Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/N1CJ2E5l6IEKJ2pnk_3_lmYeNxc.roa
File: N1CJ2E5l6IEKJ2pnk_3_lmYeNxc.roa (raw, json)
Hash identifier: ZcF+JOwQ02VESP8Vjl4mDoWilRVVda69Dkmqr1jgTRA=
Subject key identifier: 37:50:89:D8:4E:65:E8:81:0A:27:6A:67:93:FD:FF:96:66:1E:37:17
Certificate issuer: /CN=dee623e2aff7b03afeb94260348c1633b54d9056
Certificate serial: 018CC3491C9F06ECA61B71FD8EE1A046061A
Authority key identifier: DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/N1CJ2E5l6IEKJ2pnk_3_lmYeNxc.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 194.127.111.0/24 maxlen: 24
194.127.108.0/24 maxlen: 24
194.127.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:02:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1c:9f:06:ec:a6:1b:71:fd:8e:e1:a0:46:06:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee623e2aff7b03afeb94260348c1633b54d9056
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=375089d84e65e8810a276a6793fdff96661e3717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:da:0e:bc:c0:6c:1d:e4:b3:0e:b7:93:b2:96:
bb:74:6b:15:48:53:55:f8:31:43:c2:67:44:a0:4c:
d4:8e:4a:0a:a0:8b:05:75:fc:88:f6:23:1e:13:89:
cd:d8:d1:6b:41:4f:32:16:b8:35:fd:95:94:38:58:
a2:6a:82:01:e9:c5:ba:5f:23:53:b2:59:a2:69:61:
cf:6a:01:d0:2e:e6:5d:5b:41:6a:e8:a1:30:43:4f:
b6:ff:1d:69:75:bc:db:84:82:2b:6a:1b:9f:66:20:
26:cc:df:e9:75:c1:83:a7:18:d2:2d:d8:f9:c6:aa:
08:9f:fc:72:49:55:75:d6:47:59:f5:ca:30:1c:ef:
2b:bb:4e:91:65:96:bc:25:79:f8:b6:3b:60:d9:52:
2f:77:dd:28:da:e7:bb:6f:11:d3:1c:d9:5f:a9:1c:
13:04:1e:86:03:1f:a9:33:6f:cd:b6:c5:85:af:e2:
23:be:80:a4:c8:12:24:40:57:77:99:17:1c:4c:c5:
43:3c:33:e3:4c:ee:15:47:1b:48:a7:4a:07:80:00:
b4:a0:56:26:b4:9d:c3:1b:30:fc:06:8f:f1:fc:04:
0a:93:12:6f:9a:9c:e4:4f:dc:69:3d:13:1d:b4:1a:
30:18:7d:5e:cf:71:bf:02:14:06:f0:4f:e3:bc:ae:
4f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:50:89:D8:4E:65:E8:81:0A:27:6A:67:93:FD:FF:96:66:1E:37:17
X509v3 Authority Key Identifier:
keyid:DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/N1CJ2E5l6IEKJ2pnk_3_lmYeNxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.108.0/24
194.127.110.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:b8:87:d8:6b:5c:b6:7f:4a:c3:ae:c5:52:9c:ba:ce:82:e0:
79:bb:6a:8c:6c:e7:3c:33:e3:7f:ad:74:a4:0f:53:b1:46:c0:
10:24:2b:06:0d:ac:26:11:bb:49:c7:a5:3e:a0:03:72:8a:36:
c2:af:55:89:8a:b4:0b:a2:38:bf:24:6b:74:b9:d7:a5:a1:33:
03:06:88:99:92:22:da:46:13:55:03:e6:4b:9d:85:3d:f7:03:
da:ff:a7:90:6b:5e:16:25:e3:fa:95:fb:73:c6:e2:c5:89:ee:
39:50:27:a3:e3:2a:f5:24:6e:23:68:5c:5a:bb:d6:20:52:af:
55:61:bc:2e:54:0b:b6:fe:09:2c:46:9c:6d:00:b6:9a:22:69:
19:26:d8:23:b2:a7:0f:fd:7d:ac:c9:9b:ac:36:90:97:a0:38:
54:90:ae:1c:3a:0b:59:1e:88:30:13:48:bf:7e:f8:14:65:bd:
3f:61:3b:16:94:49:42:7b:ae:d7:fd:a3:59:6a:8e:b1:0e:c2:
0a:40:16:ad:c7:2f:b3:8e:f2:4e:42:8c:47:02:eb:69:12:8b:
29:f2:ac:1d:d9:d3:f3:40:9d:81:10:d9:56:76:6a:a2:23:7c:
86:9b:b8:80:9f:41:1c:3c:38:16:75:fc:e8:84:b0:93:ea:82:
58:7b:2f:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSRyfBuymG3H9juGgRgYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTYyM2UyYWZmN2IwM2FmZWI5NDI2MDM0OGMxNjMzYjU0
ZDkwNTYwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzUwODlkODRlNjVlODgxMGEyNzZhNjc5M2ZkZmY5NjY2MWUzNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09oOvMBsHeSzDreTspa7dGsVSFNV
+DFDwmdEoEzUjkoKoIsFdfyI9iMeE4nN2NFrQU8yFrg1/ZWUOFiiaoIB6cW6XyNT
slmiaWHPagHQLuZdW0Fq6KEwQ0+2/x1pdbzbhIIrahufZiAmzN/pdcGDpxjSLdj5
xqoIn/xySVV11kdZ9cowHO8ru06RZZa8JXn4tjtg2VIvd90o2ue7bxHTHNlfqRwT
BB6GAx+pM2/NtsWFr+IjvoCkyBIkQFd3mRccTMVDPDPjTO4VRxtIp0oHgAC0oFYm
tJ3DGzD8Bo/x/AQKkxJvmpzkT9xpPRMdtBowGH1ez3G/AhQG8E/jvK5PPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDdQidhOZeiBCidqZ5P9/5ZmHjcXMB8GA1UdIwQY
MBaAFN7mI+Kv97A6/rlCYDSMFjO1TZBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQt
NmNjMWQzZWE4MzJlLzEvTjFDSjJFNWw2SUVLSjJwbmtfM19sbVllTnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQtNmNjMWQzZWE4MzJl
LzEvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwn9sAwQB
wn9uMA0GCSqGSIb3DQEBCwUAA4IBAQB/uIfYa1y2f0rDrsVSnLrOguB5u2qMbOc8
M+N/rXSkD1OxRsAQJCsGDawmEbtJx6U+oANyijbCr1WJirQLoji/JGt0udeloTMD
BoiZkiLaRhNVA+ZLnYU99wPa/6eQa14WJeP6lftzxuLFie45UCej4yr1JG4jaFxa
u9YgUq9VYbwuVAu2/gksRpxtALaaImkZJtgjsqcP/X2syZusNpCXoDhUkK4cOgtZ
HogwE0i/fvgUZb0/YTsWlElCe67X/aNZao6xDsIKQBatxy+zjvJOQoxHAutpEosp
8qwd2dPzQJ2BENlWdmqiI3yGm7iAn0EcPDgWdfzohLCT6oJYey8+
-----END CERTIFICATE-----
Generated at Thu May 2 13:23:53 2024 by rpki-client on console-fra.rpki-client.org