Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/rhzv2zF3oZ5Zx4zpLhfRAvcqaGY.roa
File: rhzv2zF3oZ5Zx4zpLhfRAvcqaGY.roa (raw, json)
Hash identifier: bDOe4jqrJTFVUFoPUIjQAXVNLXW2uX3pKd4s+2Zblrk=
Subject key identifier: AE:1C:EF:DB:31:77:A1:9E:59:C7:8C:E9:2E:17:D1:02:F7:2A:68:66
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018F1B6B4925F63EE5AD60FA61C1AF6BEF3D
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/rhzv2zF3oZ5Zx4zpLhfRAvcqaGY.roa
Signing time: Fri 26 Apr 2024 17:19:26 +0000
ROA not before: Fri 26 Apr 2024 17:19:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 92.114.110.0/24 maxlen: 24
94.176.150.0/24 maxlen: 24
188.208.108.0/24 maxlen: 24
188.208.116.0/24 maxlen: 24
188.211.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:6b:49:25:f6:3e:e5:ad:60:fa:61:c1:af:6b:ef:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Apr 26 17:19:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae1cefdb3177a19e59c78ce92e17d102f72a6866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:28:3e:80:fa:07:b0:db:39:44:18:d1:26:77:
cb:b6:6c:28:95:00:37:b6:38:12:c4:58:34:14:45:
36:10:d7:90:16:05:04:d9:64:70:64:e5:e7:af:e5:
98:0d:22:17:6f:44:33:d6:93:b0:db:e6:ab:84:cc:
6f:20:f1:2d:72:13:e6:57:46:b9:71:6a:02:13:b9:
01:2b:7c:15:bf:33:8d:be:8d:37:33:6c:71:7d:17:
ce:50:e1:79:00:f8:3d:e0:37:35:2f:c4:c3:62:a8:
80:05:ee:84:47:36:c7:24:f9:e4:49:3f:f6:76:6f:
5f:aa:0f:e9:55:71:71:0e:d3:16:5d:74:bf:0e:1a:
e0:ca:19:e9:64:0e:82:a3:16:bf:cf:f5:f0:93:fa:
58:9d:09:95:47:9f:a0:a0:83:26:b0:b6:d1:e2:7f:
97:4e:43:ab:28:06:6e:1b:f2:53:76:90:e4:11:36:
99:25:0d:c7:0a:c6:30:75:ea:42:09:cf:e9:64:b9:
e3:78:b8:c6:f7:aa:59:44:12:17:da:e3:03:e9:87:
3b:c2:6a:21:a6:cc:90:b5:0b:be:4c:83:28:18:f9:
fa:81:96:2b:9c:c0:98:9a:f3:5f:6f:b8:f3:ee:c2:
04:e5:52:1b:9a:c2:0d:30:63:d9:27:a4:9d:f7:41:
bb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1C:EF:DB:31:77:A1:9E:59:C7:8C:E9:2E:17:D1:02:F7:2A:68:66
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/rhzv2zF3oZ5Zx4zpLhfRAvcqaGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.114.110.0/24
94.176.150.0/24
188.208.108.0/24
188.208.116.0/24
188.211.234.0/24
Signature Algorithm: sha256WithRSAEncryption
82:d9:dd:24:a1:12:f2:cc:9d:6e:a8:68:c1:0f:45:d4:d3:8d:
55:4d:72:d4:51:88:a3:5b:95:46:0d:ce:35:bb:d8:ed:90:86:
be:6b:b1:6b:53:e7:3c:27:8a:94:82:47:8e:92:ca:2d:42:80:
79:d8:d4:4f:b3:6d:b7:1d:28:b2:d9:7d:e4:e9:b2:53:e1:be:
aa:2e:e7:a6:12:8e:ed:dc:03:2d:61:a4:d6:77:6a:90:ab:ad:
56:d4:36:a2:a6:35:ac:2b:25:17:57:1c:b5:09:12:54:b6:69:
32:e1:48:4b:8c:d7:e1:00:d6:3d:60:c3:a4:b0:17:37:80:80:
d2:2b:92:c5:7a:d3:79:64:aa:97:9e:6a:e5:45:c6:52:1f:9f:
24:49:6c:51:5c:0a:8a:30:41:83:74:33:65:4f:34:d9:4c:13:
1a:98:37:fd:29:94:20:5a:55:d4:34:e7:a5:99:8e:08:ed:a3:
ae:91:70:a0:da:15:11:3c:02:e3:d1:20:6b:6d:07:a7:24:13:
5e:1f:f2:f2:d5:f0:d8:f9:a8:08:21:15:5e:69:bc:82:21:ae:
b6:c1:ea:c7:4f:b2:13:84:2e:5c:09:13:8e:b4:c0:68:4a:27:
d6:fc:8d:ca:00:97:52:9f:f5:46:75:64:32:2a:ad:8d:0c:51:
a6:46:66:56
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8ba0kl9j7lrWD6YcGva+89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNDI2MTcxOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFjZWZkYjMxNzdhMTllNTljNzhjZTkyZTE3ZDEwMmY3MmE2ODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxig+gPoHsNs5RBjRJnfLtmwolQA3
tjgSxFg0FEU2ENeQFgUE2WRwZOXnr+WYDSIXb0Qz1pOw2+arhMxvIPEtchPmV0a5
cWoCE7kBK3wVvzONvo03M2xxfRfOUOF5APg94Dc1L8TDYqiABe6ERzbHJPnkST/2
dm9fqg/pVXFxDtMWXXS/DhrgyhnpZA6Coxa/z/Xwk/pYnQmVR5+goIMmsLbR4n+X
TkOrKAZuG/JTdpDkETaZJQ3HCsYwdepCCc/pZLnjeLjG96pZRBIX2uMD6Yc7wmoh
psyQtQu+TIMoGPn6gZYrnMCYmvNfb7jz7sIE5VIbmsINMGPZJ6Sd90G7tQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK4c79sxd6GeWceM6S4X0QL3KmhmMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvcmh6djJ6RjNvWjVaeDR6cExoZlJBdmNxYUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXHJuAwQA
XrCWAwQAvNBsAwQAvNB0AwQAvNPqMA0GCSqGSIb3DQEBCwUAA4IBAQCC2d0koRLy
zJ1uqGjBD0XU041VTXLUUYijW5VGDc41u9jtkIa+a7FrU+c8J4qUgkeOksotQoB5
2NRPs223HSiy2X3k6bJT4b6qLuemEo7t3AMtYaTWd2qQq61W1DaipjWsKyUXVxy1
CRJUtmky4UhLjNfhANY9YMOksBc3gIDSK5LFetN5ZKqXnmrlRcZSH58kSWxRXAqK
MEGDdDNlTzTZTBMamDf9KZQgWlXUNOelmY4I7aOukXCg2hURPALj0SBrbQenJBNe
H/Ly1fDY+agIIRVeabyCIa62werHT7IThC5cCROOtMBoSifW/I3KAJdSn/VGdWQy
Kq2NDFGmRmZW
-----END CERTIFICATE-----
Generated at Mon May 20 05:54:20 2024 by rpki-client on console-ams.rpki-client.org