvdERHSUZGOTdFOHE3TXo5V2d0Y09NZkFnZmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84MWRjNjItYjNjYy00Zjk5LWFhNDItYzEwZjc4MmZiMDdm
LzEvV0gyTERuVkdOUkYyekF4dVVlMUZJS3ZnVHZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwW8gMA8E
AgACMAkDBwAqD4zAAAAwDQYJKoZIhvcNAQELBQADggEBAKStB8HaFBvOMjwiV2xk
qREOmLk5ncdJUqGnAuHpMsXlL1Iel8cSSf3hgN/VvQkRApJCcLc7lMm6vWjXUyEN
gOY9mOqjyuR24gfJ0FEGoR28SGK0aZ/SUxknV+kFtC045vbhEyD+3uOk8zxwckGO
s+1enHYl/lgNT2DFBkp2YjjU823POUqM14e+k3067+7yq+4GO9NbM2NhsfBA3QmP
P1D5cNEhDWv8btDfEhRC3XRYEHGe7PKJQauoJ1NpmJzaJ/W92bgcDvMl/Faf6pRy
lUhRVzR5Vv4qqKZnl96SKmGpTWDUJCSTE00/ajb8KD74g4+5pRPxUM7msk49faXG
UWg=
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:20:22 2024 by rpki-client on console-ams.rpki-client.org